1
00:00:07,990 --> 00:00:16,550
This is one of multiple videos discussing network address translation or not in a previous video I showed

2
00:00:16,550 --> 00:00:25,820
you how to configure static Nat translations to allow outside hosts hosts on the Internet access to

3
00:00:25,820 --> 00:00:35,060
multiple internal servers running in your local network router to in this example is nothing the three

4
00:00:35,060 --> 00:00:46,010
servers on the left to public IP addresses in the 8 8 8 range making them available to the PC.

5
00:00:46,010 --> 00:00:55,120
Now the issue here is that you are using an external or public IP address per internal server.

6
00:00:56,810 --> 00:01:03,230
Is it possible to use a single IP address such as an IP address at your home.

7
00:01:05,580 --> 00:01:14,890
To expose multiple servers or devices to the Internet.

8
00:01:14,910 --> 00:01:23,420
So in other words can you set up servers in your home network or small medium business network and allow

9
00:01:23,780 --> 00:01:28,260
people to access those servers using the same IP address.

10
00:01:29,330 --> 00:01:30,950
And the answer is yes.

11
00:01:30,980 --> 00:01:40,660
So at the moment I've got four net commands configured what I've done is configure gigabit 0 1 as the

12
00:01:40,660 --> 00:01:48,040
outside interface on this router and the other interfaces gigabit 00 two and three are configured as

13
00:01:48,550 --> 00:01:50,530
inside Nat interfaces.

14
00:01:51,300 --> 00:01:58,100
See my previous video for the configuration of static not using multiple IP addresses once again.

15
00:01:58,350 --> 00:02:07,020
But here what we're going to do is use the command IP not inside source because we want to Nat these

16
00:02:07,140 --> 00:02:11,100
servers to an individual IP address.

17
00:02:11,100 --> 00:02:18,860
So when we use the common IP Nat inside source static The inside a local IP address of the server.

18
00:02:18,870 --> 00:02:23,060
In other words it's real IP addresses tend wondered wondered one.

19
00:02:23,460 --> 00:02:29,230
And we get to a virtual IP address of 8 8 8 8 to 1.

20
00:02:29,480 --> 00:02:36,180
If we did that we would be using that entire IP address for that individual server.

21
00:02:36,180 --> 00:02:42,480
So what we're going to do here rather is specify TCAP or UDP.

22
00:02:42,480 --> 00:02:49,170
So TZP And now we are going to specify the inside IP address and the port number on that server is going

23
00:02:49,170 --> 00:02:54,700
to be 23 and the virtual IP address of the server is going to be this.

24
00:02:54,980 --> 00:02:59,720
And in this example I'll use port 23 extendable.

25
00:03:00,110 --> 00:03:07,850
So basically what I'm saying is that when this device sends traffic to port 23 and destination IP address

26
00:03:07,870 --> 00:03:13,690
8 8 8 8 1 the router is going to Nottage and send the traffic to that server.

27
00:03:14,150 --> 00:03:19,420
So let's test at rather three in this example is acting as our PC.

28
00:03:19,910 --> 00:03:23,800
So all telnet to 8 8 8 to 1.

29
00:03:23,910 --> 00:03:33,890
Notice I can log in to server 1 over there and to prove it we can type show IP interface brief to see

30
00:03:34,250 --> 00:03:36,200
the IP address of the server

31
00:03:39,010 --> 00:03:45,950
OK but now how do you do this for the other service.

32
00:03:45,950 --> 00:03:54,920
So in this example I'm going to use a random port number that we femoral port number of 65000 23 and

33
00:03:54,920 --> 00:03:59,810
change that to tendered one to two to two.

34
00:03:59,810 --> 00:04:06,110
So in other words when traffic gets sent by the PC to the router with the destination IP address of

35
00:04:06,830 --> 00:04:16,340
8 8 8 8 or 1 destination port number of 65000 and 23 the road is going to not get to us internal IP

36
00:04:16,340 --> 00:04:17,270
address.

