CCNA FAQ: Network Address Translation (NAT)
Question: What does CIDR stand for?
a. Classful IP Default Routing
b. Classful IP D-class Routing
c. Classful Interdomain Routing
d. Classless IP Default Routing
e. Classless IP D-class Routing
f. Classless Interdomain Routing
Question:Which of the following summarized subnets represent routes that could have been created for CIDR’s goal to reduce the size of Internet routing tables?
a. 10.0.0.0 255.255.255.0
b. 10.1.0.0 255.255.0.0
c. 200.1.1.0 255.255.255.0
d. 200.1.0.0 255.255.0.0
Question: Which of the following are not private addresses according to RFC 1918? (Choose two answers.)
a. 172.31.1.1
b. 172.33.1.1
c. 10.255.1.1
d. 10.1.255.1
e. 191.168.1.1
Question: With static NAT, performing translation for inside addresses only, what causes NAT table entries to be created?
a. The first packet from the inside network to the outside network
b. The first packet from the outside network to the inside network
c. Configuration using the ip nat inside source command
d. Configuration using the ip nat outside source command
Question: With dynamic NAT, performing translation for inside addresses only, what causes NAT table entries to be created?
a. The first packet from the inside network to the outside network
b. The first packet from the outside network to the inside network
c. Configuration using the ip nat inside source command
d. Configuration using the ip nat outside source command
the inside network.
Question: NAT has been configured to translate source addresses of packets received from the inside part of the network, but only for some hosts as identified by an Access Control List. Which of the following commands indirectly identifies the hosts?
a. ip nat inside source list 1 pool barney
b. ip nat pool barney 200.1.1.1 200.1.1.254 netmask 255.255.255.0
c. ip nat inside
d. ip nat inside 200.1.1.1 200.1.1.2
Question: NAT has been configured to translate source addresses of packets received from the inside part of the network, but only for some hosts. Which of the following commands identifies the outside local IP addresses that are translated?
a. ip nat inside source list 1 pool barney
b. ip nat pool barney 200.1.1.1 200.1.1.254 netmask 255.255.255.0
c. ip nat inside
d. ip nat inside 200.1.1.1 200.1.1.2
e. None of the other answers are correct
Question: Examine the following configuration commands:
interface Ethernet0/0
ip address 10.1.1.1 255.255.255.0
ip nat inside
interface Serial0/0
ip address 200.1.1.249 255.255.255.252
ip nat inside source list 1 interface Serial0/0
access-list 1 permit 10.1.1.0 0.0.0.255
If the configuration is intended to enable source NAT overload, which of the following commands could be useful to complete the configuration? (Choose two answers.)
a. The ip nat outside command
b. The ip nat pat command
c. The overload keyword
d. The ip nat pool command
Question: Examine the following show command output on a router configured for dynamic
NAT:
— Inside Source
access-list 1 pool fred refcount 2288
pool fred: netmask 255.255.255.240
start 200.1.1.1 end 200.1.1.7
type generic, total addresses 7, allocated 7 (100%), misses 965
Users are complaining about not being able to reach the Internet. Which of the following is the most likely cause?
a. The problem is not related to NAT, based on the information in the command output.
b. The NAT pool does not have enough entries to satisfy all requests.
c. Standard ACL 1 cannot be used; an extended ACL must be used.
d. The command output does not supply enough information to identify the problem.
Question: List the three private ranges of IP addresses typically used with NAT translations.
Class A: 10.0.0.0 to 10.255.255.255
Class B: 172.16.0.0 to 172.31.255.255
Class C: 192.168.0.0 to 192.168.255.255
Question: Three forms of NAT are used in networks today: static NAT, dynamic NAT, and NAT overload/PAT. What is the use of each of these forms of NAT?
Question: You would like to see the current NAT translations passing through your router. What command would you enter?
Question: You are troubleshooting NAT on your router. It appears as though some of the entries are mapped to incorrect IP addresses. How can you erase the current NAT translations and allow them to rebuild?
