Manuals / Cisco Systems / Communications / Wireless Office Headset

Cisco Systems 78-11741-02 Changing Translation Timeouts, Translations that do not use overloading

Models: 78-11741-02

1 624
Download 624 pages 46.69 Kb
Page 91
Image 91

Configuring IP Addressing

Configuring Network Address Translation

 

Command

 

Purpose

Step 1

 

 

 

Router(config)# ip

nat pool name start-ip end-ip

Defines a pool of addresses containing the addresses

 

{netmask netmask prefix-length prefix-length}type

of the real hosts.

 

rotary

 

 

Step 2

 

 

Router(config)# access-listaccess-list-number

Defines an access list permitting the address of the

 

permit source [source-wildcard]

virtual host.

Step 3

 

 

 

Router(config)# ip

nat inside destination list

Establishes dynamic inside destination translation,

 

access-list-number

pool name

specifying the access list defined in the prior step.

Step 4

 

 

Router(config)# interface type number

Specifies the inside interface.

Step 5

 

 

 

Router(config-if)#

ip nat inside

Marks the interface as connected to the inside.

Step 6

 

 

Router(config)# interface type number

Specifies the outside interface.

Step 7

 

 

 

Router(config-if)#

ip nat outside

Marks the interface as connected to the outside.

 

 

 

 

Note The access list must permit only those addresses that are to be translated. (Remember that there is an implicit “deny all” at the end of each access list.) An access list that is too permissive can lead to unpredictable results.

See the “ping Command Example” section at the end of this chapter for an example of rotary translation.

Changing Translation Timeouts

By default, dynamic address translations time out after some period of nonuse. You can change the default values on timeouts, if necessary. When overloading is not configured, simple translation entries time out after 24 hours. To change this value, use the following command in global configuration mode:

Command

Purpose

 

 

Router(config)# ip nat translation timeout seconds

Changes the timeout value for dynamic address

 

translations that do not use overloading.

 

 

If you have configured overloading, you have more control over translation entry timeout, because each entry contains more context about the traffic using it. To change timeouts on extended entries, use the following commands in global configuration mode as needed:

Command

Purpose

 

 

Router(config)# ip nat translation udp-timeout seconds

Changes the UDP timeout value from 5 minutes.

 

 

Router(config)# ip nat translation dns-timeout seconds

Changes the DNS timeout value from 1 minute.

 

 

Router(config)# ip nat translation tcp-timeout seconds

Changes the TCP timeout value from 24 hours.

 

 

Router(config)# ip nat translation finrst-timeout seconds

Changes the Finish and Reset timeout value from

 

1 minute.

 

 

Cisco IOS IP Configuration Guide

IPC-45

Page 90 Page 92
Page 91
Image 91
Cisco Systems 78-11741-02 manual Changing Translation Timeouts, Changes the timeout value for dynamic address, IPC-45
Page 90 Page 92