nat acl dhcp

最新推荐文章于 2024-07-24 08:30:35 发布

weixin_33939380

最新推荐文章于 2024-07-24 08:30:35 发布

阅读量106

点赞数

文章标签：网络

原文链接：http://blog.51cto.com/hjhlk123456/138272

版权

《静态动态NAT设置》<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />

Gateway #configure terminal

Gateway(config)# ip nat pool public_access 199.99.9.40 199.99.9.62 netmask 255.255.255.224

Gateway(config)# access-list 1 permit <?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" />10.10.10.0 0.0.0.255

Gateway(config)# ip nat inside source list 1 pool public_access

Gateway(config)# interface fa0/0

Gateway(config-if)# ip nat inside

Gateway(config-if)# interface serial 0/0

Gateway(config-if)# ip nat outside

Gateway(config-if)# exit

Gateway(config)# ip nat inside source static 10.10.10.10 199.99.9.33

Gateway(config)# exit

《超载NAT设置》

Gateway# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Gateway(config)# access-list 1 permit 10.10.10.0 0.0.0.255

Gateway(config)# ip nat inside source list 1 interface serial 0/0 overload

Gateway(config)# interface fa0/0

Gateway(config-if)# ip nat inside

Gateway(config-if)# exit

Gateway(config)# interface serial 0/0

Gateway(config-if)# ip nat outside

Gateway(config-if)# exit

Gateway(config)# exit

Gateway# copy running-config startup-config

《标准ACL》

GAD(config)# access-list 1 deny 192.168.14.0 0.0.0.255

GAD(config)# access-list 1 permit any

GAD(config-if)# ip access-group 1 in

《扩展ACL》

GAD(config)# access-list 101 deny tcp 192.168.14.0 0.0.0.255 any eq 80/WWW

GAD(config)# access-list 101 permit ip any any

GAD(config-if)# ip access-group 101 in

《命名ACL》

GAD(config)# ip access-list standard no_access

GAD(config-std-nacl)# deny 192.168.14.0 0.0.0.255

GAD(config-std-nacl)# permit any

GAD(config-if)# ip access-group no_access in

<?xml:namespace prefix = v ns = "urn:schemas-microsoft-com:vml" />

Router2# configure terminal

Router2(config)# hostname Router2

Router2r2(config)# enable password cisco

Router2r2(config)# enable secret class

Router2r2(config)# line console 0

Router2r2(config-line)# password cisco

Router2r2(config-line)# login

Router2r2(config-line)# exit

Router2r2(config)# line vty 0 4

Router2r2(config-line)# password cisco

Router2r2(config-line)# login

Router2r2(config-line)# exit

Router2r2(config)# interface fastethernet 0/0

Router2r2(config-if)# ip address 172.16.13.1 255.255.255.0

Router2r2(config-if)# no shutdown

Router2r2(config-if)# exit

Router2r2(config)# interface serial 0/0

Router2r2(config-if)# ip address 172.16.1.5 255.255.255.252

Router2r2(config-if)# no shutdown

Router2r2(config-if)# exit

Router2r2(config)# router ospf 1

Router2r2(config-router)# network 172.16.1.0 0.0.0.255 area 0

Router2r2(config-router)# network 172.16.13.0 0.0.0.255 area 0

Router2r2(config-router)# end

Router2r2# copy running-config startup-config

Router1# configure terminal

Router1(config)# hostname Router1

Router1 (config)# enable password cisco

Router1 (config)# enable secret class

Router1 (config)# line console 0

Router1(config-line)# password cisco

Router1(config-line)# login

Router1(config-line)# exit

Router1(config)# line vty 0 4

Router1(config-line)# password cisco

Router1(config-line)# login

Router1(config-line)# exit

Router1(config)# interface fastethernet 0/0

Router1(config-if)# ip address 172.16.12.1 255.255.255.0

Router1(config-if)# no shutdown

Router1(config-if)# exit

Router1(config)# interface serial 0/0

Router1(config-if)# ip address 172.16.1.6 255.255.255.252

Router1(config-if)# clock rate 56000

Router1(config-if)# no shutdown

Router1(config-if)# exit

Router1(config)# router ospf 1

Router1(config-router)# network 172.16.1.0 0.0.0.255 area 0

Router1(config-router)# network 172.16.12.0 0.0.0.255 area 0

Router1(config-router)# end

Router1# copy running-config startup-config

《DHCP pool configurations》

Router1 pool

Router1(config)# ip dhcp pool Router1

Router1(dhcp-config)# network 172.16.12.0 255.255.255.0

Router1(dhcp-config)# default-router 172.16.12.1

Router1(dhcp-config)# dns-server 172.16.12.2

Router1(dhcp-config)# domain-name foo.com

Router1(dhcp-config)# netbios-name-server 172.16.12.10

Router1(dhcp-config)# exit

Router2 pool

Router1(config)# ip dhcp pool Router2

Router1(dhcp-config)# network 172.16.13.0 255.255.255.0

Router1(dhcp-config)# default-router 172.16.13.1

Router1(dhcp-config)# dns-server 172.16.12.2

Router1(dhcp-config)# domain-name foo.com

Router1(dhcp-config)# netbios-name-server 172.16.12.10

Router1(dhcp-config)# exit

Router1(config)# ip dhcp excluded-address 172.16.12.1 172.16.12.10

Router1(config)# ip dhcp excluded-address 172.16.13.1 172.16.13.10

Router1(config)# exit

Router1# copy running-config startup-config

Router2 helper address configuration

Router2# configure terminal

Router2(config)# interface fa0/0

Router2(config-if)# ip helper-address 172.16.12.1

Router2(config-if)# exit

Router2(config)# exit

Router2# copy running-config startup-config

转载于:https://blog.51cto.com/hjhlk123456/138272

weixin_33939380

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
nat acl dhcp

《静态动态NAT设置》Gateway#configure terminalGateway(config)#ip nat pool public_access 199.99.9.40 199.99.9.62 netmask 255.255.255.224Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255...
复制链接

扫一扫