在路由器上配置NAT(Network Address Translation) 
版权声明:原创作品,谢绝转载!否则将追究法律责任。 |
实验目的:
通过配置静态源地址转换,使内网的R4可以访问外网的R5
配置动态源地址转换。使内网的R2可以访问外网的R3
设置R1的f0/0为inside端口,s2/0为outside端口。
实验环境:
拓扑图如上,R1的S2/0口与R3,R5通过FRAME-RELAY交换机连接形成外网。R1的F0/0口通过局域网交换机与R2,R4连接形成内网。
配置实例
R1 conf t ip nat inside source static 1.1.2.4(local) 1.1.3.5(global) /*静态源地址转换 ip nat pool pool1 1.1.3.2 1.1.3.3(global ip) prefix-length 24 /*创建地址池,动态源地址转换 ip nat inside source list 1 pool pool1 /*使ACL与地址池对应 access-list 1 permit 1.1.2.0 0.0.0.255 int f 0/0 ip ad 1.1.2.1 255.255.255.0 ip nat inside /*配置f0/0为inside端口 no shut exit int s2/0 ip ad 1.1.3.1 255.255.255.0 encap frame no arp f no frame inver frame map ip 1.1.3.3 103 b frame map ip 1.1.3.5 105 b ip nat outside /*配置s2/0为outside端口 no shut end
R2 conf t int f 0/0 ip ad 1.1.2.2 255.255.255.0 no shut end R3 conf t int s2/0 ip ad 1.1.3.3 255.255.255.0 encap frame no arp f no frame inver frame map ip 1.1.3.1 301 b no shut end R4 conf t int f 0/0 ip ad 1.1.2.4 255.255.255.0 no shut end R5 conf t int s2/0 ip ad 1.1.3.5 255.255.255.0 encap frame no arp f no frame inver frame map ip 1.1.3.1 501 b no shut end 校验
R1#sh ip nat statistics Total active translations: 1 (1 static, 0 dynamic; 0 extended) Outside interfaces: Serial2/0 Inside interfaces: FastEthernet0/0 Hits: 0 Misses: 0 Expired translations: 0 Dynamic mappings: -- Inside Source [Id: 1] access-list 1 pool pool1 refcount 0 pool pool1: netmask 255.255.255.0 start 1.1.3.2 end 1.1.3.3 type generic, total addresses 2, allocated 0 (0%), misses 0 R1#sh ip nat t Pro Inside global Inside local Outside local Outside global --- 1.1.3.5 1.1.2.4 --- --- 本文出自 “穿过地狱去看海” 博客,谢绝转载! 本文出自 51CTO.COM技术博客 |
cj231210
博客统计信息
热门文章
最新评论
友情链接
