Shrimp Co. has connected to the internet via Volt Communications. Configure NAT so internal hosts can reach the SeaMart web server while maintaining internal addressing.

Tip: Individual topology files are available in the diagrams folder on my Github

Configure VLAN databases, port-channels, trunk links, and SVIs as done in previous labs to ensure L2 connectivity between access switches and the MDF routers. These tasks are assumed and not explicitly outlined below.

• Configure the WAN interfaces on sea-mdf-r1 and sea-mdf-r2:
  • Eth2 on both routers
  • Use provider-assigned space: 100.10.1.0/29
  • sea-mdf-r1: 100.10.1.2/29
  • sea-mdf-r2: 100.10.1.3/29
  • ISP gateway: 100.10.1.1
• Verify ping 100.10.1.1 works from both routers

• Configure static NAT on sea-mdf-r1 to allow internal host Steve (10.1.99.100) to access the internet with a public IP:
  • Inside IP: 10.1.99.100
  • Outside IP: 100.10.1.2
• Ensure return traffic is translated correctly

• Configure default route on sea-mdf-r1:

  ip route 0.0.0.0/0 100.10.1.1

• Configure Steve with a default gateway of 10.1.99.1

• From Steve, access the SeaMart web server (curl http://123.123.123.123)
• Use tcpdump or tshark on sea-mdf-r1 to verify NAT translations

# Check NAT table
show ip nat translations

# Debug NAT events
debug ip nat

# Ping default gateway and internet server
ping 100.10.1.1
ping 123.123.123.123

# Check routing table
show ip route

# Check connectivity
curl http://123.123.123.123

# Trace path
traceroute 123.123.123.123

# Monitor packets
sudo tcpdump -i eth1 -n

-== Documentation

• EOS 4.34.1F - NAT Overview
• Linux curl Manual ===