cisco 路由器nat设置
来源:互联网 发布:淘宝的访客数和浏览量 编辑:程序博客网 时间:2024/05/19 05:33
User Access Verification
Username:
Password:
Router#sho run
Building configuration...
Current configuration : 4683 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$yuTJ$2AfnDSmneRz.mpf7w/CZ30
!
username test privilege 15 password 0 test
username jxc privilege 15 secret 5 $1$GcSJ$oitYk1fj7n3K06ut4mnbH0
memory-size iomem 15
no network-clock-participate aim 0
no network-clock-participate aim 1
aaa new-model
!
!
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authentication login sdm_vpn_xauth_ml_2 local
aaa authorization exec default local
aaa authorization network sdm_vpn_group_ml_1 local
aaa authorization network sdm_vpn_group_ml_2 local
aaa session-id common
ip subnet-zero
!
!
ip cef
!
!
ip ips po max-events 100
no ip domain lookup
no ftp-server write-enable
!
!
!
!
!
!
crypto isakmp policy 1
encr aes
authentication pre-share
group 2
crypto isakmp xauth timeout 15
!
crypto isakmp client configuration group easyvpn
key easyvpn
pool SDM_POOL_2
max-users 10
netmask 255.255.255.0
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
!
crypto dynamic-map SDM_DYNMAP_1 1
set transform-set ESP-3DES-SHA1
reverse-route
!
!
crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_2
crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_2
crypto map SDM_CMAP_1 client configuration address respond
crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
!
!
!
interface Loopback0
ip address 192.168.7.1 255.255.255.0
!
interface GigabitEthernet0/0
ip address 113.0.42.?255.255.255.248
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map SDM_CMAP_1
!
interface GigabitEthernet0/1
ip address 172.16.10.254 255.255.255.0 secondary
ip address 172.16.100.254 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface Serial0/0/0
no ip address
shutdown
clockrate 2000000
!
interface Serial0/0/1
no ip address
shutdown
clockrate 2000000
!
interface Serial0/1/0
no ip address
shutdown
clockrate 2000000
!
interface Serial0/1/1
no ip address
shutdown
clockrate 2000000
!
ip local pool SDM_POOL_2 172.16.99.1 172.16.99.10
ip classless
ip route 0.0.0.0 0.0.0.0 113.0.42.161
no ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip nat inside source static tcp 172.16.100.35 22 113.0.42.? 1035 extendable
ip nat inside source static tcp 172.16.100.37 22 ?1037 extendable
ip nat inside source static tcp 172.16.100.38 22 ?1038 extendable
ip nat inside source static tcp 172.16.100.40 22 113.0??1040 extendable
ip nat inside source static tcp 172.16.100.46 22 ?1046 extendable
ip nat inside source static tcp 172.16.10.203 22 ?2222 extendable
ip nat inside source static tcp 172.16.100.37 3306 ?3306 extendable
ip nat inside source static tcp 172.16.10.203 5903 ?5903 extendable
ip nat inside source static tcp 172.16.10.201 5910 ?5910 extendable
ip nat inside source static tcp 172.16.10.202 5911 ?5911 extendable
ip nat inside source static tcp 172.16.10.63 22 ?6322 extendable
ip nat inside source static tcp 172.16.10.67 22 ?6722 extendable
ip nat inside source static tcp 172.16.10.203 8080 ? 8080 extendable
ip nat inside source static tcp 172.16.10.67 9527 ?9527 extendable
ip nat inside source static tcp 172.16.100.46 11211 ?11211 extendabl
e
ip nat inside source static tcp 172.16.10.201 22 ?20122 extendable
ip nat inside source static tcp 172.16.10.202 22 ?20222 extendable
ip nat inside source static tcp 172.16.10.64 50000 ?50000 extendable
!
!
access-list 1 permit 172.16.100.185
access-list 1 permit 172.16.10.202
access-list 1 permit 172.16.10.203
access-list 1 permit 172.16.10.201
access-list 1 permit 172.16.10.62
access-list 1 permit 172.16.10.63
access-list 1 permit 172.16.10.61
access-list 1 permit 172.16.10.68
access-list 1 permit 172.16.10.69
access-list 1 permit 172.16.100.46
access-list 1 permit 172.16.10.64
access-list 1 permit 172.16.10.65
access-list 144 remark wer
access-list 144 remark SDM_ACL Category=4
access-list 144 permit ip any any
access-list 144 remark wer
access-list 144 remark SDM_ACL Category=4
route-map SDM_RMAP_2 permit 1
match ip address 102
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
password test
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
Username:
Password:
Router#sho run
Building configuration...
Current configuration : 4683 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$yuTJ$2AfnDSmneRz.mpf7w/CZ30
!
username test privilege 15 password 0 test
username jxc privilege 15 secret 5 $1$GcSJ$oitYk1fj7n3K06ut4mnbH0
memory-size iomem 15
no network-clock-participate aim 0
no network-clock-participate aim 1
aaa new-model
!
!
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authentication login sdm_vpn_xauth_ml_2 local
aaa authorization exec default local
aaa authorization network sdm_vpn_group_ml_1 local
aaa authorization network sdm_vpn_group_ml_2 local
aaa session-id common
ip subnet-zero
!
