1/2/2011

Type text to search here...

Ads by Google CCNA Practice Exam

CCNA Training CCNA NAT SIM Quest

Cisco CCNA 640 802 Exam Cisco CCNA Voice CCNA

Home > CCNA NAT SIM Question 1

CCNA NAT SIM Question 1

October 18th, 2010 Go to comments Question A network associate is configuring a router for the CCNA Training company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the CCNA Training company LAN have been assigned private space addresses in the range of 192.168.100.17 192.168.100.30. The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide Internet access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host provided for testing. Configuration information router name Weaver inside global addresses 198.18.184.105 198.18.184.110/29 inside local addresses 192.168.100.17 192.168.100.30/28 number of inside hosts 14
The following have already been configured on the router - The basic router configuration - The appropriate interfaces have been configured for NAT inside and NAT outside - The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required.) - All passwords have been temporarily set to cisco

9tut.com/52-ccna-nat-sim-question

1/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

Solution:
Cisco Biz TelePresence Maximize your ROI return with Cisco video conference. Free Demo Here! Cisco.com/Cisco_T I passed the CCIE R&S Lab on my first attempt! Steve Clarkin - CCIE #25821 www.INE.com/CCIE Pass ACCA Exams 1st Time Career Service, LSBF ACCA Tutors Team+ Fully funded MBA/MSc Degree www.CA-MB

The CCNA Training company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from 198.18.184.105 to 198.18.184.110/29. Therefore we have to use NAT overload (or PAT) Double click on the Weaver router to open it Router>enable Router#configure terminal First you should change the routers name to Weaver Router(config)#hostname Weaver Create a NAT pool of global addresses to be allocated with their netmask (/29 = 255.255.255.248). There were reports that the simulator in the real exam did not accept prefix-length keryword so you should use netmask keyword. Weaver(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248 Create a standard access control list that permits the addresses that are to be translated Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15 Establish dynamic source translation, specifying the access list that was defined in the prior step Weaver(config)#ip nat inside source list 1 pool mypool overload This command translates all source addresses that pass access list 1, which means a source address from 192.168.100.17 to 192.168.100.30, into an address from the pool named mypool (the pool contains addresses from 198.18.184.105 to 198.18.184.110)
9tut.com/52-ccna-nat-sim-question 2/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements. This is how to configure the NAT inside and NAT outside, just for your understanding: Weaver(config)#interface fa0/0 Weaver(config-if)#ip nat inside Weaver(config-if)#exit Weaver(config)#interface s0/0 Weaver(config-if)#ip nat outside Weaver(config-if)#end Finally, we should save all your work with the following command: Weaver#copy running-config startup-config Check your configuration by going to Host for testing and type: C:\>ping 192.0.2.114 The ping should work well and you will be replied from 192.0.2.114
CCNA / CCNP Boot Camps in Kerala, the God's Own Country Best lab facilities, Best faculty www.ipsr.org Adobe Premiere Pro CS4 $ 750 for 4 Days Includes Official Course, Exam, Hotel, Meals & more www.Koenig-Solutions CISSP Exam Training Professional training by an expert and author of a popular CISSP book www.ChennaiNet.in/Trainin

Other lab-sims on this site: CCNA NAT SIM Question 1 CCNA NAT SIM Question 2 CCNA Frame Relay Sim CCNA Configuration SIM Question (RIPv2 SIM) CCNA VTP SIM CCNA EIGRP LAB CCNA Drag and Drop SIM CCNA Implementation SIM

Comments
9tut.com/52-ccna-nat-sim-question 3/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

