一.测试拓扑:
二.基本配置:
A.R1
interface Loopback0
ip address 192.168.1.1 255.255.255.0
interface FastEthernet0/0
ip address 10.1.1.1 255.255.255.0
no shut
B.R2
interface Ethernet0/0
ip address 10.1.1.2 255.255.255.0
no shut
interface Ethernet0/1
ip address 202.100.1.2 255.255.255.0
no shut
C.R3
interface FastEthernet0/0
ip address 202.100.1.3 255.255.255.0
no shut
interface FastEthernet0/1
ip address 202.100.2.3 255.255.255.0
no shut
D.R4
interface Ethernet0/0
ip address 20.1.1.4 255.255.255.0
no shut
interface Ethernet0/2
ip address 30.1.1.4 255.255.255.0
no shut
interface Ethernet0/1
ip address 202.100.2.4 255.255.255.0
no shut
E.R5
interface Loopback0
ip address 192.168.2.5 255.255.255.0
interface FastEthernet0/0
ip address 20.1.1.5 255.255.255.0
no shut
F.R6
interface Loopback0
ip address 192.168.3.6 255.255.255.0
interface FastEthernet0/0
ip address 30.1.1.6 255.255.255.0
no shut
三.静态路由和PAT配置:
A.静态路由配置:
①R1
ip route 0.0.0.0 0.0.0.0 10.1.1.2
②R2
ip route 0.0.0.0 0.0.0.0 202.100.1.3
ip route 192.168.1.0 255.255.255.0 10.1.1.1
③R4
ip route 0.0.0.0 0.0.0.0 202.100.2.3
ip route 192.168.2.0 255.255.255.0 20.1.1.5
ip route 192.168.3.0 255.255.255.0 30.1.1.6
④R5
ip route 0.0.0.0 0.0.0.0 20.1.1.4
⑤R6
ip route 0.0.0.0 0.0.0.0 30.1.1.4
B.动态PAT配置:
①R2
ip access-list extended 100
permit ip 192.168.1.0 0.0.0.255 any
permit ip 10.1.1.0 0.0.0.255 any
int e0/0
ip nat inside
int e0/1
ip nat outside
ip nat inside source list 100 interface e0/1
②R4
ip access-list extended 100
permit ip 192.168.2.0 0.0.0.255 any
permit ip 192.168.3.0 0.0.0.255 any
permit ip 20.1.1.0 0.0.0.255 any
permit ip 30.1.1.0 0.0.0.255 any
int e0/0
ip nat inside
int e0/1
ip nat outside
ip nat inside source list 100 interface e0/1
C.静态PAT配置:
R2
ip nat inside source static udp 10.1.1.1 500 interface e0/1 500
ip nat inside source static udp 10.1.1.1 4500 interface e0/1 4500
四.VPN配置:
