This is an example of what type of NAT?
A.Static NAT
B.Dynamic NAT
C.Dynamic NAT with overload
D.Port Address Translation
E.None of the above
Answer: B Explanation:
The configuration statement in this example is used to define a pool of IP addresses to be used for dynamic NAT translations.
Incorrect Answers:
A. Static NAT is used for 1 to 1 translation entries, using the "static" configuration keyword. In this example a range of addresses are being defined for the use in a pool. C, D. With NAT overload, also known as Port Address Translation (PAT), the keyword "overload" is added at the end of the configuration statement.
QUESTION NO: 4
The TestKing network is displayed below:
Leading the way in IT testing and certification tools, www.testking.com
TestKing.com wants to use NAT in network displayed in the exhibit.
Which commands will apply the NAT configuration to the proper interfaces? Select two.
A.TestKing1(config)# interface serial0/1 TestKing1(config-if)# ip nat inside
B.TestKing1(config)# interface serial0/1 TestKing1(config-if)# ip nat outside
C.TestKing1(config)# interface fastethernet0/0 TestKing1(config-if)# ip nat inside
D.TestKing1(config)# interface fastethernet0/0 TestKing1(config-if)# ip nat outside
E.TestKing1(config)# interface serial0/1
TestKing1(config-if)# ip nat outside source pool 200.2.2.18 255.255.255.252
F. TestKing1(config)# interface serial0/1
TestKing1(config-if)# ip nat inside source 10.10.0.0 255.255.255.0
Answer: B, C
Explanation:
After creating the static NAT entries, the router needs to know which interfaces are "inside" and which are "outside." The ip nat inside and ip nat outside interface sub-commands identify each interface appropriately.
Reference: Cisco CCNA ICND, p.271
QUESTION NO: 5
Refer to the topology and partial configuration output shown in the graphic below:
Leading the way in IT testing and certification tools, www.testking.com
The ip subnet-zero configuration command is also in effect on router TK1. After this router performs network address translation, which address is a valid "inside global address"?
A.10.10.0.1
B.10.10.0.17
C.200.2.2.17
D.200.2.2.18
E.199.99.9.33
F.199.99.9.47
Answer: F Explanation:
Regarding NAT operation, Cisco defines these terms as follows:
1. Inside local address - The IP address assigned to a host on the inside network. This is the address configured as a parameter of the computer's OS or received via dynamic address allocation protocols such as DHCP. The address is likely not a legitimate IP address assigned by the Network Information Center (NIC) or service provider.
2.
Leading the way in IT testing and certification tools, www.testking.com
Inside global address - A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP addresses to the outside world. In this case, the NAT pool is used to distribute the Inside Global IP addresses.
3.Outside local address - The IP address of an outside host as it appears to the inside network. Not necessarily a legitimate address, it is allocated from an address space routable on the inside.
4.Outside global address - The IP address assigned to a host on the outside network by the host's owner. The address is allocated from a globally routable address or network
space.
Reference: http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094837.shtml
QUESTION NO: 6 SIMULATION
Network topology exhibit:
You work as a network technician at TestKing.com. Study the exhibit carefully. You are required to perform configurations to enable internet access. The TestKing ISP has given you six public IP addresses in the 198.18.184.105 198.18.184.110/29 range. TestKing.com has 14 clients that needs to have simultaneous internet access. These local hosts use private IP addresses in the 192.168.100.17 - 192.168.100.30/28 range.
Leading the way in IT testing and certification tools, www.testking.com
You need to configure Router TestKing1 using the TestKingA console.
You have already made basic router configuration. You have also configured the appropriate NAT interfaces; NAT inside and NAT outside respectively.
Now you are required to finish the configuration of TestKing1.
Answer:
Explanation: Pending. Send your suggestion to feedback@testking.com
Section 8: Troubleshoot NAT issues (9 questions)
QUESTION NO: 1
You need to review the NAT configuration of a TestKing router. What is the function of the Cisco IOS command "ip nat inside source static 10.99.199.9 172.137.16.9" that us being used in this router?
