代鹏建雄Basic NAT.doc

H3C NAT实验拓扑图 1、 Basic NAT 通过ACL定义一条rule，匹配源地址属于10.0.0.0/8网段的数据 [RTA]acl number 2000 [RTA-acl-basic-2000]rule 0 permit source 10.0.0.0 0.255.255.255 配置NAT地址池1用于地址转换的，地址池中的地址从211.21.21.25到211.21.21.168 [RTA]nat address-group 1 211.21.21.25 211.21.21.168 进入接口模式视图 [RTA]interface S 0/2/2 将地址池1与acl 2000关联，并在接口出方向上应用NAT [RTA- interface 0/2/2]nat outbound 2000 address-group 1 no-pat 实验效果与目的：私网访问公网时IP地址转换为IP地址池中的公网的任意IP 实验结果： 私网配置： Sys sys sw int s 0/2/0 ip add 10.0.0.1 8 quit rip net 10.0.0.2 user-interface vty 0 4 authentication-mode password set authentication password sim 123456 user privilege level 3 quit telnet server enable 路由器配置： sys sys lyq int s 0/2/0 ip add 10.0.0.2 8 quit int s 0/2/2 ip add 211.21.21.23 24 quit rip net 10.0.0.1 net 211.21.21.200 quit acl number 2000 rule 0 permit source 10.0.0.0 0.255.255.255 quit nat address-group 1 211.21.21.25 211.21.21.168 int s 0/2/2 nat outbound 2000 address-group 1 no-pat 公网配置： sys sys gw int s 0/2/0 ip add 211.21.21.200 24 quit rip net 211.21.21.23 quit user-interface vty 0 4 authentication-mode password set authentication password sim 123456 user privilege level 3 quit telnet server enable