NAT Overload Configuration Tutorial CCNA Prep

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
okay so we're going to start a little series here on that this first video will be nat overload this is something that is tested on the CCNA so definitely want to know this nat overload is when it's the same thing as Pat so like say in your in your home you have maybe a laptop and a pc maybe a couple laptops you have several computers that access the internet and maybe inside your your IP addresses are 192.168.1.1 and 1.5 in 1.10 you have all these addresses inside well when they go out to the internet they're not seen as those addresses those are private addresses and your ISP will block you if you come out with that address so your router has to change your address to something different and you can do that a couple of different ways you can you can use one IP address and everybody represents themselves as that IP address okay so that's what we're going to kind of focus on here that's that's Pat or NAT overload so in this diagram here I've got this is our border router this is one of our internal networks and this is our other internal network okay so all these IP addresses in here start with 192.168 this is dot one network so this is one dot ten and one dot 100 and this is the two networks this is 210 2.11 so when all these guys that access the internet they're going to be coming they're going to be shown to the Internet as having a different IP address than this okay that's one in that overload takes care of that so this this interface right here is FA 0 1 alright this is my my internet facing interface and it's got an IP address of let's see here this one has there we go 68 67 dot 65.1 that's my my internet face seeing IP address so what I'm going to do is represent everybody that comes from my network that goes in the Internet will will be shown as that address okay and the internet will be able to tell the difference between the between each PC whoever I'm accessing on the internet will be able to tell the difference based on port number okay so we'll go into that little bit more but let's just go ahead and get it set up but get it configured I think once you see the configuration it'll definitely help understand the concepts so there's three steps to configuring that overload it's good to kind of write these down and just be familiar with what each one does so we'll just get right into it step one is label the interfaces what I have to do is I have to tell my router my net router what interfaces are are my inside interfaces you know facing the inside of my network and which interfaces are my outside so these two are the inside and this one right here is the outside but the but the router is not going to know that I have to tell it so we do this by getting into each interface so I'll do the outside first that's fact the fastethernet 0/1 and i will issue the command IP net outside okay that tells it that it's the outside so I can get into my other ones this one will be guess inside that's right so serve zero zero and this is another inside all right so I've got these interfaces labeled as inside and then this one is labeled as outside so that's step one step two identify the addresses to be netted now if you haven't seen this before this is a access list our concept that that you will see used for a lot of different things but they're not just for access in this case we're going to create an access list to identify the addresses that we want to be netted so in this instance the access list isn't for access is more for identification okay these are these the you know we're going to tell the router I'm going to give you an access list and the addresses inside that ACL are what you're going to look for that's what you're going to net so we'll create a standard access list because we just need to we just need to show source addresses so we'll do I'll do an I'll do a named exercise i PX s list standard all right we'll give it a name we'll just call this NAT be easy okay so get into the ACL configuration and we're going to tell it which which addresses do we want now I could say let's say I didn't want these guys to get on the internet I could I could deny this network and then permit this one and then what would happen is these guys wouldn't get added which I mean they wouldn't be able to you know use the Internet and these guys would but I'm going to just permit everybody so I'm going to permit 192.168.0.0 0 dot 0 dot 255 dot 255 alright so that basically means anything that starts with 192.168 if you come into this router and you're going from the inside to the outside I'm going to change your IP address to something different okay so that's what that is so we'll just leave the access just like that do a show access there we go our access list NAT is permitting these addresses now don't think of it like an access list in the general sense this is not permitting 192.168 to get through the router this is just permitting 192 168 to being added ok so even if I had some more networks out here 170 2016 dot something that's something they would still get through the router but they would not be part of the NAT process so that's the difference there ok so that's step two I've got that done and then the last step is just in to enabling that overload so the command that we're going to do this and this syntax can be a little long so it's always good to work through it with the question mark and if you practice it a couple times it will become a lot easier so we'll start by IP net inside okay all right so this is saying I want to I want an that from the inside to the outside okay so we're going to start inside and our source is going to be in a list called net all right so we're going to we're going to we want