R1
conf t
int g2/0
ip add 10.1.1.1 255.255.255.0
no shut
username R1 password cisco
line vty 0 4
login local
exit
ip route 172.16.1.0 255.255.255.0 10.1.1.9
R2
conf t
int g2/0
ip add 29.29.29.2 255.255.255.0
no shut
int g3/0
ip add 10.1.1.2 255.255.255.0
no shut
ip route 192.168.1.0 255.255.255.0 29.29.29.9
R3
conf t
int g3/0
ip add 10.1.1.3 255.255.255.0
no shut
ip route 192.168.1.0 255.255.255.0 10.1.1.2
PIX
conf t
int e 0
nameif inside
ip add 10.1.1.9 255.255.255.0
no shut
int e1
nameif outside
ip add 29.29.29.9 255.255.255.0
no shut
exit
nat-control
static (inside,outside) 192.168.1.0 10.1.1.0 netmask 255.255.255.0
static (outside,inside) 172.16.1.0 10.1.1.0 netmask 255.255.255.0
route outside 172.16.1.0 255.255.255.128 29.29.29.2
route outside 172.16.1.128 255.255.255.128 29.29.29.2
access-list NAT per ip an an
access-group NAT in interface outside
测试:
R3#telnet 192.168.1.1
Trying 192.168.1.1 ... Open
User Access Verification
Username: R1
Password:
R1>quit
[Connection to 192.168.1.1 closed by foreign host]
R3#
PIX1# sh conn
1 in use, 6 most used
TCP out 172.16.1.3(10.1.1.3):64238 in 10.1.1.1:23 idle 0:00:02 bytes 120 flags UIO
R1
Nov 17 15:46:01.939: IP: tableid=0, s=172.16.1.3 (GigabitEthernet2/0), d=10.1.1.1 (GigabitEthernet2/0), routed via RIB
*Nov 17 15:46:01.939: IP: s=172.16.1.3 (GigabitEthernet2/0), d=10.1.1.1 (GigabitEthernet2/0), len 40, rcvd 3
本文出自 “穿过地狱去看海” 博客,谢绝转载!
NAT with same subnetwork
社区:
