Task 2.4 and 2.5 Verification


I am working on Lab 1, task 2.4/2.5/2.6 right now and when looking at the verification of 2.4/2.5 I cannot understand why it would work in the solutions guide. 2.6 outbound telnet between R1 and the VPN3k should work because of the NAT translation which is taking place on the PIX, however, when I try to ping from R1 to the VPN3k, ASA1, SW2, etc. it fails. Looking at the topology, this seems to make sense that with the way the routing is configured, the traffic would make it there due to the default routes, but the distant devices would not have a route back because the most distant network they are aware of is VLAN 119 and the only traffic which is being NAT translated on the PIX is telnet, not ICMP echos or traceroute from VLAN 19.

Looking further into the lab there does not appear to be a VPN tunnel pinned up between the devices or any further address translation configured that would allow the verification to succeed.

The only way I can get it to verify is to add a simple nat/global to the PIX. Ex. nat (inside) 2 0 0 , global (outside) 2 interface. This makes the routing work.

Were others able to truly verify 2.4 and 2.5? Am I missing something?

As a side question, if the verification does not work, would they ding me on this for the lab, or would it just be set up that way intentionally?




Sign In or Register to comment.