Chinaunix首页 | 论坛 | 博客

心跳男人

首页 |  博文目录 |  关于我

心跳男人

  • 博客访问: 1538421
  • 博文数量: 416
  • 博客积分: 10061
  • 博客等级: 上将
  • 技术积分: 3287
  • 用 户 组: 普通用户
  • 注册时间: 2006-12-05 11:12
个人简介

技术在于专研

文章分类

全部博文(416)

文章存档

2021年(3)

2015年(34)

2013年(2)

2012年(1)

2011年(2)

2010年(5)

2007年(344)

2006年(25)

我的朋友
最近访客
推荐博文
相关博文
静态NAT

分类: 系统运维

2007-02-09 14:48:01

 

网络背景:

使用R2模拟ISP,R3R2将与相邻的12.0.0.0重分布到IGPR3模拟公网上的路由器,必须学到12.0.0.0的路由,R1指一条默认路由指向ISP

STEP1:PC1PC2no ip routing.R1的快速以太口关闭代理ARP

R1(config-line)#int s2/1

R1(config-if)#ip ad 12.0.0.2 255.255.255.0

R1(config-if)#no sh

R1(config-if)#int f0/0

R1(config-if)#no ip proxy-arp

R1(config-if)#ip ad 10.0.0.1 255.255.255.0

R1(config-if)#no sh

 

R2(config-line)#int s2/1

R2(config-if)#ip ad 12.0.0.1 255.255.255.0

R2(config-if)#no sh

R2(config-if)#int s2/2

R2(config-if)#ip ad 23.0.0.1 255.255.255.0

R2(config-if)#no sh

 

R3(config-line)#int s2/1

R3(config-if)#ip ad 23.0.0.2 255.255.255.0

R3(config-if)#no sh

 

PC1(config)#int f0/0

PC1(config-if)#no ip proxy-arp

PC1(config-if)#ip ad 10.0.0.2 255.255.255.0

PC1(config-if)#no sh

 

PC2(config)#int f0/0

PC2(config-if)#no ip proxy-arp

PC2(config-if)#ip ad 10.0.0.3 255.255.255.0

PC2(config-if)#no sh

 

STEP2:定义NAT的内口与外口

接口模式下:ip nat insinde    定义为内口

接口模式下:ip nat outside    定义为外口

R1(config-if)#ip nat inside

R1(config-if)#int s2/1

R1(config-if)#ip nat outside

 

 

STEP3:静态NAT的转换

ip nat inside source static 本地IP 本地公网IP  //static静态

 

STEP4:R2R3间配置RIPv2

R1

router rip

 version 2

 network 12.0.0.0

 network 23.0.0.0

R2

router rip

 version 2

network 23.0.0.0

 

 

STEP5:R1指默认路由到ISP,并且为内网的PC指定网关

PC2(config)#ip default-gateway 10.0.0.1

 

PC1(config)#ip default-gateway 10.0.0.1

 

PING测试地址是否转换成功

R1(config)#debug ip nat tr

00:36:14: NAT*: s=10.0.0.2->12.0.0.15, d=23.0.0.2 [10]

00:36:15: NAT*: s=23.0.0.2, d=12.0.0.15->10.0.0.2 [10]

R1(config)#

00:37:35: NAT*: s=23.0.0.2, d=12.0.0.10->10.0.0.3 [23]

00:37:35: NAT*: s=10.0.0.3->12.0.0.10, d=23.0.0.2 [24]

 

R1的配置如下

R1(config)#do sh ru

Building configuration...

 

Current configuration : 1309 bytes

!

version 12.1

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname R1

!

ip subnet-zero

ip cef

!

no ip domain-lookup

!

ip audit notify log

ip audit po max-events 100

ip ssh time-out 120

ip ssh authentication-retries 3

!

interface FastEthernet0/0

 ip address 10.0.0.1 255.255.255.0

 no ip proxy-arp

 ip nat inside

 duplex half

!

interface Serial2/0

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial2/1

 ip address 12.0.0.2 255.255.255.0

 ip nat outside

 serial restart-delay 0

!

interface Serial2/2

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial2/3

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial3/0

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial3/1

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial3/2

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial3/3

 no ip address

 shutdown

 serial restart-delay 0

!

ip nat inside source static 10.0.0.2 12.0.0.15  //静态NAT的转换

ip nat inside source static 10.0.0.3 12.0.0.10  //静态NAT的转换

ip classless

ip route 0.0.0.0 0.0.0.0 Serial2/1

no ip http server

no ip http secure-server

!

!

line con 0

 exec-timeout 0 0

 password cisco

 logging synchronous

 login

 stopbits 1

line aux 0

 stopbits 1

line vty 5 15

!

!        

End

 

 

R2的配置如下

R2(config-router)#do sh run

Building configuration...

 

Current configuration : 1192 bytes

!

version 12.1

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname R2

!

ip subnet-zero

ip cef

!

no ip domain-lookup

!

ip audit notify log

ip audit po max-events 100

ip ssh time-out 120

ip ssh authentication-retries 3

!

interface FastEthernet0/0

 no ip address

 shutdown

 duplex half

!

interface Serial2/0

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial2/1

 ip address 12.0.0.1 255.255.255.0

 serial restart-delay 0

!

interface Serial2/2

 ip address 23.0.0.1 255.255.255.0

 serial restart-delay 0

!

interface Serial2/3

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial3/0

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial3/1

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial3/2

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial3/3

 no ip address

 shutdown

 serial restart-delay 0

!

router rip

 version 2

 network 12.0.0.0

 network 23.0.0.0

!

ip classless

no ip http server

no ip http secure-server

!

line con 0

 exec-timeout 0 0

 password cisco

 logging synchronous

 login

 stopbits 1

line aux 0

 stopbits 1

line vty 5 15

!

!

End

 

R3的配置

R3(config-router)#do sh run

Building configuration...

 

Current configuration : 1164 bytes

!

version 12.1

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname R3

!

ip subnet-zero

ip cef

!

no ip domain-lookup

!

ip audit notify log

ip audit po max-events 100

ip ssh time-out 120

ip ssh authentication-retries 3

!

interface FastEthernet0/0

 no ip address

 shutdown

 duplex half

!

interface Serial2/0

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial2/1

 ip address 23.0.0.2 255.255.255.0

 serial restart-delay 0

!

interface Serial2/2

 no ip address

 shutdown

 serial restart-delay 0

!        

interface Serial2/3

 no ip address

 shutdown

 serial restart-delay 0

<
阅读(1203) | 评论(0) | 转发(0) |
0

上一篇:动态NAT

下一篇:最新装机软件合集2007新年版

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6