11.

1 Examine NAT on a Wireless Router

Network Address Translation (NAT) involves switching the source and destination IP addresses as
well as the port numbers. By hiding private network address ranges, address translation lessens the
necessity for IPv4 public addresses. Typically, routers or firewalls carry out this process.

A web page request is made to an internet server by a host. The source address of the request must
be altered by the router since Host A utilizes a private IP address, which is not routable on the
Internet. After receiving the request, the router modifies the packet’s source IP address to be its
own public IP address before sending it to the server. After receiving the packet, the server
responds to the router. After receiving the packet, the router modifies the destination IP addresses
to include Host A’s private IP address before sending the message to the host.

To examine NAT on a Wireless Router follow the below steps:

Step 1: Check the settings for gaining access to a remote network.

1. One PC should be added, and it should be a straight-through cable to the wireless router.
Before proceeding to the next stage, wait for all link lights to turn green.

2. Select Desktop on the computer. Decide on IP Configuration. To allow each device to receive
an IP address from the wireless router’s DHCP server, click DHCP.
3. Take note of the default gateway’s IP address. When finished, close the IP Configuration.

1
4. Open a web browser and type the default gateway’s IP address into the URL field. When
prompted, enter the details of username and password as admin.

Step 2: Check the settings for gaining access to the internal network.
1. In the Status sub-menu bar, select Local Network.
2. Scroll down to look at the data for the local network. The internal network’s address is as
follows.
3. Continue scrolling down to look at the DHCP server details and the range of IP addresses that
can be given to linked hosts.
4. The wireless router setup window should be closed.

2
Step 3: Connect up 3 computers with the wireless router.
1. Connect the wireless router to the additional three PCs using straight-through wires. Before
proceeding or pressing the Fast Forward button, wait for all link lights to turn green.

2. Select Desktop on every PC. Opt for IP Configuration. To allow the wireless router’s DHCP to
assign an IP address to each device, click DHCP. Once finished, exit IP Configuration.

3
3. Select Command Prompt and run the ipconfig /all command to check the IP configuration of
each device.
These devices will be given a private address, please note. NAT translation is necessary
because private addresses cannot travel across the Internet.

Step 4: View the wireless router’s NAT translation.

1. Select the Simulation tab in the lower right-hand corner to launch simulation mode. The
Simulation tab, which includes a stopwatch icon, is situated adjacent to the Real-time tab.
2. Create a Complex PDU in Simulation mode to view traffic:
1. Click Show All/None in the Simulation Panel to make all events invisible. After that,
click Edit Filters and choose the ICMP, TCP and HTTP checkboxes under the Misc
tab. Once finished, close the window.
2. By selecting the opened envelope in the upper menu, you can add a Complex PDU.
3. Select a PC by clicking on it to make it the source.

4
3. In the complicated PDU window, adjust the following values to specify the Complex PDU
settings:
1. The HTTP setting should be decided under PDU
Settings > Select Application.
2. To designate the destination device, click the
ciscolearn.nat.com server link.
3. Enter 1000 as the Source Port.
4. Select Periodic under Simulation Settings. The Interval
should be 120 seconds.
5. In the window for creating complex PDUs, click Create
PDU.

4. To unlock the simulation panel from the PT window, click

twice on it. By doing so, you can reposition the simulation
panel to see the whole network topology.
5. Click Play in the simulation panel to watch how the traffic moves. By moving the play control
slider to the right, the animation can be speed up.

Note: When the warning “Buffer Full” appears, click “View Previous Events.”

Step 5: View the packet header data that was sent across the network.
 Look at the packet headers that were transferred between the PC and the web server.
 Double-click the third line down in the event list in the Simulation Panel. This causes an
envelope, which stands in for that line, to appear in the work area.
 To examine the header and packet information, click the envelope in the work area window.

5
 Select the tab for Inbound PDU information. Look up the source (SRC) and destination IP
addresses in the packet metadata.
 Select the tab for Outbound PDU information. Look up the source (SRC) and destination IP
addresses in the packet metadata. Note how the SRC IP address has changed.
 To view those headers at various points in the process, click through additional event lines.
 Click Check Results to review your work after finishing.

6
12.1 Create a client – server model in simulator and observe the client interaction

between the server and PC using Packet Tracer.

Client: A client is a program that runs on the local machine requesting service from the server. A
client program is a finite program means that the service started by the user and terminates when the
service is completed.

Server: A server is a program that runs on the remote machine providing services to the clients.
When the client requests for a service, then the server opens the door for the incoming requests, but it
never initiates the service.

Advantages of Client-server networks:

Centralized: Centralized back-up is possible in client-server networks, i.e., all the data is stored in a
server.

