A network associate is configuring a router for the weaver company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned private space addresses in the range of 192.168.100.17 – 192.168.100.30.
The following have already been configured on the router:
- The basic router configuration
- The appropriate interfaces have been configured for NAT inside and NAT outside.
- The appropriate static route have also been configured (since the company will be a stub network, no routing protocol will be required)
- All passwords have been temporarily set to “cisco”.
The task is to complate the NAT configuration using all IP addresses assigned by the ISP to provide Internet access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host provided for testing.
Configuration information
router name – Weaver
inside global addresses – 198.18.184.105 198.18.184.110/29
inside local addresses – 192.168.100.17 – 192.168.100.30/28
number of inside hosts – 14
Answer
Step 1: Change the hostname
Step 2: Configure NAT
Step 3: Save the configuration
Step 4: Test your NAT configuration
Watch Video
Click on the Console PC (the host icon below router icon which connected to router with black dotted line). When you get the CLI mode, there will be a message exactly like “Press RETURN to get started”. Press your ENTER key once and your Router user exec mode will shown. Use the following commands to configure your router.
Command
Router>enable
Password: cisco
Router#
Step 1: Change the hostname to Weaver
Router#configure terminal
Router(config)#hostname Weaver
Weaver(config)#
Step 2: Configure NAT
1. Specify the private IP address using Access Control List (ACL) statement
First we need to find the Network address of the hosts.
Note: The inside local addresses have been assigned from 192.168.100.17 to 192.168.100.30/28.
Subnet Mask of /28 = 11111111 . 11111111 . 11111111 . 11110000 = 255.255.255.240
For network address, the network bits of the IP address remain same but the host bits turned to 0′s
The last octet of first local IP address is 17, and binary of 17 = 00010001
Network Address = 192.168.100.00010000 = 192.168.100.16
Second, we need to find the wildcard mask of /28
Note: The wildcard mask is the inverse of the subnet mask. Network bits are 0′s and Host bits are 1′s.
Subnet Mask = 11111111 . 11111111 . 11111111 . 11110000
Wildcard Mask = 00000000 . 00000000 . 00000000 . 00001111 = 0.0.0.15
Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15
2. Specify the public IP address (198.18.184.105 – 198.18.184.110/29)
Subnet Mask of /29 = 11111111 . 11111111 . 11111111 . 11111000 = 255.255.255.248
Weaver(config)#ip nat pool mynat 198.18.184.105 198.18.184.110 netmask 255.255.255.248
3. Link private IP address list and public IP address list
From above 2 command, the ACL number is 1 and NAT pool name is mynat
Weaver(config)#ip nat inside source list 1 pool mynat overload
Weaver(config)#end
Weaver#
Step 3: Save the configuration
Weaver#copy run start
Destination filename [startup-config]? [ENTER]
Step 4: Test the NAT configuration
The IP address of ISP is 192.0.2.114, if the test connectivity of ISP IP address success then the above NAT configuration is working properly.
Click Show Topology button, then click on the icon “Host for Testing”. In the command prompt of PC, execute command ping 192.0.2.114
