1
00:00:01,060 --> 00:00:07,660
So let's look at a demonstration of static not in this example of three radhe radhe a one Rodek two

2
00:00:07,720 --> 00:00:16,050
and rob of three Rodda one is connected to Radha to using Network 10 1 1 0 slushed 24.

3
00:00:16,360 --> 00:00:25,140
This will represent the Insight Network Rodda to in turn is connected to rotatory using eight dot 0.00

4
00:00:25,150 --> 00:00:26,620
slushed 24.

5
00:00:26,710 --> 00:00:33,910
This will represent the outside network network 8 is owned by Level 3 communications.

6
00:00:33,910 --> 00:00:39,990
This is one of a range of slash 8 public IP addresses.

7
00:00:40,030 --> 00:00:46,170
Others include toll for AT&T 17 for Apple and 19:4 forward.

8
00:00:46,630 --> 00:00:53,230
So for our demonstration we'll pretend that this is the internet outside network we'll have done on

9
00:00:53,230 --> 00:00:58,230
these routers configure IP addresses and a static route on Route 1.

10
00:00:58,240 --> 00:01:08,350
So on a one show run interface if 0 0 you can see the IP address and show IP route shows me that that

11
00:01:08,350 --> 00:01:16,320
network is directly connected to fast Ethernet 00 and router one has a static default route to route

12
00:01:16,360 --> 00:01:26,290
a to rotisserie however does not have routing on pre-configured an IP address on the first Ethan that

13
00:01:26,320 --> 00:01:26,910
interface

14
00:01:29,780 --> 00:01:39,480
but show IP that shows us that there is no default route there are no IP protocols running on this router.

15
00:01:39,730 --> 00:01:42,970
It only has this IP address configured on fossa.

16
00:01:42,970 --> 00:01:45,280
Ethan it is 0 0 right.

17
00:01:45,420 --> 00:01:52,070
2 in turn has 10 1 1 2 configured on fossa.

18
00:01:52,080 --> 00:01:57,020
Ethan it is 0 0 and 8 1 1 1.

19
00:01:57,020 --> 00:01:58,470
Configure it on.

20
00:01:58,500 --> 00:02:03,040
Ethan it is 0 1.

21
00:02:03,220 --> 00:02:09,120
It also has no static routes and no routing protocols enabled.

22
00:02:09,120 --> 00:02:13,850
All it has is an IP address on this interface and an IP address on this interface.

23
00:02:14,280 --> 00:02:18,920
At the moment rotisseries not able to ping wrote a one.

24
00:02:19,350 --> 00:02:23,970
Notice the pings are coming out.

25
00:02:24,110 --> 00:02:32,490
If we use the command debug IP packet and pings that address again we can see that the traffic is unreadable

26
00:02:32,900 --> 00:02:39,780
router 3 doesnt know how to get to 10 1 1 1 will turn the debugger off.

27
00:02:39,840 --> 00:02:44,290
It can however get to eight triple one.

28
00:02:44,310 --> 00:02:51,310
In other words Rodda to serrata three can ping router 2 but is not able to ping wrote a one on one I'll

29
00:02:51,340 --> 00:02:57,000
do it debug IP ICMP so we can see when traffic does arrive on that Grada.

30
00:02:57,330 --> 00:03:03,960
So once we do our ping tests we'll be able to see the output on Rotto one show IP net translations shows

31
00:03:03,960 --> 00:03:05,690
me that on Rodda to.

32
00:03:05,720 --> 00:03:07,660
No that has been enabled.

33
00:03:07,830 --> 00:03:09,800
There are no translations at the moment.

34
00:03:10,220 --> 00:03:15,570
So Kaante interface if 0 1 IP Nat outside

35
00:03:18,950 --> 00:03:26,690
this is going to be outside network on router 2 you need to tell the Rodda which interfaces are inside

36
00:03:27,080 --> 00:03:29,340
and which interfaces outside.

37
00:03:29,450 --> 00:03:35,880
In this example I'm using Jeana's 3 so it's taking a while to bring up Nat but there we go.

38
00:03:37,200 --> 00:03:44,290
On the inside interface we need to configure IP not inside.

39
00:03:44,320 --> 00:03:51,550
And now that we configuring stedding that we use the common IP that we have a few options we can do

40
00:03:51,640 --> 00:03:59,260
that of inside hosts or not of outside hosts in our example we want to know that this IP address which

41
00:03:59,260 --> 00:04:05,650
is an insider inside hosts are going to specify inside we're going to natter the source IP address of

42
00:04:05,650 --> 00:04:08,320
packet's not to the destination.

43
00:04:08,500 --> 00:04:14,950
So when traffic gets sent from our one two or three the source IP address is going to be knotted and

44
00:04:14,950 --> 00:04:17,680
not the destination IP address.

45
00:04:18,500 --> 00:04:25,000
We could use a list I wrote map or static in our example we want to use static.

46
00:04:25,160 --> 00:04:29,090
We want to specify a static local to global mapping.

47
00:04:29,390 --> 00:04:35,240
So on Cisco devices the first IP address that you're going to configure is the actual IP address of

48
00:04:35,240 --> 00:04:36,440
a device.

49
00:04:36,440 --> 00:04:41,930
So in my example this is the actual IP address of the host some specifying that.

50
00:04:42,040 --> 00:04:43,600
So I need to specify source

51
00:04:47,270 --> 00:04:52,680
I've then have a few options I can specify the IP address and protocols.

52
00:04:52,980 --> 00:05:00,780
In my example I want to Nat IP address 10 1 1 1 which is the actual IP address of the device.

53
00:05:00,990 --> 00:05:04,320
All IP traffic is going to be nattered.

54
00:05:04,440 --> 00:05:09,480
You can specify that only TZP or UDP traffic is not.

55
00:05:09,660 --> 00:05:17,430
But in our example we are specifying that all IP traffic is netted more complex examples are not necessary

56
00:05:17,430 --> 00:05:18,810
for the CCMA.

57
00:05:19,200 --> 00:05:22,970
But I will demonstrate them just to make sure that you understand those options.

58
00:05:23,010 --> 00:05:30,490
Here we are simply being a one to one mapping of an IP address we then need to specify the global IP

59
00:05:30,490 --> 00:05:32,560
address or an interface.

60
00:05:32,560 --> 00:05:40,420
So in my example I'm just going to pick an IP address in this range eight dot 1.1 some simply going

61
00:05:40,420 --> 00:05:43,430
to choose 8 dot wandered 1.5.

62
00:05:43,540 --> 00:05:46,640
That address is not physically configured any way.

63
00:05:48,450 --> 00:05:55,420
We can specify various options but I'm simply going to use carriage return to create to the next entry.

64
00:05:55,470 --> 00:06:02,850
So now when I type show IP Nat translations we can see that the inside local address.

65
00:06:02,940 --> 00:06:10,830
So the physical PC on the inside network went on the local area network has the IP address inside local

66
00:06:10,830 --> 00:06:21,390
IP address on the lam so logically we are saying that this is our LAN local area network and this is

67
00:06:21,390 --> 00:06:24,730
the Internet in our example.

68
00:06:25,470 --> 00:06:34,170
So global Internet so this hosts IP address on the global Internet will appear as follows.

69
00:06:34,460 --> 00:06:35,330
So on.

70
00:06:35,330 --> 00:06:39,650
Rotisserie can we ping Tim one on one.

71
00:06:39,660 --> 00:06:47,670
No we can't we can ping that address at the moment because this device has no route to get to this IP

72
00:06:47,670 --> 00:06:48,490
address.

73
00:06:48,510 --> 00:06:54,640
However Kennet ping 8 1 1 5 took it a while.

74
00:06:54,650 --> 00:06:57,260
But notice the pings started succeeding.

75
00:06:57,260 --> 00:07:07,520
And on Radio 1 we see the echo reply from a source of 10 1 1 1 to a destination of 8 1 2 Rato one is

76
00:07:07,520 --> 00:07:09,650
replying using this address.

77
00:07:09,920 --> 00:07:13,360
But what is wrong is we actually think it's pinging.

78
00:07:13,360 --> 00:07:19,420
So let's do a debug IP ICMP on the site and ping 8 1 1 5 again.

79
00:07:20,950 --> 00:07:30,110
Notice it's receiving traffic from 8 1 1 5 but rather one is actually sending it from 10 1 1 1.

80
00:07:30,190 --> 00:07:38,220
So from rotisseries point of view the destination IP address is a 1 1 5 that gets translated to 10 1

81
00:07:38,220 --> 00:07:46,140
1 1 hits those Rodda and it replies with a source IP address of 10 1 1 1 when it hits rockety.

82
00:07:46,310 --> 00:07:51,260
It's translated to 8 1 1 5 and forwarded to router 3.