Home > CCNA NAT SIM Question

CCNA NAT SIM Question

January 5th, 2014 Go to comments

Question

You are tasked to configure Internet access on a router. The ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned private space addresses in the range of 192.168.100.17 – 192.168.100.30.

The following have already been configured on the router:

– Router basic configuration
– Interfaces have been configured for NAT inside (Fa0/0) and NAT outside (s0/0)
– The appropriate static routes have also been configured
– All passwords have been temporarily set to “cisco”

Tasks:
+ Use NAT to provide Internet access to all hosts in the company LAN.
+ Name the router TUT
+ Inside global addresses: 198.18.184.105 198.18.184.110/29
+ Inside local addresses: 192.168.100.17 – 192.168.100.30/28
+ Numer of inside hosts: 14

NAT_sim_topology.jpg

Solution

Note: If you are not sure how NAT & PAT work, please read my Network Address Translation NAT Tutorial. You can download this sim to practice here: http://www.9tut.com/download/9tut.com_CCNA_NAT_sim_question.zip

The CCNA Training company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from 198.18.184.105 to 198.18.184.110/29. Therefore we have to use NAT overload (or PAT)

Double click on the TUT router to open it

Router>enable
Router#configure terminal

First you should change the router’s name to TUT

Router(config)#hostname TUT

Create a NAT pool of global addresses to be allocated with their netmask (/29 = 255.255.255.248). There were reports that the simulator in the real exam did not accept “prefix-length” keryword so you should use “netmask” keyword.

TUT(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248

Create a standard access control list that permits the addresses that are to be translated

TUT(config)#access-list 1 permit 192.168.100.16 0.0.0.15

Establish dynamic source translation, specifying the access list that was defined in the prior step

TUT(config)#ip nat inside source list 1 pool mypool overload

This command translates all source addresses that pass access list 1, which means a source address from 192.168.100.17 to 192.168.100.30, into an address from the pool named mypool (the pool contains addresses from 198.18.184.105 to 198.18.184.110)

Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports

The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.

This is how to configure the NAT inside and NAT outside, just for your understanding:

TUT(config)#interface fa0/0
TUT(config-if)#ip nat inside

TUT(config-if)#exit

TUT(config)#interface s0/0
TUT(config-if)#ip nat outside
TUT(config-if)#end

Finally, we should save all your work with the following command:

TUT#copy running-config startup-config

Check your configuration by going to “Host for testing” and type:

C:\>ping 192.0.2.114

The ping should work well and you will be replied from 192.0.2.114

Comments
Comment pages
1 13 14 15 23
  1. noney12
    November 18th, 2017

    there are 2 way to complete this
    acl to outside pool overload -and- inside pool to outside pool overload

Comment pages
1 13 14 15 23
Add a Comment