Nat Sim

So to get *full credit* you *must* issue a ping, whether you have a perfect config?

@ test taker- do u have a sim already created for this config?

@test_taker: No, if the config is correct you’ll get full point. But why you don’t make a ping to check again? A successful ping guarantees your configuration is correct.

trextaz.. You needed to go to the “OTHER” NAT page to D/L the Nat sim.. Here is the Link..
http://www.9tut.com/52-ccna-nat-sim-question. it is downloadable,, and works fine.

I will have exam tomorrow I am wworried

192.168.100.16 is the network number and the subnet is 255.255.255.240 not 248. 255-140=15 so the wildcard is 0.0.0.15.

Does that help?

So that part of task in assignment The company has 14 hosts that need to access the internet simultaneously
I need to ask myself which subnet mask gives me 14 hosts???
answer: 255.255.255.240 increment of 240=16 range 0-16usable hosts 1-15 and in this range there are our 14 hosts that need to access the internet simultaneously. so that is subnet 192.168.100.16 and subnet address 255.255.255.240.
this line provides me subneting answer
inside local addresses -192.168.100.17 – 192.168.100.30/28 subnet of this range is 192.168.100.16 mask 255.255.255.240 255-240=16
equals
Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15

Em I correct???????

Matt

Regards

Something does not make sense here. Why if the inside global is 198.18.184.X the ip of the S0/0 interface is 192.0.2.X ?

This lab wont work at all, for nat to work like it should one interface has to be configured with at least one ip address from the – 198.18.184.105/110 range..

The Interfaces are also NOT configured for NAT in the pkt lab..

The quickest way to unerdstand subnetting is that subnetting is a binary AND operation of all the octets in your IP address with the subnet mask. subnet binary 255 (11111111) always allows the octet to pass thru and becomes the same number in the network address. performing an AND operation if the mask octet is less that 255 will yield a consistent number that will become the lowest number of the network address octet. A smaller mask octet number will yield a wider network range for the chosen IP address, and this number range is 256 minus the mask octet. For example, a mask of 255.255.254.0 will yield a 2 x 255 address range for the chosen IP address. Lowest number in the range is the network address and the highest is the broadcast address.

Guys, for the access list I have 192.168.100.17 0.0.0.15 BUT here it says 192.168.100.16. 0.0.015. Why do they have a 16 and not a 17 in the summary address?? Pliz help. Thanx

I take my ICND 2 tomorrow at 6:15pm! I will let you guys know what SIMs I run into!

Anyone have any information on the FRAME RELAY SIM that everyone is talking about that is on the exam?

To: Firstmode
– Any update on what SIMS you had on your exam you took recently? Is anyone seeing any CCNA material SIMS on the ICND2 exam?

@Rasronn…You have 192.168.100.16 0.0.0.15 as the NETWORK address, but the first HOST address is 192.168.100.17.

Your total addresses (including NETWORK and BROADCAST are: 192.168.100.16 – 192.168.100.31) but you can only use 192.168.100.17 – 192.168.100.30 as HOST addresses.

can some one please email me the latest dump on this email address: Iron15Mike@yahoo.com
I am sitting for CCNA this february , any tips would be huge

Thank You

try this on the isp router: ip route 198.18.184.104 255.255.255.248 s0/1

can mypool be substituted for anything, like call it test rather then mypool? 9tut?

@invisible: Of course, you can use another name for it.

Hey Guys, this SIM was on my ICND2 exam yesterday together with the Frame Relay multinational SIM

Where can I download this and the other five sims? Thanks for your answers and help. Greets from Germany

Rasronn January 2nd, 2013 Guys, for the access list I have 192.168.100.17 0.0.0.15 BUT here it says 192.168.100.16. 0.0.015. Why do they have a 16 and not a 17 in the summary address?? Pliz help. Thanx
Answer: the address range is 192.168.100.17 thru 192.168.100.30 with the prefix 28.
The prefix tells us that the address space is to be incremented by 16. Thus, the addresses 192.168.100.17 thru 30 are included in the subnet 192.168.100.16/28 allowing for addresses 192.168.100.17 thru 30 as part of the subnet. Therefore, we have to specify the subnet which in this case is 192.168.100.16/28.
With the prefix 28 we get the netmask 255.255.255.240 which is equal to the wild mask 0.0.0.15 because 240 +15 = 255. That is why we configured the ACL as:
access-list 1 permit 192.168.100.16 0.0.0.15.
Hope this helps.

Lumious January 6th, 2013 Anyone have any information on the FRAME RELAY SIM that everyone is talking about that is on the exam?
Look here,
http://www.9tut.com/ccna-hotspot-questions

9tut – please clarify your packet tracer. Not even you “answer” is correct. Its not forwarding outside router. Gateway of last resort is not set – could this be an issue? Let us know!

Hi 9tut, my question – why do we have to apply NAT on 2 interfaces? I think 1 will be sufficient. In my case i will apply it at s0/0. Hope for your kind clarification on this. thanks.

could anyone please give me the link of FRame Relay sim, i would be thankful to you.

If you ping to 192.0.2.113, as in your outside serial interface after configuring nat, it is sucessful, and doing a sh ip nat translations shows the nat working, the problem is with the router between the router and the isp, i imagine it cant ping back from the isp, you would need a static route on it.

My mistake it works fine, make sure you have the netmask on the public p0ol as .248

I cannot ping the ISP. Please what am I doing wrong. I configured a default route on weaver ie 0.0.0.0 0.0.0.0 192.0.2.114 but I am not able to ping. I will appreciate any help.

Please can someone tell me what static routes are used in Weaver router and the ISP because I still cannot ping from the test PC. When I did show frame-relay lmi, it shows that the number of messages sent is higher than messages received and the timeout = 16 so I know there is something wrong.

Galera, os endereços IP”s que estão errados …
Não é necessário nenhuma rota estática, apenas os endereços do pool estão errados.

Can i put access-list 1 permit 192.168.100.17 0.0.0.13 instead?

@Johan,

No, you must use 192.168.100.16 0.0.0.15. Reason being is that you must use the correct block size.

The address the hosts are using are part of the 192.168.100.16 subnet. By using the 0.0.0.15 wilcard, you effectively identify all the address from 192.168.100.16 – 192.168.100.31 (but .31 is the broadcast address and is unusable).

Thanks for the Frame-Relay SIM

can,t ping ,can any body say why?

Cannot ping from a host computer because I’m pretty sure the ISP Router doesn’t know about the 192.168.100.16/28 network, it only know about the networks that are directly connected. I wasn’t about to get into the ISP router to verify though. Bad password?

It works fine. You need to configure Nat inside and outside on proper interface.

Here is the ping result from Test host. First time It didn’t work. I check the running config and found out in and out mapping was missing.
If you want to success in real job start troubleshooting.
Passing by doing dump not going to take you too far. they are just to test yourself and practice.

acket Tracer PC Command Line 1.0
PC>ping 192.0.2.114

Pinging 192.0.2.114 with 32 bytes of data:

Reply from 192.0.2.114: bytes=32 time=43ms TTL=254
Reply from 192.0.2.114: bytes=32 time=10ms TTL=254
Reply from 192.0.2.114: bytes=32 time=16ms TTL=254
Reply from 192.0.2.114: bytes=32 time=20ms TTL=254

Ping statistics for 192.0.2.114:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 43ms, Average = 22ms

PC>

I think there is a default route or static route configured in the ISP router back to Weaver. With that, the given configuration in the Weaver router will be enough to have the ping successful.

>>>> try to put this in your ISP router>>>
ip route 0.0.0.0 0.0.0.0 192.0.2.113

this Sim is exellent. works just fine

Anyone got CCNa sims while taking ICND2?
Thx

It works perfect. Thnx 9tut. God bless you

On the lab it says inside and outside have been configured, but they haven’t. Good practice to input those commands anyways 🙂

For ACL wildcard is another option also.
Wildcard is range.
we have 14 hosts started from 192.168.100.17 to 192.168.100.30/28.
So for sunbent /28 wildcard mask will be 0.0.0.15
but this will involve also an anusable ip address 192.168.100.16 and 192.168.100.31.
in our case we need arange from .17 to .30

30-17=13.

