Option_W_3

Презентация:

Advertisements

Похожие презентации

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 11 Configure the Cisco Virtual Private Network 3002 Hardware Client for Unit and.

Advertisements

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 15 Configure the Cisco Virtual Private Network 3000 Series Concentrator for LAN-to-LAN.

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 7 Configure the Cisco VPN Firewall Feature for IPSec Software Client.

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 8 Configure the Cisco VPN Client Auto-Initiation Feature.

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 12 Configure the Cisco Virtual Private Network Client Backup Server, and Load Balancing.

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 10 Configure the Cisco VPN 3002 Hardware Client for Remote Access Using Pre-Shared.

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 17 Configure the Cisco Virtual Private Network 3000 Series Concentrator for LAN-to-LAN.

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 13 Configure the Cisco Virtual Private Network 3002 Hardware Client for Software.

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 14 Configuring the Cisco Virtual Private Network 3000 Series Concentrator for IPSec.

© 2003, Cisco Systems, Inc. All rights reserved. CSPFA Chapter 8 Object Grouping.

© 2004, Cisco Systems, Inc. All rights reserved. CSPFA Lesson 8 Object Grouping.

© 2000, Cisco Systems, Inc. CSPFF Chapter 5 Cisco Secure PIX Firewall Configuration.

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Cisco Secure Virtual Private Networks 4.0.

© 2000, Cisco Systems, Inc. CSPFF Chapter 8 Configuration of Multiple Interfaces.

© 2001, Cisco Systems, Inc. CSIDS Chapter 8 Sensor Configuration.

© 2003, Cisco Systems, Inc. All rights reserved. CSPFA Chapter 3 Cisco PIX Firewall Technology and Features.

© 2004, Cisco Systems, Inc. All rights reserved. CSIDS Lesson 12 Cisco Intrusion Detection System Maintenance.

© 2005 Cisco Systems, Inc. All rights reserved. CSI v2.1LSG e0/1 PSS WWW FTP P.0/24 CSI Lab Topology e0/ P.0 /24 Pod P (1–10) P.0/24.1.

© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Configuring Rules Configuring Rules Common to Windows and UNIX.

© 2006 Cisco Systems, Inc. All rights reserved.SND v Building Cisco IPsec VPNs Building Remote Access VPNs.

Транксрипт:

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 16 Configure the Cisco VPN 3000 Series Concentrator for LAN-to-LAN with NAT

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Objectives Upon the completion of this lesson, you will be able to perform the following tasks: Configure the static LAN-to-LAN NAT rule. Enable NAT rules. Monitor LAN-to-LAN NAT statistics.

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN LAN-to-LAN NAT Overview

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Addressing Issue Internet Site A Site B Return to X Send to Server B1 Server B2

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN NAT Internet Site A Site B Return to D: S: Send to D: S: D: S: D: S: D: S: D: S: NAT Server B1 Server B2

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Overlapping Address Space Internet Site A Site B Server B1 Server B2

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN The Issue Internet Site A Site B Send to Send to X X

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Site A NAT Internet Site A Site B S: NAT D: S: S: D:

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN S: Site B NAT D: NAT S: S: D: D: Internet Site A Site B

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN LAN-to-LAN NAT Summary Internet PC A S: D: Server B S: D: S: S: Concentrator AConcentrator B Concentrator Interface Outbound Translation Inbound Translation Concentrator Interface S: > D: S: D: NAT Rule A S: D: > NAT Rule B D: S: D: Inbound Translation Outbound Translation S: D: S:

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Configuring the Concentrator LAN-to-LAN NAT Feature

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN LAN-to-LAN NAT Rule Types Internet X Static NAT X NAT Rule Types Source and Translated Addresses Site A Site B

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Site A LAN-to-LAN NAT Configuration Internet Site A S: D: S: D: Site B S: D:

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Site B LAN-to-LAN NAT Configuration Internet Site A Site B D: S: D: S: D: S:

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Enable NAT

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Concentrator Network ListsSite A Internet Site B /24 Site A ( ) ( )

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Concentrator Network ListsSite B Internet Site B /24 Site A ( ) ( )

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN LAN-to-LAN NAT Statistics Internet Site A Ping Reply from Site B S: D: S: D:

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Summary

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Summary LAN-to-LAN NAT translates overlapping private network address spaces. There are two translation rule types: static and dynamic. LAN-to-LAN rules should be configured first. LAN-to-LAN rules should be enabled next. Tie a translated address to a Concentrator.

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lab Exercise

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lab Visual Objective Q P.0 Student PC.5 Student PC P Q P Q.0 RTS.100 RTS.100 Pods 1–5 Pods 6–10.10 Web FTP.10 RBB Concentrator Translation IP address: /24 Translation IP address: /24