2621xm NAT问题~~ 请高手指点~~

chenjun631 2004-05-14 11:47:52
show run 如下:*号有对应的IP数字,但是接上后只有192.168.1.0/24 和192.168.4.0/24网段可上网。但我又不想改为172.16.0.0,若这样的话工作量太大,因为有好几百台机子要改动。


!
! ******************************************************************
! Cisco2621.cfg - Cisco router configuration file
! Automatically created by GD-YC-CJ
! 2004/5/11, 10:17:02 AM
!
! Hostname: Cisco2621-CSdd-LT
! Model: 2621
! ******************************************************************
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Cisco2621-CSdd-LT
!
!####进入特权模式的口令(MD5加密)####
enable secret 1212121212121212121
!
ip name-server 211.*.*.*
!
ip subnet-zero
!
!
!
!
!
!
!####联接外线接口####
interface FastEthernet0/0
ip address *.*.97.94 255.255.255.240
ip broadcast-address *.*.97.80
ip nat outside
duplex auto
speed auto
!
!####联接本地网络接口####
interface FastEthernet0/1
ip address 192.168.0.1 255.255.0.0
ip broadcast-address 192.168.0.0
ip nat inside
duplex auto
speed auto
!####带Track选项的HSRP(线路热备份)配置####
standby ip 192.168.1.1
standby priority 200
standby preempt
standby track FastEthernet0/0 55
!
!####定义合法IP地址池####
ip nat pool every *.*.97.94 *.*.97.94 netmask 255.255.255.240
!####定义列表1采用端口复用地址转换####
ip nat inside source list 1 pool every overload
ip nat inside source list 2 pool every overload
ip nat inside source list 3 pool every overload
ip nat inside source list 4 pool every overload
!####定义静态地址转换#####
ip nat inside source static 192.168.4.1 *.*.97.82
ip nat inside source static 192.168.4.2 *.*.97.83
ip nat inside source static 192.168.4.3 *.*.97.84
ip nat inside source static 192.168.4.4 *.*.97.85
ip nat inside source static 192.168.4.5 *.*.97.86
ip nat inside source static 192.168.4.6 *.*.97.87
ip nat inside source static 192.168.4.7 *.*.97.88
ip nat inside source static 192.168.4.8 *.*.97.89
ip nat inside source static 192.168.4.9 *.*.97.90
ip nat inside source static 192.168.4.10 *.*.97.91
ip nat inside source static 192.168.4.11 *.*.97.92
ip nat inside source static 192.168.4.12 *.*.97.93
ip classless
!####定义默认静态路由,所有的远程访问通过网关,FastEthernet0/0接口IP为对端广域网IP地址####
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
no ip http server
ip pim bidir-enable
!
!
!####定义本地访问列表1####
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 permit 192.168.2.0 0.0.0.255
access-list 3 permit 192.168.3.0 0.0.0.255
access-list 4 permit 192.168.5.0 0.0.0.255
!
line con 0
line aux 0
line vty 0 4
login
!
end


若改成这样就可以,但我想还是要限制一下,就像上面一样设几个访问列表

!
! ******************************************************************
! Cisco2621.cfg - Cisco router configuration file
! Automatically created by GD-YC-CJ
! 2004/5/11, 10:17:02 AM
!
! Hostname: Cisco2621-CSdd-LT
! Model: 2621
! ******************************************************************
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Cisco2621-CSdd-LT
!
!####进入特权模式的口令(MD5加密)####
enable secret 1212121212121212121
!
ip name-server 211.*.*.*
!
ip subnet-zero
!
!
!
!
!
!
!####联接外线接口####
interface FastEthernet0/0
ip address *.*.97.94 255.255.255.240
ip broadcast-address *.*.97.80
ip nat outside
duplex auto
speed auto
!
!####联接本地网络接口####
interface FastEthernet0/1
ip address 192.168.0.1 255.255.0.0
ip broadcast-address 192.168.0.0
ip nat inside
duplex auto
speed auto
!####带Track选项的HSRP(线路热备份)配置####
standby ip 192.168.1.1
standby priority 200
standby preempt
standby track FastEthernet0/0 55
!
!####定义合法IP地址池####
ip nat pool every *.*.97.94 *.*.97.94 netmask 255.255.255.240
!####定义列表1采用端口复用地址转换####
ip nat inside source list 1 pool every overload
!####定义静态地址转换#####
ip nat inside source static 192.168.4.1 *.*.97.82
ip nat inside source static 192.168.4.2 *.*.97.83
ip nat inside source static 192.168.4.3 *.*.97.84
ip nat inside source static 192.168.4.4 *.*.97.85
ip nat inside source static 192.168.4.5 *.*.97.86
ip nat inside source static 192.168.4.6 *.*.97.87
ip nat inside source static 192.168.4.7 *.*.97.88
ip nat inside source static 192.168.4.8 *.*.97.89
ip nat inside source static 192.168.4.9 *.*.97.90
ip nat inside source static 192.168.4.10 *.*.97.91
ip nat inside source static 192.168.4.11 *.*.97.92
ip nat inside source static 192.168.4.12 *.*.97.93
ip classless
!####定义默认静态路由,所有的远程访问通过网关,FastEthernet0/0接口IP为对端广域网IP地址####
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
no ip http server
ip pim bidir-enable
!
!
!####定义本地访问列表1####
access-list 1 permit 192.168.0.0 0.0.255.255 <-这里改大了。

!
line con 0
line aux 0
line vty 0 4
login
!
end

我要怎么做呢?
...全文
166 4 打赏 收藏 转发到动态 举报
写回复
用AI写文章
4 条回复
切换为时间正序
请发表友善的回复…
发表回复
niyh 2004-06-26
  • 打赏
  • 举报
回复
?!
schema01 2004-06-25
  • 打赏
  • 举报
回复
应该这样定义ACL:

access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
access-list 1 permit 192.168.3.0 0.0.0.255
access-list 1 permit 192.168.5.0 0.0.0.255

然后这样应用:
ip nat inside source list 1 pool every overload
这句就不是了,楼主的没问题

上面那段可以改一改
chenjun631 2004-06-25
  • 打赏
  • 举报
回复
??怎么变得没有回复了?我怎么结帖啊~
niyh 2004-06-25
  • 打赏
  • 举报
回复
应该这样定义ACL:

access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
access-list 1 permit 192.168.3.0 0.0.0.255
access-list 1 permit 192.168.5.0 0.0.0.255

然后这样应用:
ip nat inside source list 1 pool every overload

3,805

社区成员

发帖
与我相关
我的任务
社区描述
硬件使用 交换及路由技术相关问题讨论专区
社区管理员
  • 交换及路由技术社区
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告
暂无公告

试试用AI创作助手写篇文章吧