Exam 300-101 Question id=448 Infrastructure Services

A network engineer is asked to configure a “site-to-site” Ipsec VPN tunnel. One of the last things that the engineer does is to configure an access list (access-list 1 permit any) along with the command ip nat inside source list 1 int s0/0 overload. Which functions do the two commands serve in this scenario?

A. The command access-list 1 defines interesting traffic that is allowed through the tunnel.
B. The command ip nat inside source list 1 int s0/0 overload disables “many-to-one” access for all devices on a defined segment to share a single IP address upon exiting the external interface.
C. The command access-list 1 permit any defines only one machine that is allowed through the tunnel.
D. The command ip nat inside source list 1 int s0/0 overload provides “many-to-one” access for all devices on a defined segment to share a single IP address upon exiting the external interface.
previous question
next question

Configuring NAT to Allow Internal Users to Access the Internet Using Overloading
interface Ethernet 0 ip address 10.10.10.1 255.255.255.0 ip nat inside !--- Defines Ethernet 0 with an IP address as a NAT inside interface. Interface Ethernat 1 ip address 10.10.20.1 255.255.255.0 ip nat inside !--- Defines Ethernet 0 with an IP address as a NAT inside interface. Interface Serial 0 ip address 172.16.10.64 255.255.255.0 ip nat outside !--- Defines serial 0 with an IP address as a NAT outside interface. ip nat pool ovrld 172.16.10.1 172.16.10.1 prefix 24 !--- Defines a NAT pool named ovrld with a range of a single IP !--- address, 172.16.10.1. ip nat inside source list 7 pool ovrld overload !--- Indicates that any packets recieved on the inside interface that !--- are permitted by access-list 7 has the source address !--- translated to an address out of the NAT pool named ovrld. !--- Translations are overloaded, which allows multiple inside !--- devices to be translated to the same valid IP address. access-list 7 permit 10.10.10.0 0.0.0.31 access-list 7 permit 10.10.20.0 0.0.0.31
Note in the previous second configuration, the NAT pool “ovrld”only has a range of one address. The keyword overload used in the ip nat inside source list 7 pool ovrld overload command allows NAT to translate multiple inside devices to the single address in the pool.

Reference



WARNING

the answers are mixed, do not specify in the comment number or the letter of the answer
please write answer#A instead A, answer#B instead B...
Subject:

only logged users can write comments