Port Address Translation Lab Demo
Video Activity
Port Address Translation Lab For this lesson we're going to do a demonstration of Port Address Translation (PAT). From this lab, you'll learn how to remove the NAT, remove NAT pool commands, confirm your NAT Inside interface from previous sessions, set up/confirm telnet session configurations between targeted routers for this lab demonstration and ...
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
29 hours 18 minutes
Difficulty
Intermediate
Video Description
Port Address Translation Lab For this lesson we're going to do a demonstration of Port Address Translation (PAT). From this lab, you'll learn how to remove the NAT, remove NAT pool commands, confirm your NAT Inside interface from previous sessions, set up/confirm telnet session configurations between targeted routers for this lab demonstration and how to confirm the success of your PAT transaction.
Video Transcription
00:04
So,
00:05
once again,
00:06
we have hard to host
00:08
PC one and PC to.
00:11
And then
00:12
we're going to do our translation
00:14
on router to PC one once again has an I p of 10 10 10 1
00:21
you see over here and PC to has an I p of 10 10 10 to
00:29
Now we get a round or two and we have to get rid off our previous Nat commands
00:35
to be able to re enter them in
00:38
and do port address translation.
00:40
Now, if you she already said no, I'd be inside source list. Nat. Pool C C N A And it?
00:46
Well, no, I tried to take away the pool. No, I'd be not. Pool C, CNN first address 1 90 10 10 1 and the second last address. 1 90 10 10 to 54 And it said pool T CNN used cannot destroy
01:00
you, actually have to first take away the no i p nat inside source list in that pool C c and a command Before it'll let let you take the I P. Nat Pool C C and a command.
01:11
I got rid of both the phone so we can continue with our lab.
01:17
So now I'm gonna recreate the pool. I mean, that
01:22
pool ccn eh?
01:26
And now, this time around, though, I'm gonna make my first address
01:33
and my last address
01:36
the same.
01:38
So my pool has shrunk down to just the 1 90 10 10 1 address.
01:45
The mask remains the same.
01:52
And now
01:55
I tie my pool to my access list, as it was previously.
01:59
Access to this being called Nat
02:02
on my pool name being ccnet.
02:08
So I will just copy and paste this command down here. I'd be in that inside source. Listen at pooled CCN, eh?
02:16
However, this time around, I will include the overload option at the end of this command. So I'm going to say
02:24
overload. Hit, enter.
02:28
Let's check my work
02:30
show. Run.
02:34
I have I p net outside on my outside interface, which is F 00
02:40
I have i p net inside already from our previous configuration on our f zero slash one, not 10 interface.
02:50
And then I have all my nat commands here.
02:54
So I have my pool. I pee in that pool c CNN the pool being 1 90 10 10 1 and the last address also being 1 90 10 10 1 with the net mask of slash 24.
03:07
Then I have my access list permitting my 10 network to be translated,
03:14
and then I'm tying both of those commands together with the I P. Net inside source list
03:20
The list name being that
03:22
cool
03:23
the pool in being ccn A, but this time around with the keyword overload.
03:29
Now I'm gonna attempt to tell that
03:30
from PC one and PC to
03:34
to Route or four, which is on the outside.
03:38
And
03:38
hopefully both PCs will be able to tell that to writer for at the same time
03:45
using the same address. 1 90 10 10 1
03:49
And let's see how this works
03:51
now before I try and tell them to router for if you remember. Let's see.
03:55
I will show you if I tried to tell them to write or four and if rather four does not have telling that configured it should not work.
04:03
So tell that
04:05
1 51 a 1 $45.4 being Writer Force F 00 address
04:12
and it's open. So at some point, we had configured tell met on Router four.
04:16
Well,
04:17
this works.
04:21
Let's go ahead and tell that from
04:26
PC to to rattle for
04:38
And this also worked.
04:41
So both PC to and PC one on tell it it right now to router for as visible
04:47
by the prompt
04:49
are for
04:53
on PC one. Also visible by the prompt are for
04:59
Let's go into writer too. And check our translation table
05:04
show. I mean that
05:06
translations
05:09
and as you see PC one with an I p of 10 10 10 1
05:15
is
05:17
going to the outside world
05:20
with an I P address or 1 90 10 10 1
05:23
and PC to also
05:26
is going out with the same I p
05:29
1 90 10 10 1
05:31
Now, since I'm tell leading to the outside, I'm going to tell that users TCP Port 23.
05:38
So my destination port remains the same.
05:43
However, if you notice I'm using PC one is using a different source port,
05:50
then PC to
05:53
so PC one, when it goes gets translated to a public address, uses a sore sport of 10 25
06:00
which is the doing of router to router to sends out traffic from PC one with an I p off 1 90 10 10 1 but with a source TCP ports of 10 25
06:14
and router to sends out traffic from PC two with the same I p 1 90 10 10 1 but with a different source port. So the conversation separation is happening at Layer four.
06:28
This is how router to keeps conversations going on between Router four and PC one, separated from router for and PC to
06:38
this concludes to port address. Translation lecture. Next is static, Matt.
Up Next
Instructed By
Similar Content