Question: Your organization has an internal web server that it needs to make available to the Internet. What form of NAT will you use, and why?
Question: You have an internal web server that has the IP address 172.16.5.9. You need to enable this server to be accessed on TCP port 80 from the Internet. What would be the best solution for this situation?
A. Static NAT
B. Dynamic NAT
C. NAT overload
D. Standard routing
Question: Which of the following forms of NAT incorporates the source IP address (inside local) along with the source port number to make every translation unique?
A. Static NAT
B. Dynamic NAT
C. NAT overload
D. NAT port mapping
Question: Which of the following is not a task you can perform from the Edit NAT Configuration tab of SDM?
A. Configure access lists for use with dynamic NAT.
B. Select inside and outside interfaces of the router.
C. Adjust NAT timeout values.
D. Configure NAT overload capabilities.
Refer to the following figure for Questions 19 and 20.
Question: According to NAT terminology, the IP address 192.168.1.100 for the email server is considered an
______________.
A. Inside local address
B. Inside global address
C. Outside local address
D. Outside global address
Question: According to NAT terminology, the IP address 5.1.1.10 is considered an ______________.
A. Inside local address
B. Inside global address
C. Outside local address
D. Outside global address
Question:Which of the following represent a private IP address? (Choose two)
A. 192.168.5.205
B. 172.32.65.31
C. 10.168.5.205
D. 224.16.23.1
Question:. You are configuring a new router for NAT and would like to set up NAT overload and a single, static NAT mapping allowing access to an internal web server. What would be the most efficient way to accomplish this?
A. Basic NAT SDM wizard
B. Advanced NAT SDM wizard
C. Using the Edit NAT Configuration tab
D. Using the Basic NAT SDM wizard followed by the Edit NAT Configuration tab
Question: You are using NAT overload on your company’s Cisco router to provide Internet access to your internal network. The NAT process is overloading the IP address assigned to the router’s outside interface. Which of the following statements are not true? (Choose two)
A. Multiple internal users cannot access the same website at the same time, because the website will see two requests coming from the same IP address.
B. Static NAT mappings can be added for the interface IP address, but only for specific ports.
C. Static NAT mappings can be added for the full interface IP address.
D. Cisco’s NAT process will allow you to NAT not only to the interface IP address but also to other IP addresses not assigned to the interface.
Question: You would like to see the active NAT translations that are happening on your router. Your primary interest is in the inside local IPs that are being translated. What command shows you this information?
A. show ip nat statistics
B. show ip nat translations
C. show ip interface
D. show running-config
Question: You have just changed one of your internal computer’s IP addresses, and it appears that it can no longer access the Internet. You have verified the correct subnet and gateway information. What commands should you perform on the router to ensure that cached information does not play a role in this failure? (Choose two)
A. clear arp
B. clear ip route
C. clear ip nat translations*
D. clear startup-config
Question: You are working through NAT issues for your organization, and you notice that some NAT translations are “stuck” in the table. What command allows you to clear existing mappings from the table?
A. delete ip nat translation *
B. clear ip nat translation *
C. erase ip nat translation *
D. no ip nat translation *
Question: Which of the following forms of NAT incorporates the source IP address (inside local) along with the source port number to make every translation unique?
A. Static NAT
B. Dynamic NAT
C. NAT overload
D. NAT port mapping
Question: Which of the following commands enables an FTP server with the inside local address 10.5.9.100 to be accessed from a Serial0 interface (that is directly connected to the Internet)?
A. ip nat inside source static tcp interface serial 0 21 10.5.9.100 21
B. ip nat inside source static tcp 10.5.9.100 21 interface serial 0 21
C. ip nat inside destination static tcp interface serial 0 21 10.5.9.100 21
D. ip nat inside destination static tcp 10.5.9.100 21 interface serial 0 21
Question: You are configuring NAT on your company router to provide Internet access to the internal subnets. The router has a single interface connecting to the Internet and two interfaces connecting to different subnets of your corporate network. What is the proper configuration of the ip nat inside and ip nat outside commands?
