IT貓撲網(wǎng):您身邊最放心的安全下載站! 最新更新|軟件分類|軟件專題|手機(jī)版|論壇轉(zhuǎn)貼|軟件發(fā)布

您當(dāng)前所在位置: 首頁系統(tǒng)集成網(wǎng)絡(luò)管理 → 靜態(tài)NAT與標(biāo)準(zhǔn)ACL的混合使用

靜態(tài)NAT與標(biāo)準(zhǔn)ACL的混合使用

時(shí)間:2015-06-28 00:00:00 來源:IT貓撲網(wǎng) 作者:網(wǎng)管聯(lián)盟 我要評(píng)論(0)

靜態(tài)nat與標(biāo)準(zhǔn)acl 的混合使用

??? <1>、將pc0和pc1得ip轉(zhuǎn)換為環(huán)回地址。
??? <2>、阻止1.1.1.2 的通信

??? Router 1配置:
??? Router>en
??? Router#conf t
??? Enter configuration commands, one per line.? End with CNTL/Z.
??? Router(config)#int f 0/0
??? Router(config-if)#ip add 1.1.1.1 255.0.0.0
??? Router(config-if)#no shut

??? %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
??? %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
??? Router(config-if)#int f0/1
??? Router(config-if)#ip add 2.2.2.1 255.0.0.0
??? Router(config-if)#no shutdown

??? %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
??? Router(config-if)#exit
??? Router(config)#
??? %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
??? Router(config)#int loopback 0

??? %LINK-5-CHANGED: Interface Loopback0, changed state to up
??? %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
??? Router(config-if)#ip add 4.4.4.1 255.0.0.0
??? Router(config-if)#no shut
??? Router(config-if)#exit
??? Router(config)#router rip
??? Router(config-router)#network 1.0.0.0
??? Router(config-router)#network 2.0.0.0
??? Router(config-router)#network 4.0.0.0
??? Router(config-router)#end
??? %SYS-5-CONFIG_I: Configured from console by console
??? Router#show ip rou
??? Router#show ip route
??? Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
???? D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
???? N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
???? E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
???? i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
???? * - candidate default, U - per-user static route, o - ODR
???? P - periodic downloaded static route

??? Gateway of last resort is not set

??? C??? 1.0.0.0/8 is directly connected, FastEthernet0/0
??? C??? 2.0.0.0/8 is directly connected, FastEthernet0/1
??? R??? 3.0.0.0/8 [120/1] via 2.2.2.2, 00:00:11, FastEthernet0/1
??? C??? 4.0.0.0/8 is directly connected, Loopback0
??? Router#configure terminal
??? Enter configuration commands, one per line.? End with CNTL/Z.
??? Router(config)#ip nat inside source s
??? Router(config)#ip nat inside source static 1.1.1.2 4.4.4.2
??? Router(config)#ip nat inside source static 1.1.1.3 4.4.4.3
??? Router(config)#interface fastEthernet 0/0
??? Router(config-if)#ip nat in
??? Router(config-if)#ip nat inside
??? Router(config-if)#no shut
??? Router(config-if)#no shutdown
??? Router(config-if)#int f0/1
??? Router(config-if)#ip nat outside
??? Router(config-if)#end
??? %SYS-5-CONFIG_I: Configured from console by console
??? Router#show ip nat ?
????? statistics??? Translation statistics
????? translations? Translation entries
??? Router#show ip nat tr
??? Router#show ip nat translations
??? Pro? Inside global???? Inside local Outside local????? Outside global
??? ---? 4.4.4.2???? 1.1.1.2????? ---??? ---
??? ---? 4.4.4.3???? 1.1.1.3????? ---??? ---

??? Router#ping 3.3.3.2

??? Type escape sequence to abort.
??? Sending 5, 100-byte ICMP Echos to 3.3.3.2, timeout is 2 seconds:
??? !!!!!
??? Success rate is 100 percent (5/5), round-trip min/avg/max = 62/62/63 ms

??? Router#conf
??? Configuring from terminal, memory, or network [terminal]?
??? Enter configuration commands, one per line.? End with CNTL/Z.
??? Router(config)#acc
??? Router(config)#access-list ?
????? <1-99>???? IP standard access list
????? <100-199>? IP extended access list
??? Router(config)#access-list 1 ?
????? deny??? Specify packets to reject
????? permit? Specify packets to forward
????? remark? Access list entry comment
??? Router(config)#access-list 1 deny ho
??? Router(config)#access-list 1 deny host 1.1.1.2
??? Router(config)#access-list 1 per
??? Router(config)#access-list 1 permit any
??? Router(config)#exit
??? %SYS-5-CONFIG_I: Configured from console by console
??? Router#show acc
??? Router#show access-lists
??? Standard IP access list 1
? deny host 1.1.1.2
? permit any
??? Router#configure terminal
??? Enter configuration commands, one per line.? End with CNTL/Z.
??? Router(config)#interface fastEthernet 0/0
??? Router(config-if)#ip access-group 1 in
??? Router(config-if)#no shut
??? Router(config-if)#
??? Router(config-if)#

#p#副標(biāo)題#e#

Rourer 1 的配置:
??? Router>en
??? Router#conf t
??? Enter configuration commands, one per line.? End with CNTL/Z.
??? Router(config)#int f0/0
??? Router(config-if)#ip add 3.3.3.1 255.0.0.0
??? Router(config-if)#no shutdown

??? %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
??? %LINEPROTO-5-UPDOWN

關(guān)鍵詞標(biāo)簽:靜態(tài)NAT,標(biāo)準(zhǔn)ACL

相關(guān)閱讀

文章評(píng)論
發(fā)表評(píng)論

熱門文章 路由器地址大全-各品牌路由設(shè)置地址 路由器地址大全-各品牌路由設(shè)置地址 各品牌的ADSL與路由器出廠默認(rèn)IP、帳號(hào)、密碼 各品牌的ADSL與路由器出廠默認(rèn)IP、帳號(hào)、密碼 Nslookup命令詳解-域名DNS診斷 Nslookup命令詳解-域名DNS診斷 站長裝備:十大網(wǎng)站管理員服務(wù)器工具軟件 站長裝備:十大網(wǎng)站管理員服務(wù)器工具軟件

相關(guān)下載

    人氣排行 各品牌的ADSL與路由器出廠默認(rèn)IP、帳號(hào)、密碼 路由器地址大全-各品牌路由設(shè)置地址 騰達(dá)路由器怎么設(shè)置?騰達(dá)路由器設(shè)置教程 ADSL雙線負(fù)載均衡設(shè)置詳細(xì)圖文教程 路由表說明(詳解route print) Nslookup命令詳解-域名DNS診斷 網(wǎng)管員實(shí)際工作的一天 網(wǎng)管必會(huì)!了解交換機(jī)控制端口流量