配置内网用户通过NAT访问Internet外网,对外提供Web服务,且内网用户实现域名方式访问内网Web服务器的示例
浏览量(4739) 时间:2020-08-14
[Router] acl number 2000 //配置允许进行NAT转换的内网地址段
[Router-acl-basic-2000] rule 5 permit source 192.168.88.0 0.0.0.255
[Router-acl-basic-2000] quit
[Router] nat alg dns enable //使能DNS协议的NAT ALG功能
[Router] quit
[Router]nat dns-map www.testnat.com 106.3.45.2 80 tcp //配置DNS的DNS Mapping
[Router] quit
[Router] interface GigabitEthernet 0/0/2
[Router-GigabitEthernet 0/0/2]undo portswhich
[Router-GigabitEthernet 0/0/2] ip address 192.168.88.1 255.255.255.0
[Router] quit
[Router] interface GigabitEthernet 0/0/3
[Router-GigabitEthernet 0/0/3] ip address 106.3.45.2 255.255.255.0
[Router-GigabitEthernet 0/0/3]nat server protocol tcp global 106.3.45.2 www inside 192.168.88.100 8080 //配置NAT Server
[Router-GigabitEthernet 0/0/3]nat outbound 2000
#
[Router]ip route-static 0.0.0.0 0.0.0.0 106.3.45.1 //配置缺省路由,指定下一跳地址为106.3.45.1