Network Address Translation Commands



Similar documents
Network Protocol Configuration

Chapter 11 Network Address Translation

Configuring Static and Dynamic NAT Translation

NAT (Network Address Translation) & PAT (Port Address Translation)

Configuring Static and Dynamic NAT Simultaneously

NETWORK ADDRESS TRANSLATION. Whitepaper

Configuring Network Address Translation (NAT)

Technical Support Information

1 Basic Configuration of Cisco 2600 Router. Basic Configuration Cisco 2600 Router

Topic 7 DHCP and NAT. Networking BAsics.

PIX/ASA: Allow Remote Desktop Protocol Connection through the Security Appliance Configuration Example

Video Conferencing and Firewalls

ICS 351: Today's plan

Multi-Homing Security Gateway

Configuring Timeout, Retransmission, and Key Values Per RADIUS Server

LAN TCP/IP and DHCP Setup

Network Data Encryption Commands

HP A-F1000-A-EI_A-F1000-S-EI VPN Firewalls

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

How To: Configure a Cisco ASA 5505 for Video Conferencing

- Network Address Translation -

Cisco Configuring Commonly Used IP ACLs

Sample Configuration Using the ip nat outside source list C

NetFlow Aggregation. Feature Overview. Aggregation Cache Schemes

21.4 Network Address Translation (NAT) NAT concept

IP Address: the per-network unique identifier used to find you on a network

Supported Platforms. Supported Standards, MIBs, and RFCs. Prerequisites. Related Features and Technologies. Related Documents. Improved Server Access

Chapter 12 Supporting Network Address Translation (NAT)

DHCP Server Port-Based Address Allocation

Integrating Cisco Secure PIX Firewall and IP/VC Videoconferencing Networks

ICS 351: Today's plan. IP addresses Network Address Translation Dynamic Host Configuration Protocol Small Office / Home Office configuration

Table of Contents. Cisco Blocking Peer to Peer File Sharing Programs with the PIX Firewall

ASA/PIX: Load balancing between two ISP - options

Interconnecting Cisco Network Devices 1 Course, Class Outline

NATed Network Testing IxChariot

Adding an Extended Access List

Sample Configuration Using the ip nat outside source static

Classic IOS Firewall using CBACs Cisco and/or its affiliates. All rights reserved. 1

Special ISDN Signaling Commands

Lab Characterizing Network Applications

UNCLASSIFIED. BlackBerry Enterprise Server Isolation in a Microsoft Exchange Environment (ITSG-23)

Introduction to Network Address Translation

ICND IOS CLI Study Guide (CCENT)

NetFlow v9 Export Format

Savvius Insight Initial Configuration

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Configuring Check Point VPN-1/FireWall-1 and SecuRemote Client with Avaya IP Softphone via NAT - Issue 1.0

IOS NAT Load Balancing with Optimized Edge Routing for Two Internet Connections

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

Chapter 1 Personal Computer Hardware hours

Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W

2. What is the maximum value of each octet in an IP address? A. 28 B. 255 C. 256 D. None of the above

F-SECURE MESSAGING SECURITY GATEWAY

Network Address Translation (NAT)

This Technical Support Note shows the different options available in the Firewall menu of the ADTRAN OS Web GUI.

Table of Contents. Cisco Using the Cisco IOS Firewall to Allow Java Applets From Known Sites while Denying Others

Planning for Information Network

Configure ISDN Backup and VPN Connection

Configuring a Load-Balancing Scheme

Evaluation guide. Vyatta Quick Evaluation Guide

Configuration Guide. DHCP Server. LAN client

Firewall Load Balancing

NAT (Network Address Translation)

Ref: A. Leon Garcia and I. Widjaja, Communication Networks, 2 nd Ed. McGraw Hill, 2006 Latest update of this lecture was on

NAT & IP Masquerade. Internet NETWORK ADDRESS TRANSLATION INTRODUCTION. NAT & IP Masquerade Page 1 of 5. Internal PC

Configuring PA Firewalls for a Layer 3 Deployment

ASA 8.3 and Later: Enable FTP/TFTP Services Configuration Example

Polycom. RealPresence Ready Firewall Traversal Tips

IOS NAT Load Balancing for Two ISP Connections

Firewall Stateful Inspection of ICMP

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Vocia MS-1 Network Considerations for VoIP. Vocia MS-1 and Network Port Configuration. VoIP Network Switch. Control Network Switch

Configuring Network Address Translation

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

LAB Configuring NAT. Objective. Background/Preparation

Emerald. Network Collector Version 4.0. Emerald Management Suite IEA Software, Inc.

