Upcoming Events

Cloud Connect
Santa Clara
Feb 13-16, 2012

Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Vendor NewsFeed

More Vendor NewsFeed »





Cisco IOS: It's Not Just for Routing Anymore
May 31, 1999
Additional Information
Related Links
Network Computing, Feb. 22, 1999
"The Cost of Security on Cisco Routers"

Network Computing, Feb. 8, 1999
"Cisco 1720 Ensures Secure Links"

Network Computing, April 15, 1998
"Demystifying Cisco Access Control Lists"
Company Directory
Browse our directory to get data, starting with a particular company.
Reader Service
Allows you to request additional product information from our advertisers.
Print The Full Article
ClickHere
E-mail this URL
Clicke-mailHere
Buy the Book
By Greg Shipley  Cisco Systems' Internetwork Operating System (IOS), the software that runs on the vendor's routers, has become the network administrator's Swiss Army knife. We found that IOS version 12, the most recent revision, continues to improve upon fundamental routing principles and is chock-full of new features--NAT (Network Address Translation) support and expanded ACL (access control list) and VPN functionality, for starters--that go beyond basic routing. Knowing how to leverage these features can save an administrator much time and effort.

On the security front, IOS has supported ACLs for IP, SAP, IPX and other protocols. Version 12 adds NAT, which had been available only in traditional firewall products; it lets administrators map internal/hidden IP addresses to external/public ones. This functionality is useful to organizations using RFC1918-based addressing, as well as those needing quick fixes for address-duplication conflicts between remote sites. With NAT, administrators have the choice to hide an entire network behind a single address/interface. Known as IP masquerading--or PAT (Port Address Translation) in Cisco-speak--this technique is helpful to remote offices that use an ISDN connection for inexpensive Internet access.

We configured a Cisco 3640 router running IOS 12 for NAT (also available in some builds of the IOS version 11.x firewall edition) with little difficulty. First, we simply defined our NAT table within the global configuration mode:

ip nat inside source list 1 interface Serial1 overload

!

access-list 1 permit 10.9.100.0 0.0.0.255

We then defined the NAT table within the interfaces of the internal and external networks:

interface Ethernet0/0

ip address 10.9.100.254 255.255.255.0

ip nat inside

interface Serial1/0

ip nat outside

The above configuration lets any host on the Ethernet segment 10.9.100.0/24 masquerade as the serial interface's IP address. In this case, we configured the serial port for dial-on-demand routing, and we were able to "hide" an entire RFC1918-based, Class C address range behind a dynamically assigned PPP address (see "Using NAT," to the right).

Page 1 | 2 | 3 | Next Page

Research and Reports

Hypervisor Derby
August 2011
Network Computing: August 2011

Video


WATCH: Box.net CEO Aaron Levie Takes On Microsoft

WATCH: HP Chairman Ray Lane: Focus On Innovation

WATCH: How OpenFlow Changes Networking


View All Videos
Previous Page First Page Second Page Third Page Next Page

Most Popular

Stories Blogs

More Stories »

Featured Whitepapers

Featured Reports

BlogRoll

TechWeb Careers