This sample configuration shows a Cisco 1417 Digital Subscriber Line
(DSL) Router connecting to a Cisco 6130 Digital Subscriber Line Access
Multiplexer (DSLAM) and terminating on a Cisco 6400 Universal Access
Concentrator (UAC). The Cisco 1417 has been configured as a Dynamic Host
Configuration Protocol (DHCP) server with PPP over ATM (PPPoA).
The Internet Service Provider (ISP) has given the subscriber a single
IP address, 172.18.0.1, for Internet connectivity, but the subscriber has a
small network of PCs and wants to have Internet access for all devices.
The solution is to configure Network Address Translation (NAT) on the
Cisco 1417. NAT is designed for IP address simplification and conservation, as
it enables private IP internetworks that use nonregistered IP addresses to
connect to the Internet. NAT operates on a router, usually connecting two
networks, and translates the private (in this case the 10.0.0.0 network)
addresses in the internal network to legal (in this case 172.18.0.1) addresses
before packets are forwarded to another network. As part of this functionality,
NAT can be configured to advertise only one address (172.18.0.1) for the entire
network. This provides additional security, effectively hiding the entire
internal network behind that address.
NAT has the dual functionality of security and address conservation and
is typically implemented in remote access environments. An IP address of
10.0.0.1 will be manually configured on the Ethernet interface of the Cisco
1417. The Cisco 1417 will be configured to act as a DHCP server and will lease
IP addresses to local LAN devices attached to its Ethernet network.
The following configuration shows NAT configured for the Ethernet and
ATM interfaces. The Ethernet0 interface has an IP address of 10.0.0.1 with a
subnet mask of 255.0.0.0. NAT is configured for inside, which means that the
interface is connected to the inside network that is subject to NAT
translation. The ATM interface "Dialer0" has an IP address of 172.18.0.1 and a
subnet mask of 255.255.0.0. NAT is configured for outside, which means that the
interface is connected to an outside network, such as the Internet.
For more information on document conventions, see the
Technical Tips Conventions.
There are no specific prerequisites for this document.
The information in this document is based on the software versions
Cisco 1417 DSL Router IOS® Software Release
Cisco 6400 UAC-NRP IOS Software Release 12.0(7)DC
Cisco 6400 UAC-NSP IOS Software Release 12.0(4)DB
Cisco 6130 DSLAM-NI2 IOS Software Release
The information presented in this document was created from devices in
a specific lab environment. All of the devices used in this document started
with a cleared (default) configuration. If you are working in a live network,
ensure that you understand the potential impact of any command before using
In this section, you are presented with the information to configure
the features described in this document.
Note: To find additional information on the commands used in this document,
Command Lookup Tool
(registered customers only)
This document uses the network setup shown in the diagram below.
This document uses the configurations shown below.
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
ip dhcp excluded-address 10.0.0.1
!--- The DHCP pool does not lease this address; it is used by interface E0.
ip dhcp pool <pool name>
network 10.0.0.0 255.0.0.0
!--- The default gateway is assigned to local devices.
ip address 10.0.0.1 255.0.0.0
ip nat inside
no ip address
atm vc-per-vp 4096
no atm ilmi-keepalive
encapsulation aal5mux ppp dialer
dialer pool-member 1
ip address 172.18.0.1 255.255.0.0
ip nat outside
dialer pool 1
ppp authentication chap callin
ppp chap hostname <username>
ppp chap password <password>
ip nat inside source list 1 interface Dialer0 overload
access-list 1 permit 10.0.0.0 0.255.255.255
ip route 0.0.0.0 0.0.0.0 Dialer0
no ip http server
dialer-list 2 protocol ip permit
line con 0
There is currently no verification procedure available for this
There is currently no specific troubleshooting information available
for this configuration.