Just another IT- & Travel-Blog

Monat: Januar 2011 (Seite 1 von 1)

Cisco Systems
25. Januar 2011 / Keine Kommentare

Cisco NAT und PAT konfigurieren

PAT konfigurieren

Internen IP-Adressbereich in der Access Control List (ACL) „1“ definieren:

Router(config) #access-list 1 remarks Internes-Netzwerk Category=2
Router(config) #access-list 1 permit 192.168.1.0 0.0.0.255

Vorhandene Interfaces als „Innen“ (Inside) und „Außen“ (Outside) im Sinne von NAT definieren:

Router(config) #interface Vlan 1
Router(config-interface) #ip nat inside

Router(config)#interface FastEthernet0
Router(config-interface) #ip nat outside

„NAT Overload“ (=PAT) für alle „Inside“ Interfaces auf das „Outside“ Interface aktivieren:

Router(config) #ip nat inside source list 1 interface FastEthernet0 overload

Aktuelle NAT Verbindungen anzeigen

Router #show ip nat translations
17. Januar 2011 / Keine Kommentare

Cisco IOS little helper

Cisco Systems

A few commands to make life easier while configuring Cisco devices:

Synchronous logging

Normally the default logging will „interrupt“ typing at the console. This can be prevented with synchronous logging.

Switch(config) #line vty 0 4
Switch(config-line) #logging synchronous

It must be configured on all „lines“, eg. Console, Telnet, SSH.

Exec timeout

By default, configuration sessions will be terminated after being idle for 5 minutes. The timeout can be customized by using the „exec-timeout“ command:

Switch(config) #line vty 0 4
Switch(config-line) #exec-timeout MINUTES

As with synchronous logging, this setting has to be configured on all „lines“.

DNS resolution

For troubleshooting (eg. ping/traceroute) it can be very helpful to enable name resolution by configuring the correct DNS servers:

Switch(config) #ip name-server 8.8.8.8

Disable DNS-lookups

By default any Cisco device will try to resolve unknown commands (eg. typos) to a DNS name. This can be prevented with:

Switch(config) #no ip domain-lookup