Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

The extendable parameter of NAT, which causes an address to be tested by different interfaces NAT

2025-01-16 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

one。 Test the topology:

two。 Basic ideas and written examination questions:

a. Basic ideas:

By using the NAT extendable parameter, an internal address can be NAT out with different addresses on different interfaces, otherwise an internal address can only be allocated with static NAT once.

b. Written examination questions:

An internal DNS server requires a NAT on a Cisco IOS router that is dual-homed to separate ISPs using distinct CIDR blocks. Which NAT capability is required to allow hosts in each CIDR block to contact the DNS server via one translated address?

Answer: NAT extendable

three。 Basic configuration:

A.R1 Router:

Interface Ethernet0/0

Ip address 202.100.1.2 255.255.255.0

No shut

B.R2 Router:

Interface Ethernet0/0

Ip address 61.1.1.2 255.255.255.0

No shut

C.R3 Router:

Interface Ethernet0/0

Ip address 10.1.1.1 255.255.255.0

Ip nat inside

No shut

Interface Ethernet0/1

Ip address 202.100.1.1 255.255.255.0

Ip nat outside

No shut

Interface Ethernet0/2

Ip address 61.128.1.1 255.255.255.0

Ip nat outside

No shut

D.R4 router

Interface Ethernet0/0

Ip address 10.1.1.2 255.255.255.0

Sno shut

Ip route 0.0.0.0 0.0.0.0 10.1.1.1

Line vty 0 5

Password cisco

Login

IV. NAT extendable configuration:

A.R3 Router:

Ip nat inside source static 10.1.1.2 61.128.1.8 extendable

Ip nat inside source static 10.1.1.2 202.100.1.8 extendable

b. Test:

R1#telnet 202.100.1.8

Trying 202.100.1.8... Open

User Access Verification

Password:

R4 > show users

Line User Host (s) Idle Location

0 con 0 idle 06:08:16

* 130 vty 0 idle 00:00:00 202.100.1.2

Interface User Mode Idle Peer Address

R2#telnet 61.128.1.8

Trying 61.128.1.8... Open

User Access Verification

Password:

R4 > show users

Line User Host (s) Idle Location

0 con 0 idle 06:09:06

130 vty 0 idle 00:00:49 202.100.1.2

* 131 vty 1 idle 00:00:00 61.128.1.2

Interface User Mode Idle Peer Address

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report