Home > Config Lab Challenge 1 (NAT)

Config Lab Challenge 1 (NAT)

September 1st, 2015 Go to comments

Refer to the exhibit. You are tasked to configure Internet access for the users in your company. Your ISP has given you six public IP addresses in the range of .
Your company has 62 hosts that need to access internet at the same time. They are using private IP addresses in the – range.

Basic router configuration has been configured. Your tasks are:
+ Configure NAT on R1 so that all hosts can have Internet access at the same time
+ Configure appropriate interfaces for NAT translation


Please access this lab challenge via this link: http://juquitiba.sp.gov.br/?exams=lab_challenges/Config_Lab_Challenge_1/Config_Lab_Challenge_1.html

Comments (24) Comments
  1. cisco lover
    September 5th, 2015

    hi 9tut
    is this the same way we will face in the exam for SIM questions ??

  2. 9tut
    September 5th, 2015

    @cisco lover: It is not the same way. In the real exam you will click on the Console PC to connect to routers/switches. A window will appear like the Console window for typing commands. You can use this demo link to see how real exam works: http://www.cisco.com/web/learning/wwtraining/certprog/training/cert_exam_tutorial.html

  3. Arjun
    September 18th, 2015

    Configuring PAT as the above given requirements.

    ip nat pool cisco netmask
    access-list 10 permit
    ip nat inside source list 10 pool cisco overload
    ip nat inside
    ip nat outside

  4. config
    December 28th, 2015

    ip nat pool cisco netmask
    access-list 10 permit
    ip nat inside source list 10 pool cisco overload
    on e o/o ip nat inside
    on s 1/0 ip nat outside

  5. dhagey
    March 24th, 2016

    ip nat pool mypool netmask
    access-list 20 permit
    ip nat inside source list 20 pool mypool overload
    interface ehternet 0/0
    ip nat inside
    interface so/1
    ip nat outside

  6. koushik
    June 24th, 2016

    why is “access list 1 permit” command not wroking while “access list 10 permit” is working…

  7. marco
    July 9th, 2016

    2. Create a standard access control list that permits the addresses that are to be translated
    R1(config)#access-list 1 permit

    But, why can’t has been, too.
    R1(config)#access-list 1 permit, Is this must be funtionality?

    Why yes, or Why no?

  8. IwannabeCCIEbutnowCCNA
    August 11th, 2016

    ip nat pool mypool netmask
    access-list 1 permit
    ip nat inside source list 1 pool mypool overload
    e0/0: ip nat inside
    s1/0: ip nat outside

  9. Anonymous
    December 31st, 2016


  10. CCIE
    March 16th, 2017

    @marco, you can’t use access-list 1 permit, becuase .65 is not your network

  11. ghost rider
    August 1st, 2017

    why I have to add overload after this command.

    ip nat inside source list ??? pool ??? overload


  12. Blue_line
    August 4th, 2017

    because you have 6 public and 62 host; they won’t be able to access internet if they all try at the same time thus why overload (it is call PAT) has been used.

    You can use access-list 1 permit; once you configure like this router will save that as wild card I have tested it please let me know anything otherwise.

  13. shyam
    August 30th, 2017

    i need this all answers. can one reply for this ?

  14. ROxan
    October 5th, 2017

    why is the wild card mask used as instead of ?? can someone explain?

  15. HTH
    October 17th, 2017

    @ROxan We’ve taken only 2 bits from the last octet, so the subnet mask would be, In ACLs, we use Wildcard mask instead of the Subnet mask.
    Wildcard mask is the inverse of subnet mask =

  16. Ivan
    March 18th, 2018

    Just like this:
    ip nat pool cisco netmask
    access-list 10 permit
    ip nat inside source list 10 pool cisco overload
    ip nat inside
    ip nat outside

  17. zsolt
    May 6th, 2018

    Could you please send me the latest questions of CCNA? I will take the exam next week.
    Thank you.

  18. jjj
    June 7th, 2018

    The ip address range for the nat pool is netmask Why then is the wildcard mask (255 – 248 =7)? I thought wildcard mask will be!! Can someone please explain this . Thanks

  19. jjj
    June 7th, 2018

    I see now that I am supposed to allow the private ip network (with the acl created) which has a mask of /26.

  20. JJ
    July 11th, 2018

    Great Practice! Thanks!

  21. scoth
    August 23rd, 2018

    Could someone tell me what was the answers and why ? I could not get it

  22. Drin
    September 5th, 2018

    ip nat pool pool netmask – for this, once the PC’s ping outside the network, only 6 ip adresses will be translated given by your ISP.
    access-list 1 permit – is the subnet because the .65 ip is the clients IP address and not in yout network
    ip nat inside source list 1 pool pool overload – this is a setup for PAT NAT
    ip nat inside
    ip nat outside

    correct me if i’m wrong. Cheers

  23. Jojo
    November 27th, 2018

    The exercice does not to work

  24. hina
    December 18th, 2018

    Dear. 9tut is very helpful for preparing ccna exam. you can follow the practical exam lab solution and get good marks in exam. get lab solution from

    http *://*ww*w. *youtube*.com*/*c /ezxprt*
    Remove * from above url and get latest exam lab solution

    send email on shafqaat (at) ezxprt dot com for complete exam lab solution and latest dumps

Add a Comment