Cisco Systems Router 1800 Series User Manual
Have a look at the manual Cisco Systems Router 1800 Series User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 3 Cisco Systems manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
4-9 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 4 Configuring PPP over ATM with NAT Configure Network Address Translation Current 15 min ES Defect: 0Current 15 min SES Defect: 0 Current 15 min UAS Defect: 33287 Previous 15 min CRC Defect: 0 Previous 15 min LOSW Defect: 0 Previous 15 min ES Defect: 0Previous 15 min SES Defect: 0 Previous 15 min UAS Defect: 0 Line-0 status Chipset Version: 0 Firmware Version: A388Modem Status: Data, Status 1 Last Fail Mode: No Failure status:0x0 Line rate: 2312 KbpsFramer Sync Status: In Sync Rcv Clock Status: In the Range Loop Attenuation: 341.1450 dBTransmit Power: 7.5 dB Receiver Gain: 22.5420 dB SNR Sampling: 36.8590 dBDying Gasp: Present Configure Network Address Translation Network Address Translation (NAT) translates packets from addresses that match a standard access list, using global addresses allocated by the dialer interface. Packets that enter the router through the inside interface, packets sourced from the router, or both are checked against the access list for possible address translation. You can configure NAT for either static or dynamic address translations. Perform these steps to configure the outside ATM WAN interface with dynamic NAT, beginning in global configuration mode:
4-10
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 4 Configuring PPP over ATM with NAT
Configure Network Address Translation
CommandPurpose
Step 1ip nat pool name start-ip end-ip {netmask
netmask | prefix-length prefix-length}
Example:
Router(config)# ip nat pool pool1
192.168.1.0 192.168.2.0 netmask 0.0.0.255
Router(config)#
Creates pool of global IP addresses for NAT.
Step 2ip nat inside source {list access-list-number}
{interface type number | pool name} [overload]
Example 1:
Router(config)# ip nat inside source list 1
interface dialer 0 overload
or
Example 2:
Router(config)# ip nat inside source list
acl1 pool pool1
Enables dynamic translation of addresses on the
inside interface.
The first example shows the addresses permitted
by the access list 1 to be translated to one of the
addresses specified in the dialer interface 0.
The second example shows the addresses
permitted by access list acl1 to be translated to one
of the addresses specified in the NAT pool pool1.
For details about this command and additional
parameters that can be set, as well as information
about enabling static translation, see the
Cisco
IOS IP Command Reference, Volume 1 of 4:
Addressing and Services.
Step 3interface type number
Example:
Router(config)# interface vlan 1
Router(config-if)#
Enters configuration mode for the VLAN (on
which the Fast Ethernet LAN interfaces
[FE2–FE9] reside) to be the inside interface
for
NAT.
Step 4ip nat {inside | outside}
Example:
Router(config-if)# ip nat inside
Router(config-if)#
Applies NAT to the Fast Ethernet LAN interface
as the inside interface.
For details about this command and additional
parameters that can be set, as well as information
about enabling static translation, see the
Cisco
IOS IP Command Reference, Volume 1 of 4:
Addressing and Services.
Step 5no shutdown
Example:
Router(config-if)# no shutdownRouter(config-if)#
Enables the configuration changes just made to the
Ethernet interface.
Step 6exit
Example:
Router(config-if)# exit
Router(config)#
Exits configuration mode for the Fast Ethernet
interface.
4-11
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 4 Configuring PPP over ATM with NAT
Configuration Example
NoteIf you want to use NAT with a virtual-template interface, you must configure a loopback interface. See
Chapter 1, “Basic Router Configuration,” for information on configuring the loopback interface.
For complete information on NAT commands, see the Cisco IOS Release 12.3 documentation set. For
more general information on NAT concepts, see
Appendix B, “Concepts.”
Configuration Example
The following configuration example shows a portion of the configuration file for a client in the PPPoA
scenario described in this chapter.
The VLAN interface has an IP address of 192.168.1.1 with a subnet mask of 255.255.255.0. NAT is
configured for inside and outside.
