赞
踩
动态NAT:
基本网络地址转换(Basic NAT)
要求对每一个当前连接都要对应一个公网IP地址,仅支持地址转换,不支持端口映射,因此要维护一个公网的地址池。
内网IP | 外网IP |
192.168.1.1 | 219.152.168.222 |
192.168.1.9 | 219.152.168.223 |
192.168.1.6 | 219.152.168.224 |
- acl number 2000
- rule 5 permit source 192.168.1.0 0.0.0.255 #内网地址段
- nat address-group 1 106.2.240.1 106.2.240.5 #公网地址池
- interface GigabitEthernet0/0/0 #WAN口
- ip address 106.2.240.6 255.255.255.248
- nat outbound 2000 address-group 1 no-pat
网络地址端口转换(NAPT)
支持端口转换的NAT又可以分为两类:源地址转换和目的地址转换。这种方式支持端口的映射,并允许多台主机共享一个公网IP地址。
内网IP | 外网IP |
192.168.1.1:5566 | 219.152.168.222:9200 |
192.168.1.7:80 | 219.152.168.222:9201 |
192.168.1.7:4465 | 219.152.168.222:9202 |
- acl number 2000
- rule 5 permit source 192.168.1.0 0.0.0.255 #内网地址段
- nat address-group 1 106.2.240.1 106.2.240.5 #公网地址池
- interface GigabitEthernet0/0/0 #WAN口
- ip address 106.2.240.6 255.255.255.248
- nat outbound 2000 address-group 1
基于接口地址端口转换(Easy IP)
- acl number 2000
- rule 5 permit source 192.168.1.0 0.0.0.255 #内网地址段
- interface GigabitEthernet0/0/0 #WAN口
- ip address 106.2.240.6 255.255.255.248
- nat outbound 2000
静态NAT:
地址映射:
- interface GigabitEthernet0/0/0 #WAN口
- ip address 106.2.240.6 255.255.255.248
- nat server global 106.2.240.1 inside 192.168.1.1
- nat server global 106.2.240.2 inside 192.168.1.2
端口映射(静态PAT):
- 基于地址池端口映射:
- interface GigabitEthernet0/0/0 #WAN口
- ip address 106.2.240.6 255.255.255.248
- nat server protocol tcp global 106.2.240.3 8080 inside 192.168.1.3 80
- nat server protocol tcp global 106.2.240.3 2121 inside 192.168.1.3 21
- 基于接口的端口映射:(配合Easy IP使用)
- interface GigabitEthernet0/0/0 #WAN口
- ip address 106.2.240.6 255.255.255.248
- nat server protocol tcp global current-interface 8080 inside 192.168.1.3 80
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。