nat acl dhcp

《静态动态NAT设置》

Gateway #configure terminal

Gateway(config)# ip nat pool public_access 199.99.9.40 199.99.9.62 netmask 255.255.255.224

Gateway(config)# access-list 1 permit 10.10.10 .0 0.0.0.255

Gateway(config)# ip nat inside source list 1 pool public_access

Gateway(config)# interface fa0/0

Gateway(config-if)# ip nat inside

Gateway(config-if)# interface serial 0/0

Gateway(config-if)# ip nat outside

Gateway(config-if)# exit

Gateway(config)# ip nat inside source static 10.10.10 .10 199.99.9.33

Gateway(config)# exit

《超载NAT设置》

Gateway# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Gateway(config)# access-list 1 permit 10.10.10 .0 0.0.0.255

Gateway(config)# ip nat inside source list 1 interface serial 0/0 overload

Gateway(config)# interface fa0/0

Gateway(config-if)# ip nat inside

Gateway(config-if)# exit

Gateway(config)# interface serial 0/0

Gateway(config-if)# ip nat outside

Gateway(config-if)# exit

Gateway(config)# exit

Gateway# copy running-config startup-config

《标准ACL》

GAD(config)# access-list 1 deny 192.168.14.0 0.0.0 .255

GAD(config)# access-list 1 permit any

GAD(config-if)# ip access-group 1 in

《扩展ACL》

GAD(config)# access-list 101 deny tcp 192.168.14.0 0.0.0 .255 any eq 80/WWW

GAD(config)# access-list 101 permit ip any any

GAD(config-if)# ip access-group 101 in

《命名ACL》

GAD(config)# ip access-list standard no_access

GAD(config-std-nacl)# deny 192.168.14.0 0.0.0 .255

GAD(config-std-nacl)# permit any

GAD(config-if)# ip access-group no_access in

 

Router2# configure terminal

Router2(config)# hostname Router2

Router2r2(config)# enable password cisco

Router2r2(config)# enable secret class

Router2r2(config)# line console 0

Router2r2(config-line)# password cisco

Router2r2(config-line)# login

Router2r2(config-line)# exit

Router2r2(config)# line vty 0 4

Router2r2(config-line)# password cisco

Router2r2(config-line)# login

Router2r2(config-line)# exit

Router2r2(config)# interface fastethernet 0/0

Router2r2(config-if)# ip address 172.16.13.1 255.255.255.0

Router2r2(config-if)# no shutdown

Router2r2(config-if)# exit

Router2r2(config)# interface serial 0/0

Router2r2(config-if)# ip address 172.16.1.5 255.255.255.252

Router2r2(config-if)# no shutdown

Router2r2(config-if)# exit

Router2r2(config)# router ospf 1

Router2r2(config-router)# network 172.16.1.0 0.0.0 .255 area 0

Router2r2(config-router)# network 172.16.13.0 0.0.0 .255 area 0

Router2r2(config-router)# end

Router2r2# copy running-config startup-config

 

Router1# configure terminal

Router1(config)# hostname Router1

Router1 (config)# enable password cisco

Router1 (config)# enable secret class

Router1 (config)# line console 0

Router1(config-line)# password cisco

Router1(config-line)# login

Router1(config-line)# exit

Router1(config)# line vty 0 4

Router1(config-line)# password cisco

Router1(config-line)# login

Router1(config-line)# exit

Router1(config)# interface fastethernet 0/0

Router1(config-if)# ip address 172.16.12.1 255.255.255.0

Router1(config-if)# no shutdown

Router1(config-if)# exit

Router1(config)# interface serial 0/0

Router1(config-if)# ip address 172.16.1.6 255.255.255.252

Router1(config-if)# clock rate 56000

Router1(config-if)# no shutdown

Router1(config-if)# exit

Router1(config)# router ospf 1

Router1(config-router)# network 172.16.1.0 0.0.0 .255 area 0

Router1(config-router)# network 172.16.12.0 0.0.0 .255 area 0

Router1(config-router)# end

Router1# copy running-config startup-config

 

《DHCP pool configurations》

Router1 pool

Router1(config)# ip dhcp pool Router1

Router1(dhcp-config)# network 172.16.12.0 255.255.255.0

Router1(dhcp-config)# default-router 172.16.12.1

Router1(dhcp-config)# dns-server 172.16.12.2

Router1(dhcp-config)# domain-name foo.com

Router1(dhcp-config)# netbios-name-server 172.16.12.10

Router1(dhcp-config)# exit

Router2 pool

Router1(config)# ip dhcp pool Router2

Router1(dhcp-config)# network 172.16.13.0 255.255.255.0

Router1(dhcp-config)# default-router 172.16.13.1

Router1(dhcp-config)# dns-server 172.16.12.2

Router1(dhcp-config)# domain-name foo.com

Router1(dhcp-config)# netbios-name-server 172.16.12.10

Router1(dhcp-config)# exit

Router1(config)# ip dhcp excluded-address 172.16.12.1 172.16.12.10

Router1(config)# ip dhcp excluded-address 172.16.13.1 172.16.13.10

Router1(config)# exit

Router1# copy running-config startup-config

 

Router2 helper address configuration

Router2# configure terminal

Router2(config)# interface fa0/0

Router2(config-if)# ip helper-address 172.16.12.1

Router2(config-if)# exit

Router2(config)# exit

Router2# copy running-config startup-config