网络安全.CH8.6.NAT配置命令脚本

网络结构:
Server---------(fa2/0)R6(s1/2)---------(s1/5)R7(fa2/0)-------Client
===============================================
基本配置如下
R6:
enable
conf t
host R6
no ip domain-lookup
int fa2/0
ip addr 61.0.0.100 255.255.255.0
no shut
int s1/2
ip addr 211.0.0.2 255.255.255.0
no shut
exit
router rip
version 2
network 61.0.0.0
network 211.0.0.0
end
show ip route
================================================
R7:
enable
conf t
host R7
no ip domain-lookup
int fa2/0
ip addr 192.168.0.100 255.255.255.0
no shut
int s1/5
ip addr 211.0.0.1 255.255.255.0
no shut
exit
router rip
version 2
network 211.0.0.0
end
show ip route
================================================
任务1:静态SNAT配置
conf t
ip nat inside source static 192.168.0.211 211.0.0.211
ip nat inside source static 192.168.0.212 211.0.0.212
ip nat inside source static 192.168.0.213 211.0.0.213
interface fa2/0
 ip nat inside
interface Serial 1/5
 ip nat outside
end
show ip nat translations
---------------------------------------
任务2:动态SNAT配置
CONF T
access-list 11 permit 192.168.0.0 0.0.0.255
ip nat pool TT 211.0.0.101  211.0.0.150  netmask 255.255.255.0
ip nat inside source list 11 pool TT
interface fa2/0
 ip nat inside
interface Serial 1/5
 ip nat outside
end
show ip nat translation
------------------------------------
任务3:SNAT超载配置
CONF T
access-list 11 permit 192.168.0.0 0.0.0.255
ip nat pool TT 211.0.0.101  211.0.0.150  netmask 255.255.255.0
ip nat inside source list 11 pool TT overload
interface fa2/0
 ip nat inside
interface Serial 1/5
 ip nat outside
end
show ip nat translations
------------------------------------
任务4:PAT配置
CONF T
access-list 11 permit 192.168.0.0 0.0.0.255
ip nat pool TT 211.0.0.1  211.0.0.1  netmask 255.255.255.0
ip nat inside source list 11 pool TT overload
interface fa2/0
 ip nat inside
interface Serial 1/5
 ip nat outside
end
show ip nat translations
----------------------------------------------
任务5:TCP负载均衡配置  R6
conf t
access-list 22 permit host 61.0.0.61
ip nat pool real-srv 61.0.0.201 61.0.0.203 prefix-length 24 type rotary
     
ip nat inside destination list 22 pool real-srv
interface serial 1/2
 ip nat outside
interface fa2/0
 ip nat inside
end
show ip nat translations
 

本文出自 “网络工程” 博客,谢绝转载!

你可能感兴趣的:(职场,休闲)