Experiment No: 05

Experiment Name: Configuring Dynamic NAT

Objective:
The objective of this lab is to enable participants to configure and understand the implementation
of Dynamic Network Address Translation (NAT) on a network router. This includes setting up
translation rules, defining eligible private IP addresses, establishing a pool of public IP addresses,
and verifying successful translation, aiming to provide devices within a private network with
secure and efficient internet access while conserving public IP resources.
Theory:
Dynamic Network Address Translation (NAT), a crucial networking technique that allows
multiple devices within a private network to share a common pool of public IP addresses when
communicating with external networks. Unlike Static NAT, which maintains a fixed one-to-one
mapping, Dynamic NAT dynamically allocates available public IP addresses from the translation
pool as internal devices initiate outbound sessions. This approach optimizes the utilization of
limited public IP resources while providing secure and efficient internet access for internal
devices. Through the configuration of translation rules, Access Control Lists (ACLs), and the
translation pool, Dynamic NAT enables these connections, although it might have limitations
regarding inbound connections and address exhaustion. This lab aims to practically illustrate the
implementation of Dynamic NAT to reinforce its concepts and implications.
Equipment:
1. Cisco router (model: ISR 2900)
2. Three computers (PC-A, PC-B, PC-C)
3. Console cables
4. Ethernet cables
5. Terminal emulation software.
Working Procedure:
Step 1: Network Topology Setup
Set up a network topology with multiple routers connected to each other.
Step 2: Router Configuration
a. Connect to the router's CLI using a terminal emulator or console cable.
b. Enter privileged EXEC mode:
c. Enter global configuration mode:

d. Setting up the IP address in both routers:

e. Configuring the port of the routers:

Step 3: Dynamic NAT Configuration
a. Creating an access list of IP addresses which need translation

b. Create a pool of all IP address which are available for translation

c. Map access list with pool

d. Define inside and outside interfaces

Step 4: Verification

a. Test connectivity from PC1 and PC2 to external resources:

b. Check NAT translations

Step 5: Save Configuration

Save the configuration changes:
Network Topology (Simple Sketch):

Results:
In this lab, after configuring Dynamic NAT on a Cisco router with the private IP address
192.168.1.1 mapped to a public IP address 200.0.0.2, successful results would entail seamless
communication between PC-A (192.168.1.2) and server (10.0.0.254). The router should perform
NAT translations, changing the source IP of outgoing packets from PC-A to the public IP and
translating the destination IP of incoming packets from PC-B back to its private IP. Verification
commands such as "show ip nat translations" should display active NAT mappings, confirming
the functionality of the configuration. Finally, saving the configuration ensures persistence even
after router restarts. When these devices accessed resources on the Internet, the router
dynamically translated their private IP addresses to one of the public IP addresses from the
defined pool. The NAT process allowed multiple private devices to share a limited number of
public IP addresses, enabling them to access online resources.
Discussion:
Dynamic NAT provides a means for conserving public IP addresses by mapping multiple private
IP addresses to a smaller pool of public addresses. This ensures efficient use of public addresses
while allowing internal devices to access the internet.The lab successfully demonstrated the
configuration of Dynamic NAT on a Cisco router. Through this setup, devices within a private
network can access the internet using a shared pool of public IP addresses, thereby optimizing
address usage.