使用cisco2621路由器组建一个小局域网,小记一下配置命令
1、配置访问口令
写道
conf t
enable secret flw521521
line vty 0 4
password flw521521
login
service password-encryption
enable secret flw521521
line vty 0 4
password flw521521
login
service password-encryption
2、配置接口IP
写道
enable
conf t
inter fa0/0
ip address 192.168.2.2 255.255.255.0
no shutdown
inter fa0/1
ip address 192.168.20.1 255.255.255.0
no shutdown
conf t
inter fa0/0
ip address 192.168.2.2 255.255.255.0
no shutdown
inter fa0/1
ip address 192.168.20.1 255.255.255.0
no shutdown
3、添加默认路由
写道
conf t
ip route 0.0.0.0 0.0.0.0 192.168.2.1
192.168.2.1其实就是gateway ip,根据环境的需要,也可以换成接口
ip route 0.0.0.0 0.0.0.0 192.168.2.1
192.168.2.1其实就是gateway ip,根据环境的需要,也可以换成接口
4、配置DNS
写道
conf t
ip name-server 218.108.248.200 8.8.4.4
ip name-server 218.108.248.200 8.8.4.4
5、配置DHCP pool
写道
conf t
ip dhcp pool test
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 218.108.248.200 8.8.4.4
exit
ip dhcp excluded-address 192.168.20.1 192.168.20.100
ip dhcp pool test
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 218.108.248.200 8.8.4.4
exit
ip dhcp excluded-address 192.168.20.1 192.168.20.100
dhcp不会分配从192.168.20.1到192.168.20.100之间的地址
6、配置nat
写道
conf t
inter fa0/0
ip nat outside
inter fa0/1
ip nat inside
exit
access-list 1 permit 192.168.20.0 0.0.0.255
ip classless
ip nat inside source list 1 interface fa0/0 overload
inter fa0/0
ip nat outside
inter fa0/1
ip nat inside
exit
access-list 1 permit 192.168.20.0 0.0.0.255
ip classless
ip nat inside source list 1 interface fa0/0 overload
7、配置路由器web
写道
conf t
ip http server (默认就是开启的)
ip http port 8080
配置访问web界面的用户名密码,需要给该用户level15的权限
username flw521521 privilege 15 password flw521521
这样的话,访问web界面的用户名跟密码就都是flw521521了
ip http server (默认就是开启的)
ip http port 8080
配置访问web界面的用户名密码,需要给该用户level15的权限
username flw521521 privilege 15 password flw521521
这样的话,访问web界面的用户名跟密码就都是flw521521了
8、配置端口映射
写道
conf t
ip nat inside source static tcp 192.168.20.2 80 192.168.2.2 80
(把内网的192.168.20.2的tcp 80端口映射出去到192.168.2.2的tcp 80端口)
ip nat inside source static udp 192.168.20.3 800 192.168.2.2 800
(把内网的192.168.20.3的udp 800端口映射出去到192.168.2.2的udp 800端口)
ip nat inside source static 192.168.20.2 192.168.2.3
(全端口映射,需要确保192.168.2.3在相对来说的外网里没有分配出去)
ip nat inside source static tcp 192.168.20.2 80 192.168.2.2 80
(把内网的192.168.20.2的tcp 80端口映射出去到192.168.2.2的tcp 80端口)
ip nat inside source static udp 192.168.20.3 800 192.168.2.2 800
(把内网的192.168.20.3的udp 800端口映射出去到192.168.2.2的udp 800端口)
ip nat inside source static 192.168.20.2 192.168.2.3
(全端口映射,需要确保192.168.2.3在相对来说的外网里没有分配出去)
这个是属于对外映射,还有一种对内映射,一般不太需要,对内映射只要是内网主机访问内网主机的时候,不用内网ip,却用映射出去的外网ip,这是就需要对内映射了
9、保存配置
写道
write
或者
copy running-config startup-config
或者
copy running-config startup-config
如果有需要清除所有配置的话,可以执行
写道
erase startup-config
reload
reload