tranmyphuc
05-01-2009, 02:40 PM
http://vinaanh.com/images0/17065/f/4961b43fce167_f.png
FILE .NET :
autostart = False
[localhost]
[[3725]]
image = \Program Files\Dynamips\images\C3725-AD.BIN
ram = 128
[[ROUTER R1]]
model = 3725
s2/0 = R2 s2/0
f0/0 = NIO_gen_eth:\Device\NPF_{9198DFDA-0CF6-4F1A-8B2A-10655AA1EFA5}
idlepc = 0x612f1a04
[[ROUTER R2]]
model = 3725
f0/0 = ISP f0/0
idlepc = 0x612f1a04
[[ROUTER ISP]]
model = 3725
idlepc = 0x612f1a04
R1 :
R1(config)#int f0/0
R1(config-if)#ip add 192.168.1.254 255.255.255.0
R1(config-if)#no shut
R1(config-if)#exit
R1(config)#
*Mar 1 00:04:38.683: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state t
o up
*Mar 1 00:04:39.683: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern
et0/0, changed state to up
R1(config)#int s2/0
R1(config-if)#ip add 192.168.12.13 255.255.255.252
R1(config-if)#no shut
R1(config-if)#exit
R1(config)#^Z
R1#
*Mar 1 00:05:03.535: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
R1#[pi
*Mar 1 00:05:03.563: %SYS-5-CONFIG_I: Configured from console by console
*Mar 1 00:05:04.539: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to up
R1#ping 192.168.12.14
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.12.14, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/100/144 ms
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router ospf 1
R1(config-router)#net 192.168.12.12 0.0.0.3 ar 0
R1(config-router)#net 192.168.1.0 0.
*Mar 1 00:05:53.867: %OSPF-5-ADJCHG: Process 1, Nbr 200.200.200.10 on Serial2/0
from LOADING to FULL, Loading Done
R1(config-router)#net 192.168.1.0 0.0.0.255 ar 0
R1(config-router)#exit
R1(config)#^Z
R1#
*Mar 1 00:06:04.847: %SYS-5-CONFIG_I: Configured from console by console
R1#sh ip rou
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.12.14 to network 0.0.0.0
192.168.12.0/30 is subnetted, 1 subnets
C 192.168.12.12 is directly connected, Serial2/0
C 192.168.1.0/24 is directly connected, FastEthernet0/0
O*E2 0.0.0.0/0 [110/1] via 192.168.12.14, 00:00:08, Serial2/0
R1#
R2 :
R2(config)#int s2/0
R2(config-if)#ip add 192.168.12.14 255.255.255.252
R2(config-if)#no shut
R2(config-if)#exi
R2(config)#
*Mar 1 00:03:58.343: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
*Mar 1 00:03:59.343: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to up
R2(config)#
*Mar 1 00:04:26.799: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to down
R2(config)#
*Mar 1 00:04:56.791: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to up
R2(config)#router ospf 1
R2(config-router)#net 192.168.12.12 0.0.0.3 ar 0
R2(config-router)#exit
R2(config)#
*Mar 1 00:05:41.175: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.12.13 on Serial2/0
from LOADING to FULL, Loading Done
R2(config)#ip route 0.0.0.0 0.0.0.0 200.200.200.254 per
R2(config)#ip route 0.0.0.0 0.0.0.0 200.200.200.254 permanent
R2(config)#router ospf 1
R2(config-router)#defa
R2(config-router)#default-in
R2(config-router)#default-information ori
R2(config-router)#default-information originate
R2(config-router)#exit
R2(config)#^Z
R2#sjh
*Mar 1 00:06:26.195: %SYS-5-CONFIG_I: Configured from console by console
R2#sh ip rou
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 200.200.200.254 to network 0.0.0.0
192.168.12.0/30 is subnetted, 1 subnets
C 192.168.12.12 is directly connected, Serial2/0
C 200.200.200.0/24 is directly connected, FastEthernet0/0
O 192.168.1.0/24 [110/74] via 192.168.12.13, 00:00:04, Serial2/0
S* 0.0.0.0/0 [1/0] via 200.200.200.254
R2#
ISP :
ISP(config)#int f0/0
ISP(config-if)#ip add 200.200.200.254 255.255.255.0
ISP(config-if)#no shut
ISP(config-if)#exit
ISP(config)#int
*Mar 1 00:03:07.527: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state t
o up
*Mar 1 00:03:08.527: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern
et0/0, changed state to up
ISP(config)#int l0
ISP(config-if)#ip add
*Mar 1 00:03:11.971: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0,
changed state to up
ISP(config-if)#ip add 1.1.1.1 255.255.255.255
ISP(config-if)#exit
ISP(config)#ip route 0.0.0.0 0.0.0.0 200.200.200.10 per
ISP(config)#ip route 0.0.0.0 0.0.0.0 200.200.200.10 permanent
