ConfigBytes

Network Address Translation, sometimes called Network Address Translator (NAT), was originally outlined in RFC 1631 in 1994. This was to allow devices on the inside network the use of private IP addresses that are presently defined in RFC 1918. NAT makes it possible to have a very big internal network with thousands of local addresses represented by a handful of global addresses or possibly a single global address.

We will setup a basic static and dynamic NAT configuration.

To the left we have a basic example of how NAT operates.  Starting from the bottom we have our …

(For simplicity we will not be using subnet-zero)

• Network ID: 189.45.23.56
• First usable address: 189.45.23.57
• Last usable address: 189.45.23.63
• Broadcast address: 189.45.23.64
• Netmask of: 255.255.255.248

Read more…

By now I’m sure you’ve already read several articles that explained the pitfalls of using telnet to access your network devices, it’s not a secure way to access your network. Telnet does not offer any encryption, your login and password information is sent across the network in plain text.

Many Cisco devices today allow for SSH configuration. SSH not only allows for encryption of password and login information but also allows you devices to know who is logging in.

SSH can be configured easily on any Cisco device with IOS that supports DES or DES3 (should be using DES3).

Router (config) #username Joe password j03adM1n
Router (config-line) # login local
Router (config) # ip domain-name mylab.local
Router (config) # crypto key generate rsa
Router (config) # line vty 0 4
Router (config-line) # transport input ssh

Once you have your router configured for SSH, you will need to use a terminal program that supports SSH, such as PuTTY, Tera Term or SecureCRT.   Windows XP and Vista include a command line SSH capability, my personal favorite is SecureCRT.