A. The ISP interface should be configured with ip nat inside, and only a single interface connecting to the corporate network should have the ip nat outside designation.
B. All three interfaces should be configured with the ip nat inside commands, because they are all under your authority.
C. Only one of the interfaces connecting to the corporate network can be configured with the ip nat inside command, and the ISP interface should be configured with ip nat outside.
D. The two interfaces connecting to the corporate network should be configured with the ip nat inside command, and the ISP interface should be configured with ip nat outside.
Question: While viewing the output of the show ip nat statistics command, you notice that a large number of packets are labeled as a “miss.” What causes this issue?
A. You have not labeled an accurate outside interface for NAT.
B. The command used for NAT overload is missing the overload keyword at the end of the syntax.
C. Your network has many new sessions that do not have an existing NAT translation.
D. The interface configured with the ip nat outside command is probably down.
Question: Which of the following represent a private IP address? (Choose two)
A. 192.168.5.205
B. 172.32.65.31
C. 10.168.5.205
D. 224.16.23.1
Question: The configuration of dynamic NAT requires the use of an __________, which is a list of the inside global addresses that the Cisco router uses when translating the inside local addresses.
A. Inside interface
B. Access list
C. Outside interface
D. IP NAT pool
Question: What command is necessary to designate the inside interface in a NAT configuration?
A. nat interface inside
B. nat inside interface
C. ip nat inside
D. ip inside interface
Question: You would like to see the active NAT translations that are happening on your router. Your primary interest is in the inside local IPs that are being translated. What command shows you this information?
A. show ip nat statistics
B. show ip nat translations
C. show ip interface
D. show running-config
Question:. You verify that NAT is functioning by using the show ip nat translations command. You notice the following output displayed to the terminal window:
What does this entry represent?
A. A static NAT translation between 5.1.1.10 and 192.168.1.50
B. A dynamic NAT translation between 5.1.1.10 and 192.168.1.50
C. A malfunctioning NAT translation. Each translation should have all four columns filled in with IP address information.
D. A static NAT translation between 5.1.1.10 and 192.168.1.50 that is currently not in use
A. Translation introduces switching path delays.
B. NAT conserves legally registered addresses.
C. NAT causes loss of end-to-end IP traceability.
D. NAT increases flexibility when connecting to the Internet.
E. Certain applications will not function with NAT enabled.
F. NAT reduces address overlap occurrence.
Question: Which of the following are advantages of using NAT? (Choose three.)
A. Translation introduces switching path delays.
B. NAT conserves legally registered addresses.
C. NAT causes loss of end-to-end IP traceability.
D. NAT increases flexibility when connecting to the Internet.
E. Certain applications will not function with NAT enabled.
F. NAT remedies address overlap occurrence.
Question: Which command will allow you to see real-time translations on your router?
A. show ip nat translations
B. show ip nat statistics
C. debug ip nat
D. clear ip nat translations *
Question: Which command will show you all the translations active on your router?
A. show ip nat translations
B. show ip nat statistics
C. debug ip nat
D. clear ip nat translations *
Question: Which command will clear all the translations active on your router?
A. show ip nat translations
B. show ip nat statistics
C. debug ip nat
D. clear ip nat translations *
Question:Which command will show you the summary of the NAT configuration?
A. show ip nat translations
B. show ip nat statistics
C. debug ip nat
D. clear ip nat translations *
Question: Which command will create a dynamic pool named Todd that will provide you with 30 global addresses?
A. ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.240
B. ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.224
C. ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.224
D. ip nat pool Todd 171.16.10.1 171.16.10.254 net 255.255.255.0
Question: Which of the following are methods of NAT? (Choose three.)
