cisco 2621xm 做NAT典型配置

王朝other·作者佚名  2008-05-31
窄屏简体版  字體: |||超大  

Router#sh run

Building configuration...

Current configuration : 2335 bytes

!

version 12.2

service timestamps debug uptime

service timestamps log uptime

service passWord-encryption

!

hostname Router

!

enable secret 5 $1$2qcD$sKLJhsTs0FWYyFanxh7QK0

enable password 7 10440D1803164F465B507B787C

!

ip subnet-zero

!

!

!

!

!

!

interface FastEthernet0/0

ip address 211.96.×.× 255.255.255.240

ip Access-group 101 in

ip access-group 101 out

ip nat outside

duplex auto

speed auto

!

interface Serial0/0

no ip address

shutdown

!

interface FastEthernet0/1

ip address 192.168.168.1 255.255.255.0

ip access-group 101 in

ip access-group 101 out

ip nat inside

duplex auto

speed auto

!

ip nat inside source list 10 interface FastEthernet0/0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 211.96.109.193

no ip http server

ip pim bidir-enable

!

!

access-list 10 permit 192.168.168.0 0.0.0.255

access-list 101 deny tcp any any eq echo

access-list 101 deny tcp any any eq chargen

access-list 101 deny tcp any any eq 135

access-list 101 deny tcp any any eq 136

access-list 101 deny tcp any any eq 137

access-list 101 deny tcp any any eq 138

access-list 101 deny tcp any any eq 139

access-list 101 deny tcp any any eq 389

access-list 101 deny tcp any any eq 445

access-list 101 deny tcp any any eq 4444

access-list 101 deny tcp any any eq 1068

access-list 101 deny tcp any any eq 5554

access-list 101 deny tcp any any eq 9995

access-list 101 deny tcp any any eq 9996

access-list 101 deny tcp any any eq 6666

access-list 101 deny tcp any any eq 593

access-list 101 deny udp any any eq tFTP

access-list 101 deny udp any any eq 135

access-list 101 deny udp any any eq 136

access-list 101 deny udp any any eq netbios-ns

access-list 101 deny udp any any eq netbios-dgm

access-list 101 deny udp any any eq netbios-ss

access-list 101 deny udp any any eq snmp

access-list 101 deny udp any any eq 389

access-list 101 deny udp any any eq 445

access-list 101 deny udp any any eq 1434

access-list 101 deny udp any any eq 1433

access-list 101 deny udp any any eq 1068

access-list 101 deny udp any any eq 9995

access-list 101 deny udp any any eq 9996

access-list 101 deny udp any any eq 5554

access-list 101 deny udp any any eq 593

access-list 101 permit ip any any

!

line con 0

line aux 0

line vty 0 4

password 7 09464A081F044A5F5A5E567D7C7079606D

login

!

!

end

Router#

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
 
 
© 2005- 王朝網路 版權所有 導航