Security: These networks are more secure as all the shared resources are centrally administered.

Performance: The use of the dedicated server increases the speed of sharing resources. This
increases the performance of the overall system.

Scalability: We can increase the number of clients and servers separately, i.e., the new element can
be added, or we can add a new node in a network at any time.

Disadvantages of Client-Server network:

Traffic Congestion is a big problem in Client/Server networks. When a large number of clients send
requests to the same server may cause the problem of Traffic congestion.

Procedure:

1. Open the Packet tracer Drag a PC(Desktop/Laptop) and Server. Connect them using proper
cable. Generally, the connecting cable is used as copper cross-over cable.
2. After that implement IP address in both of them.

For PC you can enter the following IP address:

IP address: 192.168.1.1

Subnet mask: 255.255.255.0

Default Gateway: 192.168.1.254

DNS server: 192.168.1.2

3. Now for server you we here we’ve used this configuration:

IP address: 192.168.1.2

Subnet mask: 255.255.255.0

Default gateway: 192.168.1.254

7
4. Now just take a message envelope (close message envelope) and check the connection, by
placing the message in two PC. If there is successful message shown the right bottom of the
PC, then you can say that, the connection is OK. Also you can ping IP address from PC to
check the connection.
5. Now we’ll look for the packet at the real time simulation mode. It is necessary to realize the
client server network architecture. Just click the “Simulation”, which stays by the side of
“Realtime”. After the click the option Auto Capture / Play. Now through this you cab be able to
see the packet traveling path of this network server.

8
Now as it is a DNS server, which was configured previously, we can be able to browse a web
page from our client PC. To do these follow the steps:

i. Click the PC which stays in the logical work place.

ii. Go to the desktop tab and Click the browser.

iii. In the address bar of the browser type 192.168.1.2

iv. Finally, you can be able to see a demo web page.

v. Now if you want to see this event in simulation mode, then click the simulation mode and
after that click Auto capture / Play. Before doing this just edit the filter list. To edit the
filter just click the “edit filter” option. Here just check the option “DNS” and “HTTP”.
Keep all other option uncheck. Now click the Auto play / Capture option. You’ll see the
pack traveling between the client and the server.

9
12.2 Observe DNS Name Resolution: a) Observe the conversion of URL to an IP

address. b) Observe DNS Lookup using the NSlookup command.

A) OBSERVE THE CONVERSION OF URL TO AN IP ADDRESS.

 Go to Cisco Packet Tracer.
 Deploy three servers, one switch a PC
 Connect all the devices

PC Server 0 Server 1 Server 2 (DNS)

IP Address 192.168.1.2 192.168.1.101 192.168.1.102 192.168.1.254
Subnet Mask 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0
DNS SEVER 192.168.1.254 192.168.1.254 192.168.1.254 192.168.254

 Click on first server 0, select service tab, choose HTTP and edit the index.html file and write
welcome to Face book and save the changes.
 Click on second server 1, select service tab, choose HTTP and edit the index.html file and
write welcome to You Tube and save the changes.
 Click on PC 0, go to Command prompt and ping all the IP address.

 Click on Third server 2 (DNS), select service tab, choose DNS, Switch on the DNS Service
and Fill Resource Records which includes Name of the server and IP address of all servers
and click on add button.

Example:

Name: facebook.com
IP address: 192.168.1.101
Name: youtube.com
IP address: 192.168.1.102

10
 Click on PC go to web browser, in the URL type facebook.com or youtube.com and observe
the response.

11
B) OBSERVE DNS LOOKUP USING THE NSLOOKUP COMMAND.

DNS (Domain Name System) is probably one of the most important components on the
Internet. Without DNS, the Internet wouldn’t be as user-friendly as it is. Without it, people
would have to remember the IP addresses of all the websites and services they frequent.

DNS solves this issue, as it provides a system for recording and looking up names, much
like a phonebook. The DNS Servers distributed across the Internet keep a directory of
these names and translate them to their respective IP address.

The whole DNS lookup process is triggered, once you input a domain name such as
google.com, or use an application that uses a name, it could be anything from web
browsers, email, Active Directory, databases, P2P, multiplayer games, and more.

When you cannot browse the Internet, send an email, or connect to a domain server, then
you might have a DNS problem. A quick and easy way to troubleshoot DNS issues is
through the nslookup command.

The nslookup is a built-in command-line tool available in most Operating Systems. It is used
for querying the DNS and obtaining domain names, IP addresses, and DNS resource
record information.

Example:

12
Check DNS Records with Nslookup.

Find the A record: These types of records are the most common. They map a domain name to an IP
address.

