RSE CCNA 2 Chapter 9 Quiz Answers 2018 2019
A network administrator wants to examine the active NAT translations on a border router. Which command would perform the task?
- Router# show ip nat translations
- Router# show ip nat statistics
- Router# clear ip nat translations
- Router# debug ip nat translations
The clear ip nat translations command clears all dynamic address translation entries from the NAT translation table. The debug ip nat command is used to verify the operation of NAT. The show ip nat statistics command displays information about the total number of active translations, NAT configuration parameters, the number of addresses in the pool, and the number that have been allocated. The show ip nat translations command displays the active NAT translations.
A company designs its network so that the PCs in the internal network are assigned IP addresses from DHCP servers, and the packets that are sent to the Internet are translated through a NAT-enabled router. What type of NAT enables the router to populate the translation table from a pool of unique public addresses, as the PCs send packets through the router to the Internet?
- static NAT
- dynamic NAT
ARP is the address resolution protocol and is used to obtain the MAC address of the destination device. Static NAT is a one-to-one mapping between the local and global addresses of a device. PAT, otherwise known as NAT overload, maps multiple private IP addresses to a singular public address or group of addresses. Dynamic NAT uses a pool of public IP addresses and assigns them to requesting devices on a first-come, first-served basis. In the case of dynamic NAT, each device would have a unique public IP address from the pool of public IP addresses as the source IP address in the packets that they send.
What is the purpose of entering the command ip nat inside source static tcp 192.168.10.2 80 220.127.116.11 8080 at the global configuration prompt?
- It identifies the inside NAT interface on the router.
- It prevents the router from establishing a connection with any device that does not have the specified address and port number.
- It binds the inside local address and local port to the specified inside global address and global port.
- It enables a one to one translation between different internal port numbers.
The displayed command establishes static translation between an inside local address and local port and an inside global address and global port. In order to identify the inside NAT interface, the command Router(config-if)# ip nat inside would have to be entered on the respective interface.
Which statement accurately describes dynamic NAT?
- It always maps a private IP address to a public IP address.
- It provides an automated mapping of inside local to inside global IP addresses.
- It provides a mapping of internal host names to IP addresses.
- It dynamically provides IP addressing to internal hosts.
Dynamic NAT provides a dynamic mapping of inside local to inside global IP addresses. NAT is merely the one-to-one mapping of one address to another address without taking into account whether the address is public or private. DHCP is automatic assignment of IP addresses to hosts. DNS is mapping host names to IP addresses.
Refer to the exhibit. Router R2 is configured with static NAT. Place in order the steps that occur when the client accesses the web server through the router. (Not all options are used.)
- Step 1 —> The client uses the inside global address of the web server as the destination address to send a packet to the web server.
- Step 2 —> R2 receives the packet on its outside interface, then checks and locates the destination address in its NAT table.
- Step 3 —> R2 replaces the inside global address with the inside local address of the web server and forwards the packet to the web server.
- Step 4 —> The web server uses the outside global address of the client as the destination address when responding.
- Step 5 —> R2 receives the packet from the web server. R2 checks the NAT table, then translates the source address of the web server into an inside global address and forwards the packet.
Static NAT translations are usually used when clients on the outside network (Internet) need to reach servers on the inside (internal) network. The process begins with the client trying to communicate with the web server by the use of the inside global address of the web server as the destination address. The router receives this on its outside interface, consults its NAT table, locates the destination address, and forwards the packet to the web server on the internal network via its inside local address. The web server response goes to the router, which replaces the web server inside local address with the global address (NAT table) and forwards the packet to the client on its external interface.
Refer to the exhibit. Router R1 is configured with static NAT. Addressing on the router and the web server are correctly configured, but there is no connectivity between the web server and users on the Internet. What is a possible reason for this lack of connectivity?
- Interface Fa0/0 should be configured with the command ip nat outside.
- The NAT configuration on interface S0/0/1 is incorrect.
- The inside global address is incorrect.
- The router NAT configuration has an incorrect inside local address.
The correct syntax would be R1(config)# ip nat inside source static 192.168.11.11 18.104.22.168. (The inside local address is 192.168.11 and the inside global address is 22.214.171.124.)
Typically, which network device would be used to perform NAT for a corporate environment?
- DHCP server
- host device
Typically, the translation from private IP addresses to public IP addresses is performed on routers in corporate environments. In a home environment, this device might be an access point that has routing capability or the DSL or cable router.
Refer to the exhibit. Router R1 is configured for PAT. What is a possible reason that the addresses in the network are not translated?
- Access-list 1 is misconfigured.
- NAT-POOL2 has not been bound to the ACL.
- Interface Fa0/1 should be identified as the outside NAT interface.
- Interface S0/0/0 should be identified as the inside NAT interface.
The wildcard mask in the access control entry does not allow traffic from both the 192.168.11.0/24 and the 192.168.12.0/24 networks. The correct configuration command is R1(config)# access-list 1 permit 192.168.0.0 0.0.255.255.
A network administrator configures the border router with the command R1(config)# ip nat inside source list 4 pool corp. Which ACL is required to be configured in order for this command to function?
- an access list named corp that defines the starting and ending public IP addresses
- an access list named corp that defines the private addresses that are affected by NAT
- an access list that is numbered 4 that defines the starting and ending public IP addresses
- an access list that is numbered 4 that defines the private addresses that are affected by NAT
In order for the ip nat inside source list 4 pool corp command to work, the following procedure needs to be used:
- Create an access list that defines the private IP addresses affected by NAT.
- Establish a NAT pool of starting and ending public IP addresses using the ip nat pool command.
- Use the ip nat inside source list command to associate the access list with the NAT pool.
- Apply NAT to internal and external interfaces by using the ip nat inside and ip nat outside commands.
Refer to the exhibit. The NAT configuration applied to the router is as follows:
ERtr(config)# access-list 1 permit 10.0.0.0 0.255.255.255
ERtr(config)# ip nat pool corp 126.96.36.199 188.8.131.52 netmask 255.255.255.224
ERtr(config)# ip nat inside source list 1 pool corp overload
ERtr(config)# ip nat inside source static 10.10.10.55 184.108.40.206
ERtr(config)# interface gigabitethernet 0/0
ERtr(config-if)# ip nat inside
ERtr(config-if)# interface serial 0/0/0
ERtr(config-if)# ip nat outside
Based on the configuration and the output shown, what can be determined about the NAT status within the organization?
- NAT is working.
- Static NAT is working, but dynamic NAT is not.
- Dynamic NAT is working, but static NAT is not.
- Not enough information is given to determine if both static and dynamic NAT are working.
There is not enough information given because the router might not be attached to the network yet, the interfaces might not have IP addresses assigned yet, or the command could have been issued in the middle of the night. The output does match the given configuration, so no typographical errors were made when the NAT commands were entered.
What is correct in relation to NAT for IPv6?
- It is used to convert private IPv6 addresses to public IPv6 addresses.
- It is a temporary mechanism to assist in the migration from IPv4 to IPv6.
- NAT64 has been deprecated by IETF in favor of NAT-PT.
- Dual stack is an example of implementation of NAT for IPv6.
NAT for IPv6 is a temporary measure to aid in the move from IPv4 to IPv6. NAT64 is replacing NAT-PT. Dual stack is a method for running IPv4 and IPv6 on the same network.