9.3.1.4 Packet Tracer – Verifying and Troubleshooting NAT Configurations

9.3.1.4 Packet Tracer – Verifying and Troubleshooting NAT Configurations

Packet Tracer – Verifying and Troubleshooting NAT Configurations (Answer Version)

Answer Note: Red font color or Gray highlights indicate text that appears in the Answer copy only.

Topology

9.3.1.4 Packet Tracer – Verifying and Troubleshooting NAT Configurations

9.3.1.4 Packet Tracer – Verifying and Troubleshooting NAT Configurations

Addressing Table

DeviceInterfaceIP AddressSubnet MaskDefault Gateway
R1G0/010.4.10.254255.255.255.0N/A
G0/110.4.11.254255.255.255.0N/A
S0/0/110.4.1.2255.255.255.252N/A
R2S0/0/0209.165.76.194255.255.255.224N/A
S0/0/110.4.1.1255.255.255.252N/A
Server1NIC64.100.201.5255.255.255.064.100.201.1
PC1NIC10.4.10.1255.255.255.010.4.10.254
PC2NIC10.4.10.2255.255.255.010.4.10.254
L1NIC10.4.11.1255.255.255.010.4.11.254
L2NIC10.4.11.2255.255.255.010.4.11.254

Objectives

Part 1: Isolate Problems

Part 2: Troubleshoot NAT Configuration

Part 3: Verify Connectivity

Scenario

A contractor restored an old configuration to a new router running NAT. But, the network has changed and a new subnet was added after the old configuration was backed up. It is your job to get the network working again.

Part 1: Isolate Problems

Ping Server1 from PC1, PC2, L1, L2, and R2. Record the success of each ping. Ping any other machines as needed.

Part 2: Troubleshoot NAT Configuration

Step 1: View the NAT translations on R2.

If NAT is working, there should be table entries.

Step 2: Show the running configuration of R2.

The NAT inside port should align with the private address, while the NAT outside port should align with the public address.

Step 3: Correct the Interfaces.

Assign the ip nat inside and ip nat outside commands to the correct ports.

R2(config)# interface Serial0/0/0
R2(config-if)# ip nat outside
R2(config-if)# interface Serial0/0/1
R2(config-if)# ip nat inside

Step 4: Ping Server1 from PC1, PC2, L1, L2, and R2.

Record the success of each ping. Ping any other machines as needed.

Step 5: View the NAT translations on R2.

If NAT is working, there should be table entries.

Step 6: Show Access-list 101 on R2.

The wildcard mask should encompass both the 10.4.10.0 network and the 10.4.11.0 network.

Step 7: Correct the Access-list.

Delete access-list 101 and replace it with a similar list that is also one statement in length. The only difference should be the wildcard.

R2(config)# no access-list 101
R2(config)# access-list 101 permit ip 10.4.10.0 0.0.1.255 any

Part 3: Verify Connectivity

Step 1: Verify connectivity to Server1.

Record the success of each ping. All hosts should be able to ping Server1, R1, and R2. Troubleshoot if the pings are not successful.

Step 2: View the NAT translations on R2.

NAT should display many table entries.