实验目的:
1、将R5所有访问6.6.6.6的源地址NAT为专线接口地址
2、将6.6.6.6NAT为152.1.1.152,使用NAT转换R5访问数据流的目标地址由151.1.1.152变为6.6.6.6
3、R1.R2配置HSRP,绑定NAT策略,使NAT随着HSRP切换,无论R1或者R2故障、两条专线故障,均实现数据流自动切换。
R1
interface Ethernet0/0
ip address 152.1.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
full-duplex
standby 10 ip 152.1.1.254
standby 10 priority 120
standby 10 preempt
standby 10 name cisco
standby 10 track Serial1/0 50
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
interface Serial1/0
ip address 13.1.1.1 255.255.255.0
ip nat outside
ip virtual-reassembly
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
no ip http server
no ip http secure-server
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 13.1.1.3
ip route 152.1.1.152 255.255.255.255 13.1.1.3
ip route 192.168.1.0 255.255.255.0 152.1.1.5
ip route 192.168.2.0 255.255.255.0 152.1.1.5
!
ip nat inside source list 1 interface Serial1/0 overload
ip nat outside source static 6.6.6.6 152.1.1.152 redundancy cisco
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
R2
interface Ethernet0/0
ip address 152.1.1.2 255.255.255.0
ip nat inside
ip virtual-reassembly
full-duplex
standby 10 ip 152.1.1.254
standby 10 preempt
standby 10 name cisco
standby 10 track Serial1/0 50
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
interface Serial1/0
ip address 24.1.1.2 255.255.255.0
ip nat outside
ip virtual-reassembly
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
no ip http server
no ip http secure-server
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 24.1.1.4
ip route 152.1.1.152 255.255.255.255 24.1.1.4
ip route 192.168.1.0 255.255.255.0 152.1.1.5
ip route 192.168.2.0 255.255.255.0 152.1.1.5
!
ip nat inside source list 1 interface Serial1/0 overload
ip nat outside source static 6.6.6.6 152.1.1.152 redundancy cisco
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
R5
interface Loopback0
ip address 192.168.1.1 255.255.255.0
no ip route-cache
!
interface Loopback1
ip address 192.168.2.1 255.255.255.0
no ip route-cache
!
interface Ethernet0/0
ip address 152.1.1.5 255.255.255.0
no ip route-cache
full-duplex
!
ip default-gateway 152.1.1.254
no ip http server
no ip http secure-server
R6
interface Loopback0
ip address 6.6.6.6 255.255.255.0
!
interface Ethernet0/0
ip address 36.1.1.6 255.255.255.0
full-duplex
!
no ip http server
no ip http secure-server
!
ip forward-protocol nd
ip route 13.1.1.0 255.255.255.0 36.1.1.3
ip route 24.1.1.0 255.255.255.0 36.1.1.4
转载于:https://blog.51cto.com/851010lin/1347850
1888
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
