预配置
r1
!
hostname r1
!
interface FastEthernet1/0
ip address 10.1.1.254 255.255.255.0
ip nat inside
no shutdown
!
interface Serial5/0
ip address 20.0.0.1 255.255.255.0
ip nat outside
no shutdown
!
ip nat inside source static tcp 10.1.1.1 80 20.0.0.21 80 extendable
!
endr7isp
!
hostname r7isp
!
interface Serial5/0
ip address 20.0.0.100 255.255.255.0
no shutdown
!
end
r3server
!
hostname r3server
!
interface FastEthernet1/0
ip address 10.1.1.1 255.255.255.0
no shutdown
!
no ip rouitng
!
ip default-gateway 10.1.1.254
ip http server
!
end需求场景 外部访问内部资源时,将外部源地址转换为内部地址
公网r7isp (200.0.0.100),访问内网r3server对外提供的WEB服务时,在路由器r1上配置外部源地址转换,将200.0.0.100的源地址转换为10.1.1.100
r1 配置如下:
interface FastEthernet1/0
ip address 10.1.1.254 255.255.255.0
ip nat inside
!
interface Serial5/0
ip address 20.0.0.1 255.255.255.0
ip nat outside
!
ip nat inside source static tcp 10.1.1.1 80 20.0.0.21 80
!
ip nat outside source static 20.0.0.100 10.1.1.100 add-route
!
end验证:通过在r7isp 使用telnet 命令测试r3server web服务
r7isp上通过telnet 20.0.0.21 80 进行测试
r1 通过show ip nat translations 命令进行验证,查看outside global地址 20.0.0.100 已转换为 outside local 地址 10.1.1.100
