CCNA NAT SIM Question 1
Question
A network associate is configuring a router for the CCNA Training company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the CCNA Training company LAN have been assigned private space addresses in the range of 192.168.100.17 – 192.168.100.30.
The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide Internet access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host provided for testing.
Configuration information
router name – Weaver
inside global addresses – 198.18.184.105 198.18.184.110/29
inside local addresses – 192.168.100.17 – 192.168.100.30/28
number of inside hosts – 14
|
The following have already been configured on the router: - The basic router configuration - The appropriate interfaces have been configured for NAT inside and NAT outside - The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required.) - All passwords have been temporarily set to “cisco” |
Solution
Note: If you are not sure how NAT & PAT work, please read my Network Address Translation NAT Tutorial. You can download this sim to practice here: http://www.9tut.com/download/9tut.com_CCNA_NAT_sim_question.zip
The CCNA Training company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from 198.18.184.105 to 198.18.184.110/29. Therefore we have to use NAT overload (or PAT)
Double click on the Weaver router to open it
Router>enable
Router#configure terminal
First you should change the router’s name to Weaver
Router(config)#hostname Weaver
Create a NAT pool of global addresses to be allocated with their netmask (/29 = 255.255.255.248). There were reports that the simulator in the real exam did not accept “prefix-length” keryword so you should use “netmask” keyword.
Weaver(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
Create a standard access control list that permits the addresses that are to be translated
Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15
Establish dynamic source translation, specifying the access list that was defined in the prior step
Weaver(config)#ip nat inside source list 1 pool mypool overload
This command translates all source addresses that pass access list 1, which means a source address from 192.168.100.17 to 192.168.100.30, into an address from the pool named mypool (the pool contains addresses from 198.18.184.105 to 198.18.184.110)
Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports
The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.
This is how to configure the NAT inside and NAT outside, just for your understanding:
Weaver(config)#interface fa0/0
Weaver(config-if)#ip nat inside
Weaver(config-if)#exit
Weaver(config)#interface s0/0
Weaver(config-if)#ip nat outside
Weaver(config-if)#end
Finally, we should save all your work with the following command:
Weaver#copy running-config startup-config
Check your configuration by going to “Host for testing” and type:
C:\>ping 192.0.2.114
The ping should work well and you will be replied from 192.0.2.114
Other lab-sims on this site:
CCNA Configuration SIM Question (RIPv2 SIM)
You can ping from any of PC-PT terminal to 192.0.2.114
so do i need to configure the interfaces(ip nat inside &outside) or its already configured by them ? what if i configured the interfaces again, what will happen?
Do the ip’s come in the question with perfix? i mean the ip’s/perfix
ex: 1.1.1.1/8 or only 1.1.1.1
please help
thax in advance
Hey guys,
In this packet sim lab the interfaces (f0/0 and s0/0) weren’t applied the commands “ip nat inside and ip nat outside”. I tried to ping and doesn’t work, when I applied this commands it worked!!!
Hi, I need you help please, I followed the steps on the NAT Sim Lab at first I was able to ping from the PCs and I did received back 192.0.2.144 as mentioned. However, after practicing the commands couple of times, when I try to ping it I get time out. Please someone advice me where I am going wrong.
Here is the full command used
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Weaver
!
!
!
enable password cisco
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.100.30 255.255.255.240
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0
ip address 192.0.2.113 255.255.255.0
encapsulation frame-relay
ip nat outside
!
ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
ip nat inside source list 1 pool mypool overload
ip classless
!
!
access-list 1 permit 192.168.100.16 0.0.0.15
!
!
!
!
!
line con 0
password cisco
login
line vty 0 4
login
!
!
!
end
Thank you
please can some one help for the access list can you used any number in the range of standard access list or does it mean that you must used only the number 1
Pasa To day
Hello guys,
I went for CCNA exam today got ACL2 same to same as here apart from host C was host A; EIGRP lab was same to same make sure you do check on all PCs the web browser to both server and when done do the same. There is the passive interface but just ignore it and leave it as it is. for VTP lab I got the 5 questions out from here and where it asked to choose the root switch I just put switch 2 there lolll since everything was the same and even the IP address!!