ISP(config)#exit
ISP#
*Mar 1 00:03:43.279: %SYS-5-CONFIG_I: Configured from console by console
ISP#sh ip rou
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 200.200.200.10 to network 0.0.0.0
C 200.200.200.0/24 is directly connected, FastEthernet0/0
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
S* 0.0.0.0/0 [1/0] via 200.200.200.10
ISP#
CẤU HÌNH STATIC NAT ĐỂ CHUYỂN
192.168.1.100 200.200.200.13
192.168.1.200 200.200.200.14
192.168.1.208 200.200.200.15
CẤU HÌNH :
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ip nat inside source static 192.168.1.100 200.200.200.13
R2(config)#ip nat i
*Mar 1 00:12:11.903: %LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, cha
ged state to up
R2(config)#ip nat inside source static 192.168.1.200 200.200.200.14
R2(config)#ip nat inside source static 192.168.1.208 200.200.200.15
R2(config)#int f0/0
R2(config-if)#ip nat outside
R2(config-if)#exi
R2(config)#int s2/0
R2(config-if)#ip nat inside
R2(config-if)#exi
R2(config)#^Z
KIỂM TRA BẢNG NAT :
R2#sh uip
*Mar 1 00:14:04.987: %SYS-5-CONFIG_I: Configured from console by console
R2#sh ip nat tran
R2#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 200.200.200.13 192.168.1.100 --- ---
--- 200.200.200.14 192.168.1.200 --- ---
--- 200.200.200.15 192.168.1.208 --- ---
R2#
DEBUG IP NAT :
R2#debug ip nat
IP NAT debugging is on
R2#
*Mar 1 00:20:06.451: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [6845]
*Mar 1 00:20:06.603: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [6845]
R2#
*Mar 1 00:20:07.487: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [6896]
*Mar 1 00:20:07.563: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [6896]
R2#
*Mar 1 00:20:08.579: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [6950]
*Mar 1 00:20:08.619: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [6950]
*Mar 1 00:20:09.519: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7003]
*Mar 1 00:20:09.547: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7003]
R2#
*Mar 1 00:20:10.467: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7057]
*Mar 1 00:20:10.579: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7057]
R2#
*Mar 1 00:20:11.475: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7111]
*Mar 1 00:20:11.611: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7111]
*Mar 1 00:20:12.459: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7162]
R2#
*Mar 1 00:20:12.507: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7162]
R2#
*Mar 1 00:20:13.531: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7216]
*Mar 1 00:20:13.611: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7216]
*Mar 1 00:20:14.467: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7270]
R2#
*Mar 1 00:20:14.595: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7270]
*Mar 1 00:20:15.547: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7327]
R2#
*Mar 1 00:20:15.635: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7327]
*Mar 1 00:20:16.523: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7379]
R2#
*Mar 1 00:20:16.667: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7379]
*Mar 1 00:20:17.551: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7429]
*Mar 1 00:20:17.587: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7429]
R2#
*Mar 1 00:20:18.467: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7481]
*Mar 1 00:20:18.579: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7481]
R2#
*Mar 1 00:20:19.563: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7537]
*Mar 1 00:20:19.627: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7537]
*Mar 1 00:20:20.535: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7596]
R2#a
*Mar 1 00:20:20.579: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7596]
*Mar 1 00:20:21.551: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7653]
R2#u al
*Mar 1 00:20:21.675: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7653]
*Mar 1 00:20:22.563: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7716]
*Mar 1 00:20:22.619: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7716]
