H3C设备之 NAPT
发布时间:2019-09-21 11:11:54编辑:auto阅读(1698)
NAPT<端口转换NAT>:
配置NAPT,实现多个私网地址通过一个公网地址不同端口转换访问INETERNET,提高公网地址的利用率:
[RTA]int e0/0
[RTA-Ethernet0/0]ip add 10.0.0.254 24
[RTA-Ethernet0/0]undo shutdown
[RTA-Ethernet0/1]int e0/1
[RTA-Ethernet0/1]ip add 198.76.28.1 24
[RTA-Ethernet0/1]undo shutdown
[RTA]rip
[RTA-rip-1]ver 2
[RTA-rip-1]undo summ
[RTA-rip-1]undo summary
[RTA-rip-1]network 198.76.28.0
[RTA]int e0/0
[RTA-Ethernet0/0]ip add 198.76.28.2 24
[RTA-Ethernet0/0]undo shutdown
[RTA-Ethernet0/1]int e0/1
[RTA-Ethernet0/1]ip add 198.76.29.1 24
[RTA-Ethernet0/1]undo shutdown
[RTA]rip
[RTA-rip-1]ver 2
[RTA-rip-1]undo summ
[RTA-rip-1]undo summary
[RTA-rip-1]network 198.76.28.0
[RTA-rip-1]network 198.76.29.0
PCA:10.0.0.1 255.255.255.0 GT:10.0.0.254
PCB:10.0.0.2 255.255.255.0 GT:10.0.0.254
SERVER:198.76.29.4 255.255.255.0 GT:198.76.29.1
此时公网网络已经正常访问,私网无法访问公网server:
[RTA]ping 198.76.29.4
PING 198.76.29.4: 56 data bytes, press CTRL_C to break
Request time out
Reply from 198.76.29.4: bytes=56 Sequence=2 ttl=255 time=1 ms
Reply from 198.76.29.4: bytes=56 Sequence=3 ttl=255 time=1 ms
Reply from 198.76.29.4: bytes=56 Sequence=4 ttl=255 time=15 ms
Reply from 198.76.29.4: bytes=56 Sequence=5 ttl=255 time=10 ms
--- 198.76.29.4 ping statistics ---
5 packet(s) transmitted
4 packet(s) received
20.00% packet loss
round-trip min/avg/max = 1/6/15 ms
C:\Documents and Settings\xiaofei>ping 198.76.29.4
Pinging 198.76.29.4 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 198.76.29.4:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
私网10.0.0.0网段需要访问公网server就需要使用NAPT进行地址转换:
[RTA]firewall enable
[RTA]firewall default permit
[RTA]acl number 2000
[RTA-acl-basic-2000]rule 0 permit source 10.0.0.0 0.0.0.255 定义基本ACL允许私网可以访问的网段。
[RTA-acl-basic-2000]quit
[RTA]nat address-group 1 198.76.28.10 198.76.28.10 创建NAPT公网地址池,只用一个公网地址
[RTA]int e0/1
[RTA-Ethernet0/1]nat outbound 2000 address-group 1 在接口绑定ACL规则和地址池,不加NO-PAT表示使用NAPT.
此时的私网网段可以成功访问公网的server:
C:\Documents and Settings\xiaofei>ping 198.76.29.4
Pinging 198.76.29.4 with 32 bytes of data:
Reply from 198.76.29.4: bytes=32 time=1ms TTL=254
Reply from 198.76.29.4: bytes=32 time=2ms TTL=254
Reply from 198.76.29.4: bytes=32 time=15ms TTL=254
Reply from 198.76.29.4: bytes=32 time=16ms TTL=254
Ping statistics for 198.76.29.4:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 16ms, Average = 8ms
在NAT表中可以看出,多个私网地址通过一个公网地址多个端口进行转换来访问公网server:
[RTA]disp nat session
There are currently 2 NAT sessions:
Protocol GlobalAddr Port InsideAddr Port DestAddr Port
1 198.76.28.10 12288 10.0.0.1 512 198.76.29.4 512
×××: 0, status: 11, TTL: 00:01:00, Left: 00:00:49
1 198.76.28.10 12289 10.0.0.2 512 198.76.29.4 512
×××: 0, status: 11, TTL: 00:01:00, Left: 00:01:00
上一篇: Python创建daemon
下一篇: Python系统管理
- openvpn linux客户端使用
47837
- H3C基本命令大全
46379
- openvpn windows客户端使用
37263
- H3C IRF原理及 配置
34722
- Python exit()函数
29306
- openvpn mac客户端使用
25964
- python全系列官方中文文档
24893
- 1.常用turtle功能函数
19943
- python 获取网卡实时流量
19534
- python 获取Linux和Windows硬件信息
18014
- python3-scipy-ndimage平滑
5785°
- python3-scikit-image平滑去噪
6406°
- python3-PIL非线性噪声平滑
5921°
- python3-Scipy-ndimage进行盒核与高斯核平滑比较
5957°
- python3-PIL高斯模糊滤波器平滑
7060°
- python3-PIL基于盒模糊核均值化平滑
5904°
- python3-PIL线性噪声平滑
5936°
- python3-scikit-image直方图匹配
6432°
- python3-scikit-image对比拉伸和直方图均衡化
6400°
- python3-PIL二值化
7772°
- 姓名:Run
- 职业:谜
- 邮箱:383697894@qq.com
- 定位:上海 · 松江
