Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1921
Views
5
Helpful
4
Replies

Packet tracer, NAT help.

Go to solution
Vattenglas
Level 1
Level 1

‎12-14-2020 05:36 AM

Hi all,

 

I have a problem that i'm hoping someone can help me out with. I'm new to this forum so maybe this isn't the right forum for my post.

 

I'm trying to configure dynamic NAT on a cisco 2811 router. The set up should be the following: 64.0.0.0/8 network as the local addresses that should be translated to 32.0.0.0/29 network which is the public network. The public network has 32.0.0.2 - 32.0.0.6 addresses to be used for translation.

 

I want all possible local addresses from 64.0.0.0 to be eligible for translation.

 

How can i accomplish this in packet tracer? Any help is super useful, thanks!

 

Attached is the current config, which isn't working. I can send the packet tracer file if anyone is interested in helping out.

 

Thanks a bunch!

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP
In response to Vattenglas

‎12-15-2020 02:56 AM

Hello,

 

for some weird reason, all the changes I made seem to have disappeared from the file that I sent you. Probably my fault...

 

I am sending the revised file again, just in case, also the full configs of the L3 switch and the 5 routers.

 

The only thing I did not get to work was the NAT pool. Not sure why that does not work, it could be a flaw in (this version of) Packet Tracer. Normally, this would work:

 

ip nat pool NAT 32.0.0.2 32.0.0.6 netmask 255.255.255.248

ip nat inside source list 1 pool NAT overload

 

As soon as I use this, all communications from S1 stops. Normal NAT works fine:

 

ip nat inside source list 1 interface FastEthernet0/0 overload

 

Either way, here are the configs and the (hopefully working) PT project file:

 

S1#sh run
Building configuration...

Current configuration : 2388 bytes
!
version 12.2(37)SE1
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname S1
!
enable secret 5 $1$mERr$IvYW/UrXhN.ooY/0oyLN/.
!
ip routing
!
spanning-tree mode pvst
!
interface FastEthernet0/1
switchport mode access
switchport nonegotiate
!
interface FastEthernet0/2
!
interface FastEthernet0/3
switchport trunk native vlan 3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/4
switchport trunk native vlan 3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/5
switchport trunk native vlan 3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 64.0.0.2 255.248.0.0
!
interface Vlan40
mac-address 00e0.f928.5d01
ip address 64.40.0.1 255.255.255.248
!
interface Vlan48
mac-address 00e0.f928.5d02
ip address 64.48.0.1 255.255.255.248
!
interface Vlan56
mac-address 00e0.f928.5d03
ip address 64.56.0.1 255.255.255.248
!
interface Vlan64
mac-address 00e0.f928.5d04
ip address 64.64.0.1 255.255.255.248
!
interface Vlan72
mac-address 00e0.f928.5d05
ip address 64.72.0.1 255.255.255.248
!
interface Vlan80
mac-address 00e0.f928.5d06
ip address 64.80.0.1 255.255.255.248
!
interface Vlan88
mac-address 00e0.f928.5d07
ip address 64.88.0.1 255.255.255.248
!
interface Vlan96
mac-address 00e0.f928.5d08
ip address 64.96.0.1 255.255.255.248
!
router rip
version 2
network 64.0.0.0
!
ip classless
!
ip flow-export version 9
!
banner motd ^CUnauthorized access to this device is prohibited!^C
!
line con 0
password 7 0825581F5C4A02
logging synchronous
login
!
line aux 0
!
line vty 0 4
logging synchronous
login
!
end

 

R0#sh run
Building configuration...

Current configuration : 942 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname R0
!
enable secret 5 $1$mERr$IvYW/UrXhN.ooY/0oyLN/.
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
!
interface FastEthernet0/0
ip address 32.0.0.1 255.255.255.248
ip nat outside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 64.0.0.1 255.248.0.0
ip nat inside
duplex auto
speed auto
!
interface Vlan1
no ip address
!
router rip
version 2
network 32.0.0.0
network 64.0.0.0
!
ip nat inside source list 1 interface FastEthernet0/0 overload
ip classless
!
ip flow-export version 9
!
access-list 1 permit 64.0.0.0 0.255.255.255
!
banner motd ^CUnauthorized access to this device is prohibited^C
!
line con 0
password 7 0825581F5C4A02
logging synchronous
login
!
line aux 0
!
line vty 0 4
logging synchronous
login
!
end

 

R1#sh run
Building configuration...

Current configuration : 911 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname R1
!
enable secret 5 $1$mERr$IvYW/UrXhN.ooY/0oyLN/.
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
!
interface FastEthernet0/0
ip address 32.0.0.2 255.255.255.248
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 1.2.2.1 255.255.255.252
!
interface Serial0/0/1
ip address 1.2.2.5 255.255.255.252
!
interface Vlan1
no ip address
shutdown
!
router rip
version 2
network 1.0.0.0
network 32.0.0.0
!
ip classless
!
ip flow-export version 9
!
banner motd ^CUnauthorized access to this device is prohibited!^C
!
line con 0
password 7 0825581F5C4A02
login
!
line aux 0
!
line vty 0 4
no login
line vty 5 15
no login
!
end

 

R2#sh run
Building configuration...