1. Abhishek Bhardwaj December 7th, 2010 After establishing the access list dont u think we should write Access-list 1 deny any command and one more thing if i configure the interfaces Fa0/0 with nat inside and S0/0 with nat outsde command before configuring Access list and nat pool in that case will my configuration work???? Plz help if possible.. 2. 9tut December 7th, 2010 Please remember that there is an implicit deny any at the end of each access list- this means that your access list will deny all traffic that fails to match any of your access list lines. So you dont need to write access-list 1 deny any You can configure the interfaces Fa0/0 and S0/0 before configuring access list and nat pool. It will work well! In fact, you dont need to configure interfaces Fa0/0 and S0/0 because our question said: the appropriate interfaces have been configured for NAT inside and NAT outside 3. Azeem javed December 7th, 2010 i am confused plz help mee If i changed the command Weaver(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248 Changed below Weaver(config)#ip nat pool mypool 198.18.184.105 198.18.184.105 netmask 255.255.255.248 Tell me it works or not and why 4. 9tut December 7th, 2010 It still works well because we used overload keyword (PAT). All your outgoing packages will have a source ip address of 198.18.184.105 but with different port numbers. But you should do what the question requested 5. StrangerInMoscow December 7th, 2010 is it ok to use the prefix-length 29 option with the ip nat pool command instead of the netmask option thanks 6. 9tut December 7th, 2010 Yes, you can use prefix-length 29 instead of netmask 255.255.255.248 7. moro December 7th, 2010
9tut.com/52-ccna-nat-sim-question 4/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

im going to test on 29 & i cant understand why we write Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15 NOT Weaver(config)#access-list 1 permit 192.168.100.17 0.0.0.15 bec. the question is telling me that the inside local addresses 192.168.100.17 ???? 8. Blaze December 7th, 2010 you cant write Weaver(config)#access-list 1 permit 192.168.100.17 0.0.0.15 you have to write the network number in the access-list configuration 192.168.100.17s network address is 192.168.100.16 9. smiley December 7th, 2010 i think we shoud add : access-list 1 deny 192.168.100.31 0.0.0.0 because access-list 1 permit 192.168.100.16 0.0.0.0 includes the address 192.168.100.31 but the question requests only the address from 192.168.100.17 to 192.168.100.30 is it right??? 10. 9tut December 7th, 2010 No, we dont need to add an access list of 192.168.100.31 because it is the broadcast address of this subnetwork 11. Allen December 7th, 2010 Shouldnt you add a copy running-config startup-config after the: Weaver(config)#ip nat inside source list 1 pool mypool overload as, no further configuration is needed? 12. 9tut December 7th, 2010 We just need to use only one copy running-config startup-config command at the end of the process 13. toni December 7th, 2010 Hi 9tut, on p4s Q397 as Hamid mention above it was on exam but there is no answer, the question is: which subnet mask it will be appropriate for a network address range to be subneted on up to 8 lans, with each lans
9tut.com/52-ccna-nat-sim-question 5/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

contaning 5 to 26 hosts a: 0.0.0.244 b:255.255.255.252 c: 255.255.255.224 what i have worked out is answer C can you please give me a scond advice? many thanks for all you great support on this side. thanks toni 14. 9tut December 7th, 2010 @toni: This question is not clear. But if we have to choose an answer, C is the best one! 15. braham December 7th, 2010 can you apply access-list and then apply nat ,,, or both wat are ok ,,, or apply nat pool then acl..thanks 16. 9tut December 7th, 2010 You can do either first! 17. Asad December 7th, 2010 hi 9tut, Overload command should not be used here as it is reserved for PAT only that use to assign multiple ip addresses into single ip. as here is being asked to use the pool , so we can just place the range of the pool as being told in the question. like: ip nat inside source list 1 pool mypool i guess it is enough to cover the whole question. what you say? please answer as soon as possible as i have exams in coming days. thanks 18. braham December 7th, 2010 and for your question ,,, as far as i know ,,, just in case the pool got busier ,or cant handle the traffic ,as the pool have 5 addresses ,, overload option will be efficient to set ,, just trying to help ,,
9tut.com/52-ccna-nat-sim-question 6/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

