It is most commonly used to convert a non routable

Info icon This preview shows pages 26–28. Sign up to view the full content.

View Full Document Right Arrow Icon
address on the outside of your network and vice versa. It is most commonly used to convert a non- routable address to a routable address. For all configs, you must specify which interfaces are internal for NAT and which are external: Static NAT maps one address to one address such as 192.168.1.1 to 200.1.1.1. You would do this for any devices which need a permanent IP address such as a web server. Dynamic NAT maps a number of internal addresses to a pool of external addresses. The below config creates a pool of 10 addresses with a mask (prefix length) of 255.255.255.0 and the name ‘ad_ team.’ The hosts to be NATted are on the 192.168.1.0 network. The access list (source list) tells the router which addresses to NAT. Overload NAT (or PAT) maps private internal addresses to one or more external addresses using port numbers. The below config creates a pool of ten addresses (it could be more) and the command overload tells the router to use port address translation. 25 Router(config)#ip nat pool ad_team 10.0.0.1 10.0.0.10 prefix-length 24 Router(config)#ip nat inside source list 1 pool ad_team out Router(config)#access-list 1 permit 192.168.1.0 0.0.0.255 Router(config)#ip nat inside source static 192.168.1.1 200.1.1.1 Router(config-if)#ip nat inside/outside Redistributing: rip Default version control: send version 2, receive version 2 Interface Send FastEthernet0/0 2 Recv 2 Triggered RIP Key-chain Automatic network summarization is not in effect Maximum path: 4 Routing for Networks: 172.16.0.0 192.168.1.0 Passive Interface(s): FastEthernet 0/1 Routing Information Sources: Gateway Distance Last Update Distance: (default is 120) Router(config)#ip nat pool ad_team 10.0.0.1 10.0.0.10 prefix-length 24 Router(config)#ip nat inside source list 1 pool ad_team out overload Router(config)#access-list 1 permit 192.168.1.0 0.0.0.255
Image of page 26

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Cisco CCENT Cram Guide v3.0 © Paul Browning 2017 Switch and Router Security Passwords The command service password-encryption encrypts all passwords with a weak (level 7) algorithm. Enable: used to get from user exec to privileged exec. Not encrypted. Enable Secret: Encrypts password (only use enable or enable secret not both). Level 5 encryption. VTY: needed if telnet access is required. If you want to permit SSH into the router or switch telnet lines then you need to add the command transport input ssh to the vty lines. Auxiliary: allows modem access to the aux port. Console: used to allow console access Protect Switch Ports 26 Router(config)#line console 0 Router(config-line)#password cisco Router(config-line)#login Router(config)#line aux 0 Router(config-line)#password cisco Router(config-line)#login Router(config)#line vty 0 4 Router(config-line)#password cisco Router(config-line)#login Router(config)#enable secret {password} Router(config)#enable password {password} Switch1(config)#int fast 0/1 Switch1(config-if)#switchport mode access Switch1(config-if)#switchport port-security Switch1(config-if)#switchport port-security ?
Image of page 27
Image of page 28
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern