Task 1: Configure NAT interfaces on the router.

The internal and external interfaces must be marked for the NAT to function.

Router#configure terminal
Router(config)#interface g0/0
Router(config-if)#ip nat inside
Router(config)#interface g0/1
Router(config-if)#ip nat outside

ip nat inside marks the internal LAN interface for NAT. ip nat outside  marks the external interface for NAT.

 

Task 2: Configure a NAT pool named POOL1 using public IP addresses ranging from 209.165.100.2 to 209.165.100.5.

Router(config-if)#exit
Router(config)#ip nat pool POOL1 209.165.100.2 209.165.100.5 netmask 255.255.255.248

This command creates a pool of public IPs ranging from 209.165.100.2 to 209.165.100.5 the subnet mask is 255.255.255.248 (/29) which is the subnet mask of the external network.

 

Task 3: Configure a standard access list named NAT.

In NAT, an access list is used to match traffic from the private network. This access-list needs to permit the internal private network.

Router(config)#ip access-list standard NAT
Router(config-std-nacl)#permit 192.168.100.0 0.0.0.255.
Router(config-std-nacl)#exit

This access list matches traffic originating from the internal network 192.168.100.0/24. Access-lists use wildcard mask.  255.255.255.0(/24) subnet mask is equal to 0.0.0.255 wildcard mask.

 

Task 4: Configure Dynamic NAT to translate private IPs to public IPs from POOL1.

Link the NAT pool to the access list for dynamic NAT translation.

Router(config)#ip nat inside source list NAT pool POOL1.

This command specifies that traffic matching access list NAT will be translated to an IP from POOL1.

Now exit configuration mode and save the configuration.

Router(config)#end
Router#write memory