R2#u all
All possible debugging has been turned off
R2#
*Mar 1 00:20:23.451: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7779]
*Mar 1 00:20:23.571: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7779]
R2#
R2#cle ip nat tran *
R2#sh ip nat tran
Pro Inside global Inside local Outside local Outside global
--- 200.200.200.13 192.168.1.100 --- ---
--- 200.200.200.14 192.168.1.200 --- ---
--- 200.200.200.15 192.168.1.208 --- ---
R2#
CẤU HÌNH DYNAMIC NAT ĐỂ CHUYỂN
192.168.1.111 200.200.200.11
192.168.1.222 200.200.200.12
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#access-list 1 permit host 192.168.1.111
R2(config)#$ pool1 200.200.200.11 200.200.200.12 netmask 255.255.255.0
R2(config)#ip nat inside source list 1 pool pool1
R2(config)#exi
R2#
*Mar 1 00:27:54.003: %SYS-5-CONFIG_I: Configured from console by console
R2#
R2#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 200.200.200.13 192.168.1.100 --- ---
--- 200.200.200.11 192.168.1.111 --- ---
--- 200.200.200.14 192.168.1.200 --- ---
--- 200.200.200.15 192.168.1.208 --- ---
R2#
R2#cle ip nat tran *
R2#sh ip nat tran
Pro Inside global Inside local Outside local Outside global
--- 200.200.200.13 192.168.1.100 --- ---
--- 200.200.200.14 192.168.1.200 --- ---
--- 200.200.200.15 192.168.1.208 --- ---
R2#
CẤU HÌNH DYNAMIC NAT with OVERLOAD
Các IP còn lại 200.200.200.10
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#access-list 2 permit 192.168.1.0 0.0.0.255
R2(config)#$ pool2 200.200.200.10 200.200.200.10 netmask 255.255.255.0
R2(config)#ip nat inside source list 2 pool pool2 overload
R2(config)#
R2#debug ip nat
IP NAT debugging is on
R2#
*Mar 1 00:41:46.675: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7409]
*Mar 1 00:41:46.703: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7409]
*Mar 1 00:41:47.659: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7456]
R2#
*Mar 1 00:41:47.735: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7456]
*Mar 1 00:41:48.687: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7509]
R2#
*Mar 1 00:41:48.799: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7509]
*Mar 1 00:41:49.675: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7560]
*Mar 1 00:41:49.719: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7560]
R2#
*Mar 1 00:41:50.643: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7614]
*Mar 1 00:41:50.751: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7614]
*Mar 1 00:41:51.591: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7668]
R2#
*Mar 1 00:41:51.799: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7668]
*Mar 1 00:41:52.639: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7722]
*Mar 1 00:41:52.735: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7722]
R2#
*Mar 1 00:41:53.695: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7776]
*Mar 1 00:41:53.839: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7776]
R2#
*Mar 1 00:41:54.735: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7831]
*Mar 1 00:41:54.775: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7831]
*Mar 1 00:41:55.631: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7883]
R2#u al
*Mar 1 00:41:55.879: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7883]
*Mar 1 00:41:56.735: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7937]
*Mar 1 00:41:56.855: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7937]
R2#u all
All possible debugging has been turned off
R2#
*Mar 1 00:41:57.743: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [8009]
*Mar 1 00:41:57.775: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [8009]
R2#
R2#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 200.200.200.10:1024 192.168.1.10:1024 1.1.1.1:1024 1.1.1.1:1024
--- 200.200.200.13 192.168.1.100 --- ---
--- 200.200.200.14 192.168.1.200 --- ---
--- 200.200.200.15 192.168.1.208 --- ---
R2#cle ip nat tran *
R2#sh ip nat tran
Pro Inside global Inside local Outside local Outside global
--- 200.200.200.13 192.168.1.100 --- ---
--- 200.200.200.14 192.168.1.200 --- ---
