拓扑图
以AR1为边界路由器,192.168.1.0是私网,12.1.1.0和1.1.1.0是公网
通过写多对一的NAT使得私网内的PC能访问公网
[r2]acl 2000
[r2-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[r2]interface g0/0/2
[r2-GigabitEthernet0/0/2]nat outbound 2000
通过写端口映射把私网的80端口与192.168.1.4的80端口绑定,8888与192.168.1.5的80端口绑定
[R1-GigabitEthernet0/0/1]nat server protocol tcp global current-interface 80 inside 192.168.1.4 80
[R1-GigabitEthernet0/0/1]nat server protocol tcp global current-interface 8888 inside 192.168.1.5 80