PAT所解决的问题和NAT一样,只不过处理方法不同,NAT是直接改的IP,而PAT则是将IP后附带端口信息,以此来增加访问网络的数量。
思路整理:
1、有访问控制列表
2、在设置PAT规则
3、设置端口的进和出的数据流向
一、网络拓扑图
二、设置端口的IP
R1路由器 左
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int f0/1
Router(config-if)#ip add 192.168.1.254 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#int f0/0
Router(config-if)#ip addr 192.168.4.254 255.255.255.0
Router(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
Router(config-if)#int s0/0/0
Router(config-if)#ip add 10.1.1.1 255.255.255.0
Router(config-if)#no shutd
Router(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0/0, changed state to down
Router(config-if)#clock rate 64000
R2 路由器 右
也是设置端口IP,就不复制了吧。。。。。。QAQ
三、设置PAT
R1 路由
Router(config)#access-list 1 permit 192.168.1.0 0.0.0.255
Router(config)#access-list 1 permit 192.168.4.0 0.0.0.255
Router(config)#ip nat inside source list 1 interface s0/0/0 overload
Router(config)#int f0/0
Router(config-if)#ip na
Router(config-if)#ip nat inside
Router(config-if)#int f0/1
Router(config-if)#ip nat inside
Router(config-if)#int s0/0/0
Router(config-if)#ip nat outside
Router(config)#ip route 192.168.2.0 255.255.255.0 10.1.1.2
四、测试
能够ping通
查看转化表有内容。
Router#show ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 10.1.1.1:1 192.168.1.2:1 192.168.2.1:1 192.168.2.1:1
icmp 10.1.1.1:2 192.168.1.2:2 192.168.2.1:2 192.168.2.1:2
icmp 10.1.1.1:3 192.168.1.2:3 192.168.2.1:3 192.168.2.1:3
icmp 10.1.1.1:4 192.168.1.2:4 192.168.2.1:4 192.168.2.1:4
但是这时并没有路由表:
R1 路由表:
Router#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Serial0/0/0
C 192.168.1.0/24 is directly connected, FastEthernet0/1
S 192.168.2.0/24 [1/0] via 10.1.1.2
C 192.168.4.0/24 is directly connected, FastEthernet0/0
R2 路由表
Router#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Serial0/0/0
C 192.168.2.0/24 is directly connected, FastEthernet0/1
这时可以看到R2 路由并没有设置路由表,但是依旧能够ping通,这是因为PAT的设置之后,从10.1.1.1端口出去的主机都会变成10.1.1.0这个网络的。192.168.1.0转化为10.1.1.0,而10.1.1.0在R2 路由表上,是直连网络,所以能够正常ping通。
扫一扫
1015
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
