Going over it again - Static NAT - HELP

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hello everybody.
I have been going over NAT once again as I must admit I had struggled with it when I was doing my CCNA but finally got it or so I thought. Nearly 5 months down the line and I can't get it to work on packet tracer.
What am I doing wrong guys please?
I have PC connected to R1 then R1 connected to R2 by serial connection and PC2 connected to R2.
I have given the PC's static IP addresses.
PC1 is 192.168.28.1/24.
PC2 is 172.16.0.1/24.
R1 F9/0 is 192.168.28.254/24.
R1 S0/0 is 10.0.0.1/30.
R2 F9/0 is 172.16.0.254/24.
R2 S0/0 is 10.0.0.2/30.
Without messing about with NAT, PC1 was pinging R1, R1 was pinging R2, R2 was pinging PC2.
NO, PC1 would not ping either R2 or PC2 nor PC2 would ping R1 or PC1 as there was no routing protocols in place nor static routes.
I have enabled RIP VER2 on R2 and added the networks 10.0.0.0 and 172.16.0.0 to allow traffic to flow and to have networks advertised.
Now, in R1 I do not want to use any kind of routing I want NAT to work it out.
The scenario is to have PC1=192.168.28.1/24 to ping PC2=172.16.0.1/24.
Here's my config on booth routers. I must go over this subject over and over and over again until it’s printed in my little brain as it has totally faded away.
Could anyone enlighten me in the right direction, what am I doing wrong here please?
Cheers to all.

****************************************************************

R1#sh run
Building configuration...

Current configuration : 428 bytes
!
version 12.2
no service password-encryption
!
hostname R1
!
ip ssh version 1
!
interface Serial0/0
ip address 10.0.0.1 255.255.255.252
encapsulation ppp
ip nat outside
clock rate 4000000
!
interface FastEthernet9/0
ip address 192.168.28.254 255.255.255.0
ip nat inside
duplex auto
speed auto
!
ip nat inside source static 192.168.28.1 10.0.0.1
ip classless
!
line con 0
line vty 0 4
login
!
end

R1#

***************************************************

R2#sh run
Building configuration...

Current configuration : 386 bytes
!
version 12.2
no service password-encryption
!
hostname R2
!
ip ssh version 1
!
interface Serial0/0
ip address 10.0.0.2 255.255.255.252
encapsulation ppp
!
interface FastEthernet9/0
ip address 172.16.0.254 255.255.255.0
duplex auto
speed auto
!
router rip
version 2
network 10.0.0.0
network 172.16.0.0
!
ip classless
!
line con 0
line vty 0 4
login
!
end

R2#

Please refer to picture for network diagram.

Once again, thanks everubody.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

How do you expect NAT to magically "work it out"?

What I mean is... how do you expect R1 to know what to do with packets destined for 172.16.0.0/24?

 

As BM said there is not route from the R1 to R2 as you have no configured R1 with RIPv2.

NAT is normally used for two reasons:

1. To give people on the internal network access to the internet. Which is done by creating a NAT Pool and then assigning that to a group of people to use.

2. To allow external users into internal resources such as a Email Servers, Web Servers etc. This would be applied with an ACL as well.

 

OK. So no route, it's like a blind man, end of story I got it.

What I wanted to do here was to creat a scenarion with NAT and see it working.

How can I achive this and make sure that NAT is working?

Cheers

 

The problem is mate, without a real router you can't because the whole point of NAT is to allow people in or out of Public to Private Networks and vice versa.

If you go to my ICND2 Study Guide which can be found here you can download my Packet Tracer Labs and also have a look at my network diagrams as well.

This should show you how to implement NAT and the reasons behind it.

Also here you can find where I implemented NAT and the reasons behind it.

 

Graigie you're the man.
I do have a Cisco 1721 working here with NAT Overloading to allow my network to access the internet with an ACL of a set range of my network address /29.

I can see the use of static NAT to allow access to my NAS from the internet, where I can map all outside access to my NAS's local inside IP address, almost like in the old days of my lovely linksys cable router mapping outside to inside ports.

I shall look into your networks on PT and will comment on them latter.

Cheers for your help.

This is such an important subject and I do like it but totally lost my way about it, so therefore I will need to practise and allot.

 

I have finally got static NAT working.

Slightly different scenario then before. PC2 = 80.0.0.1 can now successfully access the web server 192.168.28.1 behind the IP address 10.0.0.5.

Here's the config files;

*********************************************

R1#sh run
Building configuration...

Current configuration : 658 bytes
!
version 12.2
no service password-encryption
!
hostname R1
!
ip ssh version 1
!
interface Serial0/0
ip address 10.0.0.1 255.255.255.252
encapsulation ppp
clock rate 4000000
!
interface Serial1/0
ip address 10.0.0.5 255.255.255.252
encapsulation ppp
ip nat outside
clock rate 4000000
!
interface FastEthernet8/0
no ip address
duplex auto
speed auto
!
interface FastEthernet9/0
ip address 192.168.28.254 255.255.255.0
ip nat inside
duplex auto
speed auto
!
router rip
version 2
network 10.0.0.0
network 192.168.28.0
!
ip nat inside source static 192.168.28.1 10.0.0.5
ip classless
!
line con 0
line vty 0 4
login
!
end

R1#

*********************************************

R2#sh run
Building configuration...

Current configuration : 386 bytes
!
version 12.2
no service password-encryption
!
hostname R2
!
ip ssh version 1
!
interface Serial0/0
ip address 10.0.0.2 255.255.255.252
encapsulation ppp
!
interface FastEthernet9/0
ip address 172.16.0.254 255.255.255.0
duplex auto
speed auto
!
router rip
version 2
network 10.0.0.0
network 172.16.0.0
!
ip classless
!
line con 0
line vty 0 4
login
!
end

R2#

*******************************************

R3#sh run
Building configuration...

Current configuration : 382 bytes
!
version 12.2
no service password-encryption
!
hostname R3
!
ip ssh version 1
!
interface Serial0/0
ip address 10.0.0.6 255.255.255.252
encapsulation ppp
!
interface FastEthernet9/0
ip address 80.0.0.254 255.255.255.0
duplex auto
speed auto
!
router rip
version 2
network 10.0.0.0
network 80.0.0.0
!
ip classless
!
line con 0
line vty 0 4
login
!
end

R3#

*********************************************

I have also enabled ip Nat debug to see it working so that I could understand this a bit better.
Now I have to work on another scenario. Dynamic NAT is next.

Cheers everybody.