NAT Application on Packet Tracer

Dolyetyus

Dolyetyus

Co Admin
21 Nis 2020
1,207
670
Delft


Hi, have good forums everyone.

We continue to practice on Packet tracer.

In this configuration, we will have 3 client machines and a switch to which they are connected, a router in front of it and a leg that communicates with the switch device, one of which is connected to the internet.

Router will get IP from 8.8.8.8 with DHCP. This means we get IP from ISP. It will then distribute IP via DHCP to the Internal Network. We will do NAT (Network Address Translation).

Let us begin. Our lab is as follows;



Now, let's first view the configuration on the router. Then, let's put our g0/0/1 leg in UP mode and get IP from DHCP.



As we can see, it does not have any IP acquisition or an UP interface.



After entering our commands in this way, we make sure that it gets IP from DHCP and switches the interface to up mode.



One of the red dots between router1 and the Internet changes from green to orange. This means Interface is working and is currently receiving IP.



The image after receiving will be like this.

Let's check if it received an IP address.



As you can see it did.

Let's now configure the internal network leg. We will use the g0/0/0 interface for this leg.



We configure the internal leg in this way. We check the latest configuration.

Kod: 
ping 8.8.8.8 
ping cisco.com
ping facebook.com

We can also reach the servers this way.

Now it is time to configure DHCP in the internal network.

I come back to the Router CLI screen.



We created a DHCP pool named NAT through naming it "ip dhcp pool NAT". Now we set the number of IP and subnet mask.



Then I specify the default router and dns server IPs so that machines that get IP will get gateway address and dns server IP.



With the sh ip dhcp pool command, you can view the pool properties if you want. You can also give this pool an excluded range if you wish. Since it's a simulation, I don't do it now, but you might want to do it in real life.

Nevertheless, let's tell you how to do this, you can specify "ip dhcp excluded-address start-ip end-ip" in global configuration mode.

With the command "sh ip dhcp binding", you can view devices that receive IP from DHCP. Currently we do not have a device that receives IP, so we will request IP by having PC machines "ipconfig/renew" one by one.



In this way, we got the IP one by one, now let's come to the router and check the routers which got the IPs.



They came out with their Mac addresses.

Now let's check where we can access with the ping program on the PC.

Note: Ping is a program. It uses the ICMP protocol and reports the results to us.



Now it is the time to talk about the need for NAT. I can ping the router on the internal network, but can't ping the dns server?

I cannot go from the inside to the router and go outside, we can compare it as follows: I can communicate with certain languages ​​from the inside to the router and I can recognize it, but if I do not translate the external language, I cannot detect it inside. For this we need to create NAT.

Now I get to Router1 and open the CLI screen.

I have to come to the g0/0/1 interface and state that this is the outer leg, and come to the g0/0/0 interface and also state that this is the inner leg.

We do this as follows,



After introducing who is what, what we'll do is give it an access list. For this,



I gave a source list called source list 1 for this leg inside, then I connected it to the outside leg so that the inside can be strived out. This is simply the case with Overload.

We specified it as Access list 1 but there is no list we created, now let's create it.



We start with the access-list command, our number is 1 (you can give any number you want) I have accepted every internal referral in this list (you may want to restrict it in real life).

Now let's ping the dns server.



See, I can ping. My TTL value is 127. This means that the packet from PC1 bounced off one router and dropped from 128 to 127.

Our topology is alive and successfully working now.



I can visit cisco.com or facebook.com on the Web Browser now.

Now let's go to the router and examine some nat translation in privilege user mode.



The IP address and port number under Inside Local are the computer with which IP and which port it exits.

The IP address under Inside global is the IP address of Router1 and the port number it was forwarded to.

Outside means the place it goes.

When the subject is about network, there is always one more word to say .

It's important to understand PAT along with NAT, but I'm putting an end to this article here.

Thank you for reading :).




Source: https://www.turkhackteam.org/network/1939093-packet-tracer-uzerinde-nat-uygulamasi.html
Translator: Dolyetyus
 
Cevap yazmak için giriş yap yada kayıt ol.
Üst

Turkhackteam.org internet sitesi 5651 sayılı kanun’un 2. maddesinin 1. fıkrasının m) bendi ile aynı kanunun 5. maddesi kapsamında "Yer Sağlayıcı" konumundadır. İçerikler ön onay olmaksızın tamamen kullanıcılar tarafından oluşturulmaktadır. Turkhackteam.org; Yer sağlayıcı olarak, kullanıcılar tarafından oluşturulan içeriği ya da hukuka aykırı paylaşımı kontrol etmekle ya da araştırmakla yükümlü değildir. Türkhackteam saldırı timleri Türk sitelerine hiçbir zararlı faaliyette bulunmaz. Türkhackteam üyelerinin yaptığı bireysel hack faaliyetlerinden Türkhackteam sorumlu değildir. Sitelerinize Türkhackteam ismi kullanılarak hack faaliyetinde bulunulursa, site-sunucu erişim loglarından bu faaliyeti gerçekleştiren ip adresini tespit edip diğer kanıtlarla birlikte savcılığa suç duyurusunda bulununuz.