HOTSPOT
You have a network address translation (NAT) server named NAT1 that has an external IP address of
131.107.50.1 and an internal IP address of 10.0.0.1.
You deploy a new server named Web1 that has an IP address of 10.0.0.211.
A remote server named app.fabrikam.com has an IP address of 131.107.1.232.
You need to make Web1 accessible to app.fabrikam.com through NAT1.
What command should you run from NAT1? To answer, select the appropriate options in the answer area.
Hot Area:
Explanation:
https://technet.microsoft.com/en-us/itpro/powershell/windows/nat/add-netnatstaticmapping
Or this, even: https://docs.microsoft.com/en-us/powershell/module/netnat/add-netnatstaticmapping
The Add-NetNatStaticMapping cmdlet adds a static mapping to a network address translation (NAT) instance. A static mapping enables an incoming connection from an external network to access a host on an internal network through the NAT.
You can use NAT to share a connection to the public Internet through a single interface with a single public IP address. The computers on the private network use private, non-routable addresses. NAT maps the private addresses to the public address.
The external IP address is wrong. It should be :
Add-NetNatStaticMapping -externalipaddress 137.107.50.1 -internalip 10.0.0.211
Because 137.107.1.232 is the PUBLIC INTERNET IP address that app.fabrikam.com use to communicate.
The source IP address in the IP packet sent by app.fabrikam.com will be 137.107.1.232 while the destination IP address in the IP Packet will be 137.107.50.1 which is the INTERNET PUBLIC IP address of NAT1.
So the NAT command has to tell NAT1 that every IP Packet arriving at IP 137.107.50.1 will be forwarded to 10.0.0.211.
In real world, you rather usually use a more specific command that forwards incoming packet matching a specific port (like http port 80) to a specific internal LAN IP address of WEB server.
Like for example :
Add-NetNatStaticMapping -ExternalIPAddress “177.177.177.177” -ExternalPort 80 -InternalIPAddress “192.0.02.179” -InternalPort 80