利用路由器实现NAT功能
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#host A
A(config)#int e0
A(config-if)#ip addr 192.168.10.1 255.255.255.0
A(config-if)#no shut
%LINK-3-UPDOWN: Interface Ethernet0, changed state to up
A(config-if)#int s0
A(config-if)#ip addr 202.110.100.1 255.255.255.0
A(config-if)#encap hdlc
A(config-if)#clock rate 56000
A(config-if)#no shut
A(config-if)#exit
A(config)#router rip
A(config-router)#ver 2
A(config-router)#net 192.168.10.0
A(config-router)#net 202.110.100.0
A(config-router)#exit
Router(config)#host ASP
ASP(config)#int s0
ASP(config-if)#ip addr 202.110.100.2 255.255.255.0
ASP(config-if)#encap hdlc
ASP(config-if)#no shut
ASP(config-if)#exit
ASP(config)#router rip
ASP(config-router)#ver 2
ASP(config-router)#net 202.110.100.0
ASP(config-router)#exit
配置
nat
步骤:
A(config)#access-list 1 permit 192.168.10.0
0.0.0
.255
A(config)#ip nat inside source list 1 interface s 0 overload
A(config)#int e0
A(config-if)#ip nat inside
A(config-if)#int s0
A(config-if)#ip nat outside
A(config-if)#exit
A(config)#exit
A#show ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp202.110.100.1:9392 192.168.10.2:9392 202.110.100.2:9392 202.110.100.2:9392
icmp202.110.100.1:9393 192.168.10.2:9393 202.110.100.2:9393 202.110.100.2:9393
icmp202.110.100.1:9394 192.168.10.2:9394 202.110.100.2:9394 202.110.100.2:9394
icmp202.110.100.1:9395 192.168.10.2:9395 202.110.100.2:9395 202.110.100.2:9395
icmp202.110.100.1:9396 192.168.10.2:9396 202.110.100.2:9396 202.110.100.2:9396
NAT
配置:
1,
制定可以
nat
的私有
ip
(
config
)
#access-list
表名
permit
源网
ip
源网匹配码
2,
指定
nat
的目标
ip
(
config
)
#ip nat inside source list
表号
interface
外网端口
overload
3,
指定内网端口
(
config-if
)
#ip nat inside
4,
定义外网端口
(
config-if
)
#ip nat outside
调试:
#show ip nat translation //
查看
nat
表
本文转自shenleigang 51CTO博客,原文链接:
http://blog.51cto.com/shenleigang/152596
,如需转载请自行联系原作者
