CCNA NAT SIM Question 1
Question
A network associate is configuring a router for the CCNA Training company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the CCNA Training company LAN have been assigned private space addresses in the range of 192.168.100.17 – 192.168.100.30.
The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide Internet access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host provided for testing.
Configuration information
router name – Weaver
inside global addresses – 198.18.184.105 198.18.184.110/29
inside local addresses – 192.168.100.17 – 192.168.100.30/28
number of inside hosts – 14
|
The following have already been configured on the router: - The basic router configuration - The appropriate interfaces have been configured for NAT inside and NAT outside - The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required.) - All passwords have been temporarily set to “cisco” |
Solution
Note: If you are not sure how NAT & PAT work, please read my Network Address Translation NAT Tutorial. You can download this sim to practice here: http://www.9tut.com/download/9tut.com_CCNA_NAT_sim_question.zip
The CCNA Training company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from 198.18.184.105 to 198.18.184.110/29. Therefore we have to use NAT overload (or PAT)
Double click on the Weaver router to open it
Router>enable
Router#configure terminal
First you should change the router’s name to Weaver
Router(config)#hostname Weaver
Create a NAT pool of global addresses to be allocated with their netmask (/29 = 255.255.255.248). There were reports that the simulator in the real exam did not accept “prefix-length” keryword so you should use “netmask” keyword.
Weaver(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
Create a standard access control list that permits the addresses that are to be translated
Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15
Establish dynamic source translation, specifying the access list that was defined in the prior step
Weaver(config)#ip nat inside source list 1 pool mypool overload
This command translates all source addresses that pass access list 1, which means a source address from 192.168.100.17 to 192.168.100.30, into an address from the pool named mypool (the pool contains addresses from 198.18.184.105 to 198.18.184.110)
Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports
The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.
This is how to configure the NAT inside and NAT outside, just for your understanding:
Weaver(config)#interface fa0/0
Weaver(config-if)#ip nat inside
Weaver(config-if)#exit
Weaver(config)#interface s0/0
Weaver(config-if)#ip nat outside
Weaver(config-if)#end
Finally, we should save all your work with the following command:
Weaver#copy running-config startup-config
Check your configuration by going to “Host for testing” and type:
C:\>ping 192.0.2.114
The ping should work well and you will be replied from 192.0.2.114
Other lab-sims on this site:
CCNA Configuration SIM Question (RIPv2 SIM)
@ Ricardo
Tnanks, Ricardo.
Can anyone explain how the ISP is set up because I cannot get to ping the ISP which I tried to configure with packet tracer.
hi! i passed my ccna like many. i hav an advers: don’t try to pass ur exam in FRENCH. my native language is french and i passed this exam in french. Cisco give me other sims: NAT QSTION 1 and 2 other. It was difficult but i passed it…. use 9tut and learn the ccna lesson and exam will be easy.
you need to add an ip address and default gateway to the switch
Guys how much points gives PRACTICE LABS. for example ACL2 or VTP?
and how much points just questions?
happpy to share with u my friends here….passed my ccna exam with 920 marks…..i did my whole preparation in 9tut n all of my success credits go to 9tut…friends just study here n do d exam….study dumps clearly cos order of choices r different so dont commit to memory…go with the dumps 5 to 6 times b4 go to the exam…and the simulations were access list sim 2 and eigrp…bt slight modifications.especially in access list 2…in 9tut for access list 2 there r some modifications…dont forget to prepare that friends.all the very best do well friends…..thanku very much 9tut
Passed today 933/1000 Thanks Sekhar.Dump still 100% valid laps (EIGRP,ACL2,VTP) same as 9tut
please i need CCNP dumps if any one have ,, i’ll b grareful ,, if any one could sent it to this email add .. burhan.hussaini@live.com
Please help i want to give ccna exam After 10 days please sent Latest dumps on
naifhamed2000@yahoo.com
am preparing for ccna 640-802 to be taken at the end of may please could you post for dumps or sent for on acidri.stephen@yahoo.com. you assistance is highly appreciated
dear Ruth ISPs normally assign public ip adresses which are routable across internet and your private ip addresses are not routable across internet. try to check if you have configured NAT in your gateway router to perform the stated scenario.secondly check the encapsulation type on your serial link to the ISP may be there is mismatch. please also correct me where neccesary
I have my exam in 4 hours!!! wish me luck
Do they tell you specifically what name should you use or you use “mypool” just because?
Can You give running Link
do we need to configure loopback on the router?
hey u all plss can u send me dumps i am giving exam in 5 days my email id is saswadea@gmail.com
Hello,can you sent me examen ccna in french or lien?Please please
can someone pls send me, a stimulation i need it urgently my mail is juliusmoses240@yahoo.com
Assalam o Alaikum,Hello all my dear friends,If anybody wish to get the Boson Simulator Latest version 8.05 for CCNA/CCNP to please email me at MC070401924@VU.EDU.Pk
Without any cast of single penny really,Just humanity…
Best of luck!
Thanks
dear,nyaan loopback on router just due to ping n knew that router intact through serial port.loopback is ever up so its helpful to knew that your serial link working well.if no ping other link than you should check that there is problem yet loopback ping successfully..
thanks
I configured this sim and i was able to ping from ISP to host but while pinging from host to ISP it showed request timed out…. Could anyone please help me out..?
I am preparing for ccna 640-802 to be taken at the end of JUNE. Please could you post for dumps or send it to me at engrgilbertok@yahoo.com.
