NAT,英文全称为Network Address Translation,是指网络IP地址转换。NAT的出现是为了解决IP日益短缺的问题,将多个内部地址映射为少数几个甚至一个公网地址。这样,就可以让我们内部网中的计算机通过伪IP访问INTERNET的资源。如我们局域网中的192.168.1.1地址段属私网地址,就是通过NAT转换过来的。
NAT分为静态地址转换、动态地址转换、复用动态地址转换。下面笔者将列出思科路由器NAT配置实例,希望对您有所帮助。
Current configuration:
! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname 2611 ! enable secret 5 $JIeG$UZJNjKhcptJXHPc/BP5GG0 enable password 2323ipro ! ip subnet-zero no ip source-route no ip finger ! ! ! interface Ethernet0/0 ip address 192.168.10.254 255.255.255.0 secondary ip address 218.27.84.249 255.255.255.248 no ip directed-broadcast ip accounting output-packets no ip mroute-cache no cdp enable ! interface Serial0/0 ip unnumbered Ethernet0/0 no ip directed-broadcast ip accounting output-packets ip nat outside no ip mroute-cache no fair-queue no cdp enable ! interface Ethernet0/1 ip address 192.168.2.254 255.255.255.0 no ip directed-broadcast ip nat inside no ip mroute-cache no cdp enable !interface Virtual-TokenRing35
no ip address no ip directed-broadcast no ip mroute-cache shutdown ring-speed 16 ! router rip redistribute connected network 192.168.2.0 network 192.168.10.0 network 218.27.84.0 ! ip default-gateway 218.27.127.217 ip nat pool nat-pool 218.27.84.252 218.27.84.254 netmask 255.255.255.248 ip nat inside source list 1 pool nat-pool overload ip nat inside source static 192.168.2.254 218.27.84.249 ip classless ip route 0.0.0.0 0.0.0.0 Serial0/0 ip http server ip http port 9091 ip ospf name-lookup ! ! ip access-list extended filterin permit tcp any host 218.27.84.249 eq www reflect httpfilter access-list 1 permit 192.168.2.0 0.0.0.255 no cdp run ! line con 0 transport input none line aux 0 line vty 0 4 password routr login ! end