Which command forwards external port 22 to internal 192.168.1.10:22 using destination NAT?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the MTCNA Foundation Exam. Prepare with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your certification!

Multiple Choice

Which command forwards external port 22 to internal 192.168.1.10:22 using destination NAT?

Explanation:
Forwarding external port 22 to an internal host is done with a destination NAT rule. It must be in the destination NAT (dstnat) path, match the incoming TCP packets for the external port, and rewrite both the destination address and port to the internal host and port. The key is to specify where to forward to and which internal port to use. The best command uses the dstnat chain, matches TCP and the external port 22, and then instructs the firewall to translate the destination to 192.168.1.10 and the port to 22. That explicit to-ports keeps the internal port exactly as 22, ensuring correct end-to-end mapping: external 22 -> internal 192.168.1.10:22. The other options fail for these reasons: one omits the to-ports value, which leaves the internal port translation unspecified; another uses the wrong chain (srcnat instead of dstnat) and thus applies to outgoing traffic rather than incoming; and another omits the action specification, so it wouldn’t perform NAT at all.

Forwarding external port 22 to an internal host is done with a destination NAT rule. It must be in the destination NAT (dstnat) path, match the incoming TCP packets for the external port, and rewrite both the destination address and port to the internal host and port. The key is to specify where to forward to and which internal port to use.

The best command uses the dstnat chain, matches TCP and the external port 22, and then instructs the firewall to translate the destination to 192.168.1.10 and the port to 22. That explicit to-ports keeps the internal port exactly as 22, ensuring correct end-to-end mapping: external 22 -> internal 192.168.1.10:22.

The other options fail for these reasons: one omits the to-ports value, which leaves the internal port translation unspecified; another uses the wrong chain (srcnat instead of dstnat) and thus applies to outgoing traffic rather than incoming; and another omits the action specification, so it wouldn’t perform NAT at all.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy