CCNA NAT SIM Question 2
Question
| You work as a network technician at 9tut.com. Study the exhibit carefully. You are required to perform configurations to enable Internet access. The Router ISP has given you six public IP addresses in the 198.18.32.65 198.18.32.70/29 range. 9tut.com has 62 clients that needs to have simultaneous internet access. These local hosts use private IP addresses in the 192.168.6.65 – 192.168.6.126/26 range. You need to configure Router1 using the PC1 console. You have already made basic router configuration. You have also configured the appropriate NAT interfaces; NAT inside and NAT outside respectively. Now you are required to finish the configuration of Router1. |
Solution
Note: If you are not sure how NAT & PAT work, please read my Network Address Translation NAT Tutorial. You can download a similar sim to practice here: http://www.9tut.com/download/9tut.com_CCNA_NAT_sim_question.zip
The company has 62 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from 198.18.32.65 to 198.18.32.70/29 => we have to use NAT overload (or PAT)
Double click on PC1 to access Router1′s command line interface
Router1>enable
Router1#configure terminal
Create a NAT pool of global addresses to be allocated with their netmask (notice that /29 = 248)
Router1(config)#ip nat pool mypool 198.18.32.65 198.18.32.70 netmask 255.255.255.248
Create a standard access control list that permits the addresses that are to be translated
Router1(config)#access-list 1 permit 192.168.6.64 0.0.0.63
Establish dynamic source translation, specifying the access list that was defined in the prior step
Router1(config)#ip nat inside source list 1 pool mypool overload
This command translates all source addresses that pass access list 1, which means a source address from 192.168.6.65 to 192.168.6.126, into an address from the pool named mypool (the pool contains addresses from 198.18.32.65 to 198.18.32.70)
Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports
The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.
This is how to configure the NAT inside and NAT outside, just for your understanding:
Router1(config)#interface fa0/0
Router1(config-if)#ip nat inside
Router1(config-if)#exit
Router1(config)#interface s0/0
Router1(config-if)#ip nat outside
Before leaving Router1, you should save the configuration:
Router1(config)#end (or Router1(config-if)#end)
Router1#copy running-config startup-config
Check your configuration by going to PC2 and type:
C:\>ping 192.0.2.114
The ping should work well and you will be replied from 192.0.2.114
Other lab-sims on this site:
CCNA Configuration SIM Question (RIPv2 SIM)
Anyone have the latest dumps? Saleemmazyck@yahoo
latest dump ???
this labs was misconfig there is bad route to network 192.168.100.16/28 and there is not a static between the local router and the ISP router.
there is difference between inner configuration and the configuration on site so dont get mad, calm down and follow given data on packet tracer…..
how can i get packet tracer
Please send me the latest brain dump @ arayspeed@hotmail.com
Hi friends,Please send me the latest brain dump
arjunkube@gmail.com
Please don’t post answers if they all miss configuration , static routes aren’t configured and it’s configured on one router only in the file I download from the link above
do we need to assign the access-list to interface?
Hello all,
Rip protocol topic is included in ccna 200-120 exam?
Pls i need urgent answer
Hello all,
NAT SIM Question included in ccna 200-120 exam?
pls i need urgent response
to Guru, yes.. RIP and NAT SIM are included.
Hi all, coud you tel me please if some one is able to open pkt file for lab posted in this site, if yes whith wich packet tracer version ?
@choi guru
Rip protocol has been removed from ccna 200-120 as it is obsolete.Even jeremy from cbt nuggets confirmed it and to further confirm it i verified from the course outline from cisco
download the latest Pkt i opened it with version 6.0.1 which i presume is latest
Latest CCNA 200-120 dumps 316 Questions & Answers available.
316 question dumps are 100% valid. I already purchased that If you needed, share nominal fee.
Thanks
Azeem Sarwar
azeemsarwar1@hotmail.com
skype: azeem.sarwar1
I cannot ping the 192.0.2.114 from either PC1 and PC2!!
Knowing that this pkt from is came from Q1 and i had changed the ip to 192.168.6.66 and 192.168.6.67 with default gateway 192.168.6.126 for these 2 pc.
But it’s still not work!!
am i make something wrong???
there is a similar lab which we can download having configured correctly i cannot still ping 192.0.2.114
Dear all
Please anyone send a recently dump because the next week I Have the exam CCNA , my mail is aribi_walid@yahoo.fr
http://www.info-it.net/cisco/ccna/types-network-address-translation.php
also, at the end of the .pkt, it says that you must config a static route (like in a real config, a static route to internet) R(config)#ip route 0.0.0.0 0.0.0.0 [next hop address]
pkt answer:
Weaver(config)#access-list 10 permit 192.168.100.17 0.0.0.15
Weaver(config)#ip nat inside source list 10 pool mypool overload
Weaver(config)#int fa0/0
Weaver(config-if)#ip nat inside
Weaver(config-if)#int s0/0
Weaver(config-if)#ip nat outside
Weaver(config-if)#exit
Weaver(config)#ip route 0.0.0.0 0.0.0.0 192.0.2.114
from pc:
PC>ping 192.0.2.114
Pinging 192.0.2.114 with 32 bytes of data:
Reply from 192.0.2.114: bytes=32 time=2ms TTL=254
Reply from 192.0.2.114: bytes=32 time=2ms TTL=254
Reply from 192.0.2.114: bytes=32 time=2ms TTL=254
Reply from 192.0.2.114: bytes=32 time=2ms TTL=254
Ping statistics for 192.0.2.114:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 2ms, Average = 2ms
sorry, this is the config for pkt, i didn’t put the ip nat pool cmd:
Weaver(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
Weaver(config)#access-list 10 permit 192.168.100.17 0.0.0.15
Weaver(config)#ip nat inside source list 10 pool mypool overload
Weaver(config)#int fa0/0
Weaver(config-if)#ip nat inside
Weaver(config-if)#int s0/0
Weaver(config-if)#ip nat outside
Weaver(config-if)#exit
Weaver(config)#ip route 0.0.0.0 0.0.0.0 192.0.2.114
Weaver(config)#do wr
9tut is the best
In the above sim, is routing already enabled on the routers? In exam do we need to configure routing as well? In the question we are given multiple public address. So i think we should not use ‘overload’ (or PAT). We must configure dynamic NAT. Please suggest if this understanding is wrong.
