1
00:00:08,290 --> 00:00:09,250
In this lab.

2
00:00:09,280 --> 00:00:13,420
You need to configure static nat to make the network work.

3
00:00:21,330 --> 00:00:30,750
So on the outside PC I'll open up a web browser and connect to my HTTP dot com.

4
00:00:31,260 --> 00:00:38,160
As you can see, we can access a Cisco Packet Tracer website that says Hello World.

5
00:00:38,430 --> 00:00:44,220
So I was successfully able to connect to the server using HTTP.

6
00:00:44,850 --> 00:00:47,730
Now we could also try and connect to it directly.

7
00:00:47,940 --> 00:00:50,010
And notice that also works.

8
00:00:50,130 --> 00:00:52,020
So just to do that again.

9
00:00:52,830 --> 00:01:02,610
I'll connect to the server via its IP address and I'm able to connect to the server.

10
00:01:03,670 --> 00:01:09,430
Via the IP address on the router show IP net translation.

11
00:01:09,910 --> 00:01:19,300
Notice we have multiple net translations going to this IP address and port 80 and those translations

12
00:01:19,300 --> 00:01:22,750
are being netted to ten one one 100.

13
00:01:23,260 --> 00:01:31,720
So clear IP net translation store will allow us to remove the net translations show IP net translation.

14
00:01:31,960 --> 00:01:35,650
We only see the static net translations.

15
00:01:37,130 --> 00:01:44,210
So let's connect again to my http dot com is enter.

16
00:01:44,540 --> 00:01:49,490
We can see the website show IP net translations.

17
00:01:49,910 --> 00:01:52,430
Here are the net translations.

18
00:01:52,970 --> 00:01:59,030
So as you can see here, there are the dynamic nature translations that are created.

19
00:01:59,790 --> 00:02:02,460
When the client browses to the server.

20
00:02:02,550 --> 00:02:05,010
Here's the static net translation.

21
00:02:05,250 --> 00:02:06,690
Now again, I added a.

22
00:02:07,380 --> 00:02:11,760
You won't see that in your lab if you haven't added SSL.

23
00:02:12,000 --> 00:02:13,790
That just allows me to do this.

24
00:02:13,890 --> 00:02:19,050
HTTPS my http dot com.

25
00:02:19,500 --> 00:02:21,000
That also works.

26
00:02:21,510 --> 00:02:29,940
And when I go back to the net translations notice I see dynamic net translations for the client, a

27
00:02:29,940 --> 00:02:33,450
connection to the SQL Server.

28
00:02:33,780 --> 00:02:38,910
So there's HTTPS or SSL, there is HTTP.

29
00:02:39,210 --> 00:02:42,330
Now what about the FTP server?

30
00:02:42,810 --> 00:02:48,020
I'll open up a command prompt ftp my ftp com.

31
00:02:48,390 --> 00:02:51,330
That's the domain name that we need to use.

32
00:02:52,240 --> 00:02:53,800
Before I do that.

33
00:02:53,920 --> 00:02:58,810
Notice again that there are no FTP translations here.

34
00:02:59,170 --> 00:03:04,360
We don't see Port 21, we see Port 80 and four for three.

35
00:03:05,710 --> 00:03:07,210
I can connect it to the server.

36
00:03:07,240 --> 00:03:10,150
Username of Cisco password is Cisco.

37
00:03:10,390 --> 00:03:16,660
You can see that information by clicking on the server, going to services.

38
00:03:17,820 --> 00:03:21,450
FTP and here is the username and password.

39
00:03:21,690 --> 00:03:24,780
Now there are a bunch of files on the FTP server.

40
00:03:25,290 --> 00:03:34,740
So on the client, if we type draw, we can see those files listed on the FTP client.

41
00:03:35,470 --> 00:03:40,900
And if we have a look at our net translations, so show IP net translations.

42
00:03:41,080 --> 00:03:46,870
Notice we see Port 21 as well as Port 1028.

43
00:03:47,440 --> 00:03:51,430
FTP works differently to HTTP and other protocols.

44
00:03:52,010 --> 00:03:54,790
FTP Control uses port at 21.

45
00:03:54,820 --> 00:04:00,610
So the client is initiating a session to the server on port 21.

46
00:04:00,910 --> 00:04:04,240
But if passive mode is not used.

47
00:04:05,320 --> 00:04:12,130
The server will initiate the connection to the client in this case because passive mode is used.

48
00:04:12,610 --> 00:04:20,170
The client initiates a session to the server on ports that have been negotiated between the server and

49
00:04:20,170 --> 00:04:20,980
the client.

