静态,动态NAT 配置
拓扑图
需求
拓扑中PC 都已经设置好IP 地址、网关 , NAT 的配置分为静态NAT、动态NAT
配置命令
R1:
undo ter mo sys sysname R1 int g0/0/0 ip add 200.0.0.1 24 int g0/0/1 ip add 192.168.1.254 24 int g0/0/2 ip add 192.168.2.254 24 q ip route-static 0.0.0.0 0.0.0.0 200.0.0.2
r2:
undo ter mo sys sysname R2 int loo0 ip add 200.0.20.1 24 int g0/0/0 ip add 200.0.0.2 24 q ip route-static 0.0.0.0 0.0.0.0 200.0.0.1
=========
配置静态NAT
R1:
验证
display nat static • 1
PC1 ping R2 的环回口
R1 :display nat session all • 1 • 2
==========
配置动态NAT
R1:
删掉上面配置的静态 NAT int g0/0/0 undo nat static global 200.0.0.3 inside 192.168.1.1 undo nat static global 200.0.0.4 inside 192.168.1.2 nat address-group 1 200.0.0.9 200.0.0.200 acl 2000 rule permit source 192.168.1.0 0.0.0.255 rule permit source 192.168.2.0 0.0.0.255 int g0/0/0 nat outbound 2000 address-group 1 no-pat 不做端口转换 或者 nat outbound 2000 address-group 1 做端口转换
R1: 验证
display nat address-group 1 • 1
- 1
- 2
display nat session all • 1 • 2
==========
配置 easy ip
int g0/0/0 undo nat outbound 2000 address-group 1 nat outbound 2000