19. 9tut December 7th, 2010 Yes, we surely have to use Overload keyword because we have only 6 IP addresses for 30 hosts 20. chra December 7th, 2010 hey 9tut, I think madhav is correct. access-list 1 permit 192.168.100.17 0.0.0.15 21. 9tut December 7th, 2010 No, 192.168.100.16 is the network address, not 192.168.100.17 22. SupHack December 7th, 2010 Please I have my exam tomorrow and im very confuse by this problem. Are we obliged in the real exam to type : Weaver#, weaver(config), Weaver(config-if) as in the example that follow? ************************************************ e.g: Weaver(config)#interface fa0/0 Weaver(config-if)#ip nat inside Weaver(config-if)#exit Weaver(config)#interface s0/0 Weaver(config-if)#ip nat outside Weaver(config-if)#end ************************************************ or we can only type the command like this: e-g: interface fa0/0 ip nat inside exit interface s0/0 ip nat outside end *************************************************** Let me know if it can work in the real labs 23. 9tut December 7th, 2010
9tut.com/52-ccna-nat-sim-question 7/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

Just type as your second part 24. yeliz December 7th, 2010 Weaver(config)#ip nat inside source list 1 pool mypool overload we have a nat pool ,we are doing dynamic nat so we dont need overload,do we? think we need overload in nat overload/pat f we use nat overload/pat the command line will be like this: Weaver(config)#ip nat inside source list 1 interface s 0/0 plese help me someone 25. cris December 7th, 2010 to yeliz: First if you dont use overload can not be more than 6 users contacted to internet in the same time. The 7th one should wait until one connection is off. Overload means that you can use port number combined with ip address wich allows more connections to internet in the same time. Without overload is a one to one connection ( one inside connection to one global address) About using s0/0 means that your inside global address will be only one ip which is the interface ip. The interface ip can be a diff. address than the addresses from pool. To get more connections to internet you should use overload too : #ip nat inside source list 1 interface s0/0 overload 26. yeliz December 7th, 2010 thanks to cris. I see, but I want to ask some more Can I use Weaver(config)##ip nat inside source list 1 interface s0/0 overload is t true for this question? Or should I create nat pool and use this: Weaver(config)#ip nat inside source list 1 pool mypool overload 27. 9tut December 7th, 2010 You have to use Weaver(config)#ip nat inside source list 1 pool mypool overload, in which mypool is the pool you created in previous step (ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248) 28. PaoL0 December 7th, 2010 can we use the ? in the CLI in the real exam? i sometimes forget the exact structure of the codes for NAT. is okay to use it? are there any deductions when you use the ? ? thanks in advance
9tut.com/52-ccna-nat-sim-question 8/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

29. 9tut December 7th, 2010 @PaoL0: Yes, you can. But may be you will lose some points for it, so try to remember the commands. Good luck in your exam! 30. PaoL0 December 7th, 2010 i have a question here. when you created the acess-list 1 why did you use this code? Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15 i noticed that you used 192.168.100.16 where as in the example the starting ip address of the host is 192.168.100.17? and why is the wildcard bits used here is 0.0.0.15? my understanding on that is 16+15 (16 taken from the .16 of the first host) which will tell the router to permit ips starting from .16 upto .31? am i getting it right?? 31. 9tut December 7th, 2010 We have to use network address in the access-list command, although the first host is 192.168.100.17 but its network address is 192.168.100.16. You can quickly figure out what the wildcard is by reversing the bits from the subnet mask. In this case the subnet mask is /28, its last octet is 1111 0000 so we reverse it into 0000 1111 = 15 32. ticonguyen December 8th, 2010 the easy way to find the reason for 0.0.0.15: You can use: 255.255.255.255 subnetmask example: 255.255.255.255 255.255.255.240 0 . 0. 0. 15 Am I right? :D 33. rayan December 12th, 2010 hi, in nat sim, will tab work? it very hard to remember . ..
9tut.com/52-ccna-nat-sim-question 9/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

