Challenge Lab 4: Static NAT

Sep 28, 2017 Last Updated: Sep 28, 2017 120 Labs CCNA No Comments
Tweet Share Pin it

Lab Objective:

The objective of this lab exercise is for you to configure static NAT.

Lab Purpose:

NAT is an important exam topic so you can be pretty sure it will crop up. Rather than watch a video solution, I have provided show runs and test commands where appropriate.

Certification Level:

This lab is suitable for both CCENT and CCNA certification exam preparation.

Lab Difficulty:

This lab has a difficulty rating of 5/10.

Readiness Assessment:

When you are ready for your certification exam, you should complete this lab in no more than 15 minutes.

Lab Topology:

Please use the following topology to complete this lab exercise:

Challenge Lab 4: Static NAT 1

Task 1:

Configure the topology above. You should add a static default route on RouterB to send all traffic out of the Serial interface. Test by pinging the Loopbacks on RouterA. Check that you can ping all interfaces.

Task 2:

Configure static NAT on RouterA. Any traffic coming from 192.168.1.1 should be NATted to 172.16.1.1.

Task 3:

Check your configurations with show commands and pings sourced from 192.168.1.1 when you have debug ip packet running on RouterB.

Solution

Show Runs

RouterA 

interface Loopback0 
ip address 192.168.1.1 255.255.255.240 
ip nat inside 
ip virtual-reassembly 
! 
interface Loopback1 
ip address 192.168.2.1 255.255.255.224 
! 
interface FastEthernet0/0 
no ip address 
shutdown 
duplex auto 
speed auto 
! 
interface Serial0/0 
ip address 10.0.0.1 255.255.255.252 
ip nat outside 
ip virtual-reassembly 
clock rate 2000000 
! 
interface FastEthernet0/1 
no ip address 
shutdown 
duplex auto 
speed auto 
! 
ip forward-protocol nd 
!
! 
no ip http server 
no ip http secure-server 
ip nat inside source static 192.168.1.1 172.16.1.1 
! 
! 
! 

RouterB 

interface Serial0/0 
ip address 10.0.0.2 255.255.255.252 
clock rate 2000000 
! 
interface FastEthernet0/1 
no ip address 
shutdown 
duplex auto 
speed auto 
! 
ip forward-protocol nd 
ip route 0.0.0.0 0.0.0.0 Serial0/0

TEST:

RA#show ip nat translations 
Pro Inside global      Inside local     Outside local   Outside global 
--- 172.16.1.1         192.168.1.1        ---                --- 
RB#debug ip packet 
R1#ping 10.0.0.2 source 192.168.1.1 

Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds: 
Packet sent with a source address of 192.168.1.1 
!!!!! 
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/6/20 ms
R1# 
R2# 
*Mar  1 00:14:05.159: IP: tableid=0, s=10.0.0.2 (local), d=172.16.1.1 (Serial0/0), routed via FIB 
*Mar  1 00:14:05.159: IP: s=10.0.0.2 (local), d=172.16.1.1 (Serial0/0), len 100, sending 
R2#
Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x