[实战]HM-Router configuration for TP ROOM

HM-Router configuration for TP

目标: 让外网可以访问FTP server [10.1.1.2] /Telnet(这里为了方便测试,使用telnet)，中间跨了2个 Router

++++CNSO-TP01 configuration +++++

conf t

service timestamps debug datetime localtime show-timezone msec

service timestamps log datetime localtime show-timezone msec

service password-encryption

service sequence-numbers

service tcp-keepalives-in

service tcp-keepalives-out

no ip http server

no ip http secure-server

no service config

no logging console

no logging monitor

password encryption aes

key config-key password-encrypt xxxxx

ip domain name hm.com

ip name-server 8.8.8.8 8.8.8.4

hostname CNSO-TP01

ip cef

ip multicast-routing

crypto key generate rsa

1024

ip ssh version 2

ip ssh authentication-retries 3

username xxxx priv 15 password 0 xxxx

enable secret 0 xxxxx

line vty 0 4

transport input all

exec-timeout 15 0

logging synchronous

exit

banner exec #

*****************************************************************

*UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED *

*You must have explicit, authorized permission to access or *

*configure this device. Unauthorized attempts and actions to *

*access or use this system may result in civil and/or criminal *

*penalties.All activities performed on this device are logged *

*and monitored. *

*****************************************************************#

interface f0/0

description *** TP WAN INTERFACE ***

ip address 12.1.1.2 255.255.255.0

no shut

exit

interface Vlan 1

description *** LAN INTERFACE ***

ip address 192.168.1.1 255.255.255.0

no shut

exit

Service DHCP

ip dhcp pool HM-CN

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

netbios-node-type h-node

dns-server 8.8.8.8 8.8.4.4

domain-name hm.com

lease 3

exit

ip dhcp excluded-address 192.168.1.1 192.168.1.10

ip route 0.0.0.0 0.0.0.0 f0/0 12.1.1.1

access-list 1 permit 192.168.1.0 0.0.0.255

ip nat inside source list 1 interface f0/0 overload

ip nat inside source static tcp 192.168.1.11 23 int f0/0 23

interface f0/0

ip nat outside

no cdp enable

no shut

exit

interface Vlan 1

ip nat inside

cdp ena

no shut

exit

试验结果:

在外面可以telnet R4

CNSO-TP01#sh ip nat translations

Pro Inside global Inside local Outside local Outside global

tcp 12.1.1.2:23 192.168.1.11:23 15.1.1.5:24113 15.1.1.5:24113

tcp 12.1.1.2:23 192.168.1.11:23 15.1.1.5:40245 15.1.1.5:40245

tcp 12.1.1.2:23 192.168.1.11:23 --- ---

=======以上模拟测试是否能进CNSO-TP01 router=================

CNSO-TP01(config)#ip route 10.1.1.0 255.255.255.0 vlan 1

CNSO-TP01(config)#no ip nat inside source static tcp 192.168.1.11 23 int f0/0 23

CNSO-TP01(config)#ip nat inside source static tcp 192.168.1.10 23 int f0/0 23

CT(config)#int f0/1

CT(config-if)#ip nat outside

CT(config-if)#int f0/0

CT(config-if)#ip nat inside

CT(config-if)#exit

CT(config)#access-list 1 permit 10.1.1.0 0.0.0.255

CT(config)#ip nat inside source list 1 interface f0/1 overload

CT(config)#ip nat inside source static tcp 10.1.1.2 23 int f0/1 23

测试成功如下:

CNSO-TP01#sh ip nat translations

Pro Inside global Inside local Outside local Outside global

tcp 12.1.1.2:23 192.168.1.10:23 15.1.1.5:26987 15.1.1.5:26987

tcp 12.1.1.2:23 192.168.1.10:23 --- ---

CT#sh ip nat translations

Pro Inside global Inside local Outside local Outside global

icmp 192.168.1.10:3 10.1.1.2:3 192.168.1.1:3 192.168.1.1:3

tcp 192.168.1.10:23 10.1.1.2:23 15.1.1.5:26987 15.1.1.5:26987

tcp 192.168.1.10:23 10.1.1.2:23 --- ---

总结:学要致用!

时间： 2024-12-30 04:10:12

[实战]HM-Router configuration for TP ROOM的相关文章

[Angular2 Router] Redirects and Path Matching - Avoid Common Routing Pitfall

In this tutorial we are going to learn how we can can configure redirects in the angular 2 router configuration. We are also going to see again another example on how the order of the configuration might trip us. We are going to see the different bet

[Angular2 Router] Configure Auxiliary Routes in the Angular 2 Router - What is the Difference Towards a Primary Route?

ENetwork Basic Configuration PT Practice SBA

CCNA Exploration: 网络基础知识 (版本 4.0) A few things to keep in mind while completing this activity: 1 Do not use the browser Back button or close or reload any exam windows during the exam. 2 Do not close Packet Tracer when you are done. It will close aut

思科资料的所有资料目录

1．20140819单臂路由.pdf 2．CCNA 实验手册之Packet_Tracer使用教程.pdf 3．CCNA_Lab_Workbook_Sample_Labs(CDP,静态路由,端口安全).pdf 4．CCNA.CCNP.CCIE案例实战手册(交换部分).pdf 5．CCNA.CCNP.CCIE案例实战手册(路由部分).pdf 6．CCNA帧中继解法.pdf 7．CCNA级别的实际企业环境综合实验.ppt 10．hsrp.pkt 11．CCNA_2010年5月(23个实验)最新实验总

Solr4.8.0源码分析(27)之ImplicitDocRouter和CompositeIdRouter

同样在公司工作中发现了一个现象, 1.我用/solr/admin/collections?action=CREATE&name=collection&numShards=3&replicationFactor=2创建collection 2. delete其中的一个shard 3. 使用以下命令增加shard,/admin/collections?action=CREATESHARD&shard=shardName&collection=name 如此就会报以下错误

模拟WALMART网络架构-双栈冗余

SiteA and Site B 通信 SiteA: 192.168.1.X 192.168.3.X SiteB: 192.168.2.X 192.168.4.X =====MPLS Router Configuration===== R1 2 3 4 5 6 ====〉代表不同的MPLS 供应商 Step1:--MPLS域启用MPLS ip cef mpls ip mpls ldp router-id lo0 force mpls label protocol ldp int s0/0 mpl

【IPv6总结】

IPV6的优势 1.更大地址空间,IPV6采用了128bit的地址长度,可以提供2^128个地址. 2.IPV6包头长度为固定40个字节,IPV4是40-60个字节:这样容易实现硬件式转发,提高转发效率 3.IPV6包头比IPV4包头简化,取消了网络层的校验工作,提高了网络层效率 4.引入灵活的扩展头,使得IPV6的协议扩展更加灵活,但是不是所有的路由器都需要处理IPV6的扩展头,这样中间路由器的转发提高了效率. 5.IPV6地址分配严格按照层次区域划分,使得骨干区域的IPV6路由能最大化的汇总

Security Checklist （路由器安全checklist）

CRM2013电子邮件路由器配置问题

After you deployed the CRM 2011 on premise and the CRM e-mail router you may experience a problem when loading data from Email Router Configuration manager. Issue When you hit the “load data” button on the “User, Queues, and Forward Mailboxes” Tab in