Home > CCNA NAT SIM Question

CCNA NAT SIM Question

January 5th, 2014 Go to comments

Question

You are tasked to configure Internet access on a router. The ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned private space addresses in the range of 192.168.100.17 – 192.168.100.30.

The following have already been configured on the router:

– Router basic configuration
– Interfaces have been configured for NAT inside (Fa0/0) and NAT outside (s0/0)
– The appropriate static routes have also been configured
– All passwords have been temporarily set to “cisco”

Tasks:
+ Use NAT to provide Internet access to all hosts in the company LAN.
+ Name the router TUT
+ Inside global addresses: 198.18.184.105 198.18.184.110/29
+ Inside local addresses: 192.168.100.17 – 192.168.100.30/28
+ Numer of inside hosts: 14

NAT_sim_topology.jpg

Solution

Note: If you are not sure how NAT & PAT work, please read my Network Address Translation NAT Tutorial. You can download this sim to practice here: http://juquitiba.sp.gov.br/?exams=download/9tut.com_CCNA_NAT_sim_question.zip

The CCNA Training company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from 198.18.184.105 to 198.18.184.110/29. Therefore we have to use NAT overload (or PAT)

Double click on the TUT router to open it

Router>enable
Router#configure terminal

First you should change the router’s name to TUT

Router(config)#hostname TUT

Create a NAT pool of global addresses to be allocated with their netmask (/29 = 255.255.255.248). There were reports that the simulator in the real exam did not accept “prefix-length” keryword so you should use “netmask” keyword.

TUT(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248

Create a standard access control list that permits the addresses that are to be translated

TUT(config)#access-list 1 permit 192.168.100.16 0.0.0.15

Establish dynamic source translation, specifying the access list that was defined in the prior step

TUT(config)#ip nat inside source list 1 pool mypool overload

This command translates all source addresses that pass access list 1, which means a source address from 192.168.100.17 to 192.168.100.30, into an address from the pool named mypool (the pool contains addresses from 198.18.184.105 to 198.18.184.110)

Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports

The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.

This is how to configure the NAT inside and NAT outside, just for your understanding:

TUT(config)#interface fa0/0
TUT(config-if)#ip nat inside

TUT(config-if)#exit

TUT(config)#interface s0/0
TUT(config-if)#ip nat outside
TUT(config-if)#end

Finally, we should save all your work with the following command:

TUT#copy running-config startup-config

Check your configuration by going to “Host for testing” and type:

C:\>ping 192.0.2.114

The ping should work well and you will be replied from 192.0.2.114

Comments
Comment pages
1 14 15 16 23
  1. Anonymous
    June 28th, 2018

    @Ngo Ngoc Luu

    can send to my questions here please
    (al7asan_94 @ yahoo.com)

  2. Anonymous
    June 28th, 2018

    @Crej

    can send to my questions here please
    (al7asan_94 @ yahoo.com)

  3. basavaraj
    July 2nd, 2018

    basumh2008 at gmail dot com
    Kindly share latest CCNA dumps on my mail ID ..

  4. alsadeek
    July 2nd, 2018

    any one has new ccna dump please alsadeekalsadouk @ yahoo. com

  5. Alfonso
    July 5th, 2018

    Can you send me plz 552 dumps
    azif_anjum @ hotmail.com

  6. Coco
    July 10th, 2018

    can you send me last dump to {email not allowed}? Much thanks! I have my exam scheduled next Thursday.

  7. Anonymous
    July 10th, 2018

    can you send me last dump to cocolangcyber3 @ gmail.com? Much thanks! I have my exam scheduled next Thursday.

  8. Stt
    July 11th, 2018

    Hey 9tut when one upgrades their account to paid.Why cant i re access today im experiencing problems.Tells me Authentication problem to contact website administrator

  9. ahmed
    July 13th, 2018

    lol I hope people have been doing some actual studying, instead of just begging for dumps.

    in a real job interview, you will get asked ugly questions about frame relay, segments, packets etc. so if you haven’t been studying properly, you will get found out as a fraud.

