1
00:00:00,270 --> 00:00:06,840
In previous videos we can figure this typology we can forget NHS IP router configured spanning tree

2
00:00:06,950 --> 00:00:14,220
we configured the GOP on the course switches and the Internet facing Rodda and we've done various things

3
00:00:14,220 --> 00:00:20,470
to optimize the typology in this video I'm going to configure a network address translation on router

4
00:00:20,520 --> 00:00:28,470
3 to enable devices in our Jeana's three topology to access the internet use router three router three

5
00:00:28,620 --> 00:00:31,220
is configured with an IP address on fust.

6
00:00:31,240 --> 00:00:41,730
Ethan it is 0 1 and the IP address is 1 2 1 6 8 1 1 24 router 3 has a default gateway of 1 2 1 6 8 1

7
00:00:41,940 --> 00:00:43,260
2 5 4.

8
00:00:43,320 --> 00:00:51,030
This is the internet facing Rodda in the cloud that router does not have the ability to run routing

9
00:00:51,030 --> 00:00:51,980
protocols.

10
00:00:52,440 --> 00:00:57,990
So I can't advertise the Ten Network running with ingenius 3 2 DAC router.

11
00:00:58,470 --> 00:01:02,600
So to get this to work I'm simply going to enable that on router 3.

12
00:01:02,760 --> 00:01:09,150
With this being the outside interface and this being the inside interface not to be correct with wording

13
00:01:09,180 --> 00:01:17,760
we actually enabling port address translation so that multiple devices in our topology can be nattered

14
00:01:17,790 --> 00:01:20,480
to the IP address on the interface.

15
00:01:20,640 --> 00:01:28,890
So on first Ethan it is 0 1 I'm going to use the Kamani IP Nat outside to enable Nat on the interface

16
00:01:29,370 --> 00:01:33,310
and make it to be the outside interface from a net point of view.

17
00:01:33,720 --> 00:01:36,170
That takes a while to come up in June 3.

18
00:01:36,360 --> 00:01:40,360
But after a while a should be able to configure this interface as the inside.

19
00:01:40,650 --> 00:01:42,660
And there you go so fast.

20
00:01:42,660 --> 00:01:47,420
Ethan it is 0 0 IP Nat in site.

21
00:01:47,520 --> 00:01:50,720
So we've told the Rodda that this interfaces the outside interface.

22
00:01:50,770 --> 00:01:53,660
This interface is the inside interface.

23
00:01:53,730 --> 00:01:59,850
So now we need to configure Nat and we do that by tapping the command IP Nat insight.

24
00:01:59,880 --> 00:02:02,740
I want a NAT devices on the inside network.

25
00:02:03,030 --> 00:02:09,120
And in this case I want to net source IP addresses based on an access list which is going to be access

26
00:02:09,120 --> 00:02:18,840
list one and began and then on to interface first Ethernet is 0 1 and we going to enable that by using

27
00:02:18,840 --> 00:02:21,320
the overload keyword.

28
00:02:21,360 --> 00:02:28,320
So the next step is to create an access list which is X-ists list one referenced over here in the net

29
00:02:28,350 --> 00:02:29,520
command.

30
00:02:29,820 --> 00:02:33,170
And I'm going to permit all devices in the 10 network

31
00:02:37,110 --> 00:02:45,630
so show run pipe include a NAT shows me that we've got Nat configured on the inside interface that is

32
00:02:45,630 --> 00:02:52,380
configured on the outside interface and we are overloading the outside interface not to be precise we

33
00:02:52,380 --> 00:02:58,620
should do this show run interface first Ethan it's 0 0 and we can see that IP not inside is enabled

34
00:02:58,620 --> 00:03:08,310
on that interface an IP net to outside is enabled on fast Ethernet 0 1 show IP that translations at

35
00:03:08,310 --> 00:03:11,760
the moment there are no net translations.

36
00:03:11,820 --> 00:03:16,800
So let's go on to Rotto one acting as PC one.

37
00:03:17,000 --> 00:03:22,600
And let's see if we can ping Google dot com at the moment.

38
00:03:22,610 --> 00:03:30,140
Notice please that it's trying to translate Google dot com using a broadcast and this takes a while

39
00:03:30,140 --> 00:03:31,350
to time out.

40
00:03:38,160 --> 00:03:43,310
The reason why is the Rhondda is doing a domain lookup.

41
00:03:43,370 --> 00:03:46,460
Now that's not shown by default in the running config.

42
00:03:46,850 --> 00:03:53,680
But if I type no IP domain look up and then try and ping Google dot com again.

