Section 24 – Review 9

Section 24 Tasks

  • Take the exam below
  • Review any theory (if required) or NAT
  • Complete the ACL module labs
  • Complete any earlier lab (without looking at the solution)
  • Read the ICND1 cram guide
  • Spend 15 minutes on the website

Section 24 Exam

  1. You can have a named, extended, and standard ACL on one incoming interface. True or
  2. You want to test why your ping is blocked on your Serial interface. You ping out from the router but it is permitted. What went wrong? (Hint: See ACL Rule 4.)
  3. Write a wildcard mask to match subnet mask
  4. What do you type to apply an IP access control list to the Telnet lines on a router?
  5. How can you verify per interface ACL statistics (name the command)?
  6. How do you apply an ACL to an interface?
  7. Write the configuration command for NAT to
  8. Which command do you add to a NAT pool to enable PAT?
  9. NAT most often fails to work because the _______ _______ _______ command is missing.
  10. Which debug command shows live NAT translations occurring?

Section 24 Answers

  1. False. You can only configure a single ACL on an interface per direction.
  2. A router won’t filter traffic it generated itself.
  4. The access-class command.
  5. With the show ip access-list interface command.
  6. With the ip access-group <ACL_name> [in|out] command.
  7. ip nat inside source static
  8. The overload command.
  9. ip nat inside or ip nat outside.
  10. The debug ip nat [detailed]command.


Notify of

Inline Feedbacks
View all comments