Address and wild card mask for ACL will be:
192.168.100.17 0.0.0.13

Weaver(config)#access-list 1 permit 192.168.100.17 0.0.0.13

Somthing more.
Be carefull to nat make mistake with mask that define at pool.

Weaver(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
What subnet mask we use here? It is subnet mask of our outside interface. So chcek mask on interface s0/0 , wich is our ouside interface in our case.

I need CCNA R&S exam, thanks’
http://thietbivienthongbachkhoa.com/Default.asp?mod=News&action=list&NewsID=108&temp=Vertuvn_vn&Object=1&ItemID=79&Language=vn

I might agree about default route, but the question states:

” – The appropriate static routes have also been configured ”

So is it really needed?

Additionally, ISP router has to have a route back to Weaver to return ICMP messages.

Though I believe it’s ok to add default route just in case as noname stated.

In the lab example the part with the defintion of the nat interface is missing:
Weaver(config)#interface fa0/0
Weaver(config-if)#ip nat inside
Weaver(config-if)#exit
Weaver(config)#interface s0/0
Weaver(config-if)#ip nat outside
Weaver(config-if)#end

default route is not needed in that example
..
try

To download ccna lab goto

http://blog.acmeinfotek.in/search/label/CCNA%20Simulation

@aaaa

If we use 192.168.100.17 0.0.0.13 then the mask will be 255.255.255.242
but if we use 192.168.100.17 0.0.0.15 then the mask will be 255.255.255.240 =>
(Increment 16) so:
192.168.100.0 – 15 (1-14 used) (0 network, 15 broadcast)
192.168.100.16 – 31 (17-30 used)
192.168.100.32

To everyone that having problem ping 192.0.2.114

Most of you tried to use ip route on isp router.

If you insert ip route 0.0.0.0 0.0.0.0 192.0.2.113 on the ISP router. Without any NAT config, I can ping 192.0.2.114 from my work station.

If I use this command “ip nat inside source list 1 interface serial0/0 overload” then ping to 192.0.2.114 works without using ip route on the ISP router.

@Thyreme
If we use 192.168.100.17 0.0.0.13 then the mask will be 255.255.255.242????
This comment does not stand. we are talking for wildcard mask, wild card mask 0.0.13 is a range.
wild card mask 0.0.0.13 will allow all the range 192.168.100.17 to 192.168.100.30.

Peoples!

…Its so easy to find who’s learning by the book and who’s learning doing dumps…

There is no need for a route on the ISP… Remember the traffic from the private 192.168.100.16 comes NATed… so the ISP doesn’t need to know about the 192.168.100.16 network, it will send the packets to the public IPs on the weaver router…

We just need to configure a static default route in the weaver 0.0.0.0 0.0.0.0 192.0.2.114.

@aaaa
255.255.255.242 and 0.0.13 are not valid mask and wilde card mask .

Passed ICND2 today with 910. This sim was on my exam, unfortunately I did not answer the questions related to this sim because I though the questions were going to be on the next screen. Too bad, but I passed the exam… Wouaooooooooooo

9 tut, what is the password for ISP router in your already set-up packetracer lab. Pwds cisco and admin don’t work. Just wondering what is in config 😉

Fail. Took the supposed ICND2 640-816 today and there was nothing like the material contained on this site. No VTP, No VLSM, No Drags and Drop (except 1, had Split Horizon), no ACL or NAT. It was all about SNMP and Netflow. 2 Different SIMS OSPF and EIGRP (not on this site or dump) A lot IPV6. I nailed ICND1 exam but this wasnt the test I prepared for. Please reply.

TrickedbyCisco Are you sure you took 816. Maybe you took the new ICND2 that is out. There are currently two exams. 816 expires at the end of this month (September) but right now they are overlapping.

