You are connected to R1 via the console. R1's GigabitEthernet0/0 (10.0.0.1/30) connects to a WAN link to the ISP. GigabitEthernet0/1 (192.168.1.1/24) connects to the internal LAN with hosts needing Internet access. The ISP has allocated public IP pool 203.0.113.16/28 (203.0.113.17-203.0.113.30). The internal LAN should use NAT overload (PAT) to translate all internal traffic to the public IP 203.0.113.18. The router currently has no NAT configuration. Configure NAT overload on R1 to allow internal hosts to access the Internet.
Hints
- •Think about which interfaces are inside and outside the NAT domain.
- •The overload keyword enables PAT.
- •Use an ACL to define which internal addresses are eligible for translation.
! R1 access-list 1 permit 192.168.1.0 0.0.0.255 ip nat inside source list 1 interface GigabitEthernet0/0 overload interface GigabitEthernet0/1 ip nat inside interface GigabitEthernet0/0 ip nat outside
Why this answer
The requirement is to translate all internal traffic to the specific public IP 203.0.113.18, not the physical interface's address. Option C achieves this with a NAT pool containing that IP and the overload keyword, enabling PAT. Option A translates to the interface's IP (10.0.0.1), contradicting the requirement.
Option B references the wrong interface in the translation command and lacks overload, while Option D omits the overload keyword entirely, providing only one-to-one NAT.
Exam trap
A common pitfall is assuming the outside interface's IP satisfies a translation requirement when a specific public IP from a pool is explicitly mandated.
Why the other options are wrong
Uses the outside interface IP (10.0.0.1) instead of the required 203.0.113.18.
The translation command uses the inside interface, which would not provide the correct source address for outbound traffic.
Missing the 'overload' keyword, so only one-to-one NAT occurs, preventing multiple hosts from sharing the IP.