A. Static
B. IP NAT pool
C. Dynamic
D. NAT double-translation
E. Overload
Question: When creating a pool of global addresses, which of the following can be used instead of the netmask command?
A. / (slash notation)
B. prefix-length
C. no mask
D. block-size
Question: Which of the following would be a good starting point for troubleshooting if your router is not translating?
A. Reboot
B. Call Cisco
C. Check your interfaces for the correct configuration
D. Run the debug all command
Question: Which of the following would be good reasons to run NAT? (Choose three.)
A. You need to connect to the Internet and your hosts don’t have globally unique IP addresses.
B. You change to a new ISP that requires you to renumber your network.
C. You don’t want any hosts connecting to the Internet.
D. You require two intranets with duplicate addresses to merge.
Question: Which of the following is considered to be the inside host’s address after translation?
A. Inside local
B. Outside local
C. Inside global
D. Outside global
Question: Which of the following is considered to be the inside host’s address before translation?
A. Inside local
B. Outside local
C. Inside global
D. Outside global
Question: By looking at the following output, which of the following commands would allow dynamic translations?
Router#show ip nat trans
Pro Inside global Inside local Outside local Outside global
— 1.1.128.1 10.1.1.1 — —
— 1.1.130.178 10.1.1.2 — —
— 1.1.129.174 10.1.1.10 — —
— 1.1.130.101 10.1.1.89 — —
— 1.1.134.169 10.1.1.100 — —
— 1.1.135.174 10.1.1.200 — —
A. ip nat inside source pool todd 1.1.128.1 1.1.135.254 prefix-length 19
B. ip nat pool todd 1.1.128.1 1.1.135.254 prefix-length 19
C. ip nat pool todd 1.1.128.1 1.1.135.254 prefix-length 18
D. ip nat pool todd 1.1.128.1 1.1.135.254 prefix-length 21
Question: Your inside locals are not being translated to the inside global addresses. Which of the following commands will show you if your inside globals are allowed to use the NAT pool? ip nat pool Corp 198.18.41.129 198.18.41.134 netmask 255.255.255.248 ip nat inside source list 100 int pool Corp overload
A. debug ip nat
B. show access-list
C. show ip nat translation
D. show ip nat statistics
Question: Which command would you place on the interface of a private network?
A. ip nat inside
B. ip nat outside
C. ip outside global
D. ip inside local
Question: Which command would you place on an interface connected to the Internet?
A. ip nat inside
B. ip nat outside
C. ip outside global
D. ip inside local
Question: Port Address Translation is also called what?
A. NAT Fast
B. NAT Static
C. NAT Overload
D. Overloading Static
Question: What does the asterisk (*) represent in the following output?
NAT*: s=172.16.2.2, d=192.168.2.1->10.1.1.1 [1]
A. The packet was destined for a local interface on the router.
B. The packet was translated and fast-switched to the destination.
C. The packet attempted to be translated but failed.
D. The packet was translated but there was no response from the remote host.
Question: Which of the following needs to be added to the configuration to enable PAT? ip nat pool Corp 198.18.41.129 198.18.41.134 netmask 255.255.255.248 access-list 1 permit 192.168.76.64 0.0.0.31
A. ip nat pool inside overload
B. ip nat inside source list 1 pool Corp overload
C. ip nat pool outside overload
D. ip nat pool Corp 198.41.129 net 255.255.255.0 overload
question.
[mks_button size=”medium” title=”CCNA Frequently Asked Questions” style=”squared” url=”https://www.configrouter.com/cisco-certified-network-associate-faq/” target=”_blank” bg_color=”#000000″ txt_color=”#FFFFFF” icon=”” icon_type=”” nofollow=”0″] [mks_button size=”medium” title=”CCNA Exam Questions with Explanation” style=”squared” url=”https://www.configrouter.com/ccna-online-training/” target=”_blank” bg_color=”#000000″ txt_color=”#FFFFFF” icon=”” icon_type=”” nofollow=”0″]