37
00:04:18,090 --> 00:04:30,550
And change the port number to 23 so on Rodda 3 when we use the telnet IP address question mark C'mon

38
00:04:31,060 --> 00:04:33,660
we can now specify a port number.

39
00:04:33,970 --> 00:04:42,420
So sixty five thousand twenty three connection is opened and we are now on route a full

40
00:04:45,280 --> 00:04:49,090
show IP interface brief.

41
00:04:49,480 --> 00:05:04,600
We are on route a full but using the same IP address 8 8 8 or 1 but a different port in them which means

42
00:05:04,600 --> 00:05:07,000
the traffic goes to a different server.

43
00:05:07,000 --> 00:05:08,340
Let's create another one.

44
00:05:08,410 --> 00:05:11,400
So IP not inside source.

45
00:05:11,440 --> 00:05:13,150
Static TZP

46
00:05:16,620 --> 00:05:20,740
Let's send it to route of five acting service free.

47
00:05:20,830 --> 00:05:33,220
But in this case I'll use a port number of 65000 and 24 hour show run pipe include Nat shows us the

48
00:05:33,670 --> 00:05:44,410
static Nat commands that over here in Colorado for some back on Route 3 which is acting as our PC show

49
00:05:44,410 --> 00:05:50,360
at the interface brief notice this is the IP address of the PC it's on the Internet.

50
00:05:50,520 --> 00:05:56,660
And what I'll do now is telnet to port sixty Falzon and 24

51
00:05:59,860 --> 00:06:05,670
now I'm on route 5 with IP address 10 at one of 3.3.

52
00:06:05,830 --> 00:06:12,950
What I'll do now is use the command control shift 6 x to jump back to Route 3 and go to port number

53
00:06:13,430 --> 00:06:22,400
65000 23 on write a full control shift 6 x to jump back shows sessions.

54
00:06:22,420 --> 00:06:30,210
Shows me that I've got two sessions open what I'll do now is telnet to port 23.

55
00:06:30,340 --> 00:06:40,340
Now I'm on route 1 controllers shift 6 x shows that I've got three sessions open show IP not on router

56
00:06:40,380 --> 00:06:43,650
2 shows me those connections.

57
00:06:43,650 --> 00:06:53,490
So this PC 8 8 today or four which is this PC here has initiated sessions 2 8 8 8 8 1 pt. 23 which is

58
00:06:53,490 --> 00:07:00,280
going to that host one of the old TZP sessions is still held in the NAT translation table.

59
00:07:00,280 --> 00:07:07,710
Hence we are seeing two of them but we've also got the same PC sending traffic to eight today today

60
00:07:07,730 --> 00:07:14,860
day one but Port sixty five thousand twenty three that's going to a different host on port 23 and we've

61
00:07:14,860 --> 00:07:16,750
also got this entry.

62
00:07:16,750 --> 00:07:25,960
So that's an example of how to use the same global IP address or Internet IP address for multiple internal

63
00:07:25,960 --> 00:07:28,180
hosts or devices.

64
00:07:28,180 --> 00:07:34,390
So once again if you're at home and you wanted to make your devices available on the internet but you

65
00:07:34,390 --> 00:07:38,230
only had one public ip address this is how you do it.

66
00:07:38,320 --> 00:07:45,940
The only thing to remember is that you can't use the same port number for multiple internal devices

67
00:07:46,450 --> 00:07:50,780
because otherwise the router can't differentiate between the that translations.

68
00:07:50,830 --> 00:07:56,770
So hence we use different port numbers for the different hosts.

69
00:07:56,770 --> 00:08:02,450
Even though it's the same external IP address I hope you found this useful.

70
00:08:02,590 --> 00:08:08,650
This is out of the scope of a CCMA exam but hopefully give you some real world knowledge that you can

71
00:08:08,650 --> 00:08:09,380
apply.

72
00:08:09,760 --> 00:08:12,350
If you enjoyed this video please like it.

73
00:08:12,500 --> 00:08:14,160
I wish you all the very best.