Home > Archive > alt.certification.cisco > March 2003 > NAT Cisco router without pool





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author NAT Cisco router without pool
Data Pimp

2003-02-03, 9:24 pm

Does anybody know how to setup a router to use NAT but with the one address
the isp assigns you? Any help is greatly appriciated.


Jonathan

2003-02-03, 11:23 pm


"Data Pimp" <data-pimp@wilcomservices.com> wrote in message
news:BSF%9.6434$KG1.3240151@twister.nyc.rr.com...
> Does anybody know how to setup a router to use NAT but with the one
address
> the isp assigns you? Any help is greatly appriciated.
>

ip nat inside source [list x| pool] interface [out int] overload



Jonathan

>


eric

2003-02-05, 3:24 am

here is some basic things that should be done..

interface Ethernet0
ip address 192.168.0.3 255.255.255.0
ip nat inside
no cdp enable
!
interface Ethernet1
ip address dhcp
ip access-group 102 in
ip nat outside
no cdp enable

ip nat inside source list 102 interface Ethernet1 overload

the source list would be a access list like these:

access-list 102 deny tcp any any eq 54283 log
access-list 102 deny tcp any any eq 53001 log
access-list 102 deny tcp any any eq 54320 log
access-list 102 deny udp any any eq 54320 log
access-list 102 deny udp any any eq 54321 log
access-list 102 deny tcp any any eq 56565 log
access-list 102 permit ip any any

to forward ports do this:

ip nat inside source static tcp 192.168.0.4 22 interface Ethernet1 22




"Data Pimp" <data-pimp@wilcomservices.com> wrote in message
news:BSF%9.6434$KG1.3240151@twister.nyc.rr.com...
> Does anybody know how to setup a router to use NAT but with the one
address
> the isp assigns you? Any help is greatly appriciated.
>
>


news.verizon.net

2003-02-06, 4:26 pm

Here we go. Good Luck. This will be the configuration of a 1720 router with
a t1 interface and one ethernet controller. One public IP number and a class
c private LAN. All the internal numbers are being translated to the public
interface.

Good luck.
!

service timestamps debug uptime

service timestamps log uptime

service password-encryption

no service tcp-small-servers

no service udp-small-servers

!

hostname Cisco1720

!

enable password cisco

!

no ip name-server

!

ip subnet-zero

no ip domain-lookup

ip routing

!

interface FastEthernet 0

no shutdown

description connected to EthernetLAN

ip address 192.168.1.1 255.255.255.0

ip nat inside

keepalive 10

!

interface Serial 0

no shutdown

description connected to Internet

service-module t1 clock source line

service-module t1 data-coding normal

service-module t1 remote-loopback full

service-module t1 framing esf

service-module t1 linecode b8zs

service-module t1 lbo none

service-module t1 remote-alarm-enable

ip address 66.88.33.2 255.255.255.252

ip nat outside

encapsulation ppp

!

! Access Control List 1

!

no access-list 1

access-list 1 permit 192.168.1.0 0.0.0.255

!

! Dynamic NAT

!

ip nat translation timeout 86400

ip nat translation tcp-timeout 86400

ip nat translation udp-timeout 300

ip nat translation dns-timeout 60

ip nat translation finrst-timeout 60

ip nat inside source list 1 interface Serial 0 overload

!

router rip

version 2

network 192.168.1.0

passive-interface Serial 0

no auto-summary

!

!

ip classless

!

! IP Static Routes

ip route 0.0.0.0 0.0.0.0 Serial 0

no ip http server

snmp-server community public RO

no snmp-server location

no snmp-server contact

!

line console 0

exec-timeout 0 0

password cisco

login

!

line vty 0 4

password cisco

login

!

end



"eric" <foo@ffodaloo.lee> wrote in message
news_30a.2284$jR3.1095798@news1.news.adelphia.net...
> here is some basic things that should be done..
>
> interface Ethernet0
> ip address 192.168.0.3 255.255.255.0
> ip nat inside
> no cdp enable
> !
> interface Ethernet1
> ip address dhcp
> ip access-group 102 in
> ip nat outside
> no cdp enable
>
> ip nat inside source list 102 interface Ethernet1 overload
>
> the source list would be a access list like these:
>
> access-list 102 deny tcp any any eq 54283 log
> access-list 102 deny tcp any any eq 53001 log
> access-list 102 deny tcp any any eq 54320 log
> access-list 102 deny udp any any eq 54320 log
> access-list 102 deny udp any any eq 54321 log
> access-list 102 deny tcp any any eq 56565 log
> access-list 102 permit ip any any
>
> to forward ports do this:
>
> ip nat inside source static tcp 192.168.0.4 22 interface Ethernet1 22
>
>
>
>
> "Data Pimp" <data-pimp@wilcomservices.com> wrote in message
> news:BSF%9.6434$KG1.3240151@twister.nyc.rr.com...
> > Does anybody know how to setup a router to use NAT but with the one
> address
> > the isp assigns you? Any help is greatly appriciated.
> >
> >
>
>


Keeper

2003-03-25, 12:24 pm

Gents,

I've been reading the threads on NAT as I'm trying to set mine up as
well (beginner with a Cisco 2514, ios 12). I've asked the guru's at
work and they can't agree. I've been told that you need to set up NAT
on the outside interface but from what I've seen here it needs to be
setup on both? (ip nat inside / ip nat outside)?

Any clarification would be appreciated.

Keeper

______________________________
___________________________



On Thu, 06 Feb 2003 22:03:32 GMT, "news.verizon.net"
<garcia.fairbanks@verizon.net> wrote:

>Here we go. Good Luck. This will be the configuration of a 1720 router with
>a t1 interface and one ethernet controller. One public IP number and a class
>c private LAN. All the internal numbers are being translated to the public
>interface.
>
>Good luck.
>!
>
>service timestamps debug uptime
>
>..............................
Chris Centore

2003-03-25, 2:24 pm


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

you are correct

"Keeper" <no@way.com> wrote in message
news:1l618vg93sj8lvrms1v0k475r
heacj8kds@4ax.com...
> Gents,
>
> I've been reading the threads on NAT as I'm trying to set mine up as
> well (beginner with a Cisco 2514, ios 12). I've asked the guru's at
> work and they can't agree. I've been told that you need to set up NAT
> on the outside interface but from what I've seen here it needs to be
> setup on both? (ip nat inside / ip nat outside)?
>
> Any clarification would be appreciated.
>
> Keeper
>
> ______________________________
___________________________
>
>
>
> On Thu, 06 Feb 2003 22:03:32 GMT, "news.verizon.net"
> <garcia.fairbanks@verizon.net> wrote:
>
> >Here we go. Good Luck. This will be the configuration of a 1720 router
with
> >a t1 interface and one ethernet controller. One public IP number and a
class

> >c private LAN. All the internal numbers are being translated to the
public
> >interface.
> >
> >Good luck.
> >!
> >
> >service timestamps debug uptime
> >
> >..............................
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/ AwUBPoC5hSK6Gcj1MpoWEQIwmQCfdn
uwFZ1mJs1mhhur5dJ1hDuggM0AoKN/
NDKLg4u/Xhfh07S1W7K1bm6O
=jHVP
-----END PGP SIGNATURE-----


Sponsored Links





Free Braindumps | MCSE braindumps software forum

Copyright 2003 - 2008 examnotes.net