Differences

This shows you the differences between two versions of the page.

--- icnd1:nat [2024/03/14 07:48]
114.119.138.183 old revision restored (2023/10/07 05:53)
+++ icnd1:nat [2024/06/02 15:50] (current)
18.221.86.245 old revision restored (2024/03/14 07:59)
@@ Line 15: / Line 15: @@
 deny   any
 </code>
+Then configure NAT to match against entries in the NAT list configured above. Specify ''**OVERLOAD**'' to enable PAT.
 <code>
 ip nat inside source list MY_LIST int fa0/0 OVERLOAD
 </code>
+===== Verify NAT =====
+<code>
+R1#sh ip nat statistics
+Total active translations: 0 (0 static, 0 dynamic; 0 extended)
+Outside interfaces:
+  FastEthernet0/0, Serial0/0
+Inside interfaces:
+  FastEthernet0/1, Loopback0
+Hits: 16  Misses: 2
+CEF Translated packets: 18, CEF Punted packets: 0
+Expired translations: 2
+Dynamic mappings:
+-- Inside Source
+[Id: 2] access-list NAT interface FastEthernet0/0 refcount 0
+Appl doors: 0
+Normal doors: 0
+Queued Packets: 0
+R1#sh ip nat translations
+Pro Inside global      Inside local       Outside local      Outside global
+icmp 2.2.2.1:1         10.1.1.1:1         2.2.2.2:1          2.2.2.2:1
+icmp 2.2.2.1:11        10.1.1.3:11        2.2.2.2:11         2.2.2.2:11
+</code>
+==== Clear NAT Translations ====
+Useful with dynamic NAT in the event you run out of dynamic addresses to translate to. Clearing translations will free up slots if the clearout timer isn't quick enough.
+<code>
+R1#clear ip nat translation *
+</code>
+===== Chapter Questions =====
+==== One ====
+**Examine the following show command output on a router configured for dynamic NAT:**
+<code>
+-- Inside Source
+access-list 1 pool fred refcount 2288
+ pool fred: netmask 255.255.255.240
+    start 200.1.1.1 end 200.1.1.7
+    type generic, total addresses 7, allocated 7 (100%), misses 965
+Users are complaining about not being able to reach the Internet. Which of the following is the most likely cause?
+</code>
+''**The NAT pool does not have enough entries to satisfy all requests.**''
+The problem is not related to NAT, based on the information in the command output.
+The command output does not supply enough information to identify the problem.
+Standard ACL 1 cannot be used; an extended ACL must be used.
+You answered this question correctly. ×
+**Explanation:**
+The last line mentions that the pool has seven addresses, with all seven allocated, with the misses counter close to 1000 - meaning that close to 1000 new flows were rejected because of insufficient space in the NAT pool.
+==== Two ====
+**Which of the following summarized subnets represent routes that could have been created for CIDR’s goal to reduce the size of Internet routing tables?**
+  * 200.1.1.0 255.255.255.0
+  * ''**200.1.0.0 255.255.0.0**''
+  * 10.1.0.0 255.255.0.0
+  * 10.0.0.0 255.255.255.0
+You answered this question correctly. ×
+**Explanation:**
+CIDR’s original intent was to allow the summarization of multiple Class A, B, and C networks to reduce the size of Internet routing tables. Of the answers, only 200.1.0.0 255.255.0.0 summarizes multiple networks.
+==== Three ====
+**With static NAT, performing translation for inside addresses only, what causes NAT table entries to be created?**
+  * ''**Configuration using the ip nat inside source command**''
+  * The first packet from the inside network to the outside network
+  * Configuration using the ip nat outside source command
+  * The first packet from the outside network to the inside network
+You answered this question correctly. ×
+**Explanation:
+**With static NAT, the entries are statically configured. Because the question mentions translation for inside addresses, the inside keyword is needed in the command.

Abrer_Wiki

User Tools

Site Tools

Differences

Page Tools