思科2811路由器配置翻译 !求大神解释这一段什么意思
答案:2 悬赏:10 手机版
解决时间 2021-02-25 22:10
- 提问者网友:情歌越听越心酸
- 2021-02-25 06:25
思科2811路由器配置翻译 !求大神解释这一段什么意思
最佳答案
- 五星知识达人网友:十鸦
- 2021-02-25 07:14
interface FastEthernet0/1.101 //新建子接口
description dev_mgmt //描述
encapsulation dot1Q 101 //封装VLAN101
ip address 172.21.1.1 255.255.255.0 //配置IP
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source list 120 interface FastEthernet0/0 overload //120列表匹配的IP通过FastEthernet0/0PAT上网
ip nat inside source static tcp 172.21.30.208 80 58.56.49.10 80 extendable //静态映射80端口
ip nat inside source static tcp 172.21.30.208 8080 58.56.49.10 8080 extendable //静态映射8080端口
ip nat inside source static tcp 172.21.30.208 37777 58.56.49.10 37777 extendable //静态映射37777端口
ip route 0.0.0.0 0.0.0.0 58.56.49.9 //默认路由指向58.56.49.9(应该是公网出口下一跳)
ip route 172.21.0.0 255.255.0.0 172.21.2.4 //静态路由
!
logging esm config
access-list 1 permit 172.21.0.0 0.0.255.255 //访问控制列表ACL1,允许172.21.0.0/16网段通过
access-list 2 permit 124.127.202.166
access-list 2 permit 222.175.133.107
access-list 101 permit ip 172.21.0.0 0.0.255.255 192.168.0.0 0.0.255.255 //ACL101,允许172.21.0.0/16到192.168.0.0/16的流量通过
access-list 102 permit ip 172.21.0.0 0.0.255.255 172.18.0.0 0.0.255.255 //ACL102,允许172.21.0.0/16到172.18.0.0/16的流量通过
access-list 103 permit ip host 124.127.202.166 any
access-list 103 permit ip host 222.175.133.107 any
access-list 120 deny ip 172.21.0.0 0.0.255.255 192.168.0.0 0.0.255.255
access-list 120 deny ip 172.21.0.0 0.0.255.255 172.18.0.0 0.0.255.255
access-list 120 permit ip 172.21.8.0 0.0.0.255 any
access-list 120 permit ip 172.21.11.0 0.0.0.255 any
access-list 120 permit ip 172.21.12.0 0.0.0.255 any
access-list 120 permit ip 172.21.30.0 0.0.0.255 any
description dev_mgmt //描述
encapsulation dot1Q 101 //封装VLAN101
ip address 172.21.1.1 255.255.255.0 //配置IP
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source list 120 interface FastEthernet0/0 overload //120列表匹配的IP通过FastEthernet0/0PAT上网
ip nat inside source static tcp 172.21.30.208 80 58.56.49.10 80 extendable //静态映射80端口
ip nat inside source static tcp 172.21.30.208 8080 58.56.49.10 8080 extendable //静态映射8080端口
ip nat inside source static tcp 172.21.30.208 37777 58.56.49.10 37777 extendable //静态映射37777端口
ip route 0.0.0.0 0.0.0.0 58.56.49.9 //默认路由指向58.56.49.9(应该是公网出口下一跳)
ip route 172.21.0.0 255.255.0.0 172.21.2.4 //静态路由
!
logging esm config
access-list 1 permit 172.21.0.0 0.0.255.255 //访问控制列表ACL1,允许172.21.0.0/16网段通过
access-list 2 permit 124.127.202.166
access-list 2 permit 222.175.133.107
access-list 101 permit ip 172.21.0.0 0.0.255.255 192.168.0.0 0.0.255.255 //ACL101,允许172.21.0.0/16到192.168.0.0/16的流量通过
access-list 102 permit ip 172.21.0.0 0.0.255.255 172.18.0.0 0.0.255.255 //ACL102,允许172.21.0.0/16到172.18.0.0/16的流量通过
access-list 103 permit ip host 124.127.202.166 any
access-list 103 permit ip host 222.175.133.107 any
access-list 120 deny ip 172.21.0.0 0.0.255.255 192.168.0.0 0.0.255.255
access-list 120 deny ip 172.21.0.0 0.0.255.255 172.18.0.0 0.0.255.255
access-list 120 permit ip 172.21.8.0 0.0.0.255 any
access-list 120 permit ip 172.21.11.0 0.0.0.255 any
access-list 120 permit ip 172.21.12.0 0.0.0.255 any
access-list 120 permit ip 172.21.30.0 0.0.0.255 any
全部回答
- 1楼网友:人類模型
- 2021-02-25 08:08
主要是ACL 配置,并没有太大的难度。追问ip nat inside source list 120 interface FastEthernet0/0 overload
access-list 2 permit 222.175.133.107
能不能解释一下这几个命令,list 120 list 2 像120 2 数字代表什么意思追答这个是NAT 配置,主要是将服务器的私有IP地址及端口映射为外网的公有IP地址及端口,让外网使用公有IP地址访问内网的服务器的不同端口的服务。另外提供内网对外网的访问。
access-list 2 permit 222.175.133.107
能不能解释一下这几个命令,list 120 list 2 像120 2 数字代表什么意思追答这个是NAT 配置,主要是将服务器的私有IP地址及端口映射为外网的公有IP地址及端口,让外网使用公有IP地址访问内网的服务器的不同端口的服务。另外提供内网对外网的访问。
我要举报
如以上回答内容为低俗、色情、不良、暴力、侵权、涉及违法等信息,可以点下面链接进行举报!
点此我要举报以上问答信息
大家都在看
推荐资讯