烽火路由器常用配置案例分析_第1頁(yè)
烽火路由器常用配置案例分析_第2頁(yè)
烽火路由器常用配置案例分析_第3頁(yè)
烽火路由器常用配置案例分析_第4頁(yè)
烽火路由器常用配置案例分析_第5頁(yè)
已閱讀5頁(yè),還剩3頁(yè)未讀, 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說(shuō)明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡(jiǎn)介

1、烽火路由器常用配置簡(jiǎn)介及案例分析一、配置命令簡(jiǎn)介:1, Route(config)#hostname /此為路由器名稱配置2, Route(config)#aaa authentication login default localRoute(config)#aaa authentication enable default none/ “l(fā)ogin ”及“ telnet ”用戶登陸權(quán)限配置3, Route(config)#username t password 0 w /用戶名及密碼配置4, Route(config)#interface FastEthernet0/0 /接口模式下命令配置

2、 Route(config-fa-0/0)#ip address 222.160.140.10 255.255.255.248 配置上聯(lián)接口地址(必配)Route(config)#ip nat outside- 地址轉(zhuǎn)換外部接口(必配)Route(config)#interface FastEthernet1/0 Route(config-fa-1/0)#ip address 10.18.11.1 255.255.255.0 配置內(nèi)部接口地址(必配)Route(config-fa-1/0)#ip nat inside- 地址轉(zhuǎn)換內(nèi)部接口(必配)Route(config)#interface F

3、astEthernet2/0 Route(config-fa-2/0)#ip address 10.18.12.1 255.255.255.0Route(config-fa-2/0)#ip nat inside5, Route(config)#ip route default 222.160.140.9- 配置缺省路由,指向上聯(lián)設(shè)備網(wǎng)關(guān)的地址6, Route(config)#ip nat pool pool1 222.160.140.10 222.160.140.10 255.255.255.248/ 配置地址轉(zhuǎn)換的地址池, 如果沒(méi)有多的公網(wǎng)地址,那么可以用上聯(lián)口地址配置多個(gè)地址轉(zhuǎn)換池。Rou

4、te(config)#ip nat pool pool2 222.160.140.10 222.160.140.10 255.255.255.2487, Route(config)#ip nat inside source list list1 pool pool1 overload/ 將地址轉(zhuǎn)換池加入到標(biāo)準(zhǔn)訪問(wèn)控制表中 Route(config)#ip nat inside source list list2 pool pool2 overload8, Rouer_config#ip nat service privateservice (將外部地址 -公網(wǎng) 映給私網(wǎng))Rouer_confi

5、g#ip nat inside source static 1.1.1.1 (內(nèi)部地址) A.A.A.A (外部地址) ip nat inside source static tcp 192.168.0.1 23 211.98.68.54 23 通過(guò)這個(gè)命令指定定制的端口映射 (如只走 TCP 端口)9, Route(config)#ip access-list standard list1 Router_config_std_nacl#permit 10.18.11.0 255.255.255.0 Route(config)#ip access-list standard list2 Rou

6、ter_config_std_nacl#permit 10.18.12.0 255.255.255.010, Route(config)#ip dhcpd pool p1- 網(wǎng)段的劃分,每個(gè)地址池代表一個(gè)小區(qū)的地址范圍。并且必須只與一 個(gè)接口發(fā)生關(guān)聯(lián)。Route(config-pool-p1)#network 10.18.11.0 255.255.255.0 Route(config-pool-p1)#range 10.18.11.3 10.18.11.254Route(config-pool-p1)#default-router 10.18.11.1-fast 1/0 內(nèi)部接口的地址 Rou

7、te(config-pool-p1)#dns-server 202.98.0.68 202.98.5.68Route(config-pool-p1)#lease 0 3 0 Route(config)#ip dhcpd pool p2Route(config-pool-p1)#network 10.18.12.0 255.255.255.0 Route(config-pool-p1)#range 10.18.12.3 10.18.12.254Route(config-pool-p1)#default-router 10.18.12.1-fast 2/0 內(nèi)部接口的地址 Route(config

8、-pool-p1)#dns-server 202.98.0.68 202.98.5.68Route(config-pool-p1)#lease 0 3 0Route(config)#ip dhcpd enable- 必須啟用 DHCP 協(xié)議后, DHCP 的所有配置才會(huì)起作用二、常用配置案例1. 單 IP 上網(wǎng)配置: Router#sho run Building configuration.Current configuration:!version 1.3.3Fservice timestamps log date service timestamps debug date no serv

9、ice password-encryption !gbsc group default !aaa authentication login default enable aaa 的 login 認(rèn)證(必配)aaa authentication enable default enable aaa的 ena 認(rèn)證(必配) !username admin password 0 adminenable password 0 admin level 15 建立一個(gè)用戶名: admin 和密碼: admin !interface Loopback1虛擬 loopback 口上配置外網(wǎng) IPip addre

10、ss