1.各个接口IP地址的配置(实验目的1-4) 完成1.2步骤实现全网可达
AR1
AR2
AR3
AR4
AR5
AR6
AR3下的两台PC通过dhcp自动获取IP地址
[r3]dhcp enable
ip pool aaa
network 192.168.1.96 mask 27
gateway-list 192.168.1.97
dns-list 8.8.8.8 114.114.114.114
q
[r3]int g 0/0/2
dhcp select global 接口调用全局服务
2.路由配置AR1-AR5
3.避免环路:有汇总的地方写空接口
[r4]ip route-static 192.168.1.0 24 NULL 0
[r1]ip route-static 192.168.1.32 27 NULL 0
[r2]ip route-static 192.168.1.64 27 NULL 0
完成空接口的配置后,发现网不通(原因:查看AR4的路由表 去往192.168.1.0 24 NULL 0 去往缺省路由0.0.0.0 0 192.168.1.18 按路由表匹配规则先匹配第一条路由条目,数据包直接指向了NULL 0所以网不通 )
解决方法:写明细
[r4]ip route-static 192.168.1.160 27 192.168.1.18
[r4]ip route-static 192.168.1.160 27 192.168.1.22 preference 70
4.解决R1-R5均可以访问R6的环回(私网访问公网 NAT技术)
[r5]acl 2000
[r5-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[r5-acl-basic-2000]q
[r5]int g 0/0/1
[r5-GigabitEthernet0/0/1]nat outbound 2000
[r5-GigabitEthernet0/0/1]q
5.端口映射 R6 telnet R5实际登录到R1
[r1]aaa
[r1-aaa]local-user aaa privilege level 15 password cipher 123456
Info: Add a new user.
[r1-aaa]local-user aaa service-type telnet
[r1-aaa]q
[r1]user-interface vty 0 4
[r1-ui-vty0-4]authentication-mode aaa
[r1-ui-vty0-4]q
[r1]
[r5]int g 0/0/1
[r5-GigabitEthernet0/0/1]nat server protocol tcp global current-interface 23 inside 192.168.1.1
Are you sure to continue?[Y/N]:y