© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 CCNA 5.0 Planning Guide Chapter 5: Network Address Translation for IPv4 Connecting Networks

Presentation_ID 2 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: Objectives  Describe NAT characteristics.  Describe the benefits and drawbacks of NAT.  Configure static NAT using the CLI.  Configure dynamic NAT using the CLI.  Configure PAT using the CLI.  Configure port forwarding using the CLI.  Configure NAT64.  Use show commands to verify NAT operation.

Presentation_ID 3 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: Overview  All public IPv4 addresses that transverse the Internet must be registered with a Regional Internet Registry (RIR). However, with a theoretical maximum of 4.3 billion addresses, IPv4 address space is severely limited.  With the proliferation of personal computing and the advent of the World Wide Web, it soon became obvious that 4.3 billion IPv4 addresses would not be enough.  The long term solution was IPv6, but more immediate solutions to address exhaustion were required.  For the short term, several solutions were implemented by the IETF, including Network Address Translation (NAT) and RFC 1918, Address Allocation for Private Internets.

Presentation_ID 4 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: Overview (cont.) The chapter describes:  How NAT, combined with the use of private address space, is used to both conserve and more efficiently use IPv4 addresses to provide networks of all sizes access to the Internet.  NAT characteristics, terminology, and general operations.  Three different types of NAT are static NAT, dynamic NAT, and NAT with overloading.  The benefits and disadvantages of NAT.  The configuration, verification, and analysis of static NAT, dynamic NAT, and NAT with overloading.

Presentation_ID 5 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: Overview (cont.) The chapter describes:  How port forwarding can be used to access an internal devices from the Internet.  Troubleshooting NAT using show and debug commands.  How NAT for IPv6 is used to translate between IPv6 addresses and IPv4 addresses.

Presentation_ID 6 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: Activities What activities are associated with this chapter?  Class Activity – Conceptual NAT  Activity – Identify the NAT Terminology  Packet Tracer – Investigating NAT Operation  Syntax Checker – Configuring Static NAT  Packet Tracer – Configuring Static NAT  Syntax Checker – Configuring Dynamic NAT  Packet Tracer – Configuring Dynamic NAT  Lab – Configuring Dynamic and Static NAT  Syntax Checker – Configuring PAT: Address Pool  Syntax Checker – Configuring PAT: Single Address

Presentation_ID 7 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: Activities (cont.) What activities are associated with this chapter?  Activity – Identifying the Address Information at Each Hop  Packet Tracer – Implementing Static and Dynamic NAT  Lab – Configuring Port Address Translation (PAT)  Packet Tracer – Configuring Port Forwarding on a Linksys Router  Case Study – Troubleshooting NAT  Packet Tracer – Verifying and Troubleshooting NAT Configurations  Lab – Troubleshooting NAT Configurations  Class Activity – NAT Check  Packet Tracer – Skills Integration Challenge

Presentation_ID 8 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: Packet Tracer Activity Password The password for all the Packet Tracer activities in this chapter is: PT_ccna5

Presentation_ID 9 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: Assessment  Students should complete Chapter 5 Exam after completing Chapter 5.  Worksheets, labs and quizzes can be used to informally assess student progress.

Presentation_ID 10 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: New Terms and Commands What terms and commands are introduced in this chapter? Network Address Translation (NAT) Private Address Public Address RFC Inside Local Address Inside Global Address Outside Local Address Outside Global Address Inside Address Outside Address Local Address Global Address Static Network Address Translation (Static NAT) Dynamic Network Address Translation (Dynamic NAT) Port Address Translation (PAT)

Presentation_ID 11 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: New Terms and Commands (cont.) What terms and commands are introduced in this chapter? show ip nat statistics command clear ip nat statistics command show ip nat statistics command show ip nat translations command ip nat pool command ip nat inside source list access-list-number pool name command ip nat translation timeout command clear ip nat translation * command Overload Port Forwarding ip nat inside source command NAT64 Unique Local Address (ULA) debug ip nat command debug ip nat detailed command

Presentation_ID 12 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential  Prior to teaching Chapter 5, the instructor should complete the Chapter 5 Assessment.  Ensure all the activities are completed. This is a very important concept and hands-on time is vital.  Basic NAT Troubleshooting information: es_tech_note09186a c32.shtml Chapter 5: Best Practices

Presentation_ID 13 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: Additional Help  For additional help with teaching strategies, including lesson plans, analogies for difficult concepts, and discussion topics, visit the CCNA Community at  If you have lesson plans or resources that you would like to share, upload them to the CCNA Community to help other instructors.

Presentation_ID 14 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: Topics Not in ICND2  This section lists topics covered by this chapter that are NOT listed in the ICND2 Blueprint. Those topics are posted at  Instructors could skip these sections; however, they should provide additional information and fundamental concepts to assist the student with the topic.

Presentation_ID 15 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential Chapter 5: Topics Not in ICND2 What sections of this chapter are NOT in the ICND2 certification blueprint? Introduction Conceptual NAT 5.1 Section – NAT Operation 5.2 Section – Configuring NAT 5.4 Section - Summary

Presentation_ID 16 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential

Presentation_ID 17 © 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential