CCNA Assigment Aditya Saha

Page |1
CCNA-ASSIGNMENT
GUIDED BY
DEBASHISH ROY
CEO SIR
ABHISHEK MITRA
SUBMITTED BY:- ADITYA SAHA

Page |2
S.NO TOPIC PAGE

NO
1. ACKNOWLEDGEMENT 3
2. Network Address Translation (NAT) 4
3. Configurations in Packet Tracer 6
4. AAA (Authentication, Authorization 25

and Accounting
5. Configurations in Packet Tracer 27

Page |3
I would like to express my gratitude to my

teachers Debashish Roy for guiding me through this project on
the CCNA module which helped me understand the theoritical
and practical part of this project and I learnt about so many
technical terms and the way of understanding in each and every
concept. I'm glad to be part of this project.
I would like to thank Mr. Abhishek Mitra , CEO of Indian Cyber

Security Solutions for giving me this wonderful opportunity.
GUIDED BY:- CEO:-
SIGNATURE SIGNATURE
Page |4
Network Address Translation (NAT) is designed for IP

address conservation. It enables private IP networks
that use unregistered IP addresses to connect to the
Internet. NAT operates on a router, usually connecting
two networks together, and translates the private (not
globally unique) addresses in the internal network into
legal addresses, before packets are forwarded to
another network
As part of this capability, NAT can be configured to

advertise only one address for the entire network to the
outside world. This provides additional security by
effectively hiding the entire internal network behind that
address. NAT offers the dual functions of security and
address conservation and is typically implemented in
remote-access environments
Page |5
Three Types of NAT:-

A. Static Nat
B. Dynamic Nat
C. Poart Adress Translation
A.Static Nat:-
Static NAT maps network traffic from a static external
IP address to an internal IP address or network. It
creates a static translation of real addresses to
mapped addresses. Static NAT provides internet
connectivity to networking devices through a private
LAN with an unregistered private IP address.
Page |6
Router Kolkata :-
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int s2/0
Router(config-if)#no sh
%LINK-5-CHANGED: Interface Serial2/0, changed state to down

Router(config-if)#ip add 11.0.0.2 255.0.0.0
Router(config-if)#^Z
Router#
%SYS-5-CONFIG_I: Configured from console by console
Router#copy run start

Destination filename [startup-config]?
Building configuration...
[OK]
Router#
Router Delhi :-
Router>en
Router#conf t
Router(config)#int f0/0
Router(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0,

changed state to up
Page |7

Router(config-if)#int s2/0
Router(config-if)#clock rate 64000
Router(config-if)#
%LINK-5-CHANGED: Interface Serial2/0, changed state to up
Router(config-if)#ip add
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to up
% Incomplete command.
Router(config-if)#exit
Router(config)#ip not inside source static 10.0.0.10 11.0.0.1
^
% Invalid input detected at '^' marker.
Router(config)#exit
Router#
Router#int f0/0
^
Router#conf t
Router(config-if)#ip not inside
^
Router(config-if)#ip nat inside
Router(config-if)#ip nat inside source static 10.0.0.10 11.0.0.1
Page |8
Router(config-if)#ip nat outside
Router#ip nat translation

[OK]
Router#
Delhi Laptop:-
Ip put:-
Page |9
Ipv4 adress:- 10.0.0.10

Subnet mask:-255.0.0.0
Default gateway:- 10.0.0.1
Ping the command form :- Ping 11.0.0.2
Ping result :-
P a g e | 10
B. Dynamic Nat:-
Dynamic NAT, just like static NAT, is not common in
smaller networks but is found within larger corporations
with complex networks. The way dynamic NAT differs
from static NAT is that where static NAT provides a one-
to-one internal to public static IP address mapping,
dynamic NAT usually uses a group of available public IP
addresses.
Router 1 :-
Router>en
Router#conf t
Router(config)#
%LINK-5-CHANGED: Interface Serial2/0, changed state to down
P a g e | 11
Router#
[OK]
Router#
Router 0 :-
Router>en
Router#conf t
Router(config-if)#

changed state to up

Router(config-if)#int a2/0
^
Router(config-if)#
%LINK-5-CHANGED: Interface Serial2/0, changed state to up
P a g e | 12
Router(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to up

