Home » Cisco Manuals » Bridges & Routers » Cisco ESW-520-24-K9 » Manual Viewer

Cisco ESW-520-24-K9 Software Guide - Page 53

Verify the Configuration, Con Network Address Translation, Example:, show dsl interface atm

View all Cisco ESW-520-24-K9 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 53 highlights

Chapter 4 Configuring PPP over ATM with NAT Configure Network Address Translation Verify the Configuration You can verify that the configuration is set the way you want by using the show dsl interface atm command from privileged EXEC mode. Configure Network Address Translation Network Address Translation (NAT) translates packets from addresses that match a standard access list, using global addresses allocated by the dialer interface. Packets that enter the router through the inside interface, packets sourced from the router, or both are checked against the access list for possible address translation. You can configure NAT for either static or dynamic address translations. Perform these steps to configure the outside ATM WAN interface with dynamic NAT, beginning in global configuration mode: Step 1 Command ip nat pool name start-ip end-ip {netmask netmask | prefix-length prefix-length} Purpose Creates pool of global IP addresses for NAT. Example: Router(config)# ip nat pool pool1 192.168.1.0 192.168.2.0 netmask 255.255.255.0 Router(config)# Step 2 Step 3 ip nat inside source {list access-list-number} {interface type number | pool name} [overload] Example 1: Router(config)# ip nat inside source list 1 interface dialer 0 overload or Example 2: Router(config)# ip nat inside source list acl1 pool pool1 interface type number Example: Router(config)# interface vlan 1 Router(config-if)# Enables dynamic translation of addresses on the inside interface. The first example shows the addresses permitted by the access list 1 to be translated to one of the addresses specified in the dialer interface 0. The second example shows the addresses permitted by access list acl1 to be translated to one of the addresses specified in the NAT pool pool1. For details about this command and additional parameters that can be set, as well as information about enabling static translation, see the Cisco IOS IP Command Reference, Volume 1 of 4: Addressing and Services. Enters configuration mode for the VLAN (on which the Fast Ethernet LAN interfaces [FE0-FE3] reside) to be the inside interface for NAT. OL-14210-01 Cisco Secure Router 520 Series Software Configuration Guide 4-7

Section	Page
Cisco Secure Router 520 Series Software Configuration Guide	1
Contents	3
Preface	9
Objective	9
Audience	9
Organization	10
This guide is organized into the following chapters and appendix.	10
Conventions	11
Related Documentation	16
Obtaining Documentation and Submitting a Service Request	17
Part 1	19
Getting Started	19
Basic Router Configuration	21
Viewing the Default Configuration	22
Information Needed for Customizing the Default Parameters	22
Interface Port Labels	23
Configuring Basic Parameters	23
Configure Global Parameters	24
Example:	24
Example:	24
Example:	24
Example:	24
Configure Fast Ethernet LAN Interfaces	24
Configure WAN Interfaces	24
Configure the Fast Ethernet WAN Interface	25
Example:	25
Example:	25
Example:	25
Example:	25
Configure the ATM WAN Interface	25
Example:	26
Example:	26
Example:	26
Example:	26
Configure the Wireless Interface	26
Configuring a Loopback Interface	26
Example:	27
ip address ip-address mask	27
Example:	27
Example:	27
Configuration Example	27
Verifying Your Configuration	27
Configuring Command-Line Access to the Router	28
Example:	28
Example:	28
Example:	28
Example:	28
Example:	29
Example:	29
Example:	29
Example:	29
Example:	29
Configuration Example	29
Configuring Static Routes	30
Example:	30
Example:	30
Configuration Example	30
Verifying Your Configuration	30
Configuring Dynamic Routes	31
Configuring RIP	31
Example:	31
Example:	31
Example:	31
Example:	32
Example:	32
Configuration Example	32
Verifying Your Configuration	32
Part 2	33
Configuring Your Router for Ethernet and DSL Access	33
Sample Network Deployments	35
For Ethernet-Based Network Deployments	35
For DSL-Based Network Deployments	35
Configuring PPP over Ethernet with NAT	37
PPPoE	38
NAT	38
Configuration Tasks	38
Configure the Virtual Private Dialup Network Group Number	38
Example:	38
Example:	38
Example:	39
Example:	39
Example:	39
Example:	39
Configure the Fast Ethernet WAN Interfaces	39
Example:	39
Example:	39
Example:	40
Example:	40
Configure the Dialer Interface	40
Example:	40
Example:	40
Example:	40
Example:	40
Example:	41
Example:	41
Example:	41
Example:	41
Example:	41
Example:	41
Configure Network Address Translation	41
Example:	42
Example 1:	42
Example 2:	42
Example:	42
Example:	42
Example:	42
Example:	43
Example:	43
Example:	43
Example:	43
Example:	43
Example:	43
Configuration Example	44
Verifying Your Configuration	44
Configuring PPP over ATM with NAT	47
PPPoA	48
NAT	48
Configuration Tasks	48
Configure the Dialer Interface	48
Example:	49
Example:	49
Example:	49
Example:	49
Example:	49
Example:	49
Example:	49
Example:	50
Example:	50
Example:	50
Configure the ATM WAN Interface	51
Example:	51
Example:	51
Example:	51
Example:	51
Example:	52
Example:	52
Configure DSL Signaling Protocol	52
Configuring ADSL	52
Verify the Configuration	53
Configure Network Address Translation	53
Example:	53
Example 1:	53
Example 2:	53
Example:	53
Example:	54
Example:	54
Example:	54
Example:	54
Example:	54
Example:	54
Example:	55
Example:	55
Configuration Example	55
Verifying Your Configuration	56
Configuring a LAN with DHCP and VLANs	57
DHCP	57
VLANs	58
Configuration Tasks	58
Configure DHCP	58
Example:	58
Example:	58
Example:	58
Example:	59
Example:	59
Example:	59
Example:	59
Example:	59
Example:	59
Example:	59
Configuration Example	60
Verify Your DHCP Configuration	60
Configure VLANs	61
Example:	61
Example:	61
Example:	61
Assign a Switch Port to a VLAN	62
Example:	62
Example:	62
Example:	62
Verify Your VLAN Configuration	62
Configuring a VPN Using Easy VPN and an IPsec Tunnel	65
Cisco Easy VPN	66
Configuration Tasks	66
Configure the IKE Policy	67
Example:	67
Example:	67
Example:	67
Example:	67
Example:	68
Example:	68
Example:	68
Configure Group Policy Information	68
Example:	68
Example:	68
Example:	68
Example:	69
Example:	69
Example:	69
Apply Mode Configuration to the Crypto Map	69
Example:	69
Example:	69
Enable Policy Lookup	70
Example:	70
Example:	70
Example:	70
Example:	70
Configure IPsec Transforms and Protocols	70
Example:	71
Example:	71
Configure the IPsec Crypto Method and Parameters	71
Example:	71
Example:	71
Example:	72
Example:	72
Example:	72
Apply the Crypto Map to the Physical Interface	72
Example:	72
Example:	73
Example:	73
Create an Easy VPN Remote Configuration	73
Example:	73
Example:	73
Example:	73
Example:	73
Example:	74
Example:	74
Example:	74
Example:	74
Verifying Your Easy VPN Configuration	74
Configuration Example	74
Configuring VPNs Using an IPsec Tunnel and Generic Routing Encapsulation	77
GRE Tunnels	78
VPNs	78
Configuration Tasks	78
Configure a VPN	78
Configure the IKE Policy	79
Example:	79
Example:	79
Example:	79
Example:	79
Example:	79
Example:	79
Example:	79
Configure Group Policy Information	80
Example:	80
Example:	80
Example:	80
Example:	80
Example:	80
Example:	80
Enable Policy Lookup	81
Example:	81
Example:	81
Example:	81
Example:	81
Configure IPsec Transforms and Protocols	81
Example:	82
Example:	82
Configure the IPsec Crypto Method and Parameters	82
Example:	82
Example:	82
Example:	83
Example:	83
Example:	83
Apply the Crypto Map to the Physical Interface	83
Example:	83
Example:	84
Example:	84
Configure a GRE Tunnel	84
Example:	84
Example:	84
Example:	84
Example:	84
Example:	85
Example:	85
Example:	85
Example:	85
Example:	85
Configuration Example	85
Configuring a Simple Firewall	89
Configuration Tasks	90
Configure Access Lists	91
Example:	91
Example:	91
Configure Inspection Rules	92
Example:	92
Example:	92
Apply Access Lists and Inspection Rules to Interfaces	92
Example:	92
Example:	92
Example:	92
Example:	93
Example:	93
Example:	93
Configuration Example	93
Configuring a Wireless LAN Connection	95
Configuration Tasks	96
Configure the Root Radio Station	96
Example:	96
Example:	96
Example:	97
Example:	97
Example:	97
Example:	97
Example:	97
Example:	97
Example:	97
Example:	98
Example:	98
Example:	98
Example:	98
Configure Bridging on VLANs	98
Example:	98
Example:	98
Example:	99
Example:	99
Example:	99
Example:	99
Configure Radio Station Subinterfaces	99
Example:	99
Example:	99
Example:	100
Example:	100
Example:	100
Example:	100
Configuration Example	100
Part 3	103
Configuring Additional Features and Troubleshooting	103
Additional Configuration Options	105
Configuring Security Features	107
Authentication, Authorization, and Accounting	107
Configuring AutoSecure	108
Configuring Access Lists	108
Access Groups	109
Guidelines for Creating Access Groups	109
Configuring a CBAC Firewall	109
Configuring Cisco IOS Firewall IDS	110
Configuring VPNs	110
Troubleshooting	111
Getting Started	111
Before Contacting Cisco or Your Reseller	111
ADSL Troubleshooting	112
ATM Troubleshooting Commands	112
ping atm interface Command	112
Example 12-1 Determining If a PVC Is in Use	112
show interface Command	113
Example 12-2 Viewing Status of Selected Interfaces	113
show atm interface Command	115
Example 12-3 Viewing Information About an ATM Interface	115
debug atm Commands	115
Guidelines for Using Debug Commands	115
debug atm errors Command	116
Example 12-4 Viewing ATM Errors	116
debug atm events Command	116
Example 12-5 Viewing ATM Interface Processor Events-Success	116
Example 12-6 Viewing ATM Interface Processor Events-Failure	117
debug atm packet Command	117
Example 12-7 Viewing ATM Packet Processing	118
Software Upgrade Methods	118
Recovering a Lost Password	119
Change the Configuration Register	119
Reset the Router	120
Reset the Password and Save Your Changes	121
Reset the Configuration Register Value	121
Part 4	123
Reference Information	123
A	125
Cisco IOS Software Basic Skills	125
Configuring the Router from a PC	125
Understanding Command Modes	126
Getting Help	128
Enable Secret Passwords and Enable Passwords	128
Entering Global Configuration Mode	129
Using Commands	129
Abbreviating Commands	130
Undoing Commands	130
Command-Line Error Messages	130
Saving Configuration Changes	130
Summary	131
Where to Go Next	131
B	133
Concepts	133
ADSL	133
Network Protocols	134
IP	134
Routing Protocol Options	134
RIP	134
PPP Authentication Protocols	135
PAP	135
CHAP	135
TACACS+	136
Network Interfaces	136
Ethernet	136
ATM for DSL	136
PVC	137
Dialer Interface	137
NAT	137
Easy IP (Phase 1)	138
Easy IP (Phase 2)	138
QoS	139
IP Precedence	139
PPP Fragmentation and Interleaving	139
CBWFQ	140
RSVP	140
Low Latency Queuing	140
Access Lists	141
ROM Monitor	143
Entering the ROM Monitor	143
ROM Monitor Commands	144
Command Descriptions	145
Disaster Recovery with TFTP Download	145
TFTP Download Command Variables	146
Required Variables	146
Optional Variables	146
Using the TFTP Download Command	147
Configuration Register	147
Changing the Configuration Register Manually	148
Changing the Configuration Register Using Prompts	148
Console Download	149
Command Description	149
Error Reporting	150
Debug Commands	150
Exiting the ROM Monitor	151
D	153
Common Port Assignments	153