Yes. Didn”t know 200-100 was there already and Fail. 640-816 next Monday.

@Mira:
The password for the ISP rotuer is : noway

i take the exam again in a few hours.. for this SIM, if the sim says the interfaces are already configured, do we need to do the “ip nat inside” and “ip nat ouside” commands?

I take the 640-816 version of the exam today US. I know I am taking this version because I selected it with my very own eyes. I Have studied heavymod’s dump 1 time going through all the questions where the correct answers are highlighted, and then actually taking the entire exam for real without a time limit and seeing how well I do and every time i come up on a question that I feel at all nervous about getting incorrect because I did not understand it I came to 9 tut and studied every single question in the category that the question was based on. On top of this, CBT nuggets has great videos to allow you to see the configuring in action on specific areas like VTP and frame relay. And on top of that I have studied all 9tut has to offer, questions, lab sims, and actually reading and coming to understand the explanations for every single category that 9tut has to offer for this version of ICND part 2. I will be definitely giving feedback on my examination after I am home. It is ultimately up to you if you would like to use my study habits or not but it is a damn fine feeling to know that I have at least a good understanding of the knowledge areas required to pass the test.

Hello

Couldn’t the access-list 1 permit just be for the general 192.168.100.0 network…with a wildcard mask of 0.0.0.255?

…or even 192.168.100.0 0.0.0.15?

sorry i saw the CIDR for the inside local addresses is /28

but that still doesn’t explain why 192.168.100.16 has to be put in instead of 192.168.100.0

Adding a static route on the ISP , does work however the real issue is the subnet mask is incorrect on the PCs. It is 255.255.255.248 in the simulation it’s marked as 240. I found it after I added the static route to the ISP. I confirmed the fix by deleting the static route and simulation works fine with the correct subnet mask .

Please am about to recertify my CCNA i wrote 3 years ago, is ICND2 an alternative for me to write instead of registering for the whole CCNA test.

NB: My deadline is so close and i have less time to prepare or a higher certification.
Thanks!

The directions are wrong, that’s why there is no ping from a host to .114 🙂
Please find the correct one below:

Weaver(config)#interface fa0/0
Weaver(config-if)#ip nat outside
Weaver(config-if)#exit
Weaver(config)#interface s0/0
Weaver(config-if)#ip nat inside
Weaver(config-if)#end

Please correct me if I am wrong 🙂

Ops, my bad…totally wrong….

for this packet tracer lab you need to add

Weaver(config)#interface fa0/0
Weaver(config-if)#ip nat inside
Weaver(config-if)#exit
Weaver(config)#interface s0/0
Weaver(config-if)#ip nat outside
Weaver(config-if)#end

Anyone still getting this lab in the EXAM ICND 2 ?? Thanks guys i would really appreciate it if you tell me.
Ciscoita.

All you have to do is reference Cisco’s own homepage to see what content is still on the exam:

http://www.cisco.com/web/learning/exams/docs/200-101_icnd2.pdf

VTP, ACLs, and NAT have been completely removed.

Anybody know how many sims on the icnd2 exam?

to make it run we have to add command,

int fa0/0
ip nat inside
int se0/0
ip nat outside

once i put these commands my ping started working ..
Thanks guys

just passed ICND2 few hours back with 920 marks only, EIGRP and Frame-relay Labs were there, NAT and OSPF Labs are no more in ICND2 i guess, but i had few questions about OSPF but no question of NAT … have fun guys …

According to ICND2 200-101 Exam Topics, NAT is not included. I think this sim is from the old ICND2 600-816 which does include NAT in the Exam Topics. Can anyone confirm this is a fact? Judging by most the comments on this website, they did not receive NAT sim in ICND2 200-101 Exam.