43
00:03:54,290 --> 00:04:04,850
Notice the ping times are immediately if I use IP domain Look-Up I should specify my DNS server.

44
00:04:04,850 --> 00:04:08,120
So IP names the.

45
00:04:08,250 --> 00:04:14,420
And in this case I'll specify Google when I try and ping Google dot com.

46
00:04:14,720 --> 00:04:17,690
In this case notice it works.

47
00:04:17,740 --> 00:04:26,310
We got a reply from the Google DNS server and we were able to ping googled outcome Ratta once traffic

48
00:04:26,640 --> 00:04:29,620
is being enacted by router 3.

49
00:04:29,670 --> 00:04:36,450
So notice we can see the net translations has the connection to the Google DNS server and he has the

50
00:04:36,450 --> 00:04:44,040
connection to Google this is the IP address of Rotto one on the inside interface.

51
00:04:44,300 --> 00:04:51,980
And this is the netted IP address of rodder one which is the IP address of first East and it is 0 1

52
00:04:52,070 --> 00:04:53,180
as shown over there.

53
00:04:54,200 --> 00:04:55,310
I'll show these together

54
00:04:58,530 --> 00:05:07,340
so D-bag IP that that's actually on the wrong rattus on all router three de-bug IP Nat and what I'll

55
00:05:07,340 --> 00:05:11,720
do now is I will do a ping to Google dot com.

56
00:05:11,960 --> 00:05:17,920
And what we should see is you should see the net translations taking place and they you go notice source

57
00:05:17,930 --> 00:05:26,050
IP address 10 1 10 11 the IP address was translated to 1 9 2 1 6 8 1 1 24.

58
00:05:26,360 --> 00:05:35,480
That's the IP address once again our first Ethernet is 0 1 on router 3 going to google dotcom the initial

59
00:05:35,480 --> 00:05:37,070
ping timed out.

60
00:05:37,350 --> 00:05:38,600
So we saw that there.

61
00:05:38,930 --> 00:05:47,480
But there's the second ping and there's the reply to the ping from Google destination IP address of

62
00:05:47,480 --> 00:05:55,640
1 2 1 6 8 1 1 24 he's translated back to standard one to 10 or 11 is forwarded through the network to

63
00:05:55,640 --> 00:06:02,150
route one show IP that translation shows me that at the moment there are no net translations they've

64
00:06:02,150 --> 00:06:04,070
timed out.

65
00:06:04,070 --> 00:06:09,000
So let's telnet to Google dot com on port 80.

66
00:06:09,110 --> 00:06:11,450
You can see that it's connected.

67
00:06:11,450 --> 00:06:13,160
So it's opening that connection.

68
00:06:13,750 --> 00:06:20,210
And in the net translations you can see here is the DNS request to the DNS server and the reply.

69
00:06:20,540 --> 00:06:23,340
And he has the connection to the Google server.

70
00:06:23,540 --> 00:06:33,860
So show IP Nat translation shows me the DNS request and this is the connection to the web server.

71
00:06:33,860 --> 00:06:37,090
In other words Google dot com on port 80.

72
00:06:37,310 --> 00:06:44,090
You can see that we are currently connected to the Google server or press control see on the Rodda Precentor

73
00:06:44,900 --> 00:06:47,810
we can see something happening in the not translations.

74
00:06:48,800 --> 00:06:55,910
I use Control shift 6 x to jump back to the Rodda because it's keeping the connection open so disconnect

75
00:06:55,970 --> 00:07:04,330
my connection so we've successfully configured Nat in this network a lying rod a one to connect to Google.

76
00:07:04,520 --> 00:07:14,630
Let's do the same on router to acting as PC to its own PC to IP name server will be Google paying.

77
00:07:14,780 --> 00:07:16,020
She's another server.

78
00:07:16,190 --> 00:07:24,750
Cisco dot com can see that the DNS query succeeded and we were able to ping Cisco dot com.

79
00:07:24,830 --> 00:07:28,860
What about CNN.com.

80
00:07:29,020 --> 00:07:32,780
In this case the pings are being dropped by the server.

81
00:07:33,640 --> 00:07:35,550
So let's try Yahoo.

82
00:07:36,640 --> 00:07:41,870
Dot com we can see that the pings succeed.

83
00:07:42,090 --> 00:07:49,950
So we've successfully configured the entire network as well as configured Nat on router 3 and these

84
00:07:50,100 --> 00:07:54,260
routers acting as PCs can now access devices on the Internet.