--- 200.200.200.15 192.168.1.208 --- ---
R2#
FILE .NET :
autostart = False
[localhost]
[[3725]]
image = \Program Files\Dynamips\images\C3725-AD.BIN
ram = 128
[[ROUTER R1]]
model = 3725
s2/0 = R2 s2/0
f0/0 = NIO_gen_eth:\Device\NPF_{9198DFDA-0CF6-4F1A-8B2A-10655AA1EFA5}
idlepc = 0x612f1a04
[[ROUTER R2]]
model = 3725
f0/0 = ISP f0/0
idlepc = 0x612f1a04
[[ROUTER ISP]]
model = 3725
idlepc = 0x612f1a04
R1 :
R1(config)#int f0/0
R1(config-if)#ip add 192.168.1.254 255.255.255.0
R1(config-if)#no shut
R1(config-if)#exit
R1(config)#
*Mar 1 00:04:38.683: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state t
o up
*Mar 1 00:04:39.683: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern
et0/0, changed state to up
R1(config)#int s2/0
R1(config-if)#ip add 192.168.12.13 255.255.255.252
R1(config-if)#no shut
R1(config-if)#exit
R1(config)#^Z
R1#
*Mar 1 00:05:03.535: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
R1#[pi
*Mar 1 00:05:03.563: %SYS-5-CONFIG_I: Configured from console by console
*Mar 1 00:05:04.539: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to up
R1#ping 192.168.12.14
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.12.14, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/100/144 ms
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router ospf 1
R1(config-router)#net 192.168.12.12 0.0.0.3 ar 0
R1(config-router)#net 192.168.1.0 0.
*Mar 1 00:05:53.867: %OSPF-5-ADJCHG: Process 1, Nbr 200.200.200.10 on Serial2/0
from LOADING to FULL, Loading Done
R1(config-router)#net 192.168.1.0 0.0.0.255 ar 0
R1(config-router)#exit
R1(config)#^Z
R1#
*Mar 1 00:06:04.847: %SYS-5-CONFIG_I: Configured from console by console
R1#sh ip rou
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.12.14 to network 0.0.0.0
192.168.12.0/30 is subnetted, 1 subnets
C 192.168.12.12 is directly connected, Serial2/0
C 192.168.1.0/24 is directly connected, FastEthernet0/0
O*E2 0.0.0.0/0 [110/1] via 192.168.12.14, 00:00:08, Serial2/0
R1#
R2 :
R2(config)#int s2/0
R2(config-if)#ip add 192.168.12.14 255.255.255.252
R2(config-if)#no shut
R2(config-if)#exi
R2(config)#
*Mar 1 00:03:58.343: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
*Mar 1 00:03:59.343: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to up
R2(config)#
*Mar 1 00:04:26.799: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to down
R2(config)#
*Mar 1 00:04:56.791: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to up
R2(config)#router ospf 1
R2(config-router)#net 192.168.12.12 0.0.0.3 ar 0
R2(config-router)#exit
R2(config)#
*Mar 1 00:05:41.175: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.12.13 on Serial2/0
from LOADING to FULL, Loading Done
R2(config)#ip route 0.0.0.0 0.0.0.0 200.200.200.254 per
R2(config)#ip route 0.0.0.0 0.0.0.0 200.200.200.254 permanent
R2(config)#router ospf 1
R2(config-router)#defa
R2(config-router)#default-in
R2(config-router)#default-information ori
R2(config-router)#default-information originate
R2(config-router)#exit
R2(config)#^Z
R2#sjh
*Mar 1 00:06:26.195: %SYS-5-CONFIG_I: Configured from console by console
R2#sh ip rou
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 200.200.200.254 to network 0.0.0.0
192.168.12.0/30 is subnetted, 1 subnets
C 192.168.12.12 is directly connected, Serial2/0
C 200.200.200.0/24 is directly connected, FastEthernet0/0
O 192.168.1.0/24 [110/74] via 192.168.12.13, 00:00:04, Serial2/0
S* 0.0.0.0/0 [1/0] via 200.200.200.254
R2#
ISP :
ISP(config)#int f0/0
ISP(config-if)#ip add 200.200.200.254 255.255.255.0
ISP(config-if)#no shut
ISP(config-if)#exit
ISP(config)#int
*Mar 1 00:03:07.527: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state t
o up
*Mar 1 00:03:08.527: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern
et0/0, changed state to up
ISP(config)#int l0
ISP(config-if)#ip add
*Mar 1 00:03:11.971: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0,
changed state to up
ISP(config-if)#ip add 1.1.1.1 255.255.255.255
ISP(config-if)#exit
ISP(config)#ip route 0.0.0.0 0.0.0.0 200.200.200.10 per
ISP(config)#ip route 0.0.0.0 0.0.0.0 200.200.200.10 permanent
ISP(config)#exit
