Network Address Translation

Question 1

What is the private IP address range for class A?

Answer 1

10.0.0.0/8 - 10.255.255.255

Question 2

What is the private IP address range for class B?

Answer 2

172.16.0.0/12 - 172.31.255.255

Question 3

What is the private IP address range for class C?

Answer 3

192.168.0.0 - 192.168.255.255

Question 4

IPv6 uses how many bit addresses vs IPv4?

Answer 4

IPv6 - 128
IPv4 - 32

Question 5

What kind of NAT would a mail server or public web server use to connect to incoming connections?

Answer 5

Static NAT (one-to-one mapping)

Question 6

What kind of NAT would host use (don’t need to accept incoming connections)

Answer 6

Dynamic NAT (first come, first served basis)

Question 7

Inside global address

Answer 7

This is the address if someone in the outside network is sending traffic in. This would be THEIR destination address

Question 8

Inside Local

Answer 8

IP address configured on my host OS (inside the network)

Question 9

Outside Local

Answer 9

The IP address of the host outside our network that we are sending traffic to. (What our network seeing from the inside)

Question 10

For one way NAT, the outside local and outside global will be ______

Answer 10

the same (different port, same IP)

Question 11

Outside Global

Answer 11

The IP address of the host outside our network that isn’t NAT. It’s actually IP address assigned to it

Question 12

How do you configure static NAT?

Answer 12

int f#
ip NAT outside
int f#
IP NAT inside
IP NAT inside source static X.X.X.X (inside local) X.X.X.X (inside global)

Question 13

In Dynamic NAT, how many public IP addresses would you need if you had 30 host?

Answer 13

30 Public IP addresses
It’s a 1-1 for Dynamic NAT

Question 14

How do you configure a pool of global addresses

Answer 14

IP NAT pool (give it a name) X.X.X.X X.X.X.X netmask 255.255.255.240
*IP addresses are your pool’s range i.e. 203.0.113.4 203.0.113.14

Question 15

What do you do after you configure your pool of global addresses

Answer 15

Create an access list for all the IP addresses we want to translate (inside local)

Question 16

What is the command to configure an access list for all the IP addresses we want to translate (inside local)

Answer 16

access-list # permit X.X.X.X (inside local IP subnet) X.X.X.X (wildcard for subnet)

Question 17

What is the last step to configure Dynamic NAT

Answer 17

Connect the access list with the NAT pool

Question 18

What is the command to Connect the access list with the NAT pool?

Answer 18

IP NAT inside source list # (access-list number) pool (name of the pool)

Question 19

NAT Types: PAT (port address Translation

Answer 19

Allows the same IP address to be re-used
*Unlike Dynamic NAT

Question 20

How does Dynamic NAT with Overload track IP addresses?

Answer 20

It uses the same IP address but tracks the source port it used in the translation table

Question 21

How do you configure PAT in a router?

Answer 21

Same steps as Dynamic but when connecting access-list and pool together add overload at the end of command
>IP NAT inside source list # (access-list number) pool (name of the pool) overload
OR
>IP NAT inside source list # (access-list number) interface# (outside) overload

Question 22

What is the command to verify your NAT translations?

Answer 22

> show ip nat translations