!
ip cef
!
!
ip ips po max-events 100
no ip domain lookup
no ftp-server write-enable
!
!
!
!
!
!
crypto isakmp policy 1
encr aes
authentication pre-share
group 2
crypto isakmp xauth timeout 15
!
crypto isakmp client configuration group easyvpn
key easyvpn
pool SDM_POOL_2
max-users 10
netmask 255.255.255.0
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
!
crypto dynamic-map SDM_DYNMAP_1 1
set transform-set ESP-3DES-SHA1
reverse-route
!
!
crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_2
crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_2
crypto map SDM_CMAP_1 client configuration address respond
crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
!
!
!
interface Loopback0
ip address 192.168.7.1 255.255.255.0
!
interface GigabitEthernet0/0
ip address 113.0.42.?255.255.255.248
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map SDM_CMAP_1
!
interface GigabitEthernet0/1
ip address 172.16.10.254 255.255.255.0 secondary
ip address 172.16.100.254 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface Serial0/0/0
no ip address
shutdown
clockrate 2000000
!
interface Serial0/0/1
no ip address
shutdown
clockrate 2000000
!
interface Serial0/1/0
no ip address
shutdown
clockrate 2000000
!
interface Serial0/1/1
no ip address
shutdown
clockrate 2000000
!
ip local pool SDM_POOL_2 172.16.99.1 172.16.99.10
ip classless
ip route 0.0.0.0 0.0.0.0 113.0.42.161
no ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip nat inside source static tcp 172.16.100.35 22 113.0.42.? 1035 extendable
ip nat inside source static tcp 172.16.100.37 22 ?1037 extendable
ip nat inside source static tcp 172.16.100.38 22 ?1038 extendable
ip nat inside source static tcp 172.16.100.40 22 113.0??1040 extendable
ip nat inside source static tcp 172.16.100.46 22 ?1046 extendable
ip nat inside source static tcp 172.16.10.203 22 ?2222 extendable
ip nat inside source static tcp 172.16.100.37 3306 ?3306 extendable
ip nat inside source static tcp 172.16.10.203 5903 ?5903 extendable
ip nat inside source static tcp 172.16.10.201 5910 ?5910 extendable
ip nat inside source static tcp 172.16.10.202 5911 ?5911 extendable
ip nat inside source static tcp 172.16.10.63 22 ?6322 extendable
ip nat inside source static tcp 172.16.10.67 22 ?6722 extendable
ip nat inside source static tcp 172.16.10.203 8080 ? 8080 extendable
ip nat inside source static tcp 172.16.10.67 9527 ?9527 extendable
ip nat inside source static tcp 172.16.100.46 11211 ?11211 extendabl
e
ip nat inside source static tcp 172.16.10.201 22 ?20122 extendable
ip nat inside source static tcp 172.16.10.202 22 ?20222 extendable
ip nat inside source static tcp 172.16.10.64 50000 ?50000 extendable
!
!
access-list 1 permit 172.16.100.185
access-list 1 permit 172.16.10.202
access-list 1 permit 172.16.10.203
access-list 1 permit 172.16.10.201
access-list 1 permit 172.16.10.62
access-list 1 permit 172.16.10.63
access-list 1 permit 172.16.10.61
access-list 1 permit 172.16.10.68
access-list 1 permit 172.16.10.69
access-list 1 permit 172.16.100.46
access-list 1 permit 172.16.10.64
access-list 1 permit 172.16.10.65
access-list 144 remark wer
access-list 144 remark SDM_ACL Category=4
access-list 144 permit ip any any
access-list 144 remark wer
access-list 144 remark SDM_ACL Category=4
route-map SDM_RMAP_2 permit 1
match ip address 102
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
password test
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
0 0
- cisco 路由器nat设置
- Cisco 路由器NAT设置介绍
- Cisco RV180W 路由器设置
- 路由器NAT设置
- Cisco 路由器 NAT负载过高分析
- Cisco路由器NAT功能配置简介
- 如何设置CISCO路由器密码
- CISCO路由器设置的连接
- 调试cisco路由器手记-修改NAT配置
- 调试cisco路由器手记-修改NAT配置
- CISCO路由器下-多ISP下NAT实现
- 在Cisco IOS路由器上验证NAT-T的使用
- 在cisco路由器上做:双向NAT地址转换
- 【笔记】cisco路由器动态IP接入NAT设定
- cisco 路由器:ADSL拨号的设置
- cisco 路由器:ADSL拨号的设置
- Cisco 路由器上ADSL拨号设置
- cisco路由器ping命令的设置
- Linux下crontab命令的用法
- 回调函数的范例———VS2010 下编译
- iOS开发工具——统计Crash的工具Crashlytics
- 枚举使用
- document.domain 跨域问题
- cisco 路由器nat设置
- Jquery—JQuery对radio的操作(01)
- log4j输出多个自定义日志文件,动态配置路径
- Python核心编程学习笔记(二)
- ios 将NSLog日志重定向输出到文件中保存
- PHP中文乱码
- Xshell emacs backspace
- 国产Dwz 同一个页面多个分页标签分页失效或者分页混乱的问题解决办法
- VC连接ADO方式ACCESS数据库在WIN7下编译到XP下不能运行解决方法