一、高级acl
测试环境:
[r1-acl-adv-3000]rule 10 permit tcp source 192.168.1.0 0.0.0.255 destination 192
.168.3.10 0.0.0.0 destination-port eq 80
[r1-acl-adv-3000]rule 20 permit ip source 192.168.1.0 0.0.0.255 destination 192.
168.2.0 0.0.0.255
[r1-acl-adv-3000]rule 30 deny ip source 192.168.1.0 0.0.0.255 destination any
二、NAT
测试环境:
1.静态:
nat static global 100.1.1.3 inside 192.168.10.1
2.动态:
[r1]nat address 1 100.1.1.3 100.1.1.5
[r1]acl 2000
[r1-acl-basic-2000]rule 10 permit source 192.168.10.0 0.0.0.255
[r1]interface GigabitEthernet 0/0/1
[r1-GigabitEthernet0/0/1]nat outbound 2000 address-group 1 no-pat
3.napt
[r1-GigabitEthernet0/0/1]nat outbound 2000 address-group 1
4.napt-easyip
[r1-GigabitEthernet0/0/1]nat outbound 2000
三、nat server
测试环境:
nat server protocol tcp global 100.1.1.6 80 inside 192.
168.10.5 80