配置NAT配置实验报告

软件Z092苑红尚094372

实验二

一实验目的

1. 掌握静态NAT的特征、配置及调试方法。

2. 掌握动态NAT的特征、配置及调试方法。

3. 掌握NAPT的特征、配置及调试方法。

二实验设备

神州数码路由器主机

三实验拓扑

软件Z092苑红尚094372

四配置步骤

路由器A配置基本信息

Router#config

Router_config#int f0/3

Router_config_f0/3#ip add 192.168.1.1255.255.255.0

Router_config_f0/3#no shut

Router_config_f0/3#exit

Router_config#int f0/0

Router_config_f0/0#ip add 200.1.1.1255.255.255.0

Router_config_f0/0#no shut

Router_config_f0/0#exit

Router_config#router rip

Router_config_rip#network 200.1.1.0

Router_config_rip#^Z

Router#Jan 100:14:58 Configured from console 0 by

Router#show ip route

Codes:C-connected,S- static,R-RIP,B-BGP,BC-B GP connectedD-DEIGRP,DEX-external DEIGRP,O-OSPF,OIA-OSPF inter areaON 1 -OSPF NSSA external type 1,ON2-OSPF NSSA external type 2OE 1 -OSPF external type 1,OE2-OSPF external type 2

软件Z092苑红尚094372

DHCP-DHCP type,L1 - IS-IS level-1,L2- IS-IS level-2

VRF ID:0

C 192.168.1.0/24 is directly connected,FastEthernet0/3

C 200.1.1.0/24 is directly connected,FastEthernet0/0

R 202.1.1.0/24 [120,1]via 200.1.1.2(on FastEthernet0/0)路由器B

Router#config

Router_config#int f0/3

Router_config_f0/3#ip add 202.1.1.1255.255.255.0

Router_config_f0/3#no shut

Router_config#int f0/0

Router_config_f0/0#ip add 200.1.1.2255.255.255.0

Router_config_f0/0#no shut

Router_config_f0/0#exit

Router_config#router rip

Router_config_rip#network 202.1.1.0

Router_config_rip#network 200.1.1.0

Router_config_rip#^Z

Router#Jan 100:15:19 Configured from console 0 by

Router#show ip route

Codes:C-connected,S- static,R-RIP,B-BGP,BC-B GP connectedD-DEIGRP,DEX-external DEIGRP,O-OSPF,OIA-OSPF inter areaON 1 -OSPF NSSA external type 1,ON2-OSPF NSSA external type 2OE 1 -OSPF external type 1,OE2-OSPF external type 2

DHCP-DHCP type,L1 - IS-IS level-1,L2- IS-IS level-2

VRF ID:0

C 200.1.1.0/24 is directly connected,FastEthernet0/0

C 202.1.1.0/24 is directly connected,FastEthernet0/3

Router#

路由器A配置静态NAT

Router#config

Router_config#ip nat inside source static 192.168.1.10200.1.1.3

Router_config#ip nat inside source static 192.168.1.20200.1.1.4

Router_config#int f0/3

Router_config_f0/3#ip nat inside

Router_config_f0/3#int f0/0

Router_config_f0/0#ip nat outside

Router_config_f0/0#^Z

软件Z092苑红尚094372

Router#Jan 100:19:28 Configured from console 0 by

Router#show ip nat transtranslations --Translation entries

Router#show ip nat translations

Pro.Dir Inside local Inside global Outside local Outside global---- --- 192.168.1.10 200.1.1.3 --- ------- --- 192.168.1.20 200.1.1.4 --- ---Router#

