1
00:00:08,300 --> 00:00:09,260
In this lab.

2
00:00:09,260 --> 00:00:13,430
You need to configure static nat to make the network work.

3
00:00:20,940 --> 00:00:27,390
In this topology, we have multiple internal servers that need to be accessed from the outside.

4
00:00:27,750 --> 00:00:36,600
In other words, this PC outside PC one needs to be able to access the HTTP server and FTP server in

5
00:00:36,660 --> 00:00:38,190
the internal network.

6
00:00:38,580 --> 00:00:41,250
This router is our internet facing router.

7
00:00:41,550 --> 00:00:49,560
This interface gigabyte 001 is connected to the internet and this interface is connected to a switch

8
00:00:49,560 --> 00:00:52,110
on the inside of our network.

9
00:00:52,440 --> 00:00:58,350
Here are the router details that you need to configure and then you need to configure a static net so

10
00:00:58,350 --> 00:01:04,709
that the PC on the outside can access the internal HTTP and FTP servers.

11
00:01:05,190 --> 00:01:12,330
To see the internal IP addresses of the servers, click on the server in packet tracer and go to config

12
00:01:12,690 --> 00:01:18,690
interface and you'll be able to see the IP addresses of the internal servers.

13
00:01:19,710 --> 00:01:22,710
So one has an IP address of ten one one 100.

14
00:01:23,010 --> 00:01:26,250
The other 110 one one 101.

15
00:01:26,610 --> 00:01:30,450
However, those are not internet readable addresses.

16
00:01:30,480 --> 00:01:33,440
They are RF C 1918 addresses.

17
00:01:33,450 --> 00:01:35,790
In other words, private IP addresses.

18
00:01:36,120 --> 00:01:42,900
So to allow this PC on the outside to access the servers, you are going to have to configure static

19
00:01:42,900 --> 00:01:46,860
net on the router and use public IP addresses.

20
00:01:47,130 --> 00:01:49,770
The HTTP server has been allocated.

21
00:01:49,770 --> 00:01:54,630
IP address 8.8.8. 200 and the FTP server.

22
00:01:54,660 --> 00:01:56,970
8.82.8.21.

23
00:01:57,300 --> 00:02:05,130
For the HTTP or web server, you're going to configure it to only net the required port number.

24
00:02:05,400 --> 00:02:15,750
So when a user here opens up a web browser and connects to my HTTP dot com, the DNS server will resolve

25
00:02:15,780 --> 00:02:24,870
the IP address to 8.8.8 200, and the router needs to do a static net translation to translate that

26
00:02:24,870 --> 00:02:28,320
to the internal server IP address.

27
00:02:28,500 --> 00:02:35,610
The same is true for FTP, but in this example you're going to do a full net translation using the domain

28
00:02:35,610 --> 00:02:36,900
name my ftp.

29
00:02:37,140 --> 00:02:37,820
Com.

30
00:02:37,830 --> 00:02:45,420
So when the PC opens up an FTP client and connects to my ftp com the DNS server.

31
00:02:47,420 --> 00:02:49,930
Will resolve my FTP.

32
00:02:49,940 --> 00:02:53,720
Welcome to a 2.8.8.201.

33
00:02:54,200 --> 00:03:01,040
The router needs to be configured with that IP address to nat, the IP address to the internal server.

34
00:03:01,690 --> 00:03:04,620
Now, as always, don't just configure.

35
00:03:04,930 --> 00:03:05,920
Verify.

36
00:03:05,920 --> 00:03:10,870
And make sure that things are working the way that you think they working.

37
00:03:11,140 --> 00:03:18,190
Routers and other network devices do what you tell them to do, not what you think they should do.

38
00:03:18,370 --> 00:03:24,670
So verify that you've configured the devices in the way that you think you have.

39
00:03:24,700 --> 00:03:33,550
So verify that both the inside PC, this PC here and outside PC this one here can access the internal

40
00:03:33,550 --> 00:03:38,830
servers because we don't have an internal DNS server in our network.

41
00:03:38,920 --> 00:03:46,280
You need to configure the inside host to use internal IP addresses to connect to the servers.

42
00:03:46,300 --> 00:03:52,720
So in other words, open up a web browser and connect to the IP address of the HTTP server using its

43
00:03:52,720 --> 00:03:56,920
internal or inside IP address on the outside.

44
00:03:57,040 --> 00:04:03,220
Verify that the outside host can connect to these servers using DNS names.

45
00:04:03,400 --> 00:04:04,450
So there you go.

46
00:04:04,480 --> 00:04:07,000
Can you complete this lab?

47
00:04:07,090 --> 00:04:11,770
Can you configure the lab and verify that it's working as it should?

48
00:04:12,220 --> 00:04:17,589
Download the attached packet, trace a file and see if you can complete the lab yourself.

49
00:04:17,860 --> 00:04:20,680
In the next video I'm going to show you how to do this.

50
00:04:20,709 --> 00:04:23,770
But as always, try it yourself first.

51
00:04:24,430 --> 00:04:31,330
These kind of labs are great for verifying that, you know, the CCNA topics and that you are ready

52
00:04:31,330 --> 00:04:33,430
for the CCNA exam.