网络学习-eNSP配置NAT

NAT实现内网和外网互通

#给路由器接口设置IP地址模拟实验环境
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]interface gigabitethernet 0/0/0
[Huawei-GigabitEthernet0/0/0]ip address 192.168.2.254 24
[Huawei-GigabitEthernet0/0/0]quit
[Huawei]interface gigabitethernet 0/0/1
[Huawei-GigabitEthernet0/0/1]ip address 100.0.0.1 8
[Huawei-GigabitEthernet0/0/1]quit

静态转换----一对一(双向通信)适用于服务器场合

#给内网电脑申请一个公网IP--100.0.0.2，在路由器上配置NAT静态地址转换
[Huawei]interface gigabitethernet 0/0/1
# global表示外网，inside表示内网
[Huawei-GigabitEthernet0/0/1]nat static global 100.0.0.2 inside 192.168.2.1
# 配置结束后，通过192.168.2.1可ping通100.0.0.10

Easy IP----多对一(单向通信)适用于普通办公环境

# EasyIP通过ACL结合nat实现
[Huawei]acl 2000
#放行所有2.0网段的主机可以访问外网，如要放行所有设备，使用rule permit any
[Huawei-acl-basic-2000]rule permit source 192.168.2.0 0.0.0.255
[Huawei-acl-basic-2000]quit
[Huawei]interface gigabitether	
[Huawei]interface GigabitEthernet 0/0/1
[Huawei-GigabitEthernet0/0/1]display this
[V200R003C00]
#
interface GigabitEthernet0/0/1
 ip address 100.0.0.1 255.0.0.0 
 nat static global 100.0.0.2 inside 192.168.2.1 netmask 255.255.255.255
 nat static global 100.0.0.3 inside 192.168.2.2 netmask 255.255.255.255
#
return
[Huawei-GigabitEthernet0/0/1]undo nat static global 100.0.0. inside 192.168.2.2
[Huawei-GigabitEthernet0/0/1]display this
[V200R003C00]
#
interface GigabitEthernet0/0/1
 ip address 100.0.0.1 255.0.0.0 
#
return
[Huawei-GigabitEthernet0/0/1]nat outbound 2000             # 应用nat(easy ip方式)