Question 1hardmultiple choice
Full question →hardmultiple choiceObjective-mapped
An internal server must always be reachable from outside using the same public IP address. Which translation approach is most appropriate?
Answer choices
Why each option matters
Good practice is not just finding the correct option. The wrong answers often show the exact trap the exam wants you to fall into.
A
Best answer
Static NAT
This is correct because static NAT creates a fixed public-to-private mapping for the server.
B
Distractor review
PAT overload
This is wrong because PAT is mainly for many outbound sessions sharing fewer public addresses.
C
Distractor review
No NAT
This is wrong because private IPv4 addresses are not Internet-routable.
D
Distractor review
DHCP relay
This is wrong because DHCP relay is unrelated to outside reachability for a server.
Common exam trap
Common exam trap: answer the scenario, not the keyword
A common exam trap is selecting PAT overload instead of static NAT for a server that must be reachable from outside using the same public IP. PAT overload is designed for many internal hosts sharing a single public IP for outbound connections, not for providing a fixed public IP for inbound access. This misunderstanding leads to incorrect assumptions about how inbound traffic is handled. The exam tests your ability to distinguish between dynamic port-based translation and static one-to-one mappings, so confusing these concepts can cause you to choose the wrong NAT approach.
Technical deep dive
How to think about this question
Network Address Translation (NAT) is a fundamental IP service that modifies IP address information in packet headers while in transit across a routing device. Static NAT creates a permanent one-to-one mapping between a private internal IP address and a public external IP address. This ensures that the internal server is always reachable via the same public IP, which is essential for hosting services accessible from outside the network. When deciding the appropriate NAT approach, static NAT is chosen for servers requiring consistent external accessibility because it guarantees a fixed public-to-private IP mapping. In contrast, Port Address Translation (PAT) overload allows multiple internal devices to share a single public IP by differentiating sessions with port numbers, which is unsuitable for inbound connections targeting a specific server. DHCP relay and no NAT do not provide the necessary address translation or external reachability for private IP addresses. A common exam trap is confusing PAT overload with static NAT. PAT is often used for outbound traffic from multiple hosts sharing one public IP, but it does not provide a stable public IP for inbound connections to a single internal server. Understanding this distinction is critical for the CCNA exam and real-world network design, where predictable external access to internal resources is required.
KKey Concepts to Remember
- Static NAT creates a fixed one-to-one mapping between a private internal IP address and a public external IP address for consistent external reachability.
- PAT overload allows multiple internal hosts to share a single public IP address by using different port numbers but does not provide a stable public IP for inbound connections.
- Private IPv4 addresses are not routable on the public Internet and require NAT to be reachable from outside networks.
- DHCP relay forwards DHCP requests between clients and servers across different IP subnets and does not affect NAT or external server reachability.
- Static NAT is essential for hosting internal servers that must be accessible from the Internet using the same public IP address at all times.
- PAT is primarily designed to conserve public IP addresses for outbound traffic, not to provide fixed inbound access to a specific internal host.
- Choosing the correct NAT type depends on whether the internal device requires a permanent external identity or just outbound Internet access.
- Static NAT mappings must be manually configured and maintained to ensure the internal server remains reachable via the assigned public IP.
TExam Day Tips
- Watch for words such as best, first, most likely and least administrative effort.
- Review why wrong options are wrong, not only why the correct option is correct.
Related practice questions
Related 200-301 practice-question pages
Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.
CCNA subnetting practice questions
Practise IPv4 subnetting, CIDR, masks, host ranges and subnet selection.
CCNA OSPF practice questions
Practise OSPF neighbours, router IDs, metrics, areas and routing-table interpretation.
CCNA VLAN practice questions
Practise VLANs, access ports, trunks, allowed VLANs and switching scenarios.
CCNA STP practice questions
Practise spanning tree, root bridge election, port roles and STP troubleshooting.
CCNA EtherChannel practice questions
Practise LACP, PAgP, port-channel behaviour and bundle requirements.
CCNA ACL practice questions
Practise standard and extended ACLs, permit/deny logic and traffic filtering.
CCNA NAT practice questions
Practise static NAT, dynamic NAT, PAT and inside/outside address translation.
CCNA DHCP practice questions
Practise DHCP scopes, relay, leases and troubleshooting.
CCNA show ip route practice questions
Practise routing-table output, longest-prefix match, AD and route selection.
CCNA show interfaces trunk practice questions
Practise trunk verification and VLAN forwarding across switches.
CCNA wireless security practice questions
Practise WLAN security, authentication and wireless architecture concepts.
CCNA IPv6 practice questions
Practise IPv6 addressing, routes, neighbour discovery and common IPv6 exam traps.
More questions from this exam
Keep practising from the same exam bank, or move into a focused topic page if this question exposed a weak area.
Question 1
A router learns the same prefix from both OSPF and EIGRP. Which route is installed by default?
Question 2
A router shows this output: R1#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 10.1.1.2 1 FULL/DR 00:00:34 192.168.12.2 GigabitEthernet0/0 10.1.1.3 1 2WAY/DROTHER 00:00:39 192.168.12.3 GigabitEthernet0/0 Which statement is correct?
Question 3
What is the OSPF metric called?
Question 4
A non-root switch has two uplinks toward the root bridge. One path has a lower total STP cost than the other. What role will the lower-cost uplink have?
Question 5
A router interface applies this ACL inbound: 10 deny tcp any any eq 80 20 permit ip any any A user reports that web browsing to a server by IP address fails, but ping works. Which statement best explains the behavior?
Question 6
A router learns route 198.51.100.0/24 from OSPF with AD 110 and also has a static route to the same prefix configured with AD 150. Which route is installed?
FAQ
Questions learners often ask
What does this 200-301 question test?
Static NAT creates a fixed one-to-one mapping between a private internal IP address and a public external IP address for consistent external reachability.
What is the correct answer to this question?
The correct answer is: Static NAT — A static NAT mapping is the most appropriate approach. In plain language, the outside world needs a stable public address that always represents the same internal server. Static NAT provides that fixed one-to-one relationship, which makes the service reachable predictably. PAT is better suited for many outbound users sharing one public address, not for presenting one inside server with a consistent external identity. The correct answer is the one that provides a permanent mapping.
What should I do if I get this 200-301 question wrong?
Then try more questions from the same exam bank and focus on understanding why the wrong options are tempting.
Discussion
Loading comments…
Sign in to join the discussion.