Router(config)#ip nat pool icss 11.0.0.3 11.0.0.4
Router(config)#ip nat pool icss 11.0.0.3 11.0.0.4 netmask 255.0.0.0
Router(config)#access-list 1 permit 10.0.0.0 0.255.255.255
Router(config)#ip nat inside source lint 1 pool icss
^
Router(config)#ip nat inside source lit 1 pool icss
^
Router(config)#ip nat inside source liat 1 pool icss
^
Router(config)#ip nat inside source list 1 pool icss
Router(config-if)#ip not inside
^
Router#
Router#sh ip nat translation

P a g e | 13

[OK]
Router#
Laptop 0:-
Ip put :-
Ipv4 adress:- 10.0.0.10

P a g e | 14
Ping result :-
P a g e | 15
Laptop 1:-
Ip put:-
Ipv4 adress:- 10.0.0.11


P a g e | 16
Ping result :-
C. Poart Adress Translation :-

Port Address Translation (PAT) is an extension of
Network Address Translation (NAT) that permits multiple
devices on a LAN to be mapped to a single public IP
address to conserve IP addresses.
PAT is similar to port forwarding except that an incoming
packet with destination port (external port) is translated
to a packet different destination port (an internal port).
The Internet Service Provider (ISP) assigns a single IP
P a g e | 17
address to the edge device. When a computer logs on to

the Internet, this device assigns the client a port
number that is appended to the internal IP address,
giving the computer a unique IP address.
If another computer logs on the Internet, this device
assigns it the same public IP address, but a different
port number. Although both computers are sharing the
same public IP address, this device knows which
computer to send its packets, because the device uses
the port numbers to assign the packets the unique
internal IP address of the computers.
P a g e | 18
Router 1 :-
Router>en
Router#conf t
Router(config-if)#ip add 11.0.0.0
Router(config-if)#copy run start
Router 0:-
Router>en
Router#conf t
Router(config-if)#int a2/0
^
Router(config)#ip nat pool ccna 11.0.0.4 11.0.0.5 netmask 255.0.0.0
Router(config)#access list 1 permit 10.0.0.0 0.255.255.255
^
P a g e | 19
Router(config)#access-list 1 permit 10.0.0.0 0.255.255.255

Router(config)#ip nat inside source list 1 pool ccna overload
Router#
Router#sh ip nat translation

[OK]
Router#sh start
Using 944 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
!
!
!
!
!
!
!
ip cef
P a g e | 20
no ipv6 cef
!
!
!
!
--More—
Laptop 0:-
Ip put :-
Ipv4 adress:- 10.0.0.10


P a g e | 21
Ping result:-
Laptop 1:-
Ip put:-
P a g e | 22
Ipv4 adress:- 10.0.0.11

Subnet mask:- 255.0.0.0
Ping result:-
P a g e | 23
Laptop 2:-
Ip put :-
Ipv4 adress:- 10.0.0.12


P a g e | 24
Ping result:-
P a g e | 25
AAA (Authentication, Authorization and Accounting) is a

a set of services for controlling access to computer
resources, enforcing policies, assessing usage, and
providing the information necessary to bill for services.
These processes are considered important for effective
network management and security.
AAA (Authentication, Authorization and Accounting) is a

framework for controlling access to the network.
Authentication, for example, is done by a central server,
typically a RADIUS or TACACS server. This allows you to
centralize authentication instead of storing usernames
and passwords on all your network devices. Once a user
is authenticated, authorization will define what the user
is allowed to do or not. On a network device like a
router, that might be running certain commands or not.
P a g e | 26
Accounting keeps track of all usage. For example, a

wireless user where we track how long he has accessed
the Internet so that he can be billed.
P a g e | 27
Server0:-
Server IP:-
IP v4 Address:- 10.0.0.10
Subnet mask :- 255.0.0.0
Stape 1:- Server0

Stape 2:- Services
Stape 3:- AAA
Stape 4:- Service on
P a g e | 28
Client name:- Router 1

Client IP :- 10.0.0.1
Secret :- icss
Server Type :- Radius
Client name:- Router 2

Client IP :- 10.0.0.2
Secret :- icss
Server Type :- Radius
User name :- Kol Password :- ccna

