NAT实验报告

一、实验拓扑

二、实验要求

1.按照图示配置ip地址，公网地址100.1.1.1/24

2.私网a通过napt，使得r1接入到互联网，私网b通过easy IP使得r3接入互联网

3.私网a配置nat server 把telnet的telnet服务发布到公网使得pc2可以访问

三、实验步骤

1.配置IP地址

[telnet]int g0/0/0
[telnet-GigabitEthernet0/0/0]ip add 192.168.1.2 24

[telnet-GigabitEthernet0/0/0]quit
[telnet]ip rpute-static 0.0.0.0 192.168.1.254

[r1]int g0/0/1

[r1-GigabitEthernet0/0/1]ip add 100.1.1.1 24. 
[r1-GigabitEthernet0/0/1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip add 192.168.1.254 24

[r2]int g0/0/0
[r2-GigabitEthernet0/0/0]ip add 100.1.1.2 24
[r2-GigabitEthernet0/0/0]int g0/0/1
[r2-GigabitEthernet0/0/1]ip add 100.2.2.2 24

[r3]int g0/0/0
[r3-GigabitEthernet0/0/0]ip add 100.2.2.3 24
[r3-GigabitEthernet0/0/0]int g0/0/1
[r3-GigabitEthernet0/0/1]192.168.1.3 24

[pc2]int g0/0/0
[pc2-GigabitEthernet0/0/0]ip add 192.168.1.1 24 
[pc2-GigabitEthernet0/0/0]quit
[pc2]ip route-static 0.0.0.0 0 192.168.1.3

2.配置telnet服务

[telnet]aaa
[telnet-aaa]local-user wangdaye privilege level 15 password cipher wdy123
[telnet-aaa]local-user wangdaye service-type telnet
[telnet-aaa]quit
[telnet]user-interface vty 0 4 
[telnet-ui-vty0-4]authentication-mode aaa
[telnet-ui-vty0-4]quit

3.配置公网胡同

[r1]ip route-static 0.0.0.0 0 100.1.1.2

[r3]ip route-static 0.0.0.0 0 100.2.2.2 

4.

[r1]acl 2000
[r1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[r1-acl-basic-2000]quit 
[r1]nat address-group 1 100.1.1.3 100.1.1.254
[r1]int g0/0/1
[r1-GigabitEthernet0/0/1]nat outbound 2000 address-group 1
[r1-GigabitEthernet0/0/1]quit

在pc1上测试

5.在r3上配置easy ip 

[r3]acl 2000
[r3-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.225
[r3-acl-basic-2000]int g0/0/0
[r3-GigabitEthernet0/0/0]nat outbound 2000
[r3-GigabitEthernet0/0/0]quit

测试

6. 在私网a配置nat server将telnet的telnet服务使pc2可以访问

[r1]int g0/0/1
[r1-GigabitEthernet0/0/1]nat server protocol tcp global current-interface 23 ins
ide 192.168.1.2 23

[r1-GigabitEthernet0/0/1]QUIT

7.检测