Home > Config Lab Challenge 1 (NAT)

Config Lab Challenge 1 (NAT)

September 1st, 2015 Go to comments

Refer to the exhibit. You are tasked to configure Internet access for the users in your company. Your ISP has given you six public IP addresses in the range of .
Your company has 62 hosts that need to access internet at the same time. They are using private IP addresses in the – range.

Basic router configuration has been configured. Your tasks are:
+ Configure NAT on R1 so that all hosts can have Internet access at the same time
+ Configure appropriate interfaces for NAT translation


Please access this lab challenge via this link: http://juquitiba.sp.gov.br/?exams=lab_challenges/Config_Lab_Challenge_1/Config_Lab_Challenge_1.html

Comments (15) Comments
  1. cisco lover
    September 5th, 2015

    hi 9tut
    is this the same way we will face in the exam for SIM questions ??

  2. 9tut
    September 5th, 2015

    @cisco lover: It is not the same way. In the real exam you will click on the Console PC to connect to routers/switches. A window will appear like the Console window for typing commands. You can use this demo link to see how real exam works: http://www.cisco.com/web/learning/wwtraining/certprog/training/cert_exam_tutorial.html

  3. Arjun
    September 18th, 2015

    Configuring PAT as the above given requirements.

    ip nat pool cisco netmask
    access-list 10 permit
    ip nat inside source list 10 pool cisco overload
    ip nat inside
    ip nat outside

  4. config
    December 28th, 2015

    ip nat pool cisco netmask
    access-list 10 permit
    ip nat inside source list 10 pool cisco overload
    on e o/o ip nat inside
    on s 1/0 ip nat outside

  5. dhagey
    March 24th, 2016

    ip nat pool mypool netmask
    access-list 20 permit
    ip nat inside source list 20 pool mypool overload
    interface ehternet 0/0
    ip nat inside
    interface so/1
    ip nat outside

  6. koushik
    June 24th, 2016

    why is “access list 1 permit” command not wroking while “access list 10 permit” is working…

  7. marco
    July 9th, 2016

    2. Create a standard access control list that permits the addresses that are to be translated
    R1(config)#access-list 1 permit

    But, why can’t has been, too.
    R1(config)#access-list 1 permit, Is this must be funtionality?

    Why yes, or Why no?

  8. IwannabeCCIEbutnowCCNA
    August 11th, 2016

    ip nat pool mypool netmask
    access-list 1 permit
    ip nat inside source list 1 pool mypool overload
    e0/0: ip nat inside
    s1/0: ip nat outside

  9. Anonymous
    December 31st, 2016


  10. CCIE
    March 16th, 2017

    @marco, you can’t use access-list 1 permit, becuase .65 is not your network

  11. ghost rider
    August 1st, 2017

    why I have to add overload after this command.

    ip nat inside source list ??? pool ??? overload


  12. Blue_line
    August 4th, 2017

    because you have 6 public and 62 host; they won’t be able to access internet if they all try at the same time thus why overload (it is call PAT) has been used.

    You can use access-list 1 permit; once you configure like this router will save that as wild card I have tested it please let me know anything otherwise.

  13. shyam
    August 30th, 2017

    i need this all answers. can one reply for this ?

  14. ROxan
    October 5th, 2017

    why is the wild card mask used as instead of ?? can someone explain?

  15. HTH
    October 17th, 2017

    @ROxan We’ve taken only 2 bits from the last octet, so the subnet mask would be, In ACLs, we use Wildcard mask instead of the Subnet mask.
    Wildcard mask is the inverse of subnet mask =

Add a Comment