a net from the inside to the out the source list that we want to nap from is in the access list called net all right and we want to net those two now we could use a pool we could we could we could define another access list that says here's here's some IP addresses that we've gotten from our ISP and we want to use these for our public IP addresses all right but in this case we want everybody to use the same IP address so we're going to use the interface command alright so we'll do interface and it's going to ask us which interface you know do you want to use as the public IP address we'll use fast ethernet 0/1 whatever you're outside interface is and then you see the carriage return here I could hit enter and that would that would work for one user okay so one you know let's say PC one goes the internet he's going to get he's going to get an added and he's going to get that outside interface but if anybody else tries to get on the inner at the same time they're not there's not enough IP addresses to go around so what we need to do is throw in that overload command and that will turn on Pat basically but it allows the router to use to to net more than one IP address at a time using the same interface and it will separate each one using port numbers and I when we verify we'll show how that works so we've got that done and that's it we are successfully set up for NAT now now just to demonstrate what I'll do is I open a couple of web browsers out here on my network we'll go 4.2.2 which is this internet server over here so he's going to be coming up through here coming through the router he's going to come into the router is 192.168.1.1 this guy gets it he's going to see it as that sixty eight dot sixty seven dot something he's going to see it as the public address so just like you would just like it would on the real inter so I'll I'll do that for him I'll do that for him and we'll put these guys on there also 4.2.2 that - everybody's going at the same time alright and let's throw a ping in there - just okay get that running all right now one command we can use to verify and this will help with troubleshooting too is show IP net translations this will show us what is being added at at any given time all right so inside local this is what this is my internal networks private addresses right here so this is what we're used to we see one hundred on ones 8.10 there's dot 100 there's two ten and two ten eleven that's all my all my end devices down here that are accessing the internet that's what I see them as and these numbers right here these are just random port numbers that the operating system will will pick so when you access a website your computer randomly picks a a port number and that's the source port number so when you know when the destination replies to you let's say you were going to Google your computer would pick a random it would go to W do you go coming from a random port number going to 80 when Google replies to you it's going to reply to that same that port number that you picked that's how it can tell the difference so we see here that I've you know computer 1.10 has all these different ICMP packets in each one a different port number so this inside global this is what I'm getting translated to now look I've got 100 on 16.1 and 192.168 to 10 2000 different IP addresses on my inside network but look at this they're all the same IP address on the outside so the internet sees this as coming from one IP address 68-67 65.1 it can tell them apart and send them back to the right place because they all have different port numbers you see this entire this entire string is called a socket it's in a combination of an IP address and a port number and because those port numbers are different it's going to know that those are coming from different different machines so there we go that's showing us what's being added at one time and we can verify that it's working we have different inside IP addresses and then they're being they're being translated into the same IP address okay and then outside local and that's like global these are always going to be the same for what we're doing here but this is where we're going so all right well that is not overload and we will show some other types on that we've got dynamic NAT and a static NAT mapping between one IP address and one public IP address so we'll show those in another video
Info
Channel: camspop
Views: 62,324
Rating: undefined out of 5
Keywords: NAT, overload, configuration, tutorial, network, address, translation, cisco, router, ccna, example, tips & tricks
Id: kKxYzdaiX60
Channel Id: undefined
Length: 12min 49sec (769 seconds)
Published: Sat Aug 07 2010
Related Videos
CCNA (200-301) Topics: NAT, NTP, & DHCP
Kevin Wallace Training, LLC
9.5K
Special Lecture: F-22 Flight Controls
MIT OpenCourseWare
2.2M
How To Speak by Patrick Winston
MIT OpenCourseWare
5.1M
Standard Access Control Lists (ACLs) | Cisco CCNA 200-301
Keith Barker
21K
Adding 10 Gigabit Ethernet to my 129-Year-Old House!
Snazzy Labs
1.2M
Subnet Mask - Explained
PowerCert Animated Videos
406K
NAT Explained | Overload, Dynamic & Static
CertBros
193K
$250 Slab To $7700 Table
Blacktail Studio
3.6M
Cisco NAT Overload or PAT LAB || NAT Beginner's Series || LECTURE#5
Doctor Networks
163
you need to learn Docker RIGHT NOW!! // Docker Containers 101
NetworkChuck
1.2M
How to Configure VRF (Virtual Routing and Forwarding) on Cisco IOS
Samuel Oppong
7.7K
What is a SWITCH? // FREE CCNA // Day 1
NetworkChuck
592K
Static NAT - Video By Sikandar Shaik || Dual CCIE (RS/SP) # 35012
Sikandar Shaik
63K
you need to learn Virtual Machines RIGHT NOW!! (Kali Linux VM, Ubuntu, Windows)
NetworkChuck
3.2M
NAT basics for beginners CCNA - Part 1
danscourses
280K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.