This sample configuration shows a Cisco 1417 Digital Subscriber Line (DSL) Router connecting to a Cisco 6130 Digital Subscriber Line Access Multiplexer (DSLAM) and terminating on a Cisco 6400 Universal Access Concentrator (UAC). The Cisco 1417 has been configured as a Dynamic Host Configuration Protocol (DHCP) server with PPP over ATM (PPPoA).
The Internet Service Provider (ISP) has given the subscriber a single IP address, 172.18.0.1, for Internet connectivity, but the subscriber has a small network of PCs and wants to have Internet access for all devices.
The solution is to configure Network Address Translation (NAT) on the Cisco 1417. NAT is designed for IP address simplification and conservation, as it enables private IP internetworks that use nonregistered IP addresses to connect to the Internet. NAT operates on a router, usually connecting two networks, and translates the private (in this case the 10.0.0.0 network) addresses in the internal network to legal (in this case 172.18.0.1) addresses before packets are forwarded to another network. As part of this functionality, NAT can be configured to advertise only one address (172.18.0.1) for the entire network. This provides additional security, effectively hiding the entire internal network behind that address.
NAT has the dual functionality of security and address conservation and is typically implemented in remote access environments. An IP address of 10.0.0.1 will be manually configured on the Ethernet interface of the Cisco 1417. The Cisco 1417 will be configured to act as a DHCP server and will lease IP addresses to local LAN devices attached to its Ethernet network.
The following configuration shows NAT configured for the Ethernet and ATM interfaces. The Ethernet0 interface has an IP address of 10.0.0.1 with a subnet mask of 255.0.0.0. NAT is configured for inside, which means that the interface is connected to the inside network that is subject to NAT translation. The ATM interface "Dialer0" has an IP address of 172.18.0.1 and a subnet mask of 255.255.0.0. NAT is configured for outside, which means that the interface is connected to an outside network, such as the Internet.
For more information on document conventions, see the Cisco Technical Tips Conventions.
There are no specific prerequisites for this document.
The information in this document is based on the software versions below.
Cisco 1417 DSL Router IOS® Software Release 12.1(1.3)T
Cisco 6400 UAC-NRP IOS Software Release 12.0(7)DC
Cisco 6400 UAC-NSP IOS Software Release 12.0(4)DB
Cisco 6130 DSLAM-NI2 IOS Software Release 12.1(1)DA
The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.
In this section, you are presented with the information to configure the features described in this document.
Note: To find additional information on the commands used in this document, use the Command Lookup Tool (registered customers only) .
This document uses the network setup shown in the diagram below.
This document uses the configurations shown below.
| Cisco 1417
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
ip dhcp excluded-address 10.0.0.1
!--- The DHCP pool does not lease this address; it is used by interface E0.
ip dhcp pool <pool name>
network 10.0.0.0 255.0.0.0
!--- The default gateway is assigned to local devices.
ip address 10.0.0.1 255.0.0.0
ip nat inside
no ip address
atm vc-per-vp 4096
no atm ilmi-keepalive
encapsulation aal5mux ppp dialer
dialer pool-member 1
ip address 172.18.0.1 255.255.0.0
ip nat outside
dialer pool 1
ppp authentication chap callin
ppp chap hostname <username>
ppp chap password <password>
ip nat inside source list 1 interface Dialer0 overload
access-list 1 permit 10.0.0.0 0.255.255.255
ip route 0.0.0.0 0.0.0.0 Dialer0
no ip http server
dialer-list 2 protocol ip permit
line con 0
There is currently no verification procedure available for this configuration.
There is currently no specific troubleshooting information available for this configuration.