网络拓扑图:
基础配置:
AR1:
[Huawei]int g0/0/0 [Huawei-GigabitEthernet0/0/0]ip add 192.168.1.1 24 [Huawei-GigabitEthernet0/0/0]int g0/0/1 [Huawei-GigabitEthernet0/0/1]ip add 202.0.0.1 26 [Huawei]ip route-static 0.0.0.0 0 202.0.0.2
默认路由 所有的数据都指向 202.0.0.2
AR2:(简单配置接口IP)
[Huawei]int g0/0/0 [Huawei-GigabitEthernet0/0/0]ip add 202.0.0.2 26 [Huawei-GigabitEthernet0/0/0]int g0/0/1 [Huawei-GigabitEthernet0/0/1]ip add 6.6.6.6 24
1. 静态NAT (一对一)
[Huawei]int g0/0/1 [Huawei-GigabitEthernet0/0/1]nat static global 202.0.0.6 inside 192.168.1.2
(将公网202网段IP 绑定到 内网192.168.1.2 PC上)
2. NAPT
undo nat static global 202.0.0.6 inside 192.168.1.2(un 掉之前写的) [Huawei]acl 2000 [Huawei-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255 (允许1.0网段) [Huawei-acl-basic-2000]q [Huawei]nat address-group 1 202.0.0.5 202.0.0.8 (配置公有地址组) [Huawei]int g0/0/1 [Huawei-GigabitEthernet0/0/1]nat outbound 2000 address-group 1 (运用到接口)
3. Easy IP
un nat outbound 2000 address-group 1 (un 掉之前写的) [Huawei]acl 2002 [Huawei-acl-basic-2002]rule permit source 192.168.1.0 0.0.0.255 [Huawei-acl-basic-2002]q [Huawei]int g0/0/1 [Huawei-GigabitEthernet0/0/1]nat outbound 2002
4. Nat Server
[Huawei]acl 2002 [Huawei-acl-basic-2002]rule permit source 192.168.1.0 0.0.0.255 [Huawei-acl-basic-2002]q [Huawei]int g0/0/1 [Huawei-GigabitEthernet0/0/1]nat outbound 2002 [Huawei-GigabitEthernet0/0/1]nat server protocol tcp global current-interface ww w inside 192.168.1.100 www (将内网服务器 绑定到外接口上) Warning:The port 80 is well-known port. If you continue it may cause function fa ilure. Are you sure to continue?[Y/N]:y
