Options

stuck in NAT, How do you simulate internet in packet tracer?

CaptainLCaptainL Member Posts: 78 ■■□□□□□□□□
in CCNA & CCENT
Hi, I'm stuck in NAT, I tried making this topology to study NAT, but whenever I put the IP address of the server into the web browser I'am getting a connection. I haven't yet configured NAT in this scenario. can you help me out?
· Share on FacebookShare on Twitter

Comments

  • Options
    m3zillam3zilla Member Posts: 172
    What makes you think you'll need NAT to make the connection? As long the routers have the route, it's going to, well, route!

    You can "simulate the internet" by applying an ACL on the 2nd router to drop 172.16 traffic.
    · Share on FacebookShare on Twitter
  • Options
    CaptainLCaptainL Member Posts: 78 ■■□□□□□□□□
    m3zilla wrote: »
    What makes you think you'll need NAT to make the connection? As long the routers have the route, it's going to, well, route!

    You can "simulate the internet" by applying an ACL on the 2nd router to drop 172.16 traffic.

    I'll apply ACL denying 172.16 on the 2nd router then configure NAT to simulate the internet and to allow 172.16 for web browsing?
    · Share on FacebookShare on Twitter
  • Options
    DANMOH009DANMOH009 Member Posts: 241
    You will have to use NAT to translate the 172.16 (inside local) into an Inside Global address to communicate with the web server.

    Why dont you kill 2 birds with one stone! set up another LAN one in the 192 range, and the set and ACL to only allow the 192 or the 172 range and translate it to an IP that can communicate with the server.

    That way your really concentrating on NAT and ACL (in more depth then normal).
    · Share on FacebookShare on Twitter
  • Options
    m3zillam3zilla Member Posts: 172
    CaptainL wrote: »
    I'll apply ACL denying 172.16 on the 2nd router then configure NAT to simulate the internet and to allow 172.16 for web browsing?

    By blocking 172.16 on the 2nd router (or only permitting 2.2.2.0/24), you're ensuring that the hosts are not coming in as their original address. You can then focus on the NAT configuration and use sh ip nat translation (I think..haven't done NAT on a router in a while) to verify the NAT translation.
    · Share on FacebookShare on Twitter
  • Options
    CaptainLCaptainL Member Posts: 78 ■■□□□□□□□□
    I got this one working. here's what I did

    I apply ACL on Router 1
    access-list 10 deny 172.16.1.0 0.0.0.255
    access-list 10 permit any
    Interface FastEthernet 0/0
    ip access-list 10 out

    then tried to ping the host to the server
    result: FAILED

    Now, I apply the NAT on Router 1
    Ip nat inside source static 172.16.1.2 3.3.3.3
    interface fastethernet 0/0
    ip nat outside
    interface serial 0/0/0
    ip nat inside

    To test, I've open up the web browser on PC0 and typed "1.1.1.2" then I got a connection.
    tried this with the PC1 and It failed. to verify I've used the command show ip nat translation and It shows that the 172.16.1.2 was translated into 3.3.3.3 as it goes out of router 1.

    I will try again the other 2 type of NAT. Thank you m3zilla and DANMOH009 for the help. happy me! :)
    · Share on FacebookShare on Twitter
  • Options
    DANMOH009DANMOH009 Member Posts: 241
    no worries good luck, you've got me playing around with ACLs and NAT again aswell, so cheers.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.