P a g e | 29
Router 1:-
Router>en
Router#conf t
Router(config-if)#

changed state to up

Router(config)#aaa new-model
Router(config)#aaa
Router(config)#aaa authentication login
Router(config)#aaa authentication login default group radius local
Router(config)#aaa authentication enable default radius local
^
Router(config)#aaa authentication enable default radius local
^
Router(config)#aaa authentication enable default group radius local
Router(config)#radius-server host 10.0.0.10 key icss
Router(config)#username mum password 456
Router(config)#exit
Router#
P a g e | 30
Router#^Z
[OK]
Router#
Router 2:-
Router>en
Router#conf t
Router(config)#aaa new-model
Router(config)#aaa authentication login default group radius local
Router(config)#aaa authentication enable default group radius local
Router(config)#radius-server host 10.0.0.10 key icss
Router(config)#^Z
Router#
Router#telnet 10.0.0.1
Trying 10.0.0.1 ...Open
User Access Verification
Username: kol
P a g e | 31
Password: ccna
% Login invalid
Username: Kol
Password: ccna
Router>en
Username: Kol
Password: ccna
Router#exit
[Connection to 10.0.0.1 closed by foreign host]

Router#conf t
Router(config)#username del password 123
Router(config)#telnet 10.0.0.1
^
Router(config)#exit
Router#
Router#telnet 10.0.0.1
Trying 10.0.0.1 ...Open
Username: mumUsername:
Password: 456
% Login invalid
P a g e | 32
Password:
% Login invalid
Password: 456
[Connection to 10.0.0.1 closed by foreign host]

[OK]
Router#
Switch 1:-
Switch>en
Switch#conf t
Switch(config)#int f0/12
Switch(config-if)#sh
Switch(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/12, changed state to
administratively down

changed state to down
P a g e | 33
Switch(config-if)#no sh
Switch(config-if)#

changed state to up
Switch(config-if)#^Z
Switch#
Switch#copy run start

[OK]
Switch#
Switch#
BIBLIOGRAPHY:-
https://en.wikipedia.org/wiki/Network_address_translation
https://www.cisco.com/c/en/us/td/docs/security/asa/asa92/con
figuration/general/asa-general-cli/aaa-overview.pdf
Thank You

CCNA Assigment Aditya Saha

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCNA Assigment Aditya Saha

Uploaded by

Copyright:

Available Formats

Page |1

SUBMITTED BY:- ADITYA SAHA

S.NO TOPIC PAGE

2. Network Address Translation (NAT) 4

3. Configurations in Packet Tracer 6

4. AAA (Authentication, Authorization 25

5. Configurations in Packet Tracer 27

I would like to express my gratitude to my

I would like to thank Mr. Abhishek Mitra , CEO of Indian Cyber

GUIDED BY:- CEO:-

Network Address Translation (NAT) is designed for IP

As part of this capability, NAT can be configured to

Three Types of NAT:-

%LINK-5-CHANGED: Interface Serial2/0, changed state to down

Router#copy run start

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0,

Router(config-if)#ip add 10.0.0.1 255.0.0.0

Router#ip nat translation

Ipv4 adress:- 10.0.0.10

Ping the command form :- Ping 11.0.0.2

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0,

Router(config-if)#ip add 10.0.0.1 255.0.0.0

Router(config-if)#ip add 11.0.0.1 255.0.0.0

Router#sh ip nat translation

Destination filename [startup-config]?

Ipv4 adress:- 10.0.0.10

Ping the command form :- Ping 10.0.0.1

Ipv4 adress:- 10.0.0.11

Ping the command form :- Ping 10.0.0.1

C. Poart Adress Translation :-

address to the edge device. When a computer logs on to

Router(config)#access-list 1 permit 10.0.0.0 0.255.255.255

Router#sh ip nat translation

Ipv4 adress:- 10.0.0.10

Ping the command form :- Ping 11.0.0.2

Ipv4 adress:- 10.0.0.11

Ipv4 adress:- 10.0.0.12

Ping the command form :- Ping 11.0.0.2

AAA (Authentication, Authorization and Accounting) is a

AAA (Authentication, Authorization and Accounting) is a

Accounting keeps track of all usage. For example, a

Stape 1:- Server0

Client name:- Router 1

Client name:- Router 2

User name :- Kol Password :- ccna

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0,

Router(config-if)#ip add 10.0.0.1 255.0.0.0

User Access Verification

User Access Verification

[Connection to 10.0.0.1 closed by foreign host]

User Access Verification

User Access Verification

User Access Verification

[Connection to 10.0.0.1 closed by foreign host]

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12,

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12,

Switch#copy run start

You might also like

I would like to express my gratitude to my