配置动态NAT

Router#config

Router_config#no ip nat inside source static 192.168.1.10200.1.1.3

Router_config#no ip nat inside source static 192.168.1.20200.1.1.4

Router_config#ip nat pool aaa 200.1.1.100200.1.1.200255.255.255.0

Router_config#ip access-list standard 1

Router_config_std_nacl#deny 192.168.1.40

Router_config_std_nacl#permit 192.168.1.00.0.0.255

Router_config_std_nacl#exit

Router_config#ip nat inside source list 1 pool aaa

Router_config#^Z

Router#Jan 100:07:01 Configured from console 0 by

Router#show ip route

Codes:C-connected,S- static,R-RIP,B-BGP,BC-B GP connected

D-DEIGRP,DEX-external DEIGRP,O-OSPF,OIA-OSPF inter areaON 1 -OSPF NSSA external type 1,ON2-OSPF NSSA external type 2OE 1 -OSPF external type 1,OE2-OSPF external type 2

DHCP-DHCP type,L1 - IS-IS level-1,L2- IS-IS level-2

VRF ID:0

C 192.168.1.0/24 is directly connected,FastEthernet0/3

C 200.1.1.0/24 is directly connected,FastEthernet0/0

R 202.1.1.0/24 [120,1]via 200.1.1.2(on FastEthernet0/0)Router#show ip nat trantranslations --Translation entries

Router#show ip nat translations

软件Z092苑红尚094372

Router#

Router#c onf

Router_config#ip access-list standard 1

Router_config_std_nacl#permit 192.168.1.0255.255.255.0Router_config_std_nacl#^Z

Router#Jan 100:13:57 Configured from console 0 byRouter#show run

Building configuration. . .

Current configuration:

!

!version 1.3.3Hservice timestamps log dateservice timestamps debug dateno service password-encryption

!

!

!

!

!

!

!gbsc group default

!

!

!

!

!

!

!

!

!

!

!

!interface FastEthernet0/0ip address 200.1.1.1255.255.255.0no ip directed-broadcastip nat outside

!interface FastEthernet0/3ip address 192.168.1.1255.255.255.0no ip directed-broadcast

软件Z092苑红尚094372

ip nat inside

!interface Serial0/1no ip addressno ip directed-broadcast

!interface Serial0/2no ip addressno ip directed-broadcast

!interface Async0/0no ip addressno ip directed-broadcast

!

!

!

!router ripnetwork 200.1.1.0

!

!

!

!

!

!

!

!

!

!

!

!

!ip access-list standard 1deny 192.168.1.40255.255.255.255permit 192.168.1.0255.255.255.0

!

!

!

!

!

!ip nat pool aaa 200.1.1.100200.1.1.200255.255.255.0ip nat inside source list 1 pool aaa

软件Z092苑红尚094372

!

!

!

Router#

配置NAPT

Router#config

Router_config#no ip nat inside source list 1 pool aaa

Router_config#no ip nat pool aaa

Router_config#no ip access-list standard 1

Router_config#ip nat pool bbb 200.1.1.1200.1.1.1255.255.255.0

Router_config#ip access-list standard 10

Router_config_std_nacl#permit 192.168.1.0255.255.255.0

Router_config_std_nacl#exit

Router_config#ip nat inside source list 10 pool bbb overload

Router_config#^Z

Router#Jan 100:25:55 Configured from console 0 by

Router#show ip nat

Incomplete command

Router#show ip nat trantranslations --Translation entries

Router#show ip nat translations

Pro.Dir Inside local Inside global Outside local Outside global

ICMP OUT 192.168.1.20:512 200.1.1.1:33280 202.1.1.10:33280 202.1.1.10:332

80

ICMP OUT 192.168.1.40:512 200.1.1.1:25088 202.1.1.10:25088 202.1.1.10:250

88

ICMP OUT 192.168.1.30:512 200.1.1.1:16896 202.1.1.10:16896 202.1.1.10:168

96

ICMP OUT 192.168.1.10:512 200.1.1.1:8704 202.1.1.10:8704 202.1.1.10:870

4

Router#

五实验结果各种验证指令及结果

Ping 202.1.1.10

静态NAT

Pc0 

软件Z092苑红尚094372

Pc1

Pc2

软件Z092苑红尚094372

Pc3

动态NAT

Pc0: