0%

Cisco与华为NAT配置

CiscoNAT转发配置

  1. 将内网HTTP Server的TCP80端口映射到公网IP的81端口

     (config)#ip nat inside source static tcp 1.1.1.1 80 20.1.1.1 81
    
  1. PAT一对多转发

     写一条允许访问公网的IP地址段
     R1(config)#access-list 1 permit 192.168.10.0 0.0.0.255 
     抓取列表1地址进行转换
     R1(config)#ip nat inside source list 1 interface ethernet0/1 overload
    

华为路由器NAT转发配置

  1. 创建一条acl2000抓取原地址

     acl number 2000
     写一条允许访问公网的IP地址段
     rule 5 permit source 192.168.3.0 0.0.0.255
    
  2. 创建DHCP

      gateway-list 192.168.3.1 
      network 192.168.3.0 mask 255.255.255.0 
      dns-list 202.102.152.3 114.114.114.114 
    
  3. 排除200-254不分配

     dhcp server excluded-ip-address 192.168.3.200 192.168.3.253
    
  4. 开启DHCP服务

      dhcp enable
      interface Vlanif3
      ip address 192.168.3.1 255.255.255.0
      dhcp select global
    
  5. 在网关出口添加创建好的ACL进行NAT转发

      interface GigabitEthernet0/0/10
      ip address 222.222.222.222 255.255.255.224
      nat outbound 2000