I want to be very honest I did the CCNA completely in less than 1 month and on top I go to work.. At first I studied the CBT nuggets video for both ICND1 and ICND2 then went for the ACME dumps but didnt know anything so i took the time n studied the chapters where i was having issues in Todd book. Then went back for the dumps. In ACME dumps there are 10 exam papers i did all of them atleast three times. I studied the labs for NAT, VTP, EIGRP AND ACLS only (ONLY EIGRP ACLS2 AND VTP CAME OUT) one day before going for the exam. AND HERE I AM WITH 1000/1000.
TIP :- DO NOT LEARN WHERE THE ANSWERS ARE BUT INSTEAD TRY TO UNDERSTAND WHY ITS THE ANSWER. ALWAYS MAKE GOOD USE OF GOOGLE!!
CCNA PASSED >> GOING FOR CCNP
THANKS A LOT GOD, MY FAMILY , 9TUT, ACME, CBTNUGGETS AND TODD.
Make sure to add the encapsulation frame-relay command for routing, otherwise you will not receive a reply from 192.0.2.114
wow!! thanx 9tut i passed today!!!! 950
tnx..9tut..keep it up
Took the exam today, saw acl2,eigrp and vtp. Acme and spike dumps with 9tut made all the difference. .ccna certified thanks to, all
Thanks a lot to the uploader of sims…… I passes 640-802 with 840 marks…
very thanks achieve pass exam ccna
i pass today 828 and they give me report pass is this is valid score
I found it on gns3 forum. I must say, awesome lab manuals.
World’s most simple and advance form of lab manuals / practical guides pertaining to CISCO (CCNA, CCNP, CCIE) certifications.
JUST HELPING YOU……….
NO CHARGES……………… 100% Free
Visit: www dot inetstudies dot com
9tut Is it necessary to verify? if your running short on time will this cost you points?
825 is the cutoff so yes you passed
@Cynthia: Although it does not cost you points but we highly recommend you to verify your solution of the lab sims. It is very important to make sure your solution is correct.
Please I am trying to set up gns3 for CCNA security and I keep getting a message of “connection lost” for the asa842 firewall when I tried to drag it to the map pane. I have re-installed gns3 and I have googled to find solution to no avail. Please I will really appreciate if anyone can help fix this problem.
Thank you.
LATEST FREE CCNA TRAINING VIDEOS
youtube.com/CiscoTrainingVideos
download latest dumps from
9
t
u
t
.
c
o
m
x
a
.
c
o
m
Hey there..
I am interested in knowing, which of these simulations are on new exam, and which one are discarded from 640-802 exam?
rather than made up a nat pool,
wouldn’t it be simply to add command:
#ip nat inside source list 1 interface s0/0 overload
what would you named that nat pool anyway? cisco-nat, nat-pool, mypool?
Can somebody please help by sending me the latest CCNA dumps to my e-mail? k.munashe@yahoo.com. Thanks in advance
Dont we have to apply the ACL to an interface? Please help..
Tomorrow I have my exam! :/
Hello guys please help i am running short of time need prepare for CCna exam for month end Jan 2014, Please help which leagues must i follow or focus on mainly on this questions 200 – 120. Please reply me on this number 0793033112 reali need to pass this exam
Actually we need to apply an access list on interface f0/0 in
because here there is only 2 pcs .. try to put another pc not in the range specified it will ping
so in real lab we must apply ACL on an interface
Hi Guys!!
Cant we just use Dynamic NAT instead of NAT Overload??
Weaver(config)#ip nat inside source list 1 pool
I was once certified as a Cisco Certified Network Associate, but my certification expired last year in August. Am thinking of recertifying again… May you all please help me because I don’t know which areas to concentrate.. I do still remember most of the stuffs, but still I would say I have lost touch knowing best I was the tym I got certified. I will appreciate very much any relevant tips you may all give me..