Step 7interface type number
Example:
Router(config)#interface fastethernet 0Router(config-if)#
Enters configuration mode for the ATM WAN
interface (FE0 or FE1) to be the outside interface
for NAT.
Step 8ip nat {inside | outside}
Example:
Router(config-if)# ip nat outside
Router(config-if)#
Identifies the specified WAN interface as the NAT
outside interface.
For details about this command and additional
parameters that can be set, as well as enabling
static translation, see the
Cisco IOS IP Command
Reference, Volume 1 of 4: Addressing and
Services.
Step 9no shutdown
Example:
Router(config-if)# no shutdown
Router(config-if)#
Enables the configuration changes just made to the
Ethernet interface.
Step 10exit
Example:
Router(config-if)# exit
Router(config)#
Exits configuration mode for the ATM interface.
Step 11access-list access-list-number {deny | permit}
source [source-wildcard]
Example:
Router(config)# access-list 1 permit
192.168.1.0 0.0.0.255
Defines a standard access list permitting addresses
that need translation.
NoteAll other addresses are implicitly denied.
Command Purpose
4-12 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 4 Configuring PPP over ATM with NAT Configuration Example NoteCommands marked by “(default)” are generated automatically when you run the show running-config command. ! interface Vlan1 ip address 192.168.1.1 255.255.255.0 ip nat inside ip virtual-reassembly (default)! interface ATM0 no ip address ip nat outside ip virtual-reassembly no atm ilmi-keepalive pvc 8/35 encapsulation aal5mux ppp dialer dialer pool-member 1 ! dsl operating-mode auto !interface Dialer0 ip address negotiated ip mtu 1492 encapsulation ppp dialer pool 1 dialer-group 1 ppp authentication chap ! ip classless (default)! ip nat pool pool1 192.168.1.0 192.168.2.0 netmask 0.0.0.255 ip nat inside source list 1 interface Dialer0 overload !access-list 1 permit 192.168.1.0 0.0.0.255 dialer-list 1 protocol ip permit ip route 10.10.25.2 0.255.255.255 dialer 0 ! Verifying Your Configuration Use the show ip nat statistics command in privileged EXEC mode to verify the PPPoA client with NAT configuration. You should see verification output similar to the following example: Router# show ip nat statistics Total active translations: 0 (0 static, 0 dynamic; 0 extended)Outside interfaces: ATM0 Inside interfaces: Vlan1 Hits: 0 Misses: 0 CEF Translated packets: 0, CEF Punted packets: 0Expired translations: 0 Dynamic mappings: -- Inside Source[Id: 1] access-list 1 interface Dialer0 refcount 0 Queued Packets: 0
CH A P T E R REVIEW DRAFT—CISCO CONFIDENTIAL 5-1OL-6426-03 5 Configuring a LAN with DHCP and VLANs The Cisco 1800 series integrated services fixed-configuration routers support clients on both physical LANs and virtual LANs (VLANs). The routers can use the Dynamic Host Configuration Protocol (DHCP) to enable automatic assignment of IP c onfigurations for nodes on these networks. Other interfaces and configurations of the VLANs are described in the “Switch Port Configurations” section on page 5-7. 1Fast Ethernet LAN (with multiple networked devices) 2Router and DHCP server—Cisco 1800 series integr ated services router—connected to the Internet 3VLAN 1 4VLAN 2 DHCP DHCP, which is described in RFC 2131, uses a cl ient/server model for address allocation. As an administrator, you can configure your Cisco 1800 integrated services fixed-configuration router to act as a DHCP server, providing IP address assignment an d other TCP/IP-oriented configuration information to your workstations. DHCP frees you from having to manually assign an IP address to each client. When you configure a DHCP server , you must configure the server properties, policies, and DHCP options. NoteWhenever you change server properties, you must relo ad the server with the configuration data from the Network Registrar database. VLANs The Cisco 1800 series integrated services routers (fixed) support eight Fast Ethernet ports on which you can configure VLANs. See the “Switch Port Configurations” section on page 5-7 for a description of the interfaces and features that can be configured on the switch ports and a link to a document containing the configuration procedures. VLANs enable networks to be segmented and formed into logical groups of users, regardless of the user’s physical location or LAN connection. Configuration Tasks Perform the following tasks to configure this network scenario: Configure DHCP