ISP#
*Mar 1 00:03:43.279: %SYS-5-CONFIG_I: Configured from console by console
ISP#sh ip rou
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 200.200.200.10 to network 0.0.0.0
C 200.200.200.0/24 is directly connected, FastEthernet0/0
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
S* 0.0.0.0/0 [1/0] via 200.200.200.10
ISP#
CẤU HÌNH STATIC NAT ĐỂ CHUYỂN
192.168.1.100 200.200.200.13
192.168.1.200 200.200.200.14
192.168.1.208 200.200.200.15
CẤU HÌNH :
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ip nat inside source static 192.168.1.100 200.200.200.13
R2(config)#ip nat i
*Mar 1 00:12:11.903: %LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, cha
ged state to up
R2(config)#ip nat inside source static 192.168.1.200 200.200.200.14
R2(config)#ip nat inside source static 192.168.1.208 200.200.200.15
R2(config)#int f0/0
R2(config-if)#ip nat outside
R2(config-if)#exi
R2(config)#int s2/0
R2(config-if)#ip nat inside
R2(config-if)#exi
R2(config)#^Z
KIỂM TRA BẢNG NAT :
R2#sh uip
*Mar 1 00:14:04.987: %SYS-5-CONFIG_I: Configured from console by console
R2#sh ip nat tran
R2#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 200.200.200.13 192.168.1.100 --- ---
--- 200.200.200.14 192.168.1.200 --- ---
--- 200.200.200.15 192.168.1.208 --- ---
R2#
DEBUG IP NAT :
R2#debug ip nat
IP NAT debugging is on
R2#
*Mar 1 00:20:06.451: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [6845]
*Mar 1 00:20:06.603: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [6845]
R2#
*Mar 1 00:20:07.487: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [6896]
*Mar 1 00:20:07.563: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [6896]
R2#
*Mar 1 00:20:08.579: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [6950]
*Mar 1 00:20:08.619: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [6950]
*Mar 1 00:20:09.519: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7003]
*Mar 1 00:20:09.547: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7003]
R2#
*Mar 1 00:20:10.467: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7057]
*Mar 1 00:20:10.579: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7057]
R2#
*Mar 1 00:20:11.475: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7111]
*Mar 1 00:20:11.611: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7111]
*Mar 1 00:20:12.459: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7162]
R2#
*Mar 1 00:20:12.507: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7162]
R2#
*Mar 1 00:20:13.531: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7216]
*Mar 1 00:20:13.611: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7216]
*Mar 1 00:20:14.467: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7270]
R2#
*Mar 1 00:20:14.595: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7270]
*Mar 1 00:20:15.547: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7327]
R2#
*Mar 1 00:20:15.635: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7327]
*Mar 1 00:20:16.523: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7379]
R2#
*Mar 1 00:20:16.667: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7379]
*Mar 1 00:20:17.551: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7429]
*Mar 1 00:20:17.587: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7429]
R2#
*Mar 1 00:20:18.467: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7481]
*Mar 1 00:20:18.579: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7481]
R2#
*Mar 1 00:20:19.563: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7537]
*Mar 1 00:20:19.627: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7537]
*Mar 1 00:20:20.535: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7596]
R2#a
*Mar 1 00:20:20.579: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7596]
*Mar 1 00:20:21.551: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7653]
R2#u al
*Mar 1 00:20:21.675: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7653]
*Mar 1 00:20:22.563: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7716]
*Mar 1 00:20:22.619: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7716]