Thanking you all in advance.
Hi Guys!!
Cant we just use Dynamic NAT instead of NAT Overload??
Weaver(config)#ip nat inside source list 1 pool
Hello
I am preparing for CCNA exam I did not understand subnetting concepts so if anybody have material regarding subnet than share you opinion
2Eng
Cant we just use Dynamic NAT instead of NAT Overload??
No, you cannot, not enought real IP addresses (/29 mask = 6 hosts) compared to inside addresses (/28 mask = 14 hosts).
@Eng , supporting what anynymous just said, if its not overloaded, we would have extra 8inside addresses left untranslated.Remember the question reqires dat all the 14 loca hosts should access the internet at the same time…
Passed the exam today. Lab Sim were ACL 1 and 2 and EIGRP.
The ping should be tried from host for testing
Am preparing for CCNA 200-120. Please send me the latest dumps to mohamedansary.guc@gmail.com
hIIIIIIIIIIIIII……………
Friends today i m very happy because i have passed the exam n CCNA————————————Now i m a certified in CISCO Thanx GOD LOVE YOU…………/
Hi there everyone, I am planning to take CCNA exam next month, but i don’t know how to start and what best materials should I study/review to sure pass the exam. Can someone send me latest dumps as what I’m seeing in here. I humbly appreciate and many thanks to all. My e-mail is “caipols@yahoo.com”
Am preparing for CCNA 200-120. Can someone please send me the latest dumps. I indeed appreciate your understand and love. My E-mail is: flourishjoh@yahoo.com
I am taking my CCNA exam at the end of the month. Please, could you help me and send the lastest dumps? Thanks.
yoneconfeccoes@hotmail.com
By the grace of Godm 1 passed my CCNA exam! ACL 1 & 2 and EIGRP showed up. 90% of questions are here on 9tut.
Thank you 9tut!!
Can any one email me the latest video training of labs i need it on urgent bases at haroon.talha@gmail.com
Hi All.. I just tried to give the pool name in uppercase as MYPOOL.. and the ping didn’t work.. can you please let me know why ??? is that case sensitive ???
Also why the IP was given as .16 ????
access-list 1 permit 192.168.100.16 0.0.0.15
For Hyderabad :
Also why the IP was given as .16 ????
access-list 1 permit 192.168.100.16 0.0.0.15
Answer: as the IP range given in the question is (192.168.100.17 to 30) which belong to Subnet 192.168.100.16 / 28 .So its the Network address.First IP being 192.168.100.17 and last usable IP 192.168.100.30 while 31 being broadcast address.
0.0.0.15 is wildcardmask: as 192.168.100.16 / 28 Subnet mask is : 255.255.255.240
so Wildcard Mask:
255.255.255.255 – 255.255.255.240= 0.0.0.15
@ Farman..
Thank you soo much… !!!
Also., why it didnt work when I gave the Pool name in upper case ???
I don’t expect to get an answer back before I take my test tomorrow, but I’ve burned a lot of time on this lab and I can’t get it working. I compared my router config to the one in the _Answered.pkt file, and it looks identical. Am I supposed to change anything outside of the router? At the suggestion of an earlier commenter, I turned on `debug ip nat`, and I see
NAT: s=192.168.100.18->192.18.184.105, d=192.0.2.114 [1]
in the output on the router, but the PC never sees a ping response. Doing the same in the _Answered version, I see
NAT: s=192.168.100.18->198.18.184.105, d=192.0.2.114 [4]
NAT*: s=192.0.2.114, d=198.18.184.105->192.168.100.18 [3]
I don’t know why I’m not getting the return trip on my version. Any tips? I’d at least like to know…
here the sim not working because we have created the access-list but it wont work until we apply it on any interface
so to make it work u hv to go to router interface either fa0/0 or s0/0
ip access-group 1 in
then it should work fine…