Transcript 静态NAT地址转换

静态NAT地址转换
实现静态NAT地址转换功能。将路由器2501的E0作为内
部端口，同步端口S0作为外部端口。其中10.1.1.2，10.1.1.3，
10.1.1.4的内部本地地址采用静态地址转换。其内部合法地址
分别对应为192.1.1.2，192.1.1.3，192.1.1.4。
Router>enable
Router#config terminal
Router(config)#hostname RouterA
RouterA (config)#interface fastEthernet 0/0
RouterA (config-if)#ip address 10.1.1.253 255.255.255.0
RouterA (config-if)#no shutdown
RouterA (config-if)#exit
RouterA(config)#interface serial 2/0
RouterA(config-if)#ip address 192.1.1.1 255.255.255.0
RouterA(config-if)#exit
RouterA(config)#ip nat inside source static 10.1.1.2 192.1.1.2//配
置静态地址映射关系
RouterA(config)#ip nat inside source static 10.1.1.3 192.1.1.3
RouterA(config)#ip nat inside source static 10.1.1.4 192.1.1.4
RouterA(config)#ip nat inside source static 10.1.1.1 192.1.1.1
RouterA(config)#interface fastEthernet 0/0
RouterA(config-if)#ip nat inside
//配置端口E0为内部接口
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#interface serial 2/0
RouterA(config-if)#ip nat outside //配置端口S0为外部接口
RouterA(config-if)#no shutdown
RouterA(config-if)#clock rate 64000
RouterA(config-if)#no shutdown
RouterA(config-if)#end
RouterA#ping 10.1.1.2
RouterA#show ip nat statistics
Total translations: 4 (4 static, 0 dynamic, 0 extended)
Outside Interfaces: Serial2/0
Inside Interfaces: FastEthernet0/0
RouterA#show ip nat translations
Pro Inside global
Inside local
Outside local
--- 192.1.1.1
10.1.1.1
---
---
--- 192.1.1.2
10.1.1.2
---
---
--- 192.1.1.3
10.1.1.3
---
---
--- 192.1.1.4
10.1.1.4
---
RouterA#
---
Outside global
Switch>enable
Switch#config terminal
Switch(config)#interface vlan 1
Switch(config-if)#ip address 10.1.1.254 255.255.255.0
Switch(config-if)#no shutdown
配置PC1-PC3
PC1
IP Address. . . . . . . . . . . . : 10.1.1.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.1.1
PC2
IP Address. . . . . . . . . . . . : 10.1.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.1.1
PC3
IP Address. . . . . . . . . . . . : 10.1.1.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.1.1
配置完成后可以用以下语句进行查看：
RouterA#show ip nat translations
RouterA#show ip nat statistics
PAT（端口地址转换）配置
本实例实现PAT地址转换功能。将路由器2514的E0作为内
部端口，同步端口E1作为外部端口。其中192.168.1.0为
内部本地地址网段。其内部有一个全局地址202.98.38.1，
这个地址配置在路由器E1口。
交 换 机 SwitchA1912 一 台 ， 接 两 台 PC （ PC1 ： 192.168.1.2/24 ， Default
Gateway 192.168.1.1 ； PC2 ： 202.98.38.5/24
Default Gateway
202.98.38.1 ） ， 一 台 2514 路 由 器 （ RouerA: E0 ： 192.168.1.1/24 ； E1 ：
202.98.38.1/24）。
配置路由器
Router>enable
Router#config terminal
Router(config)#hostname RouterA
RouterA(config)#interface fastEthernet 0/0
RouterA(config-if)#ip address 192.168.1.1 255.255.255.0
RouterA(config-if)#ip nat inside
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#interface fastEthernet 1/0
RouterA(config-if)#ip address 202.98.38.5 255.255.255.0
RouterA(config-if)#ip nat outside
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#ip nat pool aa 202.98.38.2 202.98.38.10
netmask 255.255.255.0
RouterA(config)#access-list 1 permit 192.168.1.0 0.0.0.255
RouterA(config)#ip nat inside source list 1 pool aa
RouterA#show ip access-lists
Switch>enable
Switch#config terminal
Switch(config)#interface vlan 1
Switch(config-if)#ip address 192.168.1.1 255.255.255.0
配置PC1与PC2
PC1 IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
C> ipconfig /ip 192.168.1.2 255.255.255.0
C>ipconfig /dg 192.168.1.1
PC2 IP Address. . . . . . . . . . . . : 202.98.38.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 202.98.38.1
C> ipconfig /ip 202.98.8.5 255.255.255.0
C>ipconfig /dg 202.98.38.1
PC1：
C:>ping 202.98.38.1
C:>ping 202.98.38.5
PC2：
C:>ping 202.98.38.1
配置完成后可以用以下语句进行查看：
RouterA#show ip nat translations
PC>ping 202.98.38.1
Pinging 202.98.38.1 with 32 bytes of data:
Reply from 202.98.38.1: bytes=32 time=63ms TTL=255
Reply from 202.98.38.1: bytes=32 time=62ms TTL=255
Reply from 202.98.38.1: bytes=32 time=62ms TTL=255
Reply from 202.98.38.1: bytes=32 time=63ms TTL=255
Ping statistics for 202.98.38.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 62ms, Maximum = 63ms, Average = 62ms
PC>ping 202.98.38.5
Pinging 202.98.38.5 with 32 bytes of data:
Reply from 202.98.38.5: bytes=32 time=93ms TTL=127
Reply from 202.98.38.5: bytes=32 time=94ms TTL=127
Reply from 202.98.38.5: bytes=32 time=93ms TTL=127
Reply from 202.98.38.5: bytes=32 time=94ms TTL=127
Ping statistics for 202.98.38.5:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 93ms, Maximum = 94ms, Average = 93ms
C>
RouterA#show ip nat translations
Pro Inside global
Inside local
Outside local
Outside global
icmp 202.98.38.2:41 192.168.1.2:41
202.98.38.5:41
202.98.38.5:41
icmp 202.98.38.2:42 192.168.1.2:42
202.98.38.5:42
202.98.38.5:42
icmp 202.98.38.2:43 192.168.1.2:43
202.98.38.5:43
202.98.38.5:43
icmp 202.98.38.2:44 192.168.1.2:44
202.98.38.5:44
202.98.38.5:44