Firewall Firewall August, 2003

Use Domain Name System and IP Version 6

Using IPM to Measure Network Performance

Triple DES Encryption for IPSec

DLSw+ Enhanced Load Balancing

2. IP Networks, IP Hosts and IP Ports

IOS Server Load Balancing

Document No. FO1101 Issue Date: Work Group: FibreOP Technical Team October 31, 2013 FINAL:

Configuring a Load-Balancing Scheme

Chapter 51 Server Load Balancing

Strategies to Protect Against Distributed Denial of Service (DD

Prestige 202H Plus. Quick Start Guide. ISDN Internet Access Router. Version /2004

IP Security Options Commands

PIX/ASA 7.x and above: Mail (SMTP) Server Access on the DMZ Configuration Example

Cisco IOS Flexible NetFlow Command Reference

Technical Note. vsphere Deployment Worksheet on page 2. Express Configuration on page 3. Single VLAN Configuration on page 5

INTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1)

How Your Computer Accesses the Internet through your Wi-Fi for Boats Router

Session Title: Exploring Packet Tracer v5.3 IP Telephony & CME. Scenario

Using VDOMs to host two FortiOS instances on a single FortiGate unit

Source-Connect Network Configuration Last updated May 2009

Cisco Which VPN Solution is Right for You?

Transcription:

Network Address Translation Commands This chapter describes the function and displays the syntax for Network Address Translation (NAT) commands. For more information about defaults and usage guidelines, see the corresponding chapter of the Dial Solutions Command Reference. clear ip nat translation To clear dynamic Network Address Translation (NAT) translations from the translation table, use the clear ip nat translation EXEC command. clear ip nat translation {* [inside global-ip local-ip] [outside local-ip global-ip]} clear ip nat translation protocol inside global-ip global-port local-ip local-port [outside local-ip global-ip] * Clears all dynamic translations. inside global-ip outside local-ip protocol global-port local-port (Optional) When used without the arguments protocol, global-port, and local-port, clears a simple translation that also contains the specified local-ip address. When used with the arguments protocol, global-port, and local-port, clears an extended translation. (Optional) Clears an entry that contains this local IP address and the specified global-ip address. (Optional) Clears an entry that contains this protocol and the specified global-ip address, local-ip address, global-port, and local-port. (Optional) Clears an entry that contains this global-port and the specified protocol, global-ip address, local-ip address, and local-port. (Optional) Clears an entry that contains this local-port and the specified protocol, global-ip address, local-ip address, and global-port. Network Address Translation Commands 845

ip nat ip nat To designate that traffic originating from or destined for the interface is subject to Network Address Translation (NAT), use the ip nat interface configuration command. To prevent the interface from being able to translate, use the no form of this command. ip nat {inside outside} no ip nat {inside outside} inside outside Indicates the interface is connected to the inside network (the network subject to NAT translation). Indicates the interface is connected to the outside network. ip nat inside destination To enable Network Address Translation (NAT) of the inside destination address, use the ip nat inside destination global configuration command. To remove the dynamic association to a pool, use the no form of this command. ip nat inside destination list {access-list-number name} pool name no ip nat inside destination list {access-list-number name} list access-list-number list name pool name Standard IP access list number. Packets with destination addresses that pass the access list are translated using global addresses from the named pool. Name of a standard IP access list. Packets with destination addresses that pass the access list are translated using global addresses from the named pool. Name of the pool from which global IP addresses are allocated during dynamic translation. ip nat inside source To enable Network Address Translation (NAT) of the inside source address, use the ip nat inside source global configuration command. To remove the static translation or remove the dynamic association to a pool, use the no form of this command. ip nat inside source {list {access-list-number name} pool name [overload] static local-ip global-ip} no ip nat inside source {list {access-list-number name} pool name [overload] static local-ip global-ip} list access-list-number Standard IP access list number. Packets with source addresses that pass the access list are dynamically translated using global addresses from the named pool. 846 Cisco IOS Software Command Summary

