NAT static and Port Mapping configuration Lab 01/17 Update SLTechnology News&Howtos

NAT static and Port Mapping configuration Lab

2025-01-17 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/02 Report--

Static NAT configuration diagram

1. Configure the host address:

PC1 > ip 192.168.100.10 192.168.100.1Checking for duplicate address...PC1: 192.168.100.10 255.255.255.0 gateway 192.168.100.1PC2 > ip 192.168.100.20 192.168.100.1Checking for duplicate address...PC1: 192.168.100.20 255.255.255.0 gateway 192.168.100.1PC3 > ip 12.0.0.12 12.0.0.1Checking for duplicate address...PC1: 13.0.0. 13 255.255.255.0 gateway 13.0.0.1

2. Configure R1 routing

R1#conf tR1 (config) # int f0/0R1 (config-if) # ip add 192.168.100.1 255.255.255.0R1 (config-if) # no shutR1 (config) # int f0/1R1 (config-if) # ip add 12.0.0.1 255.255.255.0R1 (config-if) # no shut

3. Disable the sw routing function

No ip routing

4. Configure the host address

5. Interconnection test

PC1 > ping 192.168.100.2084 bytes from 192.168.100.20 icmp_seq=1 ttl=64 time=0.000 ms84 bytes from 192.168.100.20 icmp_seq=2 ttl=64 time=0.000 ms84 bytes from 192.168.100.20 icmp_seq=3 ttl=64 time=0.000 ms84 bytes from 192.168.100.20 icmp_seq=4 ttl=64 time=0.000 ms84 bytes from 192.168.100.20 icmp_seq=5 ttl=64 time=0.000 msPC1 > ping 12.0.12 13.0.0.13 icmp_seq=1 timeout13.0.0. 13 icmp_seq=2 timeout84 bytes from 12.0.0.12 icmp_seq=3 ttl=62 time=62.485 ms84 bytes from 12.0.0.12 icmp_seq=4 ttl=62 time=69.039 ms84 bytes from 12.0.0.12 icmp_seq=5 ttl=62 time=69.046 ms

6. Configure static NAT list

R1 (config) # ip nat inside source static 192.168.100.10 12.0.0.10R1 (config) # ip nat inside source static 192.168.100.20 12.0.0.20R1 (config) # int f0/0R1 (config-if) # ip nat insideR1 (config-if) # int f0/1R1 (config-if) # ip nat outsideR1 (config-if) # endR1#debug ip nat IP NAT debugging is on

7. Test connectivity

PC1 > ping 12.0.1213.0.13 icmp_seq=1 timeout13.0.0.13 icmp_seq=2 timeout84 bytes from 12.0.0.12 icmp_seq=3 ttl=62 time=84.698 ms84 bytes from 12.0.0.12 icmp_seq=4 ttl=62 time=85.265 ms84 bytes from 12.0.0.12 icmp_seq=5 ttl=62 time=69.205 ms*Mar 100: 23 icmp_seq=4 ttl=62 time=85.265 ms84 bytes from 50.619: NAT*: slots 192.168.100.10-> 12.0.0.10 Dwatches 12.0.0.12 [5464] * Mar 100: 23NAT 51.831: NAT*: slots 192.168.100.10-> 12.0.0.10, dwatches 12.0.0.12 [5465] # translate the destination address from 12.0.0.10 to 192.168.100.10. This is the process of static address translation. II. NAT static port mapping configuration

1. Experimental environment

A Web server built by Linux, the local area network address is 192.168.100.100, the default port number is 80. The gateway of the local area network is 192.168.100.1, and the mapping address is 192.168.100.100VR 8080-> 12.0.0.100VR 8080.

Others can only see the public network IP address, but the private network address cannot be accessed directly.

2. Purpose of the experiment

Clients on the WAN cannot access the 100.100 address directly, and port mapping is required if they want to access it.

3. Experimental diagram

4. Install httpd service package in Linux, open httpd service, write test web page, etc.

[root@localhost ~] # yum install httpd-y [root@localhost ~] # vim / var/www/html/index.html / / write test web page this is inside web [root@localhost ~] # systemctl start httpd [root@localhost ~] # systemctl stop firewalld.service [root@localhost ~] # setenforce 0

5. Configure the gateway address

R1#conf tR1 (config) # int f0/0R1 (config-if) # ip add 192.168.100.1 255.255.255.0R1 (config-if) # no shutR1 (config-if) # exR1 (config) # int f0ap1 R1 (config-if) # ip add 12.0.0.1 255.255.255.0R1 (config-if) # no shutR1 (config-if) # ex

6. You can see the test page through the browser in centos (ping 192.168.100.100 or 127.0.0.1 is fine)

7. Bind VMnet1 network card to Linux, bind VMnet2 network card to Host, and configure static address

8. Access to the other party's 192.168.100.100 is accessible at this time, but in real life, it is impossible to directly access the other party's private address

9. Static port mapping configuration

R1 (config) # ip nat inside source static tcp 192.168.100.100 80 12.0.100 8080 extendable R1 (config) # int f0/0R1 (config-if) # ip nat insideR1 (config-if) # int f0/1R1 (config-if) # ip nat outsidR1 (config-if) # endR1#debug ip natIP NAT debugging is on*Mar 100: 36 config-if 59.327: NAT*: TCP slots 49160, dumb80-> 80*Mar 100: 36vy 59.327: NAT*: slots 12.0.0.12 Dcards 12.0.0.100-> 192.168.100.100 [364] # ports and addresses have been translated

10. Try to use the public network address to access win7 again. At this time, you can succeed. The experiment is successful!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.