@SB, no routing necessary since the networks are directly connected.
Please Please requesting the latest 200-120 dumps really need it folks please I am pleading please
jasoncarrorig@gmail.com
Hi, Pls send me the latest dump for CCNA 200-120
email id is noopyewei@gmail.com
Pass4sure Latest 316 Q&A CCNA 200-120 dumps in PDF available. I already purchased that, if you need email me. zain.cisco@hotmail.com
Alhumdullah. i ve cleared exam today 945/1000 ACL1, ACL2, (mod3) EIGRP 122 in exam AS 22 Dumps Watson, Matthew, examtut thanks to 9tut….
could you pl;z send me the exact labs in the exam ? is this lab in the exam
plz send me latest ccna 200-120 dums.
patilabhijeet877@gmail.com
plz send me latest ccna 200-120 dums.
patilabhijeet877@gmail.com
For everyone who’s ping is not working……the file (named NAT_sim_question) is mis-configured , use the other file (named NAT_sim_question_answered) it works,but take care about the different IPs
sorry guys , the problem that cause pinging to fail is that the NAT on interfaces is not applied……so just add NAT inside on int f0/0 and NAT outside on int S0/0 as shown.
It will work perfectly
the file is all good and configured correctly
hi..for the same scenario is it possible to configure dnat?
Is this lab still valid??
Weaver#sh run
Building configuration…
Current configuration : 944 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Weaver
!
!
!
enable password cisco
!
!
!
!
ip cef
no ipv6 cef
!
!
!
!
!
!
!
!
!
!
ip ssh version 1
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.100.30 255.255.255.240
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0
ip address 192.0.2.113 255.255.255.0
encapsulation frame-relay
ip nat outside
clock rate 2000000
!
ip nat pool mypool 198.18.32.65 198.18.32.70 netmask 255.255.255.248
ip nat inside source list 1 pool mypool overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.0.2.114
!
ip flow-export version 9
!
!
access-list 1 permit 192.168.100.16 0.0.0.15
access-list 1 permit 192.168.6.64 0.0.0.63
!
!
!
!
!
line con 0
password cisco
login
!
line aux 0
!
line vty 0 4
login
!
!
!
end
Still not pinging from that
Thats the config you gave in the lab but i still can’t ping from 192.168.100.17 – 192.0.2.114
Hi Guys i can see the confusion, the Ip address scheme which is listed above does not match the Ip addressing scheme on the router. Don’t use the address scheme 198.18.32.65 – 198.18.32.70.
Below is the config you’ll use in the exam. Please use the CCNA_NAT_SIM (Not Answered) for this lab and configure it with the IP addressing Scheme below, I THINK THIS IS WERE THE CONFUSION IS GUYS.
HOPE THIS STOPS THE CONFUSION
YOUR PINGS WILL BE SUCCESSFUL
Weaver#sh run
Building configuration…
Current configuration : 867 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Weaver
enable password cisco
ip cef
no ipv6 cef
ip ssh version 1
interface FastEthernet0/0
ip address 192.168.100.30 255.255.255.240
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0
ip address 192.0.2.113 255.255.255.0
encapsulation frame-relay
ip nat outside
clock rate 2000000
!
ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
ip nat inside source list 1 pool mypool overload
ip classless
!
ip flow-export version 9
!
!
access-list 1 permit 192.168.100.16 0.0.0.15
!
line con 0
password cisco
login
!
line aux 0
!
line vty 0 4
login
!
!
!
end
Plz send me the latest dump of ICND1
Mohamedf041@gmail.com
i really appreciate it
can some body help me how comes the subnet mask 0.0.0.15 in
access-list 10 permit 192.168.100.17 0.0.0.15
Guys the overload command is not necessary to use it here, am I right?
Ok guys, no need to answer me.. it has been already answered :) my bad.
how is this host address summarized with this command…
access-list 1 permit 192.168.6.64 0.0.0.63
iam confused regarding the wildcard mask covering all the hosts..
need latest dumps, someone kindly help. leshawn37@ymail.com
is this included in exam?
Hi,
Can somebody tell me please what is the password for ISP router? Cisco does not work.
I see that ping 192.0.2.114 form PC2 is used in order to test the result of the NAT config. However this ping works also before configuring the NAT so how valid is this test?
Also PC2 has IP 192.168.100.18 which is not in the range of addresses configured to be translated. Any clue?
Anny help will be appreciated.
My bad, I had the answered file.
Still I don’t understand why on the unsolved version ping from weaver router to 192.0.2.114 works ? Thanks !
I know how to do this through the router but Can someone tell me how to access the router’s CLI from the PC’s console! Will i lose marks if i don’t do it through the PC??
Can someone please guide me.