Cisco 1710 Spezifikationen PDF herunterladen (Seite 40)

Chapter 2 Cisco 1710 Security Router Configuration

Configuring Network Address Translation

2-10

Cisco 1710 Security Router Software Configuration Guide

78-12696-01

dns-server 172.16.1.102 172.16.2.102

netbios-name-server 172.16.1.103 172.16.2.103

netbios-node-type h-node

Configuring Network Address Translation

Network Address Translation (NAT) translates IP addresses within private

“internal” networks to “legal” IP addresses for transport over public “external”

networks (such as the Internet). Incoming traffic is translated back for delivery

within the inside network. Thus, NAT allows an organization with unregistered

“private” addresses to connect to the Internet by translating those addresses into

globally registered IP addresses.

Ethernet interfaces are configured as “NAT inside” or “NAT outside” as shown in

the previous section “Configuring the Ethernet Interfaces.” Once the interfaces

are configured, the following steps can be performed to establish the NAT

configuration within the router.

Command Task

Step 1

ip nat pool name start-ip end-ip {netmask

netmask | prefix-length prefix-length}

Create a pool of global IP addresses for NAT.

Step 2

access-list access-list-number permit source

[source-wildcard]

Define a standard access list permitting

addresses that need translation.

Step 3

ip nat inside source list access-list-number

pool name [overload]

Enable dynamic translation of addresses

permitted by access list. Overload allows the

use of one global address, from the pool, for

many local addresses.

Step 4

ip nat outside source static global-ip

local-ip

Enable static translation of a specified outside

source address. This command is optional.

1 2 ... 35 36 37 38 39 40 41 42 43 44 45 ... 87 88

Keine Kommentare

Cisco 1710 Spezifikationen Seite 40