R2#u all
All possible debugging has been turned off
R2#
*Mar 1 00:20:23.451: NAT*: s=192.168.1.100->200.200.200.13, d=1.1.1.1 [7779]
*Mar 1 00:20:23.571: NAT*: s=1.1.1.1, d=200.200.200.13->192.168.1.100 [7779]
R2#
R2#cle ip nat tran *
R2#sh ip nat tran
Pro Inside global Inside local Outside local Outside global
--- 200.200.200.13 192.168.1.100 --- ---
--- 200.200.200.14 192.168.1.200 --- ---
--- 200.200.200.15 192.168.1.208 --- ---
R2#
CẤU HÌNH DYNAMIC NAT ĐỂ CHUYỂN
192.168.1.111 200.200.200.11
192.168.1.222 200.200.200.12
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#access-list 1 permit host 192.168.1.111
R2(config)#$ pool1 200.200.200.11 200.200.200.12 netmask 255.255.255.0
R2(config)#ip nat inside source list 1 pool pool1
R2(config)#exi
R2#
*Mar 1 00:27:54.003: %SYS-5-CONFIG_I: Configured from console by console
R2#
R2#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 200.200.200.13 192.168.1.100 --- ---
--- 200.200.200.11 192.168.1.111 --- ---
--- 200.200.200.14 192.168.1.200 --- ---
--- 200.200.200.15 192.168.1.208 --- ---
R2#
R2#cle ip nat tran *
R2#sh ip nat tran
Pro Inside global Inside local Outside local Outside global
--- 200.200.200.13 192.168.1.100 --- ---
--- 200.200.200.14 192.168.1.200 --- ---
--- 200.200.200.15 192.168.1.208 --- ---
R2#
CẤU HÌNH DYNAMIC NAT with OVERLOAD
Các IP còn lại 200.200.200.10
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#access-list 2 permit 192.168.1.0 0.0.0.255
R2(config)#$ pool2 200.200.200.10 200.200.200.10 netmask 255.255.255.0
R2(config)#ip nat inside source list 2 pool pool2 overload
R2(config)#
R2#debug ip nat
IP NAT debugging is on
R2#
*Mar 1 00:41:46.675: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7409]
*Mar 1 00:41:46.703: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7409]
*Mar 1 00:41:47.659: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7456]
R2#
*Mar 1 00:41:47.735: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7456]
*Mar 1 00:41:48.687: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7509]
R2#
*Mar 1 00:41:48.799: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7509]
*Mar 1 00:41:49.675: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7560]
*Mar 1 00:41:49.719: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7560]
R2#
*Mar 1 00:41:50.643: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7614]
*Mar 1 00:41:50.751: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7614]
*Mar 1 00:41:51.591: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7668]
R2#
*Mar 1 00:41:51.799: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7668]
*Mar 1 00:41:52.639: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7722]
*Mar 1 00:41:52.735: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7722]
R2#
*Mar 1 00:41:53.695: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7776]
*Mar 1 00:41:53.839: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7776]
R2#
*Mar 1 00:41:54.735: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7831]
*Mar 1 00:41:54.775: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7831]
*Mar 1 00:41:55.631: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7883]
R2#u al
*Mar 1 00:41:55.879: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7883]
*Mar 1 00:41:56.735: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [7937]
*Mar 1 00:41:56.855: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [7937]
R2#u all
All possible debugging has been turned off
R2#
*Mar 1 00:41:57.743: NAT*: s=192.168.1.10->200.200.200.10, d=1.1.1.1 [8009]
*Mar 1 00:41:57.775: NAT*: s=1.1.1.1, d=200.200.200.10->192.168.1.10 [8009]
R2#
R2#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 200.200.200.10:1024 192.168.1.10:1024 1.1.1.1:1024 1.1.1.1:1024
--- 200.200.200.13 192.168.1.100 --- ---
--- 200.200.200.14 192.168.1.200 --- ---
--- 200.200.200.15 192.168.1.208 --- ---
R2#cle ip nat tran *
R2#sh ip nat tran
Pro Inside global Inside local Outside local Outside global
--- 200.200.200.13 192.168.1.100 --- ---
--- 200.200.200.14 192.168.1.200 --- ---
--- 200.200.200.15 192.168.1.208 --- ---
R2#