ip nat outside source list name pool name overload static local-ip global-ip Name of a standard IP access list. Packets with source addresses that pass the access list are dynamically translated using global addresses from the named pool. Name of the pool from which global IP addresses are allocated dynamically. (Optional) Enables the router to use one global address for many local addresses. When overloading is configured, each inside host s TCP or UDP port number distinguishes between the multiple conversations using the same local IP address. Sets up a single static translation; this argument establishes the local IP address assigned to a host on the inside network. The address could be randomly chosen, allocated from RFC 1918, or obsolete. Sets up a single static translation; this argument establishes the globally unique IP address of an inside host as it appears to the outside world. ip nat outside source To enable Network Address Translation (NAT) of the outside source address, use the ip nat outside source global configuration command. To remove the static entry or the dynamic association, use the no form of this command. ip nat outside source {list {access-list-number name} pool name static global-ip local-ip} no ip nat outside source {list {access-list-number name} pool name static global-ip local-ip} list access-list-number list name pool name static global-ip local-ip Standard IP access list number. Packets with source addresses that pass the access list are translated using global addresses from the named pool. Name of a standard IP access list. Packets with source addresses that pass the access list are translated using global addresses from the named pool. Name of the pool from which global IP addresses are allocated. Sets up a single static translation. This argument establishes the globally unique IP address assigned to a host on the outside network by its owner. It was allocated from globally routable network space. Sets up a single static translation. This argument establishes the local IP address of an outside host as it appears to the inside world. The address was allocated from address space routable on the inside (RFC 1918). Network Address Translation Commands 847

ip nat pool ip nat pool To define a pool of IP addresses for Network Address Translation (NAT), use the ip nat pool global configuration command. To remove one or more addresses from the pool, use the no form of this command. ip nat pool name start-ip end-ip {netmask netmask prefix-length prefix-length} [type rotary] no ip nat pool name start-ip end-ip {netmask netmask prefix-length prefix-length} [type rotary] name start-ip end-ip netmask netmask prefix-length prefix-length type rotary Name of the pool. Starting IP address that defines the range of addresses in the address pool. Ending IP address that defines the range of addresses in the address pool. Network mask that indicates which address bits belong to the network and subnetwork fields and which bits belong to the host field. Specify the netmask of the network to which the pool addresses belong. Number that indicates how many bits of the netmask are ones (how many bits of the address indicate network). Specify the netmask of the network to which the pool addresses belong. (Optional) Indicates that the range of address in the address pool identify real, inside hosts among which TCP load distribution will occur. ip nat translation To change the amount of time after which Network Address Translation (NAT) translations time out, use the ip nat translation global configuration command. To disable the timeout, use the no form of this command. ip nat translation {timeout udp-timeout dns-timeout tcp-timeout finrst-timeout} seconds no ip nat translation {timeout udp-timeout dns-timeout tcp-timeout finrst-timeout} timeout udp-timeout dns-timeout tcp-timeout finrst-timeout Specifies that the timeout value applies to dynamic translations except for overload translations. Default is 86400 seconds (24 hours). Specifies that the timeout value applies to the UDP port. Default is 300 seconds (5 minutes). Specifies that the timeout value applies to connections to the Domain Name System (DNS). Default is 60 seconds. Specifies that the timeout value applies to the TCP port. The default is 86400 seconds (24 hours). Specifies that the timeout value applies to Finish and Reset TCP packets, which terminate a connection. Default is 60 seconds. 848 Cisco IOS Software Command Summary

show ip nat statistics seconds Number of seconds after which the specified port translation times out. Default values are listed in the Default section. show ip nat statistics To display Network Address Translation (NAT) statistics, use the show ip nat statistics EXEC command. show ip nat statistics show ip nat translations To display active Network Address Translation (NAT) translations, use the show ip nat translations EXEC command. show ip nat translations [verbose] verbose (Optional) Displays additional information for each translation table entry, including how long ago the entry was created and used. Network Address Translation Commands 849

show ip nat translations 850 Cisco IOS Software Command Summary

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information