Configuration
NAT Overview for CCNA
Mar 27th
As I prepare for the CCNA, I collected all my various notes and have tried to put the highlights here for quick reference as my test date approaches.
3 Types of NAT:
- Dynamic NAT – might be used between networks with overlapping address schemes. This is the least common form of NAT.
- NAT Overload / Port Address Translation (PAT)
- Static NAT – straight “one-to-one” Private to Public IP address translation.
Configure NAT Overload with the CLI (3 steps)
- Label the interfaces
- Identify the internal IP addresses to be translated (with ACL)
- Enable NAT overload
LABEL INTERFACES
router1#config t
router1(config)#int gi0/0
router1(config-if)#ip nat inside
router1(config-if)#
router1(config-if)#int gi0/1
router1(config-if)#ip nat outside
router1(config-if)#
router1(config-if)#exit
router1(config)#
Identify Internal addresses to be translated (with ACL)
router1#config t
router1(config)#ip access-list standard NAT_ADDRESSES
router1(config-std-nacl)#permit 192.168.0.0 0.0.255.255
router1(config-std-nacl)#
router1(config-std-nacl)#exit
router1(config)#
*Make a note that the name of the ACL is totally up to you, I just used this for ease of identification.
Enable NAT Overload
router1#config t
router1(config)#ip nat inside source list NAT_ADDRESSES interface gi0/1 overload
router1(config)#
router1(config)#exit
That is it for configuring NAT Overload, just 3 easy steps (as long as you can remember the steps).
Static NAT configuration
The next common form of NAT, is the straight forward Static NAT. This is where we will simple link an inside IP address with a public IP address. In this next example I will map the inside address of 192.168.10.50 to the outside address of 68.110.171.99
router1#config t
router1(config)#ip nat inside source static 192.168.10.50 68.110.171.99
router1(config)#exit
router1#
How to configure a VTP Server and Client
Oct 25th
VLAN Trunking Protocol (VTP) is Cisco’s proprietary protocal for propagating VLAN information that exists on one switch to another switch. The advantage of VTP is that it eliminates the need to create VLANs on each individual switch within a site. Instead you only need to create your VLANs on the switch you designate as the server and assign your other switches to the role of a client.
For the purposes of this example Switch A will be the VTP Server and Switch B will be the VTP client.
- Setup VTP server role for Switch A
- Create VLANs on Switch A
- Setup VTP client role for Switch B
- Setup 802.1q Trunking between Switch A and Switch B
- Assign VLANs to specific interfaces
The configuration goes like this:
1. Setup VTP server on Switch A
SwitchA#vlan database (enter vlan configuration mode)
SwitchA(vlan)#vtp server (sets the VTP mode)
SwitchA(vlan)#vtp password MYPASSWORD (optional, assign a password to the VTP domain)
SwitchA(vlan)#vtp domian CORP (assigns a name to the VTP domain)
SwitchA(vlan)#exit (exit vlan configuration mode)
2. Create VLANs on Switch A (the VTP server)
SwitchA#configure teminal (enter into configuration mode)
SwitchA(config)#vlan 2 (defines the vlan, in this case vlan 2)
SwitchA(config)#vlan 2 name accounting (assigns a name to the vlan for description)
SwitchA(config)#exit (exit configuration mode)
3. Setup VTP client role on Switch B
SwitchB#vlan database (enter vlan configuration mode)
SwitchB(vlan)#vtp client (sets the VTP mode)
SwitchB(vlan)#vtp domain CORP (defines the VTP domain name)
SwitchB(vlan)#vtp password MYPASSWORD (the password for the VTP domain)
SwitchB(vlan)#exit (exits VTP configuration mode)
4. Setup Trunking between Switch A and Switch B
SwitchA(config)#configure terminal (enter the configuration mode)
SwitchA(config)#interface fastethernet 0/1 (select ethernet port 1)
SwitchA(config-if)#switchport mode trunk (set port 1 as a trunk port)
SwitchA(config-if)#switchport trunk encapsulation dot1q (set the trunk type)
SwitchA(config-if)#end (exit configuration mode)SwitchB(config)#interface fastethernet 0/1 (select ethernet port 1)
SwitchB(config-if)#switchport mode trunk (set port 1 as a trunk port)
SwitchA(config-if)#switchport trunk encapsulation dot1q (set the trunk type)
SwitchB(config-if)#end (exit configuration mode)
5. Assign VLANs to particular interfaces
SwitchA(config)#configure terminal (enter configuration mode)
SwitchA(config)#interface fastethernet 0/2 (select the interface)
SwitchA(config-if)# switchport access vlan2 (assign the VLAN to the interface)
SwitchA(config-if)#exit (exit interface configuration)
Of course there are a few other options, but the above example covers all the basics you need to know to setup VTP on your switches.
