Hướng dẫn làm NAT - Quản trị hệ thống Cisco
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 1 Chapter : NAT - PAT Network Address Translation Port Address Translation Presentation_ID 2 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 3 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 209.165.201.1 Presentation_ID 4 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 209.165.201.1 Inside local : 192.168.10.0/24 Inside global: 200.0.0.1 Outside global: tất cả các địa chỉ bên ngoài Inside Outside Presentation_ID 5 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Các kỹ thuật NAT Static NAT Dynamic NAT PAT (NAT Overload) Presentation_ID 6 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 199.99.9.1 199.99.9.2 199.99.9.3 199.99.9.4 Static NAT Presentation_ID 7 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure NAT on a Cisco Router Describe how to configure static NAT to conserve IP address space in a network Presentation_ID 8 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential R(config)# ip nat inside source static 192.168.10.1 199.99.9.1 R(config)# ip nat inside source static 192.168.10.2 199.99.9.2 R(config)# ip nat inside source static 192.168.10.3 199.99.9.3 R(config)# ip nat inside source static 192.168.10.4 199.99.9.4 R(config)# interface f0/0 R(config-if)# ip nat inside R(config)# interface s2/0 R(config-if)# ip nat outside Presentation_ID 9 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure NAT on a Cisco Router Describe how to configure dynamic NAT to conserve IP address space in a network Presentation_ID 10 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Dynamic NAT R(config)# access-list 1 permit 192.168.10.0 0.0.0.7 R(config)# ip nat pool ABC 199.99.9.1 199.99.9.4 netmask 255.255.255.248 Prefix-length 29 R(config)# ip nat inside source list 1 pool ABC R(config)# interface f0/0 R(config-if)# ip nat inside R(config)# interface s2/0 R(config-if)# ip nat outside