Your company has a border router (R2) that is connected to two partner companies: Partner-DB (R1) providing database services and Partner-APP (R3) providing different application services to your web servers in DMZ (200.200.200.0/24).
R2 is also used to perform NAT between internal LAN (fa1/1 =
Currently, your web server in DMZ (200.200.200.4) can connect to both DB (R1) and APP (R3) and it does not need any NAT.
After short time, a new requirement appear: the two partners, DB and APP, requires connectivity between themselves, via your router R2... but both of them share the same internal addressing (192.168.0.0/16) and their border routers (R1 and R3) do not have NAT capabilities.
You have been requested to make the connectivity between R1 and R3 and since you have unused addresses in your public DMZ range (200.200.200.0/24) you suggest the following solution:
- Partner-DB (R1) /
192.168.1.1 will be translated to 200.200.200.1 , only when going to other partner - Partner-APP (R3) /
192.168.3.3 will be translated to 200.200.200.3 , only when going to other partner
How could you do this,
Post your answer in the 'Comments' section below and subscribe to this blog to get the detailed solution and more interesting quizzes.
Costi is a network and security engineer with over 10 years of experience in multi-vendor environments. He holds a CCIE Routing and Switching certification and is currently pursuing same expert-level certifications in other areas. He believes that the best way to learn and understand networking topics is to challenge yourself to fix different problems, production-wise or lab-type exams. He also enjoys teaching networking and security technologies, whevever there is an opportunity for it.
Comments
comments powered by Disqus