PAT Configuration Step by Step [Packet Tracer Lab]
Contents
Topology
I- Configure the router to get an IP address via DHCP from your ISP
On the router R1, configure the Interface facing ISP to be assigned a DHCP address :
Router(config)#int gi0/0/1
Router(config-if)#ip address dhcp
Router(config-if)#no sh
II- Configure the router as a DHCP server for clients PCs in the network
– Network = 10.1.1.0/24
– Default Gateway = 10.1.1.254
– DNS = 8.8.8.8
Router(config)#ip dhcp pool DHCP_1
Router(dhcp-config)#network 10.1.1.0 255.255.255.0
Router(dhcp-config)#default-router 10.1.1.254
Router(dhcp-config)#dns-server 8.8.8.8
III- Configure PAT on the router
Configure PAT on the router so internal hosts can access the internet servers.
Now we need to configure PAT in simple Steps:
- Define the Inside and Outside Interfaces for the NAT translation.
- Configure an Access-list that will define the Local LAN range addresses.
- Put it all together and activate the NAT that will refer to the ACL of the LAN as the source and GigabitEthernet0/0/1.
Router(config)#int gigabitEthernet 0/0/0
Router(config-if)#ip nat inside
Router(config-if)#exit
Router(config)#int gigabitEthernet 0/0/1
Router(config-if)#ip nat outside
Router(config)#ip access-list standard 10
Router(config-std-nacl)#permit 10.1.1.0 0.0.0.255
Router(config-std-nacl)#deny any
Router(config)#ip nat inside source list 10 interface gigabitEthernet 0/0/1 overload
Verify that the hosts (PCs can ping 8.8.8.8) and access cisco.com via HTTP:
- ping to 8.8.8.8:
- access HTTP web to cisco.com page from PC0:
- we can check the NAT translation happening in the router using command: show ip nat translation
The figure of NAT translation shows that for the ping to 8.8.8.8, 4 packets were generated for ICMP protocol from PC:
The inside global address is the address of the router on the public side:
The inside local is the address of the host PC0:
- the outside global is the address of the server (public ip address 8.8.8.8)
the other translation is TCP packet for the HTTP access to the cisco.com page on port 80 (HTTP)