CCNA NAT SIM Question 1
Question
A network associate is configuring a router for the CCNA Training company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the CCNA Training company LAN have been assigned private space addresses in the range of 192.168.100.17 – 192.168.100.30.
The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide Internet access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host provided for testing.
Configuration information
router name – Weaver
inside global addresses – 198.18.184.105 198.18.184.110/29
inside local addresses – 192.168.100.17 – 192.168.100.30/28
number of inside hosts – 14
|
The following have already been configured on the router: - The basic router configuration - The appropriate interfaces have been configured for NAT inside and NAT outside - The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required.) - All passwords have been temporarily set to “cisco” |
Solution
Note: If you are not sure how NAT & PAT work, please read my Network Address Translation NAT Tutorial. You can download this sim to practice here: http://www.9tut.com/download/9tut.com_CCNA_NAT_sim_question.zip
The CCNA Training company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from 198.18.184.105 to 198.18.184.110/29. Therefore we have to use NAT overload (or PAT)
Double click on the Weaver router to open it
Router>enable
Router#configure terminal
First you should change the router’s name to Weaver
Router(config)#hostname Weaver
Create a NAT pool of global addresses to be allocated with their netmask (/29 = 255.255.255.248). There were reports that the simulator in the real exam did not accept “prefix-length” keryword so you should use “netmask” keyword.
Weaver(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
Create a standard access control list that permits the addresses that are to be translated
Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15
Establish dynamic source translation, specifying the access list that was defined in the prior step
Weaver(config)#ip nat inside source list 1 pool mypool overload
This command translates all source addresses that pass access list 1, which means a source address from 192.168.100.17 to 192.168.100.30, into an address from the pool named mypool (the pool contains addresses from 198.18.184.105 to 198.18.184.110)
Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports
The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.
This is how to configure the NAT inside and NAT outside, just for your understanding:
Weaver(config)#interface fa0/0
Weaver(config-if)#ip nat inside
Weaver(config-if)#exit
Weaver(config)#interface s0/0
Weaver(config-if)#ip nat outside
Weaver(config-if)#end
Finally, we should save all your work with the following command:
Weaver#copy running-config startup-config
Check your configuration by going to “Host for testing” and type:
C:\>ping 192.0.2.114
The ping should work well and you will be replied from 192.0.2.114
Other lab-sims on this site:
CCNA Configuration SIM Question (RIPv2 SIM)
@ sean u can use packet tracer 5.3 to open those labs
@9tut, Can i configure a router to support two NAT?, I mean if a Router has one private interface and two public links to different ISP, can it translate the Private IP address to both Public IP Address?.
Hi,
Where in this sim does it instruct to create a pool named “mypool”. In the exam I presume it will instruct us on what to name the nat pool?
Regards,
hi 9tut, are we allowed to use “?” and “TAB” in the exam?
@alex, yes u are allowed to use “?” n “tab” but sometimes they might not work… try ur luck!!
@9tut, Can i configure a router to support two NAT?, I mean if a Router has one private interface and two public links to different ISP, can it translate the Private IP address to both Public IP Address?………………….
Hi there, i’m kind of confused, bot i think the comand “ip nat inside source list 1 pool mypool overload” needs no “overload” cause we are configuring dynamic NAT instead PAT so the comand overload its no needed, well at least in packet tracert nat works fine without “overload” :) , Greetings anda thanks a lot for the info.
Doesn’t work for me with the command:
ip nat inside source list 1 pool mypool overload
but it does work with:
ip nat inside source list 1 interface se1/0 overload
What gives??? anyone…anyone…
I am going to appear in exam can any body tel me that what will be the total exam duration and the total number of questions
@ Nasir http://www.9tut.com/ccna-faqs-a-tips
you can find all the tips for the exam in that link
I need lastest ccna labs dumps, please kindly send it to me. My e-mail:oil_pitak@hotmail.com
ip nat pool omar 192.168.1.5 192.168.1.10 netmask 255.255.255.248
I think theres an error in this quesion>>>>>beacause the net mask should be 255.255.255.240 to make all public ip in the same subnet .
Please any one know the answer ?
hello everybody,
when i ping the s0/0(192.0.2.113) ,in the router the cmd #sh ip nat translations displays nothing !
is normal ???
I just passed CCNA with the average of 93.33. thanks 9tut. For $9 dollar it is lots of help. Best website for ccna.
@asham
It is very normal. Destination IP address (192.0.2.113) matches the IP address of the router’s interface. In that case, translation doesn’t occur.
today i passed ccna exam am soooooooooooooo happy vtp labs changed (;
i passed ccna exam(smile)
today i passed ccna exam finished 3 labs vtp lab changed in exam i got 867/1000 :D
Whosoever gave the CCNA just a day or at max 1 week before can they tell me which all simulations did they get? and were they same as 9tut or different.my exam is on 19th feb so i need all the possible help.thank you in advance.
I pass the test in french i have only one Lab it was NAT SIM and drag and drop no vtp sim and no eigrp sim …. Did the exam différent for the language we chose ?
man beofre u take exam u should understand 3 labs frist ,and u should study 660 questions if u wanna pass speaking about labs eigrp.vtp acl
eigrp it is easy and acl but vtp it is hard i have one q from vtp it was hard
i took on eigrp 92 acl 100 and vtp 72 wish u look
today i passes i got 867/1000 (:
i passed today CCNA
if u wanna pass CCNA u should study 660 q +3 labs
finally i passed CCNA :D
what is latest VTP po
After finishing all configurations, still i can’t “Ping” the ISP router…..any help??
After finishing all configurations, still i can’t “Ping” the ISP router…..any help??
@MUTA u happy you passed please tell us what was on your exam,before you go partying
does anyone know if using named ACLs is a problem in the exam?
i used a named ACL in this lab and it worked fine, just curious if named ACLs are an option on the exam. Thanks guys.
Steve, i had to add a route statement to the lab in order to ping the ISP router. ip route 0.0.0.0 0.0.0.0 192.2.0.114
You can use any pool name you want if the question doesn’t specify it.
When I ping the internet from the hosts on the LAN, I am being successful. I’m also confirming this by using ‘sh ip nat trans’ on the router. What’s happening with everyone else?
i think no need to add default network (route) prior to ping ISP, i could ping easily without adding, please clarify if the default route requested in the exam also.
Does anyone out there have Packet Tracer 6 or later? Please send to aaegh7@gmail.com. My version (V5) does not support iBGP…I’m preparing for CCIE.
Thanks in advance.
Studying to take the 640-822 next week. I am confused on what simulations I should be studying just for the ICND1 portion??? Thank You!
I’m confused… I’ve followed all instructions and still not able to ping ISP…. btw interfaces were NOT setup for inside/outside…. Please help me out….
!
!
interface FastEthernet0/0
ip address 192.168.100.30 255.255.255.240
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0
ip address 192.0.2.113 255.255.255.0
encapsulation frame-relay
!
ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
ip nat inside source list 1 pool mypool overload
ip classless
!
!
Weaver#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Weaver(config)#int fa0/0
Weaver(config-if)#ip nat ?
inside Inside interface for address translation
outside Outside interface for address translation
Weaver(config-if)#ip nat inside ?
Weaver(config-if)#ip nat inside
Weaver(config-if)#int s0/0
Weaver(config-if)#ip nat ?
inside Inside interface for address translation
outside Outside interface for address translation
Weaver(config-if)#ip nat outside
Weaver(config-if)#exit
Weaver(config)#exit
Weaver#
%SYS-5-CONFIG_I: Configured from console by console
show run
Building configuration…
Current configuration : 757 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Weaver
!
!
!
enable password cisco
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.100.30 255.255.255.240
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0
ip address 192.0.2.113 255.255.255.0
encapsulation frame-relay
ip nat outside
!
ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
ip nat inside source list 1 pool mypool overload
ip classless
!
!
access-list 1 permit 192.168.100.16 0.0.0.15
!
!
!
!
!
line con 0
password cisco
login
line vty 0 4
Weaver#show run
Building configuration…
Current configuration : 757 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Weaver
!
!
!
enable password cisco
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.100.30 255.255.255.240
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0
ip address 192.0.2.113 255.255.255.0
encapsulation frame-relay
ip nat outside
!
ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
ip nat inside source list 1 pool mypool overload
ip classless
!
!
access-list 1 permit 192.168.100.16 0.0.0.15
!
!
!
!
!
line con 0
password cisco
login
line vty 0 4
login
!
!
!
end
there is no routing on the router….could this be a problem?
Man! you have no idea how you made my life so so easier!!! thanks a million !! man i love you to death!!!!!
passed my CCNA today. CCNP here I come.
though, it doesn’t exactly go along with the texoobtk as it should. Sometimes you have to read between the lines, and make it work. It would have helped to have the same authors for both books.
pls send me a latest dump
kafieu@gmail.com
finally!! PASSED my CCNA! caaaaaaant believe ittt!! oh lord im so happy!! \=D/ *crazy dance*
We have to add a default route to this configuration. Please correct me if I am wrong
hey Rapunzel plss can u send me dumps i am giving exam in 5 days my email id is shah.bhumika61@yahoo.com
please some one send me licenced version of visual_certexam_suite_setup .i m thank full 2 u.my mailing add: its_md.5277@yahoo.com.
Sorry, guys.
Sorry, I don’t exactly understand.
Will subnet mask (/28 and /29 in this case) be known or not?
@Mihail
The subnet masks are not known to us. You need to find the subnet mask by yourself looking at the range of the IP addresses they give us.
Public IP addresses – range 6 so its /29 = 6 host 1 Broadcast 1 Network
Private IP addresses – range 14 so its /28 = 14 hosts 1 Broadcast 1 Network
Good luck!
Hello Guys I hope you will be fine there. I have CCNA (640-802) Vouchers on
special discount of 58% for World wide, with six months expiry date till you
purchase. Each voucher cost 60USD.
Details Required For CCNA Voucher For Discount Processing:
1-Full Name. 1st Name & Last Name (as you want to appear on certificate & documents)
2-Country.
3-City.
4-State.
5-Pin Code (or Area Code)
6-Residential Address (or where you can collect your Certificate or further correspondence
can be received)
Add me on Skype through this information which is written below:
Skype Name: rockon660
you can also email me at this email address which is written below:
madeelqaiser@gmail.com
If you have any Questions feel free to contact me.
I am also dealing the vocuhers of Microsoft.
Thanks,
Best regards,
Adeel