A.It creates a global address pool for all outside NAT transactions
B.It creates dynamic source translations for all inside local PAT transactions
C.It establishes a dynamic address pool for an inside static address
D.It creates a one-to-one mapping between an inside local address and an inside global address
E.It maps one inside source address to a range of outside global addresses
F.None of the above
Answer: D
QUESTION NO: 2
The TestKing WAN is depicted below:
Leading the way in IT testing and certification tools, www.testking.com
As a network technician at TestKing.com you would like to implement NAT in the network shown in the exhibit. You would like to allow inside hosts to use a private addressing scheme. Where should NAT be configured?
A.TestKing1 router
B.TestKing2 router
C.TestKing3 router
D.All routers
E.All routers and switches
F.None of the above
Answer: A Explanation:
NAT should always be configured on the border device. It can be a either a border router or a PIX firewall connecting to the Internet.
Leading the way in IT testing and certification tools, www.testking.com
QUESTION NO: 3
The administrator of the TestKing network needs to ensure that a web server in their network is accessible from the Internet. Since the network uses private addressing, this requires an IP-to-registered-address mapping. The following command is entered on the router:
TestKing1(config)# ip nat inside source static 192.168.2.1 198.18.1.254
After unsuccessful results from a ping to the Internet, the administrator issues the show ip nat translations command and the output is blank. What could be the problem with the NAT configuration for this mapping?
A.The keyword overload is missing from the command.
B.The administrator needs to define a NAT pool first.
C.An access list must be defined to create static NAT translations.
D.The interfaces need to be configured for NAT.
Answer: D Explanation:
After configuring the static NAT administrator should configure the NAT on interface in order to define which interfaces are on the outside and which are on the inside: Example:
interface s0
ip nat outside àBecause s0 interface is connected to ISP interface e0
ip nat inside à Because e0 interface is connected to Local LAN.
Incorrect Answers:
A, B, C: These are all tasks that need to be configured when performing many to one NAT, also known as Port Address Translation (PAT). In this example, we are specifying a static 1-1 NAT entry.
QUESTION NO: 4
Part of the TestKing network is shown below:
Leading the way in IT testing and certification tools, www.testking.com
Refer to the topology and router configuration shown in the graphic above. A host on the TestKing LAN is accessing an FTP server across the Internet. Which of the following addresses could appear as a source address for the packets forwarded by the router to the destination server?
A.10.10.0.1
B.10.10.0.2
C.199.99.9.3
D.199.99.9.57
E.200.2.2.17
F.200.2.2.18
G.None of the above
Answer: D Explanation:
Using NAT we can translate the Source or Destination Address. In our example all source address from the 10.10.00 0.0.0.255 network will be translated to an IP address form the 199.99.9.40-62 pool, making only choice D correct.
Leading the way in IT testing and certification tools, www.testking.com
QUESTION NO: 5
Part of the configuration of a TestKing router is shown below:
The TestKing network administrator has configured NAT as shown above. Clients still cannot access the Internet. What should the network administrator do to resolve this problem?
A.Configure an IP NAT address pool.
B.Properly configure the ACL.
C.Apply the "ip nat" command to the S0 interface.
D.Configure the "ip nat inside" and "ip nat outside" commands on the appropriate interfaces.
Leading the way in IT testing and certification tools, www.testking.com
E. None of the above
Answer: D Explanation:
The "ip nat inside" and "ip nat outside" commands must be used from interface configuration mode to tell the router which interface is performing which role in the NAT process. The following commands show how to configure our example router:
TK1(config)#interface ethernet0TK1(config-if)#ip nat insideTK1(config-if)#exitTK1(config)#interface serial0TK1(config-if)#ip nat outsideTK1(config-if)#exitTK1(config)#
QUESTION NO: 6
The TestKing WAN is shown in the diagram below:
Leading the way in IT testing and certification tools, www.testking.com
