路由器NAT回流实施

最新推荐文章于 2025-07-08 15:35:24 发布

转载最新推荐文章于 2025-07-08 15:35:24 发布 · 1.4k 阅读

1 ·

CC 4.0 BY-SA版权

原文链接：http://blog.51cto.com/tiancong/662556

文章标签：

#网络

本文介绍了一位管理员如何通过配置路由器解决学校内部服务器无法通过域名访问的问题，包括配置NAT命令和详细路由器配置步骤。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

此文原载于本人百度博客：http://hi.baidu.com/oldfile

刚才主任让我配置一下路由器，好使我们的校内也能通过域名访问，本校的主页。原来我们的主页在校外可以通过域名访问，而在校内却只能通过IP地址。因为，我在配置NAT的时候，没有发现内网不能访问，所以这个问题一直到今天才迫切需要解决，呵呵，现在得以解决了。

输入以下两条新命令【便可以搞定----前提是已经配置好了NAT，以及外网能够通过域名访问内网服务器】：

shenzhi_R01_config#ip nat service privateservice
shenzhi_R01_config#ip nat outside destination static tcp 1.2.3.4 80 192.168.0.200 8080

--------------------------------------------------------------------------------------

新的路由器2626配置如下：
!version 1.3.3G
service timestamps log date
service timestamps debug date
no service password-encryption
!
hostname shenzhi_R01                 //配置路由器名称
!
!
!
!
!
!
gbsc group default
!
!
!
!
!
!
!
aaa authentication login default local                 //开启AAA
aaa authentication enable default enable
!
username shenzhi password 0 1234                 //设置密码
enable password 0 1234 level 15
!
!
!
interface FastEthernet0/0                                 //设置外口IP及NAT
ip address 121.17.40.109 255.255.255.0
no ip directed-broadcast
ip nat outside
!
interface FastEthernet0/3                                 //在内口设置NAT
no ip address
no ip directed-broadcast
ip nat inside
!
interface FastEthernet0/3.1                               //设置分口IP、带宽、NAT
ip address 192.168.1.99 255.255.255.0
no ip directed-broadcast
encapsulation dot1Q 11
bandwidth 100000
delay 1
ip nat inside
!
interface FastEthernet0/3.2
ip address 192.168.2.99 255.255.255.0
no ip directed-broadcast
encapsulation dot1Q 12
bandwidth 100000
delay 1
ip nat inside
!
interface FastEthernet0/3.3
ip address 192.168.3.99 255.255.255.0
no ip directed-broadcast
encapsulation dot1Q 13
bandwidth 100000
delay 1
ip nat inside
!
interface FastEthernet0/3.4
ip address 192.168.4.99 255.255.255.0
no ip directed-broadcast
encapsulation dot1Q 14
bandwidth 100000
delay 1
ip nat inside
!
interface FastEthernet0/3.5
ip address 192.168.5.99 255.255.255.0
no ip directed-broadcast
encapsulation dot1Q 15
bandwidth 100000
delay 1
ip nat inside
!
interface FastEthernet0/3.6
ip address 192.168.6.99 255.255.255.0
no ip directed-broadcast
encapsulation dot1Q 16
bandwidth 100000
delay 1
ip nat inside
!
interface FastEthernet0/3.7
ip address 192.168.7.99 255.255.255.0
no ip directed-broadcast
encapsulation dot1Q 17
bandwidth 100000
delay 1
ip nat inside
!
interface FastEthernet0/3.10
ip address 192.168.0.99 255.255.255.0
no ip directed-broadcast
encapsulation dot1Q 10
bandwidth 100000
delay 1
ip nat inside
!
interface Serial0/1
no ip address
no ip directed-broadcast
!
interface Serial0/2
no ip address
no ip directed-broadcast
!
interface Async0/0
no ip address
no ip directed-broadcast
!
!
!
!
!
!
!
!
!
ip route default 121.17.40.1                                        //默认路由
ip route 202.99.160.0 255.255.255.0 121.17.40.1    //静态路由
ip route 202.99.166.0 255.255.255.0 121.17.40.1
!
!
!
!
!
!
!
!
!
!
!
ip access-list standard shenzhi_nat_access           //标准NAT地址池
permit 192.168.0.0 255.255.255.0
!
ip access-list standard shenzhi_nat_access
permit 192.168.0.0 255.255.255.0
permit 192.168.1.0 255.255.255.0
permit 192.168.2.0 255.255.255.0
permit 192.168.3.0 255.255.255.0
permit 192.168.4.0 255.255.255.0
permit 192.168.5.0 255.255.255.0
permit 192.168.6.0 255.255.255.0
permit 192.168.7.0 255.255.255.0
!
!
!
!
!
!
ip nat service privateservice                                                          //设置NAT回流
ip nat outside destination static tcp 1.2.3.4 80 192.168.0.200 8080
ip nat inside source static tcp 192.168.0.200 8080 1.2.3.4 80
ip nat inside source list shenzhi_nat_access interface FastEthernet0/0    //实施NAT
!
!

转载于:https://blog.51cto.com/tiancong/662556