80 likes | 192 Views
local. route-map. public. Inside. Outside. Autor: Leszek Gorzelnik , Kraków 2007. Router jednointerface'wy jako serwer DHCP z usługą NAT. DHCP. ACL. Loopback0. fa0/0. NAT. local. route-map. public. Inside. Outside. ip dhcp excluded-address 10.188.215.200
E N D
local route-map public Inside Outside Autor: Leszek Gorzelnik , Kraków 2007 Router jednointerface'wy jako serwer DHCP z usługą NAT DHCP ACL Loopback0 fa0/0 NAT
local route-map public Inside Outside ip dhcp excluded-address 10.188.215.200 ip dhcp excluded-address 10.188.215.1 ip dhcp excluded-address 10.188.215.100 ! ip dhcp pool LOKALNA_215 network 10.188.215.0 255.255.255.0 default-router 10.188.215.1 dns-server 10.10.0.2 10.10.0.3 DHCP ACL Loopback0 fa0/0 NAT
local route-map public Inside Outside ip dhcp excluded-address 10.188.215.200 ip dhcp excluded-address 10.188.215.1 ip dhcp excluded-address 10.188.215.100 ! ip dhcp pool LOKALNA_215 network 10.188.215.0 255.255.255.0 default-router 10.188.215.1 dns-server 10.10.0.2 10.10.0.3 Sieć 10.188.215.0 DHCP ACL Loopback0 fa0/0 NAT ip route 0.0.0.0 0.0.0.0 172.27.10.1 Sieć 172.27.10.0 brama 172.27.10.1 Sieć 10.10.0.0
local route-map public Inside Outside interface FastEthernet0/0 ip address 10.188.215.1 255.255.255.0 secondary ip address 172.27.10.3 255.255.255.0 ip access-group 111 in ip nat outside ip policy route-map NAT ACL Loopback0 fa0/0 NAT
local route-map public Inside Outside interface FastEthernet0/0 ip address 10.188.215.1 255.255.255.0 secondary ip address 172.27.10.3 255.255.255.0 ip access-group 111 in ip nat outside ip policy route-map NAT ACL Loopback0 fa0/0 access-list 111 permit tcp 10.10.0.0 0.0.255.255 any eq telnet access-list 111 deny tcp any any eq telnet access-list 111 permit icmp 10.188.0.0 0.0.255.255 any access-list 111 permit icmp any any echo-reply access-list 111 deny icmp any any access-list 111 permit tcp 10.10.0.0 0.0.255.255 any eq 3389 access-list 111 deny tcp any any eq 3389 access-list 111 permit tcp 10.10.0.0 0.0.255.255 any eq 5900 access-list 111 deny tcp any any eq 5900 access-list 111 permit ip any any NAT
local route-map public Inside Outside interface FastEthernet0/0 ip address 10.188.215.1 255.255.255.0 secondary ip address 172.27.10.3 255.255.255.0 ip access-group 111 in ip nat outside ip policy route-map NAT interface Loopback0 ip address 192.168.215.1 255.255.255.0 ip nat inside ACL Loopback0 fa0/0 NAT
local route-map public Inside Outside interface FastEthernet0/0 ip address 10.188.215.1 255.255.255.0 secondary ip address 172.27.10.3 255.255.255.0 ip access-group 111 in ip nat outside ip policy route-map NAT interface Loopback0 ip address 192.168.215.1 255.255.255.0 ip nat inside ACL Loopback0 fa0/0 route-map NAT permit 10 match ip address SiecNAT set interface Loopback0 NAT
local route-map public Inside Outside ip access-list extended SiecNAT permit ip 10.188.215.0 0.0.0.255 any interface FastEthernet0/0 ip address 10.188.215.1 255.255.255.0 secondary ip address 172.27.10.3 255.255.255.0 ip access-group 111 in ip nat outside ip policy route-map NAT interface Loopback0 ip address 192.168.215.1 255.255.255.0 ip nat inside ACL Loopback0 fa0/0 route-map NAT permit 10 match ip address SiecNAT set interface Loopback0 172.27.10.3 NAT ip nat pool TRANSLATOR 172.27.10.3 172.27.10.3 netmask 255.255.255.0 ip nat inside source list SiecNAT pool TRANSLATOR overload ip nat inside source static tcp 10.188.215.100 5900 172.27.10.3 5900 extendable ip nat inside source static tcp 10.188.215.100 3389 172.27.10.3 3389 extendable Sieć 10.10.0.0