Match case Limit results 1 per page

4-7

Cisco Secure Router 520 Series Software Configuration Guide

OL-14210-01

Chapter 4

Configuring PPP over ATM with NAT

Configure Network Address Translation

Verify the Configuration

You can verify that the configuration is set the way you want by using the

show dsl interface atm

command from privileged EXEC mode.

Configure Network Address Translation

Network Address Translation (NAT) translates packets from addresses that match a standard access list,

using global addresses allocated by the dialer interface. Packets that enter the router through the inside

interface, packets sourced from the router, or both are checked against the access list for possible address

translation. You can configure NAT for either static or dynamic address translations.

Perform these steps to configure the outside ATM WAN interface with dynamic NAT, beginning in global

configuration mode:

Command

Purpose

Step 1

ip nat pool

name start-ip end-ip

{

netmask

prefix-length

}

Example:

Router(config)#

ip nat pool pool1

192.168.1.0 192.168.2.0 netmask

255.255.255.0

Router(config)#

Creates pool of global IP addresses for NAT.

Step 2

ip nat inside source

{

list

access-list-number

}

{

interface

type number |

pool

name

} [

overload

]

Example 1:

Router(config)#

ip nat inside source list 1

interface dialer 0 overload

Example 2:

Router(config)#

ip nat inside source list

acl1 pool pool1

Enables dynamic translation of addresses on the

inside interface.

The first example shows the addresses permitted

by the access list

to be translated to one of the

addresses specified in the dialer interface

The second example shows the addresses

permitted by access list

acl1

to be translated to

one of the addresses specified in the NAT pool

pool1

For details about this command and additional

parameters that can be set, as well as information

about enabling static translation, see the

Cisco IOS IP Command Reference, Volume 1 of 4:

Addressing and Services

Step 3

interface

type number

Example:

Router(config)#

interface vlan 1

Router(config-if)#

Enters configuration mode for the VLAN (on

which the Fast Ethernet LAN interfaces

[FE0–FE3] reside) to be the inside interface for

NAT.