NAT Flashcards

1
Q

What is another term for Dynamic NAT?

A

IP masquerading

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which NAT changes the source IP address of each outgoing connection to match the Firebox’s IP address?

A

Dynamic NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does Firebox track when using Dynamic NAT?

A
  1. Private Source & Dest. IP
  2. Source & Dest. Ports
  3. Protocols
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Enumarate examples (3) of IP header information

A
  1. Source port
  2. Destination port
  3. Protocols
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which NAT enables clients on a private network to connect to servers on the internet?

A

Dynamic NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In Dynamic NAT, how many IP addresses does the internet see?

A

One (1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

In Dynamic NAT, what is the only IP address does the internet see?

A

Public IP address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

On which connnections is Dynamic NAT normally applied to?

A

Connections starting from behind a Firebox

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In Dynamic NAT, is the source port changed?

A

Only if necessary.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

In Dynamic NAT, how often does the Firebox keep the same source port that the requesting client use?

A

Always.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which NAT is configured as default on Firebox?

A

Dynamic NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

On which kinds of IP addresses is Dynamic NAT applied on by default?

A

RFC1918

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

In Policy Manager, how to configure Dynamic NAT rules?

A

Network tab > NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Is Dynamic NAT enabled by default on each policy you create?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Can you override the global dynamic NAT settings in individual policies?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What can be used to override the global dynamic NAT settings?

A

Individual policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

In Dynamic NAT, which IP address of the external interface does is used when traffic leaves?

A

Primary IP address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Enumerate two (2) procedures on setting the Dynamic NAT source IP address.

A
  1. Network Dynamic NAT rule
  2. Policy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is another term for Static NAT?

A

Port forwarding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which NAT allows inbound connections on the specific ports to one or more public servers from a single external IP address?

A

Static NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

In Static NAT, what does the Firebox change?

A

Destination IP address of the packets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

In Static NAT, what is the basis of the Firebox when forwarding packets?

A

Based on the original destination port number

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is Static NAT typically used for?

A

Public services such as websites and email

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which NAT is recommended if you have a small number of public IP addresses

A

Static NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which NAT is the only option if you have only one public IP address?

A

Static NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is the default behavior of Static NAT?

A

Does not change the source IP address for inbound traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

In Static NAT, which IP address is not changed by default?

A

Source IP address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Where is the static NAT configuration saved when you configure a Static NAT?

A

SNAT action

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Can you add, edit, or delete SNAT actions?

A

Yes

30
Q

What can you do to the SNAT action after creating it?

A

Can you the same action in one or more policies.

31
Q

What are the two (2) types of SNAT actions?

A
  1. Static NAT
  2. Server Load Balancing
32
Q

What kind of traffic does the Static NAT forward?

A

Inbound traffic

33
Q

In addition to an IP address, what can you specify in an SNAT action?

A

FQDN

34
Q

Which SNAT action forwards inbound traffic addressed to one IP address to one of several servers behind the firewall?

A

Server Load Balancing

35
Q

Which SNAT action forwards inbound traffic addressed to one IP address to a different IP address and port behind the firewall?

A

Static NAT

36
Q

In a static NAT action, where is inbound traffic addressed to one IP address forwarded to?

A

To a different IP address and port

37
Q

In a server load balancing, where is inbound traffic addressed to one IP address forwarded to?

A

To one of several servers

38
Q

What section do you add the SNAT action?

A

To section

39
Q

Which NAT provides a mapping for one or more private IP addresses to one or more public IP addresses?

A

1-to-1 NAT

40
Q

Which NAT allows the internal network resources accessible on the internet?

A

1-to-1 NAT

41
Q

Which NAT is for networks with many public IP addresses?

A

1-to-1 NAT

42
Q

Which NAT is an OPTION if you want to dedicate a public IP address for a single purpose?

A

1-to-1 NAT

43
Q

Is it recommended to use 1-to-1 NAT rather than SNAT?

A

No. SNAT is better.

44
Q

In 1-to-1 NAT, what is prevented is you only have 1 public IP?

A

All use of inbound Firebox functions

45
Q

In 1-to-1 NAT, can the WatchGuard Support team connect with only having 1 public IP?

A

No.

46
Q

What can you configure in each 1-to-1 NAT rule?

A
  1. Host
  2. Range of hosts
  3. Subnet
47
Q

Which NAT rule always has a precedence over Dynamic NAT?

A

1-to-1 NAT

48
Q

What do you need to specify for each 1-to-1 NAT rule?

A
  1. Interface
  2. Real base
  3. NAT base
  4. Number of hosts to NAT (for ranges only)
49
Q

What do you call the thing on which 1-to-1 NAT is to be applied?

A

Interface

50
Q

What do you call the IP address assigned to the physical Ethernet interface of the computer to which you apply the 1-to-1 NAT policy?

A

Real base

51
Q

What do you call the base where the private addresses are used?

A

Real base

52
Q

What do you call the IP address that the real base IP address changes to whne 1-to-1 NAT is applied?

A

NAT base

53
Q

What do you call the base where the public addresses are used?

A

NAT base

54
Q

What do you use when local network users need to connect to an internal server with the public IP address or domain name of that server?

A

NAT loopback

55
Q

In dynamic NAT, what IP address gets changed?

A

Source IP

56
Q

Which NAT is often used for outbound traffic?

A

Dynamic NAT

57
Q

Which NAT is the most common NAT?

A

Dynamic NAT

58
Q

Which VPN is DNAT available for?

A

BOVPN

59
Q

In Static NAT, what IP address gets changed?

A

Destination IP

60
Q

Which NAT is often used for inbound traffic?

A

Static NAT

61
Q

On which NAT can SNAT be combined with?

A

DNAT

62
Q

Which NAT allows you to configure 1 public IP to multiple servers?

A

Static NAT

63
Q

Since you can configure 1 public IP to multiple servers, how can the traffic be differentiated?

A

Different ports

64
Q

Which NAT maps 1 subnet to another subnet, or binds 1 IP to another IP?

A

1-to-1 NAT

65
Q

Which IP is changed for 1-to-1 NAT?

A

Source and Destination IP

66
Q

What is also known as HAIRPIN NAT?

A

NAT Loopback

67
Q

What NATs are used with NAT Loopback?

A

SNAT & 1-to-1 NAT

68
Q

Which NAT allows local clients to communicate to a public IP that points to a local server?

A

1-to-1 NAT

69
Q

When is NAT loopback useful?

A

When DNS records points only at a public IP

70
Q

How do you configure SNAT in policy manager?

A

Setup tab > Actions > SNAT