实现内网外网地址转换
静态转换
AR1:
sys
int g0/0/0
ip add 192.168.10.254 24
int g0/0/1
ip add 22.33.44.55 24
//静态转换
nat static global 22.33.44.56 inside 192.168.10.1
动态转换
最多有两台主机同时访问外网
AR1:
sys
int g0/0/0
ip add 192.168.10.254 24
int g0/0/1
ip add 22.33.44.55 24
//确定内网ip
q
acl 2000
rule permit
q
//确定外网ip
nat address-group 1 22.33.44.56 22.33.44.57
//动态转换
int g0/0/1
nat outbound 2000 address-group 1 no-pat
端口多路复用
NAPT(Network Address Port Translation):需要有单独的NAT转换外网ip
查看配置内容:dis nat outbound
AR1:
sys
int g0/0/0
ip add 192.168.10.254 24
int g0/0/1
ip add 22.33.44.55 24
//确定内网ip
q
acl 2000
rule permit
q
//确定外网ip,可以有多个
//从开始ip到结束ip
nat address-group 1 22.33.44.56 22.33.44.56
int g0/0/1
nat outbound 2000 address-group 1
**Easy-Ip(重点常用):只需要一个外网ip(外网ip就是原来的55),使用接口外网IP作为NAT转换的外网IP
查看配置内容:dis nat outbound
AR1:
sys
int g0/0/0
ip add 192.168.10.254 24
int g0/0/1
ip add 22.33.44.55 24
//确定内网ip
q
acl 2000
rule permit
q
int g0/0/1
nat outbound 2000
**端口映射(重点常用)
查看配置内容:dis nat server
AR1:
sys
int g0/0/0
ip add 192.168.10.254 24
int g0/0/1
ip add 22.33.44.55 24
nat server protocol tcp global current-interface 8080 inside 192.168.10.2 80
nat server protocol tcp global current-interface 21 inside 192.168.10.3 21
y