By | July 29, 2017

This is an Updated  CCNA NAT exam question (2016). You might see a different IP addressing, Port allocation and Configurations.

As usual, take time and read through the question (thrice if possible) so as to clearly understand what the question is all about.

Note: This NAT SIM LAB are used for demonstration only, you might come across a slightly different IP addressing, Port allocation in the real CCNA exam. But it all works the same way if you could just grasp the technique.

I suggest you use packet tracer for practice.

Use the network simulation topology below to answer the following question.

A network administrator is configuring a router for the HQBR company to provide internet access. The ISP has provided the company six public IP addresses of The company has 14 hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned private space addresses in the range of –

The company has 14 hosts that need to access the internet simultaneously but were issued with just 6 public IP addresses from to To accomplish this we use NAT overload or PAT (Port Address Translation )

Double click on the HQBR router to access the CLI

Use the following command:
Router#configure terminal

1. Change the router’s or hostname to HQBR
Router(config)#hostname HQBR

2. Create a NAT pool of global IP addresses to be assigned

HQBR(config)#ip nat pool mypool netmask

(/29 is the prefix of 248) see the cram table:

3. Create a standard access control list that permits the addresses that are to be translated.

HQBR(config)#access-list 1 permit

( is the wildcard mask of 240 or prefix /28)

Read more on wildcard mask explained

4.Establish dynamic source translation, specifying the access list that was created.

HQBR(config)#ip nat inside source list 1 pool mypool overload

The above command translates all source addresses that are permitted by the access list 1. Source addresses from to, from the pool ip address named mypool .

Overload keyword allows you to map multiple IP addresses to a single registered IP address by using different ports. It can also be called Port Address Translation (PAT)

According to the question, the appropriate interface had been configured with NAT inside and NAT outside. But, below is how to configure NAT inside and NAT outside in case you’ve forgotten:

HQBR(config)#interface fa0/0
HQBR (config-if)#ip nat inside
HQBR (config-if)#exit
HQBR (config)#interface s0/0
HQBR (config-if)#ip nat outside
HQBR (config-if)#end

Note: ensure you use the command below to copy your config;

HQBR #copy running-config startup-config              (don’t forget this bit)

Check your configuration for connectivity, click on “host for testing” and type:


If your configuration is correct, there will be reply from