标签:
PC(config)#no ip routing PC(config)#int f0/0 PC(config-if)#ip add 192.168.1.1 255.255.255.0 PC(config-if)#no shut PC(config-if)#exit PC#ping 202.101.100.30 ----未配置NAT之前,无法ping通 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 202.101.100.30, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) PC#ping 202.101.100.30 --------配了NAT之后可以ping通 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 202.101.100.30, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 72/104/172 ms server(config)#no ip routing server(config)#int f0/0 server(config-if)#ip add 192.168.1.100 255.255.255.0 server(config-if)#no shut server(config-if)#exit server(config)#ip default-gateway 192.168.1.254 server#show ip route Default gateway is 192.168.1.254 Host Gateway Last Use Total Uses Interface ICMP redirect cache is empty server#ping 202.101.100.30 -----配置NAT后可以访问外网 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 202.101.100.30, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 64/280/1064 ms server(config)#line vty 0 4 server(config-line)#pass server(config-line)#password 123 server(config-line)#login server(config-line)#exit R4(config)#int s0/0 R4(config-if)#ip add 202.101.100.30 255.255.224.0 R4(config-if)#no shut R4(config-if)#exit R4#ping 192.168.1.1 ----未配置NAT之前无法访问内网 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) R4#telnet 202.101.100.1 ---配置静态NAT后外网可以通过访问202.101.100.1来访问内网 Trying 202.101.100.1 ... Open User Access Verification Password: server>exit [Connection to 202.101.100.1 closed by foreign host] R4#telnet 202.101.100.1 -----指定端口映射以后地址后不加端口无法访问 Trying 202.101.100.1 ... Open Password required, but none set [Connection to 202.101.100.1 closed by foreign host] R4#telnet 202.101.100.1 8080 -----指定端口映射以后加端口才能访问 Trying 202.101.100.1, 8080 ... Open User Access Verification Password: server>exit [Connection to 202.101.100.1 closed by foreign host] R3(config)#int s1/0 R3(config-if)#ip add 202.101.100.1 255.255.224.0 R3(config-if)#no shut R3(config-if)#exit R3(config)#int f0/0 R3(config-if)#ip add 192.168.1.254 255.255.255.0 R3(config-if)#no shut R3(config-if)#exit R3(config)#access-list 1 permit 192.168.1.0 0.0.0.255 ---配置PAT(端口复用NAT) R3(config)#ip nat inside source list 1 s1/0 ov R3(config)#ip nat inside source list 1 interface s1/0 overload R3(config)#int s1/0 R3(config-if)#ip nat outside R3(config-if)#int f0/0 R3(config-if)#ip nat inside R3#show ip nat translations Pro Inside global Inside local Outside local Outside global icmp 202.101.100.1:1 192.168.1.1:1 202.101.100.30:1 202.101.100.30:1 icmp 202.101.100.1:0 192.168.1.100:0 202.101.100.30:0 202.101.100.30:0 R3(config)#ip nat inside source static 192.168.1.100 202.101.100.1 ---此静态NAT所有端口映射暴露给外网不安全 R3(config)#no ip nat inside source static 192.168.1.100 202.101.100.1 Static entry in use, do you want to delete child entries? [no]: y R3(config)#ip nat inside source static tcp 192.168.1.100 23 202.101.100.1 8080 ---指定端口映射
标签:
原文地址:http://blog.csdn.net/shienquan/article/details/44700165
