wiki v1

User Tools

Site Tools

Trace: install_grafana kubernetes_dokuwiki gerenciar_secrets ansible_cisco_hosts kube_nfs_dynamic ansible_adhoc installdebian ldap-zb-01 zabbix_podman cisco_nat_dhcp
wikiv2:cisco_nat_dhcp

Table of Contents

DHCP e NAT em Router Cisco vIOS

Cenário

Desabilitando os logs do console

Router>enable
Router#configure terminal
Router(config)#no logging console

Configurando a interface WAN

Router(config)#do show ip interface brief 
Interface                  IP-Address      OK? Method Status                Protocol
GigabitEthernet0/0         unassigned      YES unset  administratively down down    
GigabitEthernet0/1         unassigned      YES unset  administratively down down    
GigabitEthernet0/2         unassigned      YES unset  administratively down down    
GigabitEthernet0/3         unassigned      YES unset  administratively down down 
Router(config)#interface gigabitEthernet 0/0
Router(config-if)#ip address dhcp 
Router(config-if)#description WANInterface
Router(config-if)#no shutdown 
Router(config-if)#ip nat outside
Router(config-if)#do show ip interface brief
Interface                  IP-Address      OK? Method Status                Protocol
GigabitEthernet0/0         192.168.122.60  YES DHCP   up                    up      
GigabitEthernet0/1         unassigned      YES unset  administratively down down    
GigabitEthernet0/2         unassigned      YES unset  administratively down down    
GigabitEthernet0/3         unassigned      YES unset  administratively down down    
NVI0                       192.168.122.60  YES unset  up                    up

Configurando a interface LAN

Router(config-if)#interface GigabitEthernet0/1
Router(config-if)#ip address 172.16.100.1 255.255.255.0
Router(config-if)#description LANInterface
Router(config-if)#ip nat inside 
Router(config-if)#no shutdown 
Router(config-if)#exit
Router(config)#do show ip interface brief
Interface                  IP-Address      OK? Method Status                Protocol
GigabitEthernet0/0         192.168.122.60  YES DHCP   up                    up      
GigabitEthernet0/1         172.16.100.1    YES manual up                    up      
GigabitEthernet0/2         unassigned      YES unset  administratively down down    
GigabitEthernet0/3         unassigned      YES unset  administratively down down    
NVI0                       192.168.122.60  YES unset  up                    up

Configurando o DHCP Server

Router(config)#ip dhcp excluded-address 172.16.100.1
Router(config)#ip dhcp pool LAN
Router(dhcp-config)#default-router 172.16.100.1
Router(dhcp-config)#network 172.16.100.0 /24
Router(dhcp-config)#dns-server 192.168.122.1
Router(dhcp-config)#exit
Router(config)#ip access-list standard 1
Router(config-std-nacl)#permit 172.16.100.0 0.0.0.255
Router(config-std-nacl)#exit

Configurando o NAT

Router(config)#ip nat inside source list 1 interface gigabitEthernet 0/0 overload
Router(config)#exit

Testando o DHCP e o NAT no cliente

VPCS> ip dhcp  
DDORA IP 172.16.100.2/24 GW 172.16.100.1
VPCS> show ip  
 
NAME        : VPCS[1]
IP/MASK     : 172.16.100.2/24
GATEWAY     : 172.16.100.1
DNS         : 192.168.122.1  
DHCP SERVER : 172.16.100.1
DHCP LEASE  : 86372, 86400/43200/75600
MAC         : 00:50:79:66:68:03
LPORT       : 20000
RHOST:PORT  : 127.0.0.1:30000
MTU         : 1500
VPCS> ping 172.16.100.1 -c2
 
84 bytes from 172.16.100.1 icmp_seq=1 ttl=255 time=4.149 ms
84 bytes from 172.16.100.1 icmp_seq=2 ttl=255 time=5.572 ms
84 bytes from 172.16.100.1 icmp_seq=3 ttl=255 time=5.348 ms
84 bytes from 172.16.100.1 icmp_seq=4 ttl=255 time=5.668 ms
84 bytes from 172.16.100.1 icmp_seq=5 ttl=255 time=7.743 ms
VPCS> ping 1.1.1.1         
 
84 bytes from 1.1.1.1 icmp_seq=1 ttl=55 time=29.517 ms
84 bytes from 1.1.1.1 icmp_seq=2 ttl=55 time=28.627 ms
84 bytes from 1.1.1.1 icmp_seq=3 ttl=55 time=29.712 ms
84 bytes from 1.1.1.1 icmp_seq=4 ttl=55 time=28.939 ms
84 bytes from 1.1.1.1 icmp_seq=5 ttl=55 time=26.362 ms
VPCS> ping google.com.br
google.com.br resolved to 142.250.219.163
 
84 bytes from 142.250.219.163 icmp_seq=1 ttl=116 time=38.060 ms
84 bytes from 142.250.219.163 icmp_seq=2 ttl=116 time=40.623 ms
84 bytes from 142.250.219.163 icmp_seq=3 ttl=116 time=40.060 ms
84 bytes from 142.250.219.163 icmp_seq=4 ttl=116 time=42.785 ms
84 bytes from 142.250.219.163 icmp_seq=5 ttl=116 time=38.844 ms
Router#show ip nat translations 
Pro Inside global      Inside local       Outside local      Outside global
icmp 192.168.122.60:35187 172.16.100.2:35187 142.250.219.163:35187 142.250.219.163:35187
icmp 192.168.122.60:35443 172.16.100.2:35443 142.250.219.163:35443 142.250.219.163:35443
icmp 192.168.122.60:35699 172.16.100.2:35699 142.250.219.163:35699 142.250.219.163:35699
icmp 192.168.122.60:35955 172.16.100.2:35955 142.250.219.163:35955 142.250.219.163:35955
icmp 192.168.122.60:36211 172.16.100.2:36211 142.250.219.163:36211 142.250.219.163:36211
udp 192.168.122.60:41488 172.16.100.2:41488 192.168.122.1:53 192.168.122.1:53

Referências

  1. NAT ( PAT ) CONFIGURATION ON EVE-NG
wikiv2/cisco_nat_dhcp.txt · Last modified: by 127.0.0.1