教你如何配置思科路由器NAT功能

NAT,英文全称为Network Address Translation,是指网络IP地址转换。NAT的出现是为了解决IP日益短缺的问题,将多个内部地址映射为少数几个甚至一个公网地址。这样,就可以让我们内部网中的计算机通过伪IP访问INTERNET的资源。如我们局域网中的192.168.1.1地址段属私网地址,就是通过NAT转换过来的。

NAT分为静态地址转换、动态地址转换、复用动态地址转换。下面笔者将列出思科路由器NAT配置实例,希望对您有所帮助。

Current configuration:
  !
  version 12.0
  service timestamps debug uptime
  service timestamps log uptime
  no service password-encryption
  !
  hostname 2611
  !
  enable secret 5 $JIeG$UZJNjKhcptJXHPc/BP5GG0
  enable password 2323ipro
  !
  ip subnet-zero
  no ip source-route
  no ip finger
  !
  !
  !
  interface Ethernet0/0
  ip address 192.168.10.254 255.255.255.0 secondary
  ip address 218.27.84.249 255.255.255.248
  no ip directed-broadcast
  ip accounting output-packets
  no ip mroute-cache
  no cdp enable
  !
  interface Serial0/0
  ip unnumbered Ethernet0/0
  no ip directed-broadcast
  ip accounting output-packets
  ip nat outside
  no ip mroute-cache
  no fair-queue
  no cdp enable
  !
  interface Ethernet0/1
  ip address 192.168.2.254 255.255.255.0
  no ip directed-broadcast
  ip nat inside
  no ip mroute-cache
  no cdp enable
  !

interface Virtual-TokenRing35
  no ip address
  no ip directed-broadcast
  no ip mroute-cache
  shutdown
  ring-speed 16
  !
  router rip
  redistribute connected
  network 192.168.2.0
  network 192.168.10.0
  network 218.27.84.0
  !
  ip default-gateway 218.27.127.217
  ip nat pool nat-pool 218.27.84.252 218.27.84.254 netmask 255.255.255.248
  ip nat inside source list 1 pool nat-pool overload
      ip nat inside source static 192.168.2.254 218.27.84.249
  ip classless
  ip route 0.0.0.0 0.0.0.0 Serial0/0
  ip http server
  ip http port 9091
  ip ospf name-lookup
  !
  !
  ip access-list extended filterin
  permit tcp any host 218.27.84.249 eq www reflect httpfilter
  access-list 1 permit 192.168.2.0 0.0.0.255
  no cdp run
  !
  line con 0
  transport input none
  line aux 0
  line vty 0 4
  password routr
  login
  !
  end