REVIEW DRAFT—CISCO CONFIDENTIAL 5-2 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-03 Chapter 5 Configuring a LAN with DHCP and VLANs Configure DHCP Configure VLANs NoteThe procedures in this chapter assume you have already configured basic router features as well as PPPoE or PPPoA with NAT. If you have not performed these configurations tasks, see Chapter 1, “Basic Router Configuration,” Chapter 3, “Configuring PPP over Ethernet with NAT,” and Chapter 4, “Configuring PPP over ATM with NAT” as appropriate for your router. See the Cisco IOS IP Configuration Guide to assign an IP address to the ports. Configure DHCP Perform these steps to configure your router for DHCP operation, beginning in global configuration mode: CommandPurpose Step 1ip domain name name Example: Router(config)# ip domain name smallbiz.com Router(config)# Identifies the default domain that the router uses to complete unqualified hostnames (names without a dotted-decimal domain name). Step 2ip name-server server-address1 [server-address2...server-address6] Example: Router(config)# ip name-server 192.168.11.12Router(config)# Specifies the address of one or more Domain Name System (DNS) servers to use for name and address resolution. Step 3ip dhcp excluded-address low-address [high-address] Example: Router(config)# ip dhcp excluded-address 192.168.9.0 Specifies IP addresses that the DHCP server should not assign to DHCP clients. In this example, we are excluding the router address. Step 4ip dhcp pool name Example: Router(config)# ip dhcp pool dpool1 Router(config-dhcp)# Creates a DHCP address pool on the router and enters DHCP pool configuration mode. The name argument can be a string or an integer. Step 5network network-number [mask | prefix-length] Example: Router(config-dhcp)# network 10.10.0.0 255.255.255.0 Router(config-dhcp)# Defines subnet number (IP) address for the DHCP address pool, optionally including the mask.
REVIEW DRAFT—CISCO CONFIDENTIAL 5-3 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-03 Chapter 5 Configuring a LAN with DHCP and VLANs Configure DHCP Configuration Example The following configuration example shows a portion of the configuration file for the DCHP configuration described in this chapter. ip dhcp excluded-address 192.168.9.0 !ip dhcp pool dpool1 import all network 10.10.0.0 255.255.255.0 default-router 10.10.10.10 dns-server 192.168.35.2 domain-name cisco.com! ip domain name smallbiz.com ip name-server 192.168.11.12 Step 6import all Example: Router(config-dhcp)# import allRouter(config-dhcp)# Imports DHCP option parameters into the DHCP portion of the router database. Step 7default-router address [address2...address8] Example: Router(config-dhcp)# default-router 10.1.1.1 Router(config-dhcp)# Specifies up to 8 default routers for a DHCP client. Step 8dns-server address [address2...address8] Example: Router(config-dhcp)# dns-server 192.168.35.2 Router(config-dhcp)# Specifies up to 8 DNS servers available to a DHCP client. Step 9domain-name domain Example: Router(config-dhcp)# domain-name cisco.com Router(config-dhcp)# Specifies the domain name for a DHCP client. Step 10exit Example: Router(config-dhcp)# exit Router(config)# Exits DHCP configuration mode, and enters global configuration mode. Command Purpose
