In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-07 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/03 Report--
The purpose of the experiment is to enable the intranet pc in the topology diagram to access the extranet
Experimental requirements: the private network segment is 192.168.1.0. The ip of the public network purchased by the company is 100.1.1.1 / 24.
The two ports ip of a router of ISP are 100.1.1.2ax 24 200.1.1.254 pm 24 ISP server ip 200.1.1.1 Universe 24 respectively.
The steps of the experiment:
1 assign IP addresses to all terminal devices (do not install gateways)
2 assign ip to the router port
Corporate Router:
Router (config) # hostname COMPgw
COMPgw (config) # inter g0and0
COMPgw (config-if) # no shu
COMPgw (config-if) # ip add 192.168.1.254 255.255.255.0
COMPgw (config-if) # exit
COMPgw (config) # inter g0bin1
COMPgw (config-if) # no shu
COMPgw (config-if) # ip add 100.1.1.1 255.255.255.0
COMPgw (config-if) # exit
ISP Router:
Router (config) # hostname ISPgw
ISPgw (config) # inter g0and0
ISPgw (config-if) # no shu
ISPgw (config-if) # ip add 100.1.1.2 255.255.255.0
ISPgw (config-if) # exit
ISPgw (config) # inter g0bin1
ISPgw (config-if) # no shu
ISPgw (config-if) # ip add 200.1.1.254 255.255.255.0
3.1 enter the border routing port into the inner and outer ports
COMPgw (config) # inter g0and0
COMPgw (config-if) # ip nat inside
COMPgw (config-if) # exit
COMPgw (config) # inter g0bin1
COMPgw (config-if) # ip nat outside
3.2 using ACL in global mode, set the PC that is allowed to pass through the route
COMPgw (config) # ip access-list standard 1
COMPgw (config-std-nacl) # permit 192.168.1.0 0.0.0.255
3.3 call acl with nat in global mode
COMPgw (config) # ip nat inside source list 1 inter g0lap 1
4 configure a default route for the corporate border router
COMPgw (config) # ip route 0.0.0.0 0.0.0.0 100.1.1.2 / / very important-tell the border router how to get to the operator ISP segment (but the router representing the operator does not need to write a static route entry because it returns packets to the internal network through nat rather than interworking directly with the internal network segment)
5 Verification and testing
Server 200.1.1.1 for ping ISP on PC192.168.1.1 (or 192.168.1.2)
That is: pc > ping 200.1.1.1
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
