16 03 2011
CCNA 640-802 Lab – NAT Sim
A network associate is configuring a router for the Bomar company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.237.105 198.18.237.230. The company has 14 hosts that need to access the internet simultaneously. The hosts in the CCNA Training company LAN have been assigned private space addresses in the range of 192.168.16.33 – 192.168.16.46.
The following have already been configured on the router:
- The basic router configuration
- The appropriate interfaces have been configured for NAT inside and NAT outside
- The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required.)
- All passwords have been temporarily set to “cisco”
The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide Internet access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host provided for testing.
router name – Bomar
inside global addresses – 198.18.237.225 198.18.237.230/29
inside local addresses – 192.168.16.33 – 192.168.16.46/28
number of inside hosts – 14
The following configuration translates between inside hosts addressed from 192.168.16.33/28 network (192.168.16.33 – 192.168.16.46) to the globally unique pool of address provided by ISP 198.18.237.225 – 198.18.237.230/29.
Router# configure terminal
Before starting the NAT configuration verify that router hostname currently configured is Bomar. If not change hostname to Bomar using the command
Router(config)# hostname Bomar
Step1: Create an access-list to match all the Bomar LAN address that need to be the candidates for NAT translations
Bomar(config)# access-list 10 permit 192.168.16.32 0.0.0.15
Step2: Create a NAT Pool with pool name isp and specify the pool address range provided by ISP with their netmask.
Bomar(config)# ip nat pool isp 198.18.237.225 198.18.237.230 netmask 255.255.255.248
Step3: Packets that match access-list 10 will be translated to an address from the pool called "isp". Overload keyword specify to use Port based NATing to support all the Bomar LAN address range.
Bomar(config)# ip nat inside source list 10 pool isp overload
SIM Question already provides that appropriate interfaces have been configured for NAT Inside and NAT Outside statements.
For your information configuration would have been like this:
Bomar(config)# interface fastethernet 0/0
Bomar(config-if)# ip nat inside
Bomar(config-if)# no shutdown
Bomar(config)# interface serial 0/0
Bomar(config-if)# ip nat outside
Bomar(config-if)# no shutdown
Our requirements are to allow the hosts (Bomar LAN) the ability to communicate with the Internet. For this test, we ping the Internet device (ISP router S0/1) from Host for testing.
Step4: Go to host for testing:
PING should be success to 192.0.2.114 since SIM question provides that static route is already configured on router.
Step5: On console of router (Bomar) : Issue show ip nat translation command to verify the NAT translations.
Considering host for testing IP address is 192.168.16.33
Bomar# show ip nat translation
Pro Inside global Inside local Outside local Outside global
icmp 198.18.237.225:434 192.168.16.33:434 192.0.2.113:434 192.0.2.114:434
icmp 198.18.237.225:435 192.168.16.33:435 192.0.2.113:435 192.0.2.114:435
icmp 198.18.237.225:436 192.168.16.33:436 192.0.2.113:436 192.0.2.114:436
icmp 198.18.237.225:437 192.168.16.33:437 192.0.2.113:437 192.0.2.114:437
icmp 198.18.237.225:438 192.168.16.33:438 192.0.2.113:438 192.0.2.114:438
Step 6: Important please do not forget to save your running-config to startup-config
Bomar2# copy run start
|One Time Purchase||✔||✖||✖||✖||✖|
|100% Pass Guarantee||✔||✖||✖||✖||✖|
|100% Money Back||✔||✖||✖||✖||✖|