Skip navigation
Cisco Learning Home > Certifications > Routing & Switching (CCNA) > Discussions


This Question is Answered
3613 Views 8 Replies Latest reply: Oct 15, 2012 2:17 PM by Keith Barker - CCIE RS/Security, CISSP RSS

Currently Being Moderated

How to configure NAT on routers with frame cloud in Packet Tracer?

Oct 13, 2012 6:17 AM

Tathagata 18 posts since
Mar 24, 2012



In packet tracer, I configured frame relay on each boundary router as well as Frame Relay cloud (I can ping successsfully). Now I want to give NAT rule for the sytems under each router so that to connect to other segment by cloud they use translated Public IP address. Also, if I want to share the EIGRP advirtisement from each routers with all other routers through the cloud, how can I do it?


Please suggest............







  • Keith Barker - CCIE RS/Security, CISSP 5,351 posts since
    Jul 3, 2009

    Hello Tathagata-


    If the boundary routers have private IP addresses on the "inside" (interface not connecting to the frame relay cloud) and they have public IP addresses on the "outside" interfaces (facing the cloud and pretending the frame relay represents the Internet), then the NAT could be done on each router using the ovderload option to the outside interface on each of the boundary routers.


    Here are some NAT videos:




    If you want to share the private networks, on the inside, with the other routers, you could create GRE tunnels, and then use EIGRP on the GRE tunnels (that go between all the routers over the cloud) and also include the inside networks in the EIGRP process, and then all the routers would know about all the inside networks.   With this option, you wouldn't need the NAT anymore, as the traffic to all the inside networks would go over the GRE tunnel through the cloud.


    Let me know if that answers your question, or not.  If you have further questions, please let us know.




    Keith Barker

  • Keith Barker - CCIE RS/Security, CISSP 5,351 posts since
    Jul 3, 2009

    Tathagata wrote:


    Thanks Keith,


    It was helpful info from you. But I want little more clarity.


    a) So, without GRE I can't advirtise N/Ws. Only option is static route, right?


    b) If frame relay provides dedicated packet swithing path between sites, then even if I use frame relay cloud why should I need address translation to public address? (I am not accessing other public stuff, only internal network resources.)


    c) In frame relay (or/and lease line), it provides dedicated paths between different sites' network segment of a large network. So, in practical world how internal N/W users access internet (such as google, yahoo..) ? & what extra configuration do I need to provide them internet access as well as internal N/W access (like the fig. I uploaded above)?

    Waiting for your valuable reply





    Hi Tathagata-


    a) if you are not including the cloud in your routing protocol, and aren't using GRE over the cloud with a routing protocol on that, then using static routes would be an option.    (If the cloud supported MPLS, there would be additional options there as well).


    b) if you are frame represents only internal connections, between sites, then you can use a routing protocol between the routers, (and include the inside networks as well) and have full reachability that way.   In that case, there wouldn't be any need for NAT either.


    c) If the topology is just your lan/wan, the first thing needed to access the public Internet would a router connected to the Internet.  On that single router you could use NAT to translate any of your internal private address into public addresses before those packets go out to the Internet.    In your routing on all routers, a default route should lead to the router connected to the Internet.   Packets to any internal network would be forwarded based on the longest routes in the routing table, and packets not matching any specific routes would use the default route(s) that lead to the Internet where the Internet router would perform NAT/PAT.   That Internet router would have a default route that leads points towards the Internet as well.


    Hope that helps,


    Keith Barker

  • Keith Barker - CCIE RS/Security, CISSP 5,351 posts since
    Jul 3, 2009

    Looks good.


    You may want to not use any global addresses on the inside, such as as that is a global address (in the practice lab it shouldn't be a problem). 


    Do you have full reachability everywhere in design?



  • Keith Barker - CCIE RS/Security, CISSP 5,351 posts since
    Jul 3, 2009

    Tathagata wrote:


    Hi Keith,


    Static Routes are working in frame relay connection. But is it possible to advertise routing updates without GRE tunnels between Frame Relay sites?

    GRE tunneling isn't supported in PT as well as with CCNA aspirant.






    There are at least 2 routers (1 one each end of the PVCs) and they can peer using EIGRP, RIP or OSPF.   Depending on if the frame relay network is all point to point, or multipoint or some of both, you may need to tweak some of the routing protocol features such as split-horizon for RIP and EIGRP for it all to work.


More Like This

  • Retrieving data ...

Bookmarked By (1)