Static NAT would be correct but is there a reason the solution is wrong? Sometimes it is more important to understand why than which ;)
Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Technical Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com <http://www.ipexpert.com/> From: [email protected] [mailto:[email protected]] On Behalf Of Kingsley Charles Sent: Friday, April 16, 2010 7:24 AM To: [email protected] Subject: [OSL | CCIE_Security] NAT query Vol 2 > Lab 16 > Sec 1.3 Hi The task is that when R1 tries to access R2 and R4, it should be translated to specific IP address. The solution has used policy based dynamic NAT. Since the requirement is one to one translation, policy based static NAT should have been used as following: static (inside,outside) 200.13.24.20 access-list R1_R2NAT static (inside,outside) 200.13.24.21 access-list R1_R4NAT Any specific reason for using the following in the solution: nat (inside) 3 access-list R1_R2NAT nat (inside) 4 access-list R1_R4NAT global (outside) 3 200.13.24.20 global (outside) 4 200.13.24.21 access-list R1_R2NAT extended permit ip host 172.16.10.1 host 200.13.24.2 access-list R1_R4NAT extended permit ip host 172.16.10.1 host 200.13.24.4 With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