Using Simulator:
Click on PC, go to Command prompt and type nslookup, press enter and Check the sever and its
address

13
1.1 Use simulator to demonstrate Telnet and SSH.

TELNET is an abbreviation for "TErminal NETwork". It is a client-server program that

enables users to access any app program on a remote system. Telnet's function is to give
services to the user on the remote computer system and to transfer the output to the local
computer system. It aids in the establishment of a link to a remote system such that the
local terminal resembles a terminal in the remote system. Telnet operates on port
number 23.

SSH is an abbreviation for "Secure Shell". It is a network protocol that is frequently utilized
to remotely access and control devices. It is the main protocol for accessing network
hardware and servers over the web. It enables you to run commands on a remote system
and makes it easier for you to log into another computer over a network. You may transfer
the data files from one computer system to another. SSH protocol encrypts the traffic in
both directions, which aids you in preventing password theft, trafficking, and sniffing.

Features Telnet SSH

Full Forms TELNET is an abbreviation for SSH is an abbreviation for "Secure Shell".
"TErminal NETwork".

Definition It is a networking protocol best known SSH is a program that allows you to connect to
for its use on the UNIX platform, which another computer across a network, run
is mainly developed for local area commands on a remote system, and transfer data
networks. from one system to another.

Data Format It sends the data in simple plain text. It uses an encrypted format to send data and also
utilizes a secure channel.

Operation It is mainly designed for local area It operates on port number 22 by default;
networks and works on port number 23. however, it may be easily modified.

Security It is less secure than SSH. It is more highly secured than Telnet.

Suitability of It is mainly recommended for private It is suitable for the public network.
Networks networks.

Bandwidth Its bandwidth usage is low. Its bandwidth usage is high.

Usage

Authentication It doesn't use any authentication. It utilizes a public key for authentication.

Operating It runs on Linux and Windows OS. It runs on all types of OS.
Systems

Data privacy Hackers cannot easily interpret the data Passwords and usernames are vulnerable to
that is delivered via this protocol. malicious attacks.

14
TELNET Configuration –

There is a simple topology in which two routers are directly connected to each
other namely Router1 and Router2. Router1 have IP address 192.168.1.1/24 on its
fa0/0 port and Router2 has IP address 192.168.1.2/24 on its fa0/0 port. Here, we
will enable telnet on Router1 and take access through Router2. Configuring telnet
on Router1:

Router1(config)#line vty 0 4
Router1(config-line)#password sdmcnlab
Router1(config-line)#exit

Here, 0 4 means that we can have 5 concurrent sessions at a time. Taking access
through Router2:

Router2#telnet 192.168.1.1
Router1>

SSH Configuration –

We are using the same simple topology. Router1 have IP address 192.168.1.1/24
on its fa0/0 port and Router2 has IP address 192.168.1.2/24 on its fa0/0 port. We
will ssh Router1 from Router2 Configuring ssh on Router1.

15
 Router(config)#ip domain-name sdm.com
Router(config)#hostname Router1
Router1(config)#line vty 0 4
Router1(config-line)#transport input ssh
Router1(config-line)password sdmcnlab
Router1(config-line)#login
Router1(config)#crypto key generate rsa label Cisco modulus 1024

Domain name as ssh uses it and password for encryption purpose.If domain-name
and hostname are not provided then crypto keys will not be generated. We have
provided a password for vty line login and at last we have created key of 1024
bytes and labelled it as Cisco.

The last command “crypto key generate rsa label Cisco modulus 1024” will be
executed only if your router supports security features like router 3700. If this
command is not supported type command:

Router1(config)#line vty 0 4
Router1(config-line)#crypto key generate rsa

After this, it will ask for the size of which you want to generate your key so type 512
or 1024 Now, we will try to ssh from Router2 to Router1.

Router2#ssh -l Cisco 192.168.1.1

Here, -l means login which is followed by the username and then the IP address of
the device which we want to take remote access. Troubleshooting – While
configuring ssh, take these things into consideration:
1. Domain name and hostname should be provided.
2. Crypto keys should be generated
3. Password on the vty line should be provided (i.e no local database is used).

Demonstrate Telnet and SSH

1. Go to Cisco Packet tracer.

2. Deploy and connect one PC and one router.
3. Set the IP address and default gateway

PC Router(0/0)
IP address 192.168.1.2 192.168.1.1
Default Gateway 192.168.1.1

16
For TELTNET:

Click on Router, go to CLI follow the commands

Click PC, go to command prompt and type the following command

Enter the router password (12345) enable and configure the router.

For SSH:

Click on Router, go to CLI follow the commands

17
Click PC, go to command prompt and type the following command

Enter the router password (12345) enable and configure the router.

18