Network administrator configures

Network administrator configures

A network administrator wants to examine the active NAT translations on a border router. Which command would perform the task?

·         Router# show ip nat translations

Refer to curriculum topic: 9.3.1
The clear ip nat translations command clears all dynamic address translation entries from the NAT translation table. The debug ip nat command is used to verify the operation of NAT. The show ip nat statistics command displays information about the total number of active translations, NAT configuration parameters, the number of addresses in the pool, and the number that have been allocated. The show ip nat translations command displays the active NAT translations.

A network administrator configures the border router with the command R1(config)# ip nat inside source list 4 pool corp. Which ACL is required to be configured in order for this command to function?

·         an access list that is numbered 4 that defines the private addresses that are affected by NAT

Refer to curriculum topic: 9.2.2
In order for the ip nat inside source list 4 pool corp command to work, the following procedure needs to be used:

1. Create an access list that defines the private IP addresses affected by NAT.
2. Establish a NAT pool of starting and ending public IP addresses using the ip nat pool command.
3. Use the ip nat inside source list command to associate the access list with the NAT pool.
4. Apply NAT to internal and external interfaces by using the ip nat inside and ip nat outside commands.

Refer to the exhibit. Router R2 is configured with static NAT. Place in order the steps that occur when the client accesses the web server through the router. (Not all options are used.)

·         The client uses the inside global address of the web server as the destination address to send a packet to the web server.
2. R2 receives the packet on its outside interface, then checks and locates the destination address in its NAT table.
3. R2 replaces the inside global address with the inside local address of the web server and forwards the packet to the web server.
4. The web server uses the outside global address of the client as the destination address when responding.
5. R2 receives the packet from the web server. R2 checks the NAT table, then translates the source address of the web server into an inside global address and forwards the packet.

Refer to curriculum topic: 9.2.1
Static NAT translations are usually used when clients on the outside network (Internet) need to reach servers on the inside (internal) network. The process begins with the client trying to communicate with the web server by the use of the inside global address of the web server as the destination address. The router receives this on its outside interface, consults its NAT table, locates the destination address, and forwards the packet to the web server on the internal network via its inside local address. The web server response goes to the router, which replaces the web server inside local address with the global address (NAT table) and forwards the packet to the client on its external interface.

Typically, which network device would be used to perform NAT for a corporate environment?

·         router

Refer to curriculum topic: 9.1.1
Typically, the translation from private IP addresses to public IP addresses is performed on routers in corporate environments. In a home environment, this device might be an access point that has routing capability or the DSL or cable router.

Refer to the exhibit. The NAT configuration applied to the router is as follows:
ERtr(config)# access-list 1 permit 10.0.0.0 0.255.255.255
ERtr(config)# ip nat pool corp 209.165.201.6 209.165.201.30 netmask 255.255.255.224
ERtr(config)# ip nat inside source list 1 pool corp overload
ERtr(config)# ip nat inside source static 10.10.10.55 209.165.201.4
ERtr(config)# interface gigabitethernet 0/0
ERtr(config-if)# ip nat inside
ERtr(config-if)# interface serial 0/0/0
ERtr(config-if)# ip nat outside

Based on the configuration and the output shown, what can be determined about the NAT status within the organization?

·         Not enough information is given to determine if both static and dynamic NAT are working.

Refer to curriculum topic: 9.3.1
There is not enough information given because the router might not be attached to the network yet, the interfaces might not have IP addresses assigned yet, or the command could have been issued in the middle of the night. The output does match the given configuration, so no typographical errors were made when the NAT commands were entered.

Refer to the exhibit. Router R1 is configured for PAT. What is a possible reason that the addresses in the network are not translated?

·         Access-list 1 is misconfigured.

Refer to curriculum topic: 9.2.3
The wildcard mask in the access control entry does not allow traffic from both the 192.168.11.0/24 and the 192.168.12.0/24 networks. The correct configuration command is R1(config)# access-list 1 permit 192.168.0.0 0.0.255.255.

A company designs its network so that the PCs in the internal network are assigned IP addresses from DHCP servers, and the packets that are sent to the Internet are translated through a NAT-enabled router. What type of NAT enables the router to populate the translation table from a pool of unique public addresses, as the PCs send packets through the router to the Internet?

·         dynamic NAT

Refer to curriculum topic: 9.1.2
ARP is the address resolution protocol and is used to obtain the MAC address of the destination device. Static NAT is a one-to-one mapping between the local and global addresses of a device. PAT, otherwise known as NAT overload, maps multiple private IP addresses to a singular public address or group of addresses. Dynamic NAT uses a pool of public IP addresses and assigns them to requesting devices on a first-come, first-served basis. In the case of dynamic NAT, each device would have a unique public IP address from the pool of public IP addresses as the source IP address in the packets that they send.

What is the purpose of entering the command ip nat inside source static tcp 192.168.10.2 80 209.165.200.223 8080 at the global configuration prompt?

It binds the inside local address and local port to the specified inside global address and global port.

·        

Refer to curriculum topic: 9.2.4
The displayed command establishes static translation between an inside local address and local port and an inside global address and global port. In order to identify the inside NAT interface, the command Router(config-if)# ip nat inside would have to be entered on the respective interface.

What is correct in relation to NAT for IPv6?

It is a temporary mechanism to assist in the migration from IPv4 to IPv6.

·        

Refer to curriculum topic: 9.2.5
NAT for IPv6 is a temporary measure to aid in the move from IPv4 to IPv6. NAT64 is replacing NAT-PT. Dual stack is a method for running IPv4 and IPv6 on the same network.

Which statement accurately describes dynamic NAT?

·         It provides an automated mapping of inside local to inside global IP addresses.

Refer to curriculum topic: 9.2.2
Dynamic NAT provides a dynamic mapping of inside local to inside global IP addresses. NAT is merely the one-to-one mapping of one address to another address without taking into account whether the address is public or private. DHCP is automatic assignment of IP addresses to hosts. DNS is mapping host names to IP addresses.

Refer to the exhibit. Router R1 is configured with static NAT. Addressing on the router and the web server are correctly configured, but there is no connectivity between the web server and users on the Internet. What is a possible reason for this lack of connectivity?

·         The router NAT configuration has an incorrect inside local address.

Refer to curriculum topic: 9.2.1
The correct syntax would be R1(config)# ip nat inside source static 192.168.11.11 209.165.200.1. (The inside local address is 192.168.11 and the inside global address is 209.165.200.1.)