Options

Question on NAT

dissolveddissolved Inactive Imported Users Posts: 228
in CCNA & CCENT
Just a quick question on NAT.
Here is a shot of my network
help.jpg

I never specified any NAT pools or anything in any of the routers. Yet NAT is occuring between the 192.168.1.40 and 192.168.2.1 router isnt it? It is automatically happening ? Like I said, I never configured NAT, but all my hosts can communicate.

question:

If NAT is indeed ocurring, why must we specify NAT with NAT commands sometimes? Like when we connect a cisco router to our cable connection?
Thanks
· Share on FacebookShare on Twitter

Comments

  • Options
    forbeslforbesl Member Posts: 454
    dissolved wrote:
    I never specified any NAT pools or anything in any of the routers. Yet NAT is occuring between the 192.168.1.40 and 192.168.2.1 router isnt it? It is automatically happening ? Like I said, I never configured NAT, but all my hosts can communicate.

    question:

    If NAT is indeed ocurring, why must we specify NAT with NAT commands sometimes? Like when we connect a cisco router to our cable connection?
    Thanks

    If you haven't got NAT configured, it's not working. It doesn't configure itself. Your cable router is PATing (NAT overload) all hosts within your internal network on its outside interface.

    Check out this link at Cisco:
    http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml
    · Share on FacebookShare on Twitter
  • Options
    knownasthatguyknownasthatguy Inactive Imported Users Posts: 25 ■□□□□□□□□□
    First, a diagram of your network will not help with the problem. Paste your configs then I can help with the problem a little better.

    Second, do a SH IP NAT TRANS at the IOS prompt for your routers. That alone will tell you if there is a translation taking place.

    Third, thats correct NAT is not started up automatically.

    If you dont want to compromise your network security by showing your IPs, substitute them with an equivalent IP scheme. Good luck.
    Is it getting bright in here, or am I just cool like that
    · Share on FacebookShare on Twitter
  • Options
    WebmasterWebmaster Admin Posts: 10,292 Admin
    Yet NAT is occuring between the 192.168.1.40 and 192.168.2.1 router isnt it?
    That's called routing ;)

    If your hosts on the 192.168.2x and 192.168.0.x can communicate with the internet (as in the other side of your cable router) than there must be a route (gateway of last resort/default route) on the Cisco routers. Did you configure RIP? Is RIP enabled by default on the cable router? Or did you configure a default route on the Cisco routers manually?
    LinkedIn - FaceBook
    · Share on FacebookShare on Twitter
  • Options
    knownasthatguyknownasthatguy Inactive Imported Users Posts: 25 ■□□□□□□□□□
    Ok, that is correct, you have routing between your ciscos and the cable router; but, you are also correct, there is a NAT in your network but its between your CM and ISP. If you are looking from the Internet to your routers, yes you will see the translation but it is on the "edge", meaning at your CM. Consider in what direction you are looking from. Also do a ping test. If your CISCO has NAT enabled, which I highly doubt it is, you can always issue a ping from a pc on outside interface and you will get a response from a NAT IP instead of your inside IP. This will also indicate you have a NAT. If your network is setup like I think it is, you have a CM with a series of 10/100 ports on it. Your cisco is conned to one of the ports with your CMs internal IP range as its address. Then, within your cisco networks, you have an entirely different IP range (Keep in mind, your IP subnets dont have to be the same for every Ethernet IFC, just the Serials, its called subnet domains or broadcast domains. This could be whats confusing you). From one of you CM ports, you will be able to hook a pc to it and ping your internal cisco IPs. Your ICMP echo will be the "outside pool" address.
    Is it getting bright in here, or am I just cool like that
    · Share on FacebookShare on Twitter
  • Options
    dissolveddissolved Inactive Imported Users Posts: 228
    thanks a lot guys
    I see where I'm confused

    NAT only occurs when translating public to private IP right...vice versa? (well, besides Cisco's static NAT, which can map private to private)


    If I have a dual-homed box in my LAN, and one NIC is 192.168.3.1 and the other NIC is 192.168.2.1, then that isnt necessarily NAT happening. It's basically just a router? (I should of known this icon_sad.gif )

    My ciscos dont have NAT enabled in them. I think using a cable router as my gateway is screwing me up (logic wise). Maybe I should grab a 2514.

    Heres another question. If you have:

    T1
    |
    |
    2500 router
    |
    |
    pix
    |
    |
    Clients

    The router usually isnt doing NAT. It's just the connection to the CSU/DSU/ The pix is the one usually doing the NAT (and inspecting the packets at the same time). Is that correct? I heard the less NAT you do the better. And you REALLY only need to do it when going private to public /public to private.

    I'll read that NAT link.
    Thanks guys
    · Share on FacebookShare on Twitter
Sign In or Register to comment.