50
00:04:21,430 --> 00:04:27,190
Typically, the server would initiate a session back to the client from Port 20.

51
00:04:27,700 --> 00:04:33,580
So here the port numbers are perhaps a little bit different to what you used to for the exam.

52
00:04:33,790 --> 00:04:36,130
FTP Control Port 21.

53
00:04:36,250 --> 00:04:38,410
FTP Data Port 20.

54
00:04:39,160 --> 00:04:41,020
So show IP net translations.

55
00:04:41,020 --> 00:04:48,130
Once again, we can see net translations for https, http and FTP.

56
00:04:48,520 --> 00:04:52,870
Now the last step is to test connectivity from the inside host.

57
00:04:54,500 --> 00:05:01,790
In this example, we haven't got an internal DNS server, so we're going to connect to the servers directly

58
00:05:01,790 --> 00:05:08,840
using their internal IP addresses so I can connect to the web server directly.

59
00:05:11,280 --> 00:05:14,460
And hopefully I can connect to the FTP server.

60
00:05:15,660 --> 00:05:17,610
And the answer is yes, I can.

61
00:05:17,850 --> 00:05:21,300
And I can log in to the FTP server.

62
00:05:22,090 --> 00:05:31,060
Now the reason why we're using IP addresses is this device is configured to use the external DNS server.

63
00:05:31,630 --> 00:05:35,920
That external DNS server is translating.

64
00:05:36,640 --> 00:05:38,200
My FPTP rt.com.

65
00:05:38,840 --> 00:05:48,560
And my HTTP dotcom to external IP addresses or global inside IP addresses that's going to cause problems

66
00:05:48,560 --> 00:05:49,790
for this client.

67
00:05:49,970 --> 00:05:56,120
So typically what you'd want to do is have a internal DNS server here.

68
00:05:56,300 --> 00:05:59,390
And as an extra now, I'm just going to demonstrate that.

69
00:05:59,690 --> 00:06:08,570
So what you would do is you would have a internal DNS server and you would configure the client to use

70
00:06:08,630 --> 00:06:14,390
the internal DNS server rather than the external DNS server.

71
00:06:15,320 --> 00:06:19,010
So this DNS server would have a default gateway of the router.

72
00:06:19,580 --> 00:06:21,830
It would be its own DNS server.

73
00:06:23,600 --> 00:06:27,830
Or you could point it to Google as the DNS server.

74
00:06:28,820 --> 00:06:29,390
IP address.

75
00:06:29,390 --> 00:06:37,610
All configure is ten 11105 slash 24 subnet and under services.

76
00:06:38,950 --> 00:06:43,990
We'll now configure an a record of my http.

77
00:06:44,020 --> 00:06:51,400
And pointed to the internal IP address of the server, my FTP.

78
00:06:53,230 --> 00:06:55,660
Pointed to the internal IP address.

79
00:06:56,760 --> 00:06:58,680
So we could verify things.

80
00:06:59,400 --> 00:07:00,960
IP config.

81
00:07:02,370 --> 00:07:04,770
Shows us the IP address of the server.

82
00:07:05,910 --> 00:07:08,460
Server can ping the default gateway.

83
00:07:09,530 --> 00:07:11,720
The last step is to enable DNS.

84
00:07:11,720 --> 00:07:15,770
So I need to turn the service on now onto the DNS server.

85
00:07:15,770 --> 00:07:24,290
We can use anice lookup to verify that things are working and let's look up at my http rt.com may not

86
00:07:24,290 --> 00:07:30,560
work here because I made a mistake with the DNS server name needs to be its local IP address.

87
00:07:31,370 --> 00:07:32,930
So let's do that again.

88
00:07:32,960 --> 00:07:36,320
As you can see, it is now resolved.

89
00:07:36,740 --> 00:07:43,130
So ping my http dot com that works in this lookup.

90
00:07:46,210 --> 00:07:47,970
My ftp com.

91
00:07:48,340 --> 00:07:49,000
That works.

92
00:07:49,000 --> 00:07:51,520
Ping my ftp dotcom.

93
00:07:51,520 --> 00:07:52,900
That also works.

94
00:07:53,230 --> 00:07:57,400
So now on the client, this is the internal client.

95
00:07:57,910 --> 00:08:02,950
Rather than using Google will use the internal DNS server.

96
00:08:03,610 --> 00:08:06,460
So on the client, we've changed the DNS server.

97
00:08:06,880 --> 00:08:08,590
Let's verify things.

98
00:08:09,520 --> 00:08:12,280
So can it ping the DNS server?

