Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT and ACCESS-LIST

i have 3 2503 routers and one switch 1900.....can some one plz tell me how can i configure NAT one them......i want to have real time knoledge....secondly can some on tell me some scenarios abt configring access list on these routers keeping in mind my equipment (3 routers and 1 switch)......plz tell the config for each router as well....thanks a million

1 REPLY
New Member

Re: NAT and ACCESS-LIST

Hello,

The 2503's have 2 serial interfaces and 1 ethernet interface. Attach each of the ehternet interface to the 1900 and configure them to a separate VLAN

2503-1 - ip address 1.1.1.1 255.255.255.0 (VLAN 1)

2503-2 - ip address 2.2.2.2 255.255.255.0 (VLAN 2)

2503-3 - ip address 3.3.3.3 255.255.255.0 (VLAN 3)

Configure each of the 2500's with a default route via their respective ethernet interface

ip route 0.0.0.0 0.0.0.0 ethernet 0

Test/verify connectivity between all the routers with ping/telnet

Create access-list for router 1 to block telnet and allow all other taffic:

access-list 101 deny tcp any any eq 23 log

access-list 101 permit ip any any

Apply ACL to interface

ip access-group 101 in

Verify ACL. Telnet from other router - you should get a message in the log confirming the denial. Pings should work.

There is a wealth of information available on CCO for additional technologies and configurations you would like to try. Check with the configuration guides for additional information.

Hope this helps.

Regards,

James

140
Views
0
Helpful
1
Replies
CreatePlease login to create content