  10. NANA
    August 9th, 2018

    http:/ / t.cn / RDf8DJW
    I passed the exam. I only looked at the contents of it. Most of the questions are in it. It is worthy of trust.

  11. EKL
    August 9th, 2018

    Anybody have a new dump? Much appreciated

  12. shabydaxler
    August 21st, 2018

    any one with latest questions about CCNA please dump into {email not allowed}

  13. Help
    August 25th, 2018

    any CCDA materials please

  14. netmask
    September 19th, 2018

    what if I used the netmask 255.255.255.0 ?

  15. navski
    September 27th, 2018

    THis question was on the exam 29/09/2018

  16. eric
    September 27th, 2018

    I wonder why the ACL was not applied to the interface. I though that creating ACL will not be enough until you assign in to interface (access-group in or out)

  17. thundercat
    October 6th, 2018

    after creating the …”access-list 1 ” to permit these adresses, does this access list need to be then applied to an interface?

  18. thuundercat
    October 6th, 2018

    ok. I see now access list 1 is applied when you use the cmd ” ip nat inside source list 1 pool mypool overload”

  19. help me please
    October 8th, 2018

    kindly please anyone send latest ccna 200-125 dumps please i have exam on next week.
    please please, my email id yuvanesh 950 @ gmail . com

  20. nat251
    October 26th, 2018

    its not correct to use netmask 255.255.255.248, it put the range of ip in two different subnet, use netmask 255.255.255.0 instead.
    ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248

  21. Lucy
    October 31st, 2018

    Nat251 Do the math. It is correct.

  22. ab
    November 19th, 2018

    in the command “access-list 1 permit 192.168.100.16 0.0.0.15” the wildcard mask is written as 0.0.0.15
    but for /29 wildcard mask should be 0.0.0.7
    so am confused please any one help

  23. seel
    November 28th, 2018

    @ab

    /28 mask not /29 .

    255 – 240 = 15 .

  24. Anonymous
    December 23rd, 2018

    Hello, I think the solution to this is PAT not NAT. can someone prove me wrong? Using Overload means this is PAT not NAT

  25. wmeyer
    January 17th, 2019

    Where is my bike?
    Willi from Berlin the Stadt.

  26. Anthney Dicosa
    February 2nd, 2019

    identity for person

  27. roger s man
    March 5th, 2019

    good lab

  28. Bob1
    March 8th, 2019

    @9tut – does this lab still come up in today’s exam?

  29. Unonymous
    March 10th, 2019

    Hi All,

    Does anyone know the exact labs that are on the exam?

  30. Anonymous
    March 13th, 2019

    jefymail @ gmail . com any body with latest dump

  31. Anonymous
    March 30th, 2019

    Can anyone send me last dump questions for ccna certification allangatchi @ gmail.com

  32. hussain
    April 13th, 2019

    why we are ping to this IP address C:\>ping 192.0.2.114

  33. Eric
    April 14th, 2019

    @Hussain the ip 192.0.2.114 is the ip configured on the ISP router that is facing the local device.

  34. Orkhan
    April 16th, 2019

    please please, my email id cabrayilov1992@ mail . ru
    send me valid dump

  35. bill
    May 9th, 2019

    if anyone is sitting separate exams, then fyi NAT/PAT questions do not show up in ICND2 exam, they only appear in ICND1. But if you sit combined 200-125, then it will likely show up.

  36. Anonymous
    May 22nd, 2019

    Any one, please email me latest dumps at dsreddy1777*gmail. Thanks you in advance

  37. Anonymous
    May 22nd, 2019

    Any one, please email me latest CCNA dumps at dsreddy1777 at gmail com. Thank you in advance

  38. atcha freeman
    July 12th, 2019

    Hi
    Please I need a help
    I want to get in user mod in my router 1800

    It is giving this message

    dgscnrouter con0 is now available

    Press RETURN to get started

    Please How can I do ?

    thanks

    {email not allowed}

  39. Anonymous
    July 21st, 2019

    ping is working without NAT configurations. why?

  40. ruku
    July 21st, 2019

    latest dump pls jefymail at gmail.com and send your paypal account detail within 6 hours

Comment pages
1 14 15 16 23
Add a Comment