静态nat与标准acl的混合使用思科认证
文章作者 100test 发表时间 2009:07:08 01:41:20
来源 100Test.Com百考试题网

  静态nat与标准acl 的混合使用
  <.1>.、将pc0和pc1得ip转换为环回地址。
  <.2>.、阻止1.1.1.2 的通信
  Router 1配置: 
  Router >.en
  Router#conf t 
  Enter configuration commands, one per line. End with CNTL/Z. 
  Router(config)#int f 0/0 
  Router(config-if)#ip add 1.1.1.1 255.0.0.0 
  Router(config-if)#no shut 
  %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up 
  %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up 
  Router(config-if)#int f0/1 
  Router(config-if)#ip add 2.2.2.1 255.0.0.0 
  Router(config-if)#no shutdown 
  %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up 
  Router(config-if)#exit 
  Router(config)# 
  %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up 
  Router(config)#int loopback 0 
  %LINK-5-CHANGED: Interface Loopback0, changed state to up 
  %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up 
  Router(config-if)#ip add 4.4.4.1 255.0.0.0 
  Router(config-if)#no shut 
  Router(config-if)#exit 
  Router(config)#router rip 
  Router(config-router)#network 1.0.0.0 
  Router(config-router)#network 2.0.0.0 
  Router(config-router)#network 4.0.0.0 
  Router(config-router)#end 
  %SYS-5-CONFIG_I: Configured from console by console 
  Router#show ip rou 
  Router#show ip route 
  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
  D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
  N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
  E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
  i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
  * - candidate default, U - per-user static route, o - ODR 
  P - periodic downloaded static route 
  Gateway of last resort is not set 
  C 1.0.0.0/8 is directly connected, FastEthernet0/0 
  C 2.0.0.0/8 is directly connected, FastEthernet0/1 
  R 3.0.0.0/8 [120/1] via 2.2.2.2, 00:00:11, FastEthernet0/1 
  C 4.0.0.0/8 is directly connected, Loopback0 
  Router#configure terminal 
  Enter configuration commands, one per line. End with CNTL/Z. 
  Router(config)#ip nat inside source s 
  Router(config)#ip nat inside source static 1.1.1.2 4.4.4.2 
  Router(config)#ip nat inside source static 1.1.1.3 4.4.4.3 
  Router(config)#interface fastEthernet 0/0 
  Router(config-if)#ip nat in 
  Router(config-if)#ip nat inside 
  Router(config-if)#no shut 
  Router(config-if)#no shutdown 
  Router(config-if)#int f0/1 
  Router(config-if)#ip nat outside 
  Router(config-if)#end 
  %SYS-5-CONFIG_I: Configured from console by console 
  Router#show ip nat ? 
  statistics Translation statistics 
  translations Translation entries 
  Router#show ip nat tr 
  Router#show ip nat translations 
  Pro Inside global Inside local Outside local Outside global 
  --- 4.4.4.2 1.1.1.2 --- --- 
  --- 4.4.4.3 1.1.1.3 --- --- 
  Router#ping 3.3.3.2 
  Type escape sequence to abort. 
  Sending 5, 100-byte ICMP Echos to 3.3.3.2, timeout is 2 seconds: 
  !!!!!