NAT:進行網絡地址轉換,因為Ipv4 的公網地址無法做到人手一個,需要將私有地址轉換成公網地址,
保證局域網內可以上網,如下圖
1、啟動設置,設置PC1、PC2、PC3、 PC4、Server1和Client1的Ip地址、子網掩碼和網關、具體配置如下:
SW1配置信息
<Huawei>undo terminal monitor
<Huawei>system-view
[Huawei]user-interface console 0
[Huawei-ui-console0]idle-timeout 0 0
[Huawei-ui-console0]sysname SW1
[SW1]int g0/0/1
[SW1]vlan batch 10 20 30 40
[SW1]int g0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access
[SW1-GigabitEthernet0/0/1]port default vlan 10
[SW1-GigabitEthernet0/0/1]int g0/0/2
[SW1-GigabitEthernet0/0/2]port link-type access
[SW1-GigabitEthernet0/0/2]port default vlan 20
[SW1-GigabitEthernet0/0/2]int g0/0/3
[SW1-GigabitEthernet0/0/3]port link-type access
[SW1-GigabitEthernet0/0/3]port default vlan 30
[SW1-GigabitEthernet0/0/3]int g0/0/4
[SW1-GigabitEthernet0/0/4]port link-type access
[SW1-GigabitEthernet0/0/4]port default vlan 20
[SW1-GigabitEthernet0/0/4]int g0/0/6
[SW1-GigabitEthernet0/0/6]port link-type access
[SW1-GigabitEthernet0/0/6]port default vlan 10
[SW1-GigabitEthernet0/0/6]int g0/0/5
[SW1-GigabitEthernet0/0/5]port link-type access
[SW1-GigabitEthernet0/0/5]port default vlan 40
[SW1-GigabitEthernet0/0/5]quit
[SW1]int vlanif 10
[SW1-Vlanif10]ip add 192.168.10.1 24
[SW1-Vlanif10]undo shutdown
[SW1-Vlanif10]int vlanif 20
[SW1-Vlanif20]ip add 192.168.20.1 24
[SW1-Vlanif20]undo shutdown
[SW1-Vlanif20]int vlanif 30
[SW1-Vlanif30]ip add 192.168.30.1 24
[SW1-Vlanif30]undo shutdown
[SW1-Vlanif30]int vlanif 40
[SW1-Vlanif40]ip add 11.0.0.2 24
[SW1-Vlanif40]undo shutdown
[SW1-Vlanif40]quit
[SW1]ip route-static 0.0.0.0 0.0.0.0 11.0.0.1
R1配置信息
<Huawei>undo terminal monitor
<Huawei>system-view
[Huawei]user-interface console 0
[Huawei-ui-console0]idle-timeout 0 0
[Huawei-ui-console0]sysname R1
[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]ip add 12.0.0.1 24
[R1-GigabitEthernet0/0/1]undo shutdown
[R1-GigabitEthernet0/0/1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 11.0.0.1 24
[R1-GigabitEthernet0/0/0]undo shutdown
[R1-GigabitEthernet0/0/0]quit
[R1]ip route-static 192.168.10.1 24 11.0.0.2
[R1]ip route-static 192.168.20.1 24 11.0.0.2
[R1]ip route-static 192.168.30.1 24 11.0.0.2
[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]nat static global 8.8.8.8 inside 192.168.10.10
[R1-GigabitEthernet0/0/1]quit
[R1]ip route-static 0.0.0.0 0.0.0.0 12.0.0.2
[R1]nat address-group 1 212.0.0.100 212.0.0.200
[R1]acl 2000
[R1-acl-basic-2000]rule permit source 192.168.20.0 0.0.0.255
[R1-acl-basic-2000]rule permit source 11.0.0.0 0.0.0.255
[R1-acl-basic-2000]int g0/0/1
[R1-GigabitEthernet0/0/1]nat outbound 2000 address-group 1 no-pat
[R1-GigabitEthernet0/0/1]quit
[R1]acl 3000
[R1-acl-adv-3000]rule permit ip source 192.168.30.0 0.0.0.255
[R1-acl-adv-3000]quit
[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]nat outbound 3000
[R1-GigabitEthernet0/0/1]quit
[R1]int g
[R1]int GigabitEthernet 0/0/1
[R1-GigabitEthernet0/0/1]nat server protocol tcp global 9.9.9.9 www inside 192.1
68.10.100 www
[R1-GigabitEthernet0/0/1]quit
R2配置信息
<Huawei>undo terminal monitor
<Huawei>system-view
[Huawei]user-interface console 0
[Huawei-ui-console0]idle-timeout 0 0
[Huawei-ui-console0]sysname R2
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 12.0.0.2 24
[R2-GigabitEthernet0/0/0]undo shutdown
[R2-GigabitEthernet0/0/0]int g0/0/1
[R2-GigabitEthernet0/0/1]ip add 13.0.0.1 24
[R2-GigabitEthernet0/0/1]undo shutdown
[R2-GigabitEthernet0/0/1]int loop 0
[R2-LoopBack0]ip add 114.114.114.114 32
[R2-LoopBack0]quit
[R2]ip route-static 8.8.8.8 32 12.0.0.1
[R2]ip route-static 212.0.0.0 24 12.0.0.1
[R2]ip route-static 9.9.9.9 32 12.0.0.1
注意:1、靜態NAT:需要配置靜態路由,設置好后用PC1去ping 114.114.114.114(如圖一),
用抓包軟件抓取R2的G0/0/0接口去看地址情況(如圖二)
圖一
圖二
2、動態NAT:需要配置靜態路由,設置好后用PC2或PC4去ping 114.114.114.114(如圖三),
用抓包軟件抓取R2的G0/0/0接口去看地址情況(如圖四)、會發現每一次的地址會進行轉換
圖三
圖四
3、easyIp:不需要配置靜態路由,設置好后用PC2或PC4去ping 114.114.114.114(如圖五),
用抓包軟件抓取R2的G0/0/0接口去看地址情況(如圖六)會發現地址變成了R1的G0/0/1接口地址
圖五
圖六