Your assistance is highly appreciated.
Thank you in anticipation.
@m Check with show ip nat translations to see if your NAT works, you will the 2 PCs private addresses to be translated into a public one
hellow can anybody help me with latest dump please my email: hemjayzz@yahoo.com
hey please help me, i am not able to ping 192.0.2.114
Weaver#sh run
Building configuration…
Current configuration : 765 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Weaver
!
!
!
enable password cisco
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.100.30 255.255.255.240
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0
ip address 192.0.2.113 255.255.255.0
encapsulation frame-relay
ip nat outside
!
ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
ip nat inside source list 1 interface Serial0/0 overload
ip classless
!
!
access-list 1 permit 192.168.100.16 0.0.0.15
!
!
!
!
!
line con 0
password cisco
login
line vty 0 4
login
!
!
!
end
this is configuration, still i am not able to ping, please tell me, where i am wrong, i am giving exam tomorrow.
any one can tell me where can i get cisco packet tracer
snajyot, your configuration is incorrect. You have created and configured the pool statement correctly, but then have used PAT with overload instead of Static nat with overload in the command
ip nat inside source list 1 interface Serial0/0 overload
it should be
ip nat inside source list 1 pool mypool overload
hi ,good day to everyone, im from Philippines, and im planning to take my exam sometime next month.Can anyone send me dumps on my email? jersonnarido@gmail.com
Thanks a lot in advance guys. :)
Hello,
Whats the difference between putting access list as
1. access-list 1 permit 192.168.100.16 0.0.0.15
and
2. access-list 1 permit 192.168.100.17 0.0.0.14
thanks
i think there is no 0.0.0.14 because if reverse that to a netmask , that would be 255.255.255.241
0.0.0.15 = 255.255.255.240
i hope i am correct, :D
Passed today!!! this lab was on my exam, without changes on IP addresses!!! thanks 9tut community, the following will be CCNA VoIP
Hi, guys
I am planning to sit for CCNA exams next month july 2013, please send me the latest dumps to kalumbachola@gmail.com. I will appreciate.
Thanks in advance.
kays
Hi peeps, Please give advice on CCNA exams will be writing next Friday email-barryj.sampson@gmail.com
Hi
Please send me the latest dumps to kathircre@gmail.com.
Hi everyone
I am planning to give CCNA exams in the last week of July. Please provide me with the latest dumps at shobhit20.mishra@gmail.com
Thank You
in real CCNA exam “will the help works ? please confirm”
router#?
router# ip nat ?
please!!!
Hi I see the access list getting defined, but should we not apply it to the fa0/0 port of the router?
int fa0/0
ip access-group 1 in <–
Or does the access-list implicitly get applied via the "Ip nat inside source list 1 pool mypool overload" command?
hi there, I am little confused because there are 14 host so the wildmask will be 0.0.0.13 because 0.0.0.13 allows 14 host beginning at 0 until 13
0 1 2 3 4 5 6 7 8 9 10 11 12 13—–> wildmask
1 2 3 4 5 6 7 8 9 10 11 12 13 14——> our 14 host
It is like if you were using ospf on your serial link that would be a 255.255.255.252 mask,right and your ip 192.168.0.0 so I would configure it by typing like this=
router ospf 2
network 192.168.0.0 0.0.0.3 area 0 ———–> because I only have 4 ip address with mask 252
so my wildmask must be 0.0.0.3, Am I wrong?
Ernesto, the wildcard mask is based on the block size, not just how many hosts are needed. It is block size – 1. We have a /28, which is a block size of 16 so the wildcard would be 0.0.0.15. Also with a 252 network you only have 2 USUABLE addresses, the other two are network id and broadcast.
@ernesto, the wildcard mask is the inverse of the subnet mask.
To figure the subnet mask, just subtract each octet of the wildcard mask from 255.
wildcard mask 0.0.0.3 = subnet mask 255.255.255.252 (because 255-3=252)
wildcard mask 0.0.0.7 = subnet mask 255.255.255.248
wildcard mask 0.0.0.15 = subnet mask 255.255.255.240 …etc
Has anyone used the Meraki switches in their enterprise? Just want to know whether you can configure anything on it. Does not seem to do much.
why here he defined access-list from 16 not 17
access-list 1 permit 192.168.100.16 0.0.0.15
Although i made it 17 and it’s working fine !!
947/1000 thanks Mr. Sekhar
@ Nourhan
We are permitting all hosts from the subnet 192.168.100.16 = [192.168.100.17 to 192.168.100.30]
If you use 192.168.100.17, the access list allows only this host.
Hi sorry there is slight changes at my previous comment.. Access-list allows to change host addresses from the subnet 192.168.100.16 to public address when it tries to access internet.
Need Dumps (latest) Planning to give exam in mid of august . Also would like to know if any one can help me “These Dumps will be valid for how long from today ” as still 20 days before i give exam””
Sim Lab how much we can score weightage and failure margin etc .
lifegoingmyway.sunil@gmail.com
It is very a pity to me, I can help nothing to you. I think, you will find the correct decision. Do not despair.
vampirema bb4arg48
Do I need to pay for the SIM in this site or are they full version?
I am taking my exam next month
@SDK: The sims here are in pkt files which can be opened by Packet Tracer. If you join Premium Membership then you can practice them in another way and can check if your statements are correct or not.