一、拓扑搭建
二、设备选型
设备品牌:维盟、艾泰、飞鱼星、TP-LINK等
路由器选型:华为AR1220、AR2220、AR201
交换机选型:S1700 ~ S6700
三、基础配置
R1配置命令:
1.配置网关和DHCP
<Huawei>sys
[Huawei]sysn R1
[R1]int vlan1
[R1-Vlanif1]ip add 192.168.1.1 24
[R1-Vlanif1]qu
[R1]ip pool 1
Info: It's successful to create an IP address pool.
[R1-ip-pool-1]network 192.168.1.0 mask 24
[R1-ip-pool-1]gateway-list 192.168.1.1
[R1-ip-pool-1]dns-list 114.114.114.114
[R1-ip-pool-1]qu
[R1]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
[R1]int vlan 1
[R1-Vlanif1]dhcp select global此时内网主机PC设置为dhcp,即可获取到192.168.1.0/24网段的IP地址,并且可以平通网关
2.配置PPPoE拨号
PPPoE账号020 密码123
[R1]int Dialer 1
[R1-Dialer1]link-protocol ppp
[R1-Dialer1]ip add ppp-negotiate
[R1-Dialer1]ppp pap local-user 020 password ci 123
[R1-Dialer1]dialer user 020
[R1-Dialer1]dialer bundle 2
[R1-Dialer1]qu
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]pppoe-client dial-bundle-number 2此时企业路由器R1外网接口已经拨号成功,并且获得公网IP地址,如图2
3.配置缺省路由和NAT
[R1]ip route-s 0.0.0.0 0 202.1.1.1
[R1]acl 2000
[R1-acl-basic-2000]rule 5 permit source 192.168.1.0 0.0.0.255
[R1-acl-basic-2000]qu
[R1]int Dialer 1
[R1-Dialer1]nat outbound 2000此时验证内网主机能否ping通运营商服务器9.9.9.2
PC>ping 9.9.9.2
Ping 9.9.9.2: 32 data bytes, Press Ctrl_C to break
From 9.9.9.2: bytes=32 seq=1 ttl=253 time=47 ms
From 9.9.9.2: bytes=32 seq=2 ttl=253 time=31 ms
From 9.9.9.2: bytes=32 seq=3 ttl=253 time=32 ms
From 9.9.9.2: bytes=32 seq=4 ttl=253 time=46 ms
From 9.9.9.2: bytes=32 seq=5 ttl=253 time=47 ms
--- 9.9.9.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 31/40/47 ms
PC>四、进阶配置
映射内网服务器192.168.1.100的80端口到公网地址202.1.1.254
[R1]int Dialer 1
[R1-Dialer1]nat server protocol tcp global current-interface 80 inside 192.168.1.100 80此时通过企业出口路由器获取的公网IP即可以访问内网的HTTP服务器,验证如图3
实验示例ensp工程文件下载地址:https://download.csdn.net/download/i12344/85337431
声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。
评论(0)