99
00:08:12,820 --> 00:08:13,930
Yes, it can.

100
00:08:14,170 --> 00:08:20,230
And if look up my http dot com, that works.

101
00:08:20,440 --> 00:08:26,350
And if look up my ftp dot com, that also looks good.

102
00:08:26,680 --> 00:08:29,530
So ftp my ftp dot com.

103
00:08:29,860 --> 00:08:31,180
Let's see if that works.

104
00:08:31,210 --> 00:08:33,880
Now, this may be a problem in packet tracer.

105
00:08:34,270 --> 00:08:37,390
The where it's still using the old DNS server.

106
00:08:38,620 --> 00:08:39,970
I'll check the web browser.

107
00:08:39,970 --> 00:08:43,870
So my htp dot com.

108
00:08:45,730 --> 00:08:46,960
That's timing out.

109
00:08:50,030 --> 00:08:52,550
Let's check whether we can ping the service.

110
00:08:52,550 --> 00:08:55,220
A ping ten one one 100.

111
00:08:55,400 --> 00:08:58,850
Seem to be having an IP connectivity problem here.

112
00:08:59,420 --> 00:09:01,940
So from the DNS server, copying the HTTP server.

113
00:09:01,940 --> 00:09:06,090
Yes, I can and I can ping the FTP server.

114
00:09:06,110 --> 00:09:12,140
So what I'm going to do now is save my configuration and I'll restart packet tracer.

115
00:09:13,610 --> 00:09:13,910
Okay.

116
00:09:13,910 --> 00:09:16,040
So I've restarted packet tracer.

117
00:09:16,490 --> 00:09:18,110
I'll open up the client.

118
00:09:19,780 --> 00:09:21,610
Let's verify connectivity.

119
00:09:21,760 --> 00:09:24,160
Can it ping the router?

120
00:09:24,190 --> 00:09:25,330
Yes, it can.

121
00:09:27,690 --> 00:09:29,280
Can it ping the DNS server?

122
00:09:29,310 --> 00:09:32,550
Yes, it can HTTP server now.

123
00:09:32,550 --> 00:09:33,330
It can.

124
00:09:34,410 --> 00:09:36,620
A FTP server now it works.

125
00:09:36,630 --> 00:09:46,710
So ftp my ftp dot com notice I can now access the ftp server so the internal client is able to access

126
00:09:46,710 --> 00:09:47,970
the FTP server.

127
00:09:49,670 --> 00:09:54,500
Using a different IP address to the external client.

128
00:09:57,310 --> 00:10:04,930
So ftp my FTP dot com external client is able to access the FTP server as well.

129
00:10:05,500 --> 00:10:12,320
But notice please inf lookup my FTP dot com.

130
00:10:13,210 --> 00:10:18,550
This is the IP address returned by the DNS server to the external client.

131
00:10:22,410 --> 00:10:30,660
The internal client, however, is receiving a different IP address, so that's typically what companies

132
00:10:30,660 --> 00:10:31,440
will do.

133
00:10:31,530 --> 00:10:39,990
Internal PCs will use a different DNS server that resolves DNS names to internal IP addresses, whereas

134
00:10:39,990 --> 00:10:45,990
an external DNS server will resolve the domain names to external IP addresses.

135
00:10:47,340 --> 00:10:50,070
So nice lookup my http com.

136
00:10:50,550 --> 00:10:52,020
Notice the IP address.

137
00:10:53,090 --> 00:10:58,430
Now external pc needs lookup my http dot com.

138
00:10:58,700 --> 00:11:01,520
Notice a different IP address is used.

139
00:11:02,330 --> 00:11:03,830
So there you go.

140
00:11:03,860 --> 00:11:06,470
The network is functioning as expected.

141
00:11:06,680 --> 00:11:07,790
How did you do?

142
00:11:07,820 --> 00:11:09,920
Were you able to complete the lab?

143
00:11:10,310 --> 00:11:11,600
Did you get it working?

144
00:11:11,960 --> 00:11:18,920
I'm hoping that you're enjoying these extra pieces of information and the additional content that I've

145
00:11:18,920 --> 00:11:20,270
added in the videos.

146
00:11:20,690 --> 00:11:25,190
Hopefully it teaches you something and you learn how networks actually work.

147
00:11:25,700 --> 00:11:26,750
Thank you for watching.

148
00:11:27,170 --> 00:11:32,270
If you enjoyed this video, please like it and please subscribe to my YouTube channel.

149
00:11:32,390 --> 00:11:34,580
I want to wish you all the very best.