CENG455L: lab 1

This lab will cover the following topics:

a) IP assignment
b) Static routing
c) NATing
d) Port forwarding

You have to configure the following network:

We have three campuses:

a) Nabatiyeh: private network with IP: 192.168.0.0/24
b) Tripoli : private network with IP:192.168.0.0/26
c) Beirut: public network with IP: 192.168.2.0/29

Nabatiyeh and Beirut are connected via the network:17.0.0.0/30

Tripoli and Beirut are connected via the network: 17.0.0.4/30
A web server is placed in Tripoli (with a private IP)
A DNS server is placed in Beirut (with public IP)

You have to do the following:

1. Nabatiyeh network:
a. Assign to the public interface of Nabatiyeh router (g0/1) the first IP in the
network 17.0.0.0/30

1
 b. Assign to the private interface of Nabatiyeh router (g0/0) the first IP of the
private network
c. Assign to PC0 the second IP
d. Assign to PC1 the last IP
e. Configure NAT in the router:

To work with NAT. we need to identify the inside (interface on the private address) and
outside NAT (interface on the public address). For this router:

• Router> enable
• Router# configure terminal
• Route(config)# interface g0/0
• Router(config-if)# ip nat inside
• Router(config-if)# exit
• Route(config)# interface g0/1
• Router(config-if)# ip nat outside
• Router(config-if)# exit

Next, we need to create an access-list to match the “internal” IP addresses (the ones we
want to be NAT’d). In this case, our internal network is 192.168.0.0/24. Notice the mask is
for the host (opposite to the mask for networks):

• Router(config)# access-list 1 permit 192.168.0.0 0.0.0.255

Then we use the created list to say that all the hosts that satisfy the list should be
overloaded when they reach the interface 0/1 (the outside interface).

• Router(config)# ip nat inside source list 1 interface g0/1 overload

2. Tripoli Network:
a. Assign to the public interface of Tripoli router (g0/1) the second IP in the
network 17.0.0.4/30
b. Assign to the private interface of Tripoli router (g0/0) the first IP of the
private network
c. Assign to PC2 the second IP
d. Assign to the server the last IP
e. Configure NAT in the router
f. Configure the router to forward any TCP packet with destination port 80
received on the public interface to be forwarded to the web server:

Each TCP request with a port number (80) will be forwarded to the WEB server. So we need
to reserve a static NATing for 192.168.0.62:

• Router(config)#ip nat inside source static tcp 192.168.0.62 80 17.0.0.6 80

2
We have an additional problem, if a host in the private network of Tripoli will request the
webpage using the URL, the DNS server will provide the router public IP (17.0.0.6) and it will
be impossible to access the web server without doing the following outside Nating:

• Router(config)# ip nat outside source static 17.0.0.6 192.168.0.62

It means that any request from inside the network to the outside will be forwarded to the web
server.

g. Enable http in the server

3. Beirut Network:
a. Assign to the interface g0/0 the second IP of the corresponding network
b. Assign to the interface g0/1 the first IP of the corresponding network
c. Assign to the interface g0/2 the first IP in the Beirut network 192.168.2.0/29
d. Assign to the server the last IP in the network
e. Configure the server to be a DNS server with a type A entry (www.liu.com, ip
of the public interface of Tripoli router)

4. Open the web page on pc0 in Nabatiyeh network

N.B:
• static routing must be configured in the routers.
• All PCs and servers should me configured with the DNS server IP
when configuring their IPs and Masks.
• Even if Beirut network begins with 192.168 we suppose here
that it is a public IP.

Packet tracer file:

Open the packet tracer file lab1.pka, you will be asked to enter your name.
Whenever you try to change the filled name the network will be resettled and you
will have to begin from scratch.

The percentage of completion is shown on the bottom right of the instructions

window

You can check what is wrong with your network by pressing Check Results then
choose Assessment Items:

3
To return to continue your configuration you can simply press close.