思科单臂路由+动态NAT实验学习笔记

思科单臂路由+动态NAT实验学习笔记

实验拓扑如下:

234319349.jpg

IP配置信息

PC1:ip-192.168.1.100/24 gw-192.168.1.254

PC2:ip-192.168.2.100/24 gw-192.168.2.254

SW1:VLAN 100、200

R3:F0/0.1 ip-192.168.1.254/24

F0/0.2 ip-192.168.2.254/24

S1/0 ip-200.200.200.1/30

R4:S0/1 ip-200.200.200.2/30

S0/2 ip-200.200.200.5/30

R5:S0/2 ip-200.200.200.6/30

F1/0 ip-8.8.8.254/24

PC3:ip-8.8.8.100/24 gw-8.8.8.254


因为使用路由器充当PC机来使用所以要关闭路由功能、设置网关即可。配置如下:

PC1:

PC1>en

PC1#config t

PC1(config)#no ip routing

PC1(config)#ip default-gateway 192.168.1.254

PC1(config)#int f0/0

PC1(config-if)#no shutdown

PC1(config-if)#description "PC1-Switch-F0/1"

PC1(config-if)#ip add 192.168.1.100 255.255.255.0

PC2、PC3与上述配置相同只需要把IP信息更换即可,这样配置完后就可以当PC机进行ping测试了。


单臂路由配置

SW配置

Switch是使用3640路由器加载16口的交换模块,所以也要执行No ip routing命令关闭路由功能。

SW1#en

SW1#config t

SW1(config)#no ip routing

SW1(config)#exit

SW1#vlan database

SW1(vlan)#vlan 100

SW1(vlan)#vlan 200

SW1(vlan)#exit

APPLY completed.

Exiting....

SW1#config t

Enter configuration commands, one per line. End with CNTL/Z.

SW1(config)#int f0/1

SW1(config-if)#sw mode access

SW1(config-if)#sw access vlan 100

SW1(config-if)#int f0/2

SW1(config-if)#sw mode access

SW1(config-if)#sw access vlan 200

SW1(config-if)#int f0/0

SW1(config-if)#sw mo trunk

SW1(config-if)#sw trunk allowed vlan all

配置后毕后使用show vlan或者是show vlan-switch查看VLAN信息

R3配置

R3#config t

Enter configuration commands, one per line. End with CNTL/Z.

R3(config)#int f0/0

R3(config-if)#no shutdown

R3(config-if)#int f0/0.1

R3(config-subif)#description "1.0-Gateway"

R3(config-subif)#encapsulation dot1Q 100

R3(config-subif)#ip add 192.168.1.254 255.255.255.0

R3(config-subif)#int f0/0.2

R3(config-subif)#description "2.0-Gateway"

R3(config-subif)#encapsulation dot1Q 200

R3(config-subif)#ip add 192.168.2.254 255.255.255.0



配置完毕后检查是否成功

PC1#ping 192.168.2.254


Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.2.254, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 12/22/40 ms


NAT配置

路由条目配置

R3:0.0.0.0 0.0.0.0 200.200.200.2

R4:8.8.8.0 255.255.255.0 200.200.200.6

R5:200.200.200.0 255.255.255.252 200.200.200.5

R3配置

R3>en

R3#config t

R3(config)#int s1/0

R3(config-if)#ip add 200.200.200.1 255.255.255.252

R3(config-if)#description "Internet Interface"

R3(config)#ip route 0.0.0.0 0.0.0.0 200.200.200.2

R4、R5接口IP配置与需要配置的路由与R3命令相同参数不同;

R3(config)#access-list 1 permit 192.168.1.0 0.0.0.255

R3(config)#access-list 2 permit 192.168.2.0 0.0.0.255

R3(config)#ip nat pool nat100 200.200.200.1 200.200.200.1 netmask 255.255.255.252

R3(config)#ip nat pool nat200 200.200.200.1 200.200.200.1 netmask 255.255.255.252

R3(config)#ip nat inside source list 1 pool nat100

R3(config)#ip nat inside source list 2 pool nat200

R3(config)#int f0/0.1

R3(config-subif)#ip nat inside

R3(config-subif)#int f0/0.2

R3(config-subif)#ip nat inside

R3(config-subif)#int s1/0

R3(config-if)#ip nat outside

动态NAT配置完毕,检查配置是否成功

PC1#PING 8.8.8.100

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 8.8.8.100, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 60/69/92 ms

若出现从PC1无法Ping通,仔细检查R5路由是否存在,



你可能感兴趣的:(Cisco,NAT,单臂路由)