34. UthmanHassan December 13th, 2010 @ ryan hi, in nat sim, will tab work? it very hard to remember . .. Two of my batchmates took the exam 2 weeks ago. They say in some questions IOS help, the ? thing and the tab work and in some places they are unavailable. So you would need to remember these commands. They are not very hard to learn. Try this way: To define a pool of inside global ip addresses try to say again and again: Router(config)#ip nat pool prefix-length OR Router(config)#ip nat pool netmask It will ALWAYS be a SIMPLE STANDARD access-list to allow inside local addresses for NAT and you know Standard ACL statement is simple enough: Router(config)#access-list permit The final statement for enabling the PAT using above pool and ACL: Router(config)#ip nat inside source list pool overload In English it becomes: ip nat: I would like to nat inside: from the inside of my network source list 1: for the address permitted in source list 1 pool mypool: to the addresses defined in the pool named mypool overload: and also overload Router(config)# I would like to nat, from the INSIDE of my network, for the address permitted in SOURCE LIST 1, to the adress defined in POOL named mypool, and OVERLOAD as well I myself had problems in remmebering this final nat command until I saw Jeremy Cioara describing the commmand in English like I mentioned above. I really like the way and used to apply command that way. Now I dont even need the English translation. Hope that helps. 35. UthmanHassan December 13th, 2010 HEY HEY HEY READ MY POST NOW. The text editor removed all my greater than and less than symbols and the stuff between them. Replacing them with parentheses now Two of my batch mates took the exam 2 weeks ago. They say in some questions IOS help the ? thing and the tab works and in some places they are unavailable. So you would need to remember these commands. They are
9tut.com/52-ccna-nat-sim-question 10/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

not very hard to learn. Try this way: To define a pool of inside global ip addresses try to say again and again: Router(config)#ip nat pool (pool_name) (pool address range) prefix-length (number) OR Router(config)#ip nat pool (pool_name) (pool address range) netmask (subnet mask) It will always be a SIMPLE access-list to allow inside local address and you know Standard ACL statement is simple enought: Router(config)#access-list (1-99) permit (network address) (wildcard mask) The final statement for enabling the PAT using above pool and ACL: Router(config)#ip nat inside source list (ACL list number) pool (pool_name) overload In English it becomes: ip nat: I would like to nat inside: from the inside of my network source list 1: for the address permitted in access-list 1 pool mypool: to the address defined in in the pool named mypool overload: and also overload Router(config)# I would like to nat, from the inside of my network, for the address permitted in ACL 1, to the adress defined in pool named mypool, and overload as well I myself had problems in remmebering this final nat command until I saw Jeremy Cioara describing the commmand in English like I mentioned above. I really like the way and used to apply command that way. Now I dont even need the English translation. Hope that helps. 36. UthmanHassan December 13th, 2010 and if you dont have a pool of public address (a pool of inside global address) but instead have only 1 public IP, it would be configured on the edge serial interface say s0/0. In that case you dont even need to define a pool. After issuing ip nat outside command under s0/0 interface, go to global config prompt and type: Router(config)# I would like to NAT, from the INSIDE of my network, for the address permitted in SOURCE LIST , to the address specified on INTERFACE , and OVERLOAD Router(config)#ip nat inside source list private_pool_1 interface serial 0/0 overload 37. UthmanHassan December 13th, 2010 O MY GOD Sorry sorry. Admins would be frowning over my multiple posts for same thing but it again removed my less than greater than symbols! After issuing ip nat outside command under s0/0 interface, go to global config prompt and type: Router(config)# I would like to NAT, from the INSIDE of my network, for the address permitted in SOURCE LIST (1-99 or name of ACL), to the address specified on INTERFACE (interface type) (interface number), and OVERLOAD
9tut.com/52-ccna-nat-sim-question 11/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

