配置NAT Server: 执行命令interfaceinterface-typeinterface-number[.subnumber],进入接口或子接口视图。 根据实际情况,执行其中一条命令配置NAT Server: nat serverprotocol{tcp|udp}global{global-address|current-interface|interfaceinterface-type interface-number[.subnumber]}global-port[global-port2] [vrrpvrrpid]...
nat server 10.1_wwwzone untrust protocol tcp global202.100.1.2 9898 inside 192.168.10.1 80 no-reverse unr-route (5)可以通过display this查看NATserver的配置,以及 display nat server查看。 (6)排错的思路直接从server-map表是否生成,以及看会话信息,如果没有会话信息出现,则检测安全策略是否做对了,如果有会...
1、NAT Server/静态PAT [R1-GigabitEthernet0/0/1] interface GigabitEthernet0/0/1 [R1-GigabitEthernet0/0/1] ip address 1.1.1.1 255.255.255.252 [R1-GigabitEthernet0/0/1] nat server protocol tcp global 125.171.0.10 8080 inside 192.168.30.100 80 2、NAT Server外网接口IP复用 [R1-GigabitEthernet0...
# sysname DeviceA # nat server policy_ftp1 protocol tcp global 1.1.1.10 ftp inside 10.2.0.8 ftp no-reverse route nat server policy_ftp2 protocol tcp global 2.2.2.10 ftp inside 10.2.0.8 ftp no-reverse route # interface 10GE1/0/1 ip address 1.1.1.1 255.255.255.0 redirect-reverse next-hop...
interface GigabitEthernet0/0/1 ip address 12.1.1.1 255.255.255.248 nat server protocol tcp global 12.1.1.2 ftp inside 192.168.1.30 ftp(将内网192.168.1.30的ftp21端口映射成公网12.1.1.2的ftp21端口) nat server protocol tcp global current-interface(这里是基于接口地址映射)www inside 192.168.1.30 www(将...
interface Vlanif100 ---内网口 ip address 192.168.1.1 255.255.255.0 nat server protocol tcp global interface G0/0/1 8080 inside 192.168.1.100 8080 ---配置Nat Server nat outbound 3001 ---同时要配置一个Nat Outbound 说明:如果不在内网口配置Nat Outbound,那么就会出现这种情况,假设组网为:AR路由--交...
#NAT-server 端口映射 [AR1200]interface g0/0/1 [AR1200-GigabitEthernet0/0/1]nat server protocol tcp global current-interface 80 inside 192.168.255.6 80 Warning:The port 80 is well-known port. If you continue it may cause function failure. ...
nat server protocol tcp global current-interface 8081 inside 10.0.0.94 8081 nat server global 200.1.1.2 inside 10.0.0.8 nat outbound 2001 zone untrust 原因分析 通过配置文件可以看出,设备Eth0/0/4连接内网服务器,GE0/0/1连接Internet,且做了防火墙业务。
interfaceGigabitEthernet0/0/1nat server global1 应用NAT实例: 代码语言:javascript 复制 interfaceGigabitEthernet0/0/1nat server protocol tcp global80inside10.0.0.1080 思科设备配置示例: 创建NAT地址池: 代码语言:javascript 复制 ip nat poolNAT_POOL202.0.0.1202.0.0.254netmask255.255.255.0 ...
[USG6000V1]nat server protocol tcp global 202.100.1.12 9898 inside 192.168.10.1 80 安全策略配置 之前一对一映射是会生成正反server-map表项,端口映射也会生成正反,但是跟一对一有点小区别,多了一个端口号。 (1)正向server-map:Type: Nat Server, ANY ->202.100.1.12:9898[192.168.10.1:80], Zone:--...