REVIEW DRAFT—CISCO CONFIDENTIAL 5-4 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-03 Chapter 5 Configuring a LAN with DHCP and VLANs Configure DHCP Verify Your DHCP Configuration Use the following commands to view your DHCP configuration. show ip dhcp import—Displays the optional parameters imported into the DHCP server database. show ip dhcp pool—Displays information about the DHCP address pools. show ip dhcp server statistics—Displays the DHCP server statistics, such as the number of address pools, bindings, and so forth. Router# show ip dhcp import Address Pool Name: dpool1 Router# show ip dhcp pool Pool dpool1 : Utilization mark (high/low) : 100 / 0 Subnet size (first/next) : 0 / 0 Total addresses : 254 Leased addresses : 0 Pending event : none 1 subnet is currently in the pool : Current index IP address range Leased addresses 10.10.0.1 10.10.0.1 - 10.10.0.254 0 Router# show ip dhcp server statistics Memory usage 15419 Address pools 1Database agents 0 Automatic bindings 0 Manual bindings 0Expired bindings 0 Malformed messages 0 Secure arp entries 0 Message Received BOOTREQUEST 0DHCPDISCOVER 0 DHCPREQUEST 0 DHCPDECLINE 0DHCPRELEASE 0 DHCPINFORM 0 Message Sent BOOTREPLY 0 DHCPOFFER 0DHCPACK 0 DHCPNAK 0 Router#
REVIEW DRAFT—CISCO CONFIDENTIAL
5-5
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-03
Chapter 5 Configuring a LAN with DHCP and VLANs Configure VLANs
Configure VLANs
Perform these steps to configure VLANs on your router, beginning in privileged EXEC mode:
CommandPurpose
Step 1vlan database
Example:
Router# vlan databaseRouter(vlan)#
Enters VLAN configuration mode.
Step 2vlan vlan-id [ media type] [ name vlan-name]
Example:
Router(vlan)# vlan 2 media ethernet name
VLAN0002
Router(vlan)# vlan 3 media ethernet name
red-vlan
Router(vlan)#
Adds VLANs, with identifiers ranging from 2 to
1001.
For details about this command and additional
parameters that can be set, see the
Cisco IOS
Switching Services Command Reference.
Step 3exit
Example:
Router(vlan)# exitRouter#
Updates the VLAN database, propagates it
throughout the administrative domain, and returns
to privileged EXEC mode.
Verify Your VLAN Configuration
Use the following commands to view your VLAN configuration.
show—Entered from VLAN database mode. Displays summary configuration information for all
configured VLANs.
show vlan-switch —Entered from privileged EXEC mode. Displays detailed configuration
information for all configured VLANs.
Router# vlan database
Router(vlan)# show VLAN ISL Id: 1
Name: default
Media Type: Ethernet VLAN 802.10 Id: 100001
State: Operational
MTU: 1500 Translational Bridged VLAN: 1002
Translational Bridged VLAN: 1003
VLAN ISL Id: 1002
Name: fddi-default
Media Type: FDDI VLAN 802.10 Id: 101002
State: Operational
MTU: 1500 Bridge Type: SRB
REVIEW DRAFT—CISCO CONFIDENTIAL
5-6
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-03
Chapter 5 Configuring a LAN with DHCP and VLANs
Configure VLANs
Translational Bridged VLAN: 1 Translational Bridged VLAN: 1003
VLAN ISL Id: 1003 Name: token-ring-default
Media Type: Token Ring
VLAN 802.10 Id: 101003 State: Operational
MTU: 1500
Bridge Type: SRB Ring Number: 0
Bridge Number: 1
Parent VLAN: 1005 Maximum ARE Hop Count: 7
Maximum STE Hop Count: 7
Backup CRF Mode: Disabled Translational Bridged VLAN: 1
Translational Bridged VLAN: 1002
VLAN ISL Id: 1004
Name: fddinet-default
Media Type: FDDI Net VLAN 802.10 Id: 101004
State: Operational
MTU: 1500
Bridge Type: SRB Bridge Number: 1
STP Type: IBM
VLAN ISL Id: 1005
Name: trnet-default
Media Type: Token Ring Net VLAN 802.10 Id: 101005
State: Operational
MTU: 1500 Bridge Type: SRB
Bridge Number: 1
STP Type: IBM
Router# show vlan-switch
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0, Fa1, Fa2, Fa31002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
1002 fddi 101002 1500 - - - - - 1 10031003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0Router#