Router(config)#ip nat inside source list private_pool_1 interface serial 0/0 overload Sorry 9tut. Will now remember that angled-brackets dont work :-) 38. rayan December 13th, 2010 thanks uthman, i have exam in coming Thursday.. if u have latest dump plz do post on my mail id i.e rayan.equinox@gmail.com. thanks a lot.. 39. Anonymous December 14th, 2010 hello rayan ,if u get any dump plz forward to me plz my email id is nayeem_707@yahoo.co.in or nayeem414@gmail.com plz send to me thanx 40. rayan December 14th, 2010 hi nayeem, posted mail.. rayan young. 41. Peter Cole December 14th, 2010 Hey 9TutJust wanted to say thanks for the great website.. 42. Rob December 15th, 2010 hi all, got my exam tomorow every one says that in the exam it will be only sims vtp, eigrp and ACL 2. so is there a chance this could be in the exam instead of one of the other sims??? Kind regards 43. chani December 18th, 2010 i have exam in coming wedplss suggest me some last moment tips and topics to prepare before the exam.. 44. chani December 18th, 2010 i have exam in coming wedplss suggest me some last moment tips and topics to prepare before the exam..plss help me out 45. samehesk December 19th, 2010 did any one try this sim on packet tracer? i tried it and i cant ping , i dont know why. 46. samehesk
9tut.com/52-ccna-nat-sim-question 12/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

December 19th, 2010 i found my mistake, i didnt add the static routes sorry 47. darkhorse December 19th, 2010 @Samehesk I am trying this with Packet tracer, added static routes as follows: Weaver: ip route 0.0.0.0 0.0.0.0 Serial0/0/0 ISP: ip route 198.18.184.0 255.255.255.248 Serial0/0/0 My pings dont work, no route back from ISP to Weaver :-( Any pointers? thanks 48. samehesk December 20th, 2010 @darkhorse just make a static default route on isp to serial s0/1 e.g ip route 0.0.0.0 0.0.0.0 s0/1 49. Rami January 1st, 2011 Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15 WHAT WILL HAPPEN IF I WRITE: Weaver(config)#access-list 1 permit any ANY PROBLEM? IF I FORGOT TO CHANGE THE HOST NAME, WILL I LOOSE ALL THE MARK? 1. No trackbacks yet. Add a Comment Name Website (not required)

Submit Comment

Subscribe to comments feed CCNA Configuration SIM Question 9tut.net for ICND 1 & ICND 2 has been launched!
9tut.com/52-ccna-nat-sim-question 13/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

CCNA 640-802
CCNA Lab Sim CCNA Access List Questions CCNA WAN CCNA OSPF Questions CCNA EIGRP Questions DHCP Group of Four Questions CCNA Drag and Drop 1 CCNA Drag and Drop 2 CCNA Drag and Drop 3 CCNA Drag and Drop 4 CCNA Hotspot CCNA IPv6 Questions CCNA Subnetting CCNA Operations 1 CCNA Operations 2 CCNA Operations 3 CCNA Troubleshooting 1 CCNA Troubleshooting 2 Share your CCNA Experience

CCNA Self-Study
Practice CCNA GNS3 Labs CCNA Knowledge

Network Resources
CCNA FAQs & Tips Free Router Simulators ICND1/ICND2 Website CCNP - ROUTE Website CCNP - SWITCH Website CCNP - TSHOOT Website CCNA Voice Website CCNA Security Website CCDA Website
9tut.com/52-ccna-nat-sim-question 14/15

1/2/2011

CCNA Training CCNA NAT SIM Quest

CCIE Written Website Support 9tut

Your contribution will help keep this site updated!

Ads by Google Get CCNA Certified CCNA Video Training Cisco IP Nat Outside CCNA ICND 1

Top Copyright 2010 CCNA Training Privacy Policy. Valid XHTML 1.1 and CSS 3.

9tut.com/52-ccna-nat-sim-question

15/15