I just did the sim and also could not ping. I then realised that even though it states that nat inside and outside have already been configured, i ran the show running-config and saw that it was not already configured. that is why you can not ping the isp

Here’s what I found in total –

– The Router already has the host name
– The IP NAT inside/outside is not configured. But for some reason if you discover this and add it later the after the rest of the config is done it still does not work. It had to reload it from scratch putting the NAT inside/outsde first.
-The default route to the ISP is missing
– Still a good lab though and all of this was a learning experience and Cisco will do worse on the exams

This network *198.18.184.105 198.18.184.110* is defined NOWHERE else in your config files. Just using the config provided above you will not get this lab to work.

To make NAT work with the config provided omit
>> ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
>> ip nat inside source list 1 pool mypool overload

and instead add
>> ip nat inside source list 1 interface serial 1/0 overload

This will still accomplish you UNDERSTANDING what is happening here and allow you to see it work.
>> show ip access

IF you see this on the exam you will need to create a NAT pool based on the inside global addresses provided. I realize my solution DOES NOT meet the exam objective laid out. I provided this information to help those confused about why the ping does not work.

Past my CCNA today!!!! Thank U 9TUT!

The host (PC) have no ip address configurations

first create access-list, nat, identify inside and outside your network and nat overload

PC>ping 192.0.2.114
Pinging 192.0.2.114 with 32 bytes of data:
Reply from 192.0.2.114: bytes=32 time=3ms TTL=254
Reply from 192.0.2.114: bytes=32 time=3ms TTL=254
Reply from 192.0.2.114: bytes=32 time=2ms TTL=254
Reply from 192.0.2.114: bytes=32 time=2ms TTL=254
Ping statistics for 192.0.2.114:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 3ms, Average = 2ms

IP nat inside and outside are not configured on the interfaces 🙂 and it says they are, but the answer shows you have to configure them….fix? 🙂

Good lab though, thanks!

I just like the lab. has gave skills in my waiting for CCNA exam.

I just like the lab. It has gave skills in my waiting for CCNA exam.

Well, it will work only if you use the following command, But I am not sure by using this it is going match the access list with our pre-defined pool or not.

ip nat inside source list 1 interface serial 1/0 overload

I wonder if the command “ip access-group 1 in”, at interface fa 0/0, is necessary too.
THX

question….if you use “wr mem” instead of “copy run start” do you lose credit?

@Oliver, you don’t need that command in this case.

@Joao, you don’t need that command either when associating the addresses in the ACL with the addresses they will NAT to.

Hey Guys,

I’m doing ICND 2 in the next few days. Can someone confirm if this is the exact question?

Guys I wrote ICND2 exam today and cleared it with 920 marks .
Well there were few rumours stating exam pattern and exam questions have changed .But it is not..90 percent questions were from 9tut .
Study the topics carefully and atlast the dumps will help u to score passing marks.

Thanks John

why the hell would NAT be on the ICND2 exam? It’s not even mentioned in the 200-101 book… I literally just checked my book and it’s not even in there. We covered NAT in ICND1… is this really on the the 200-101 exam?

Passed ICND2 today with 1000.
All questions and Labs valid.
I had EIGRP and FrameRelay Sim

hi, guys in the configurations for NAT

that reports exhibit

~Weaver(config)#ip nat pool MYPOOL 192.18.184.105 198.18.184.110 netmask 255.255.255.248
%Pool MYPOOL mask 255.255.255.248 too small; should be at least 248.0.0.0
%Start and end addresses on different subnets~

how configure the range?

Fagner: change command from:
ip nat pool MYPOOL 192.18.184.105 198.18.184.110 netmask 255.255.255.248
to:
ip nat pool MYPOOL 198.18.184.105 198.18.184.110 netmask 255.255.255.248

Has anyone encountered this sim in icnd2 exam in 2015?

Start and end are on the same subnet 192.18.184.104

Could someone tell how to get full access to all questions and answers on the site? Thanks a lot…

Can I please the latest dumps for ICND2?
cheryl.courtney@live.com
Thanks 🙂

@smti – This site is done for, I paid for full access and you are able to access the same questions I can. I am requesting a refund, 9tut, how do we go about getting a refund, or do I have to file a fraud case with my Cc company?