NAT ON A CISCO 2621

[ymmAUDIO]

Hello,


I am totally new to Cisco, and I am totally Cisco illiterate. I need to configure a NAT on my Cisco 2621. I have set the IP address, default gateway, and name servers on et 0/0. I need to set the second ethernet (0/1) for the internal network. I want the pcs on the internal network to access the internet thru eth 0/0. Please advise. Any help is appreciated. I thank you in advace.

Joseph

 

[Syty]

Here are some "guidelines", know what you are implenting before you do it...........Good Luck

ip classless

int e0/0
ip address dhcp
ip nat outside
no cdp enable

int e0/1
ip address 192.168.1.5 255.255.255.252
ip nat inside

ip nat pool first public ISP assigned address public ISP assigned address prefix-length subnet mask bit count

ip nat inside source list 5 pool first overload

ip access-list ext 5
permit ip 192.168.1.0 0.0.0.255
***This will allow every address, every IP enabled protocol, be wary of it's use***

I would suggest that you set up access-lists for your incoming / outgoing traffic. The access-list above is just for addresses included in the NAT table for translation.


Router Rip
version 2
network 192.168.1.0
passive-interface ethernet 0

***OSPF is better, but only suggested in networks of 20 or more routers, RIP will do you just fine, grow yourself later and learn to redistribute RIPv1 and OSPF into one-another.*****

Use the dhcp option if your internet service provider is dhcp, otherwise set it up static.

As far as the ip nat pool first statment, note the following:

- the word First is a logical name, make it whatever you like
- the public ISP assigned address, if this is configured for dhcp, then use the 'sh ip int e0' or 'sh ip int brief' command to see the ip address that will be needed.
- because you are going to use the overload statement, and you have only one public IP, the IP NAT POOL FIRST <IP> <IP>........is not a typo, this line designates which IP to use as a source address when traversing the Internet. It will start with an address and end with the same address. They both have to be there.

This is not a security class, configure your access-lists according to your needs.

Thsi should get you started. I suggest that you get some reading from cisco on each command you are about to implement. Don't just do it. ICND is a good start, but you'll have to look at a PIX book to get anything on NAT with meat on it.

Here's a Start:
===============

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml

Regards,

&quot;You have to know it to understand it, you have to understand it to secure it.&quot;

 

[ymmAUDIO]

Syty,

Thank you very much for your help. I will do some reading on those commands. That has helped me a lot. If you know any other good readings for beginners, or if you have any other poiters that may help, I would love to know. Thanks again.

Joseph

 

[Syty]

Interconnecting Cisco Networking Devices, Cisco Press ISBN: 1-587-20-083-X

Glad it helped. As you can see, this is going to get pretty thick, pretty fast......

the book mentioned above will give you A LOT of information on a beginner, not quite yet CCNA level.

Another good company that will put the same information in a discussion format is Sybex.

Have fun......we do....

 

[Syty]

ICND will be on the cover......

 

[ymmAUDIO]

Syty,


Thanks again. I will definately check out that book. I think I need to have a better undrestanding of thoes configs or commands before trying to use them. Thanks a lot.


Joseph