Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
13 Cards in this Set
- Front
- Back
NAT: Define "inside local" and "inside global"
|
Inside local = internal (private) IP address on the inside network;
Inside global = public IP address which is translated to/from inside-local |
|
NAT: Define "outside local" and "outside global"
|
Outside local = Ip address of the outside host within the local network;
Outside global = ip address of the outside host on the outside network |
|
NAT: Define "static NAT"
|
Translations are permanent, one-to-one
|
|
NAT: Define "dynamic NAT"
|
1. Pool of inside global IP addresses
2. Translations are dynamic with timeout or clear CLI 3. If pool is exhaused, router discards packets needing translation but not in pool |
|
NAT: Define "Port Address Translation"
|
1. also known as NAT/Overload
2. Includes port numbers for both inside/outside. |
|
NAT: Can it translate the global (outside) address?
|
Yes, but this is infrequent
|
|
NAT: CLI commands to configure static NAT
|
1. interface(s): ip nat inside
2. interface: ip nat outside 3. global: ip nat inside source static <inside local> <inside global> |
|
NAT: CLI commands to configure dynamic NAT
|
1. #ip nat inside
2. #ip nat outside 3. global: #access-list 1 permit <ip-address> <wildcard mask> 4. global: #ip nat pool <name> <first-ip> <last-ip> netmask <netmask> 5. global: #ip nat inside source list <acl number|name> pool <name> |
|
NAT: CLI commands to verify and debug
|
1. #show ip nat translations
2. #clear ip nat translation * 3. #debug ip nat |
|
NAT: CLI commands to configure NAT overload/PAT
|
Two variations
1. Add overload keyword to end of the ip nat inside source list command 2. Follow steps for dynamic nat, but don't create a pool. Then: #ip nat inside source list <acl number|name> interface <int> overload |
|
NAT: CLI command to setup NAT pool
|
global: #ip nat pool <name> <first-ip> <last-ip> netmask <mask>
|
|
NAT: CLI command to map an access list to a pool
|
global: #ip nat inside source list <name|number> pool <name> [overload]
|
|
NAT: CLI to create dynamic nat w/o creating pool
|
#ip nat inside source list <number|name> interface <int> overload
|