å¦å¾ä¸æ示ï¼R1åR2模ææ两å°æå¡å¨å¹¶ä¸æä¾ç¸åçæå¡(å°ååå«ä¸º172.16.1.1 ï¼172.16.1.2)ï¼R3æ¯äº¤æ¢æºï¼R4æ¯è¾¹çè·¯ç±å¨ä¹å°±æ¯å
é¨æå¡å¨çç½å
³æå¨è·¯ç±å¨ï¼
å
ç½å£å°å为172.16.1.254 ï¼ï¼R5å
å½å
¬ç½å¹¶ä¸æç¯åå£5.5.5.5ï¼å¨R4ä¸çE0/0ï¼å°å为222.222.222.1ï¼ æ¥å£å¼å¯PATï¼ä½¿å¾å
ç½æå¡å¨å¯ä»¥è®¿é®
å¤ç½R5ç 5.5.5.5
å¦å¾ï¼
è¿æ¶å°±è¿å
¥å
³é®æ§é¶æ®µäºï¼1ï¼åä¸æ¡ACLæ¥å¹é
å
¬ç½è·¯ç±ï¼access-list 2 permit 222.222.222.1
2ï¼å®ä¹ä¸ä¸ªä»¥å
é¨æå¡å¨ä¸ºå°åçæ± ï¼ip nat pool ccna 172.16.1.1 172.16.1.2 netmask 255.255.255.0 type rotary (æåè¿ä¸¤ä¸ªä¸å®è¦æææå°±æ¯è®©è¿äºå°å轮循)
3ï¼å°ACLè·å°åæ± å
³è¿èµ·æ¥ï¼ip nat inside destination (注æè¿ä¸ªä¸æ¯source) list 2 pool ccna
æåå°±æ¯å¨R1ï¼R2çline vty 0 4 ä¸æno login å
许å¤ç½çç»éã
è¿æ¶å¯ä»¥æ£éªç»æäºï¼ï¼å¨R5ä¸telnet 222.222.222.1 å¯ä»¥åç°ç¬¬ä¸æ¬¡æ¶è¿å
¥R1ï¼ç¬¬äºæ¬¡å°±è¿å
¥R2äºï¼
è¿ æ ·å°±è¾¾å°äºä¸¤ä¸ªæå¡å¨ç
è´è½½åè¡¡äºããå½ç¶è¿ç§æ
åµæ¯å¨å¤ä¸ªæå¡å¨æä¾ç¸åçæå¡çåæä¸æ好ç¨ã
ä½æ¯å¯¹äºå
é¨æå¤å°æå¡å¨è¦åæ¶å¼æ¾ä¸ä¸ªç¸åç端å£ä½æ¯ååªæä¸ä¸ª
å
¬ç½IPæ¶è¯¥æä¹åå¢ï¼
å¾ä¸æ åºäºææç详ç»ç»æï¼æå¡å¨å°ååå«ä¸º172.16.1.2 å172.16.1.3 ï¼ç½å
³ä¸º172.16.1.1 ï¼ç¶ååæ ·çè·ä¸è¾¹ä¸ä¸ªå®éªä¸æ ·ï¼å¨è¾¹çè·¯ç±å¨ååºäºæ¥å£çPAT转æ¢ï¼ä½¿å¾æå¡å¨å¯ä»¥è®¿é®å
¬ç½ï¼ç¶åæ们就å¼å§å¨è¾¹çè·¯ç±å¨ä¸é
置端å£è·ipå°åçæ å°ï¼é常æ
åµä¸æ们é½è®¤ä¸ºæ å°æ¯è¿æ ·åï¼ ip nat inside source static tcp 172.16.1.2 80 222.222.222.1 80 ç¶åä¼åç°ä¸ä¸å°æå¡å¨æ²¡æ³ååç¸å端å£çæ å°äºï¼ï¼å æ¤æ们就å¿
éæ¹åä¸é¢çå½ä»¤æ¥ä½¿å¾å¦ä¸å°æå¡å¨ä¹å¯ä»¥åºäº
80端å£çæ å°ï¼è¿è¿å½ä»¤å°±å¯ä»¥æ¹æï¼ip nat inside source static tcp 172.16.1.2 80 222.222.222.1 100 ä¸
ip nat inside source static tcp 172.16.1.3 80 222.222.222.1 101 è¿æ ·ç两æ¡æ å°ããé£ä¹è¿æ ·åçæ å°æ¯å¦ççå¯è¡å¢ï¼é£å°±è®©æ们ä¸èµ·æ¥æ£éªä¸ææï¼é¦å
å¿
éå¨ä¸¤å°æå¡å¨ä¸é¢çHTTPä¸é¢åä¸ä¸äºå
容以å为åºåãã
æåå°±æ¯å¨æå³è¾¹çPCä¸è¾¹æå¼WEB页é¢ï¼è¾å
¥å°åï¼222.222.222.1ï¼100 å°±ä¼çå°è¿ä¸ªç°è±¡ï¼ï¼
说ææ们己ç»å¯ä»¥è®¿é®å
é¨çä¸å°æå¡å¨äºã
ç¶ååè¾å
¥ï¼222.222.222.1ï¼101 å¯ä»¥çå°æ
ä»ç»çå°åä¸é¢çåæ¯ä¸¤æ¬¡ç»éæ¶ç»ææ¯ä¸ä¸æ ·çãããè¿å°±è¯´ææ们å¯ä»¥å©ç¨è¿ä¸ä¸ªå
¬ç½IPæ¥æ å°å¤ä¸ªå
ç½çæå¡å¨äºãã