Section 24 Tasks
- Take the exam below
- Review any theory (if required) or NAT
- Complete the ACL module labs
- Complete any earlier lab (without looking at the solution)
- Read the ICND1 cram guide
- Spend 15 minutes on the subnetting.org website
Section 24 Exam
- You can have a named, extended, and standard ACL on one incoming interface. True or
false? - You want to test why your ping is blocked on your Serial interface. You ping out from the router but it is permitted. What went wrong? (Hint: See ACL Rule 4.)
- Write a wildcard mask to match subnet mask 255.255.224.0.
- What do you type to apply an IP access control list to the Telnet lines on a router?
- How can you verify per interface ACL statistics (name the command)?
- How do you apply an ACL to an interface?
- Write the configuration command for NAT 192.168.1.1 to 200.1.1.1.
- Which command do you add to a NAT pool to enable PAT?
- NAT most often fails to work because the _______ _______ _______ command is missing.
- Which debug command shows live NAT translations occurring?
Section 24 Answers
- False. You can only configure a single ACL on an interface per direction.
- A router won’t filter traffic it generated itself.
- 0.0.31.255.
- The access-class command.
- With the show ip access-list interface command.
- With the ip access-group <ACL_name> [in|out] command.
- ip nat inside source static 192.168.1.1 200.1.1.1.
- The overload command.
- ip nat inside or ip nat outside.
- The debug ip nat [detailed]command.