====== DHCP e NAT em Router Cisco vIOS ======
===== Cenário =====
{{:cisco_dhcp_nat.png|}}
===== Desabilitando os logs do console =====
Router>enable
Router#configure terminal
Router(config)#no logging console
===== Configurando a interface WAN =====
Router(config)#do show ip interface brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 unassigned YES unset administratively down down
GigabitEthernet0/1 unassigned YES unset administratively down down
GigabitEthernet0/2 unassigned YES unset administratively down down
GigabitEthernet0/3 unassigned YES unset administratively down down
Router(config)#interface gigabitEthernet 0/0
Router(config-if)#ip address dhcp
Router(config-if)#description WANInterface
Router(config-if)#no shutdown
Router(config-if)#ip nat outside
Router(config-if)#do show ip interface brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 192.168.122.60 YES DHCP up up
GigabitEthernet0/1 unassigned YES unset administratively down down
GigabitEthernet0/2 unassigned YES unset administratively down down
GigabitEthernet0/3 unassigned YES unset administratively down down
NVI0 192.168.122.60 YES unset up up
===== Configurando a interface LAN =====
Router(config-if)#interface GigabitEthernet0/1
Router(config-if)#ip address 172.16.100.1 255.255.255.0
Router(config-if)#description LANInterface
Router(config-if)#ip nat inside
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#do show ip interface brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 192.168.122.60 YES DHCP up up
GigabitEthernet0/1 172.16.100.1 YES manual up up
GigabitEthernet0/2 unassigned YES unset administratively down down
GigabitEthernet0/3 unassigned YES unset administratively down down
NVI0 192.168.122.60 YES unset up up
===== Configurando o DHCP Server =====
Router(config)#ip dhcp excluded-address 172.16.100.1
Router(config)#ip dhcp pool LAN
Router(dhcp-config)#default-router 172.16.100.1
Router(dhcp-config)#network 172.16.100.0 /24
Router(dhcp-config)#dns-server 192.168.122.1
Router(dhcp-config)#exit
Router(config)#ip access-list standard 1
Router(config-std-nacl)#permit 172.16.100.0 0.0.0.255
Router(config-std-nacl)#exit
===== Configurando o NAT =====
Router(config)#ip nat inside source list 1 interface gigabitEthernet 0/0 overload
Router(config)#exit
===== Testando o DHCP e o NAT no cliente =====
VPCS> ip dhcp
DDORA IP 172.16.100.2/24 GW 172.16.100.1
VPCS> show ip
NAME : VPCS[1]
IP/MASK : 172.16.100.2/24
GATEWAY : 172.16.100.1
DNS : 192.168.122.1
DHCP SERVER : 172.16.100.1
DHCP LEASE : 86372, 86400/43200/75600
MAC : 00:50:79:66:68:03
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
VPCS> ping 172.16.100.1 -c2
84 bytes from 172.16.100.1 icmp_seq=1 ttl=255 time=4.149 ms
84 bytes from 172.16.100.1 icmp_seq=2 ttl=255 time=5.572 ms
84 bytes from 172.16.100.1 icmp_seq=3 ttl=255 time=5.348 ms
84 bytes from 172.16.100.1 icmp_seq=4 ttl=255 time=5.668 ms
84 bytes from 172.16.100.1 icmp_seq=5 ttl=255 time=7.743 ms
VPCS> ping 1.1.1.1
84 bytes from 1.1.1.1 icmp_seq=1 ttl=55 time=29.517 ms
84 bytes from 1.1.1.1 icmp_seq=2 ttl=55 time=28.627 ms
84 bytes from 1.1.1.1 icmp_seq=3 ttl=55 time=29.712 ms
84 bytes from 1.1.1.1 icmp_seq=4 ttl=55 time=28.939 ms
84 bytes from 1.1.1.1 icmp_seq=5 ttl=55 time=26.362 ms
VPCS> ping google.com.br
google.com.br resolved to 142.250.219.163
84 bytes from 142.250.219.163 icmp_seq=1 ttl=116 time=38.060 ms
84 bytes from 142.250.219.163 icmp_seq=2 ttl=116 time=40.623 ms
84 bytes from 142.250.219.163 icmp_seq=3 ttl=116 time=40.060 ms
84 bytes from 142.250.219.163 icmp_seq=4 ttl=116 time=42.785 ms
84 bytes from 142.250.219.163 icmp_seq=5 ttl=116 time=38.844 ms
Router#show ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 192.168.122.60:35187 172.16.100.2:35187 142.250.219.163:35187 142.250.219.163:35187
icmp 192.168.122.60:35443 172.16.100.2:35443 142.250.219.163:35443 142.250.219.163:35443
icmp 192.168.122.60:35699 172.16.100.2:35699 142.250.219.163:35699 142.250.219.163:35699
icmp 192.168.122.60:35955 172.16.100.2:35955 142.250.219.163:35955 142.250.219.163:35955
icmp 192.168.122.60:36211 172.16.100.2:36211 142.250.219.163:36211 142.250.219.163:36211
udp 192.168.122.60:41488 172.16.100.2:41488 192.168.122.1:53 192.168.122.1:53
===== Referências =====
- [[https://www.youtube.com/watch?v=zu9hgRzzwG0|NAT ( PAT ) CONFIGURATION ON EVE-NG]]