Current configuration : 934 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname R2
!
enable secret 5 $1$mERr$IvYW/UrXhN.ooY/0oyLN/.
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 1.2.2.2 255.255.255.252
clock rate 250000
!
interface Serial0/0/1
ip address 1.2.2.13 255.255.255.252
clock rate 2000000
!
interface Vlan1
no ip address
shutdown
!
router rip
version 2
network 1.0.0.0
!
ip classless
!
ip flow-export version 9
!
no cdp run
!
banner motd ^CUnauthorized access to this device is prohibited!^C
!
line con 0
password 7 0825581F5C4A02
login
!
line aux 0
!
line vty 0 4
no login
line vty 5 15
no login
!
end

 

R3#sh run
Building configuration...

Current configuration : 913 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname R3
!
enable secret 5 $1$mERr$IvYW/UrXhN.ooY/0oyLN/.
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 1.2.2.6 255.255.255.252
clock rate 250000
!
interface Serial0/0/1
ip address 1.2.2.9 255.255.255.252
!
interface Vlan1
no ip address
shutdown
!
router rip
version 2
network 1.0.0.0
!
ip classless
!
ip flow-export version 9
!
no cdp run
!
banner motd ^CUnauthorized access to this device is prohibited!^C
!
line con 0
password 7 0825581F5C4A02
login
!
line aux 0
!
line vty 0 4
no login
line vty 5 15
no login
!
end

 

R4#sh run
Building configuration...

Current configuration : 1026 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname R4
!
enable secret 5 $1$mERr$IvYW/UrXhN.ooY/0oyLN/.
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
!
interface Loopback0
ip address 209.78.74.59 255.255.255.0
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 1.2.2.14 255.255.255.252
clock rate 250000
shutdown
!
interface Serial0/0/1
ip address 1.2.2.10 255.255.255.252
clock rate 128000
!
interface Vlan1
no ip address
shutdown
!
router rip
version 2
network 1.0.0.0
network 209.78.74.0
!
ip classless
!
ip flow-export version 9
!
no cdp run
!
banner motd ^CUnauthorized access to this device is prohibited!^C
!
line con 0
password 7 0825581F5C4A02
login
!
line aux 0
!
line vty 0 4
no login
line vty 5 15
no login
!
end

 

 

View solution in original post

Laboration_2_PT_NEW.zip
0 Helpful
4 Replies 4

Go to solution
Vattenglas
Level 1
Level 1

‎12-14-2020 05:44 AM - edited ‎12-15-2020 05:24 AM

.

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to Vattenglas

‎12-14-2020 05:54 AM

Hello,

 

basically, the below is what you need to add to the configuration of your Router0:

 

ip nat pool NAT 32.0.0.2 32.0.0.6 netmask 255.255.255.248
ip nat inside source list 1 pool NAT overload
!
access-list 1 permit 64.0.0.0 0.255.255.255

 

I have attached the revised file...

Laboration 2 PT_REV.zip
0 Helpful

Go to solution
Vattenglas
Level 1
Level 1
In response to Georg Pauwen

‎12-14-2020 07:14 AM - edited ‎12-16-2020 01:16 AM

Thanks!

 

The running configuration isn't working quite as intended yet. How can i make sure that all of the routers are advertising the 32.0.0.0 network?

 

Go to solution
Georg Pauwen
VIP
VIP
In response to Vattenglas

‎12-15-2020 02:56 AM

Hello,

 

for some weird reason, all the changes I made seem to have disappeared from the file that I sent you. Probably my fault...

 

I am sending the revised file again, just in case, also the full configs of the L3 switch and the 5 routers.

 

The only thing I did not get to work was the NAT pool. Not sure why that does not work, it could be a flaw in (this version of) Packet Tracer. Normally, this would work:

 

ip nat pool NAT 32.0.0.2 32.0.0.6 netmask 255.255.255.248

ip nat inside source list 1 pool NAT overload

 

As soon as I use this, all communications from S1 stops. Normal NAT works fine:

 

ip nat inside source list 1 interface FastEthernet0/0 overload

 

Either way, here are the configs and the (hopefully working) PT project file:

 

S1#sh run
Building configuration...

Current configuration : 2388 bytes
!
version 12.2(37)SE1
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname S1
!
enable secret 5 $1$mERr$IvYW/UrXhN.ooY/0oyLN/.
!
ip routing
!
spanning-tree mode pvst
!
interface FastEthernet0/1
switchport mode access
switchport nonegotiate
!
interface FastEthernet0/2
!
interface FastEthernet0/3
switchport trunk native vlan 3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/4
switchport trunk native vlan 3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/5
switchport trunk native vlan 3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 64.0.0.2 255.248.0.0
!
interface Vlan40
mac-address 00e0.f928.5d01
ip address 64.40.0.1 255.255.255.248
!
interface Vlan48
mac-address 00e0.f928.5d02
ip address 64.48.0.1 255.255.255.248
!
interface Vlan56
mac-address 00e0.f928.5d03
ip address 64.56.0.1 255.255.255.248
!
interface Vlan64
mac-address 00e0.f928.5d04
ip address 64.64.0.1 255.255.255.248
!
interface Vlan72
mac-address 00e0.f928.5d05
ip address 64.72.0.1 255.255.255.248
!
interface Vlan80
mac-address 00e0.f928.5d06
ip address 64.80.0.1 255.255.255.248
!
interface Vlan88
mac-address 00e0.f928.5d07
ip address 64.88.0.1 255.255.255.248
!
interface Vlan96
mac-address 00e0.f928.5d08
ip address 64.96.0.1 255.255.255.248
!
router rip
version 2
network 64.0.0.0
!
ip classless
!
ip flow-export version 9
!
banner motd ^CUnauthorized access to this device is prohibited!^C
!
line con 0
password 7 0825581F5C4A02
logging synchronous
login
!
line aux 0
!
line vty 0 4
logging synchronous
login
!
end

 

R0#sh run
Building configuration...

Current configuration : 942 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname R0
!
enable secret 5 $1$mERr$IvYW/UrXhN.ooY/0oyLN/.
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
!
interface FastEthernet0/0
ip address 32.0.0.1 255.255.255.248
ip nat outside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 64.0.0.1 255.248.0.0
ip nat inside
duplex auto
speed auto
!
interface Vlan1
no ip address
!
router rip
version 2
network 32.0.0.0
network 64.0.0.0
!
ip nat inside source list 1 interface FastEthernet0/0 overload
ip classless
!
ip flow-export version 9
!
access-list 1 permit 64.0.0.0 0.255.255.255
!
banner motd ^CUnauthorized access to this device is prohibited^C
!
line con 0
password 7 0825581F5C4A02
logging synchronous
login
!
line aux 0
!
line vty 0 4
logging synchronous
login
!
end

 

R1#sh run
Building configuration...

Current configuration : 911 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname R1
!
enable secret 5 $1$mERr$IvYW/UrXhN.ooY/0oyLN/.
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
!
interface FastEthernet0/0
ip address 32.0.0.2 255.255.255.248
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 1.2.2.1 255.255.255.252
!
interface Serial0/0/1
ip address 1.2.2.5 255.255.255.252
!
interface Vlan1
no ip address
shutdown
!
router rip
version 2
network 1.0.0.0
network 32.0.0.0
!
ip classless
!
ip flow-export version 9
!
banner motd ^CUnauthorized access to this device is prohibited!^C
!
line con 0
password 7 0825581F5C4A02
login
!
line aux 0
!
line vty 0 4
no login
line vty 5 15
no login
!
end

 

R2#sh run
Building configuration...

Current configuration : 934 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname R2
!
enable secret 5 $1$mERr$IvYW/UrXhN.ooY/0oyLN/.
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 1.2.2.2 255.255.255.252
clock rate 250000
!
interface Serial0/0/1
ip address 1.2.2.13 255.255.255.252
clock rate 2000000
!
interface Vlan1
no ip address
shutdown
!
router rip
version 2
network 1.0.0.0
!
ip classless
!
ip flow-export version 9
!
no cdp run
!
banner motd ^CUnauthorized access to this device is prohibited!^C
!
line con 0
password 7 0825581F5C4A02
login
!
line aux 0
!
line vty 0 4
no login
line vty 5 15
no login
!
end

 

R3#sh run
Building configuration...

Current configuration : 913 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname R3
!
enable secret 5 $1$mERr$IvYW/UrXhN.ooY/0oyLN/.
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 1.2.2.6 255.255.255.252
clock rate 250000
!
interface Serial0/0/1
ip address 1.2.2.9 255.255.255.252
!
interface Vlan1
no ip address
shutdown
!
router rip
version 2
network 1.0.0.0
!
ip classless
!
ip flow-export version 9
!
no cdp run
!
banner motd ^CUnauthorized access to this device is prohibited!^C
!
line con 0
password 7 0825581F5C4A02
login
!
line aux 0
!
line vty 0 4
no login
line vty 5 15
no login
!
end

 

R4#sh run
Building configuration...

Current configuration : 1026 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname R4
!
enable secret 5 $1$mERr$IvYW/UrXhN.ooY/0oyLN/.
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
!
interface Loopback0
ip address 209.78.74.59 255.255.255.0
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 1.2.2.14 255.255.255.252
clock rate 250000
shutdown
!
interface Serial0/0/1
ip address 1.2.2.10 255.255.255.252
clock rate 128000
!
interface Vlan1
no ip address
shutdown
!
router rip
version 2
network 1.0.0.0
network 209.78.74.0
!
ip classless
!
ip flow-export version 9
!
no cdp run
!
banner motd ^CUnauthorized access to this device is prohibited!^C
!
line con 0
password 7 0825581F5C4A02
login
!
line aux 0
!
line vty 0 4
no login
line vty 5 15
no login
!
end

 

 

Laboration_2_PT_NEW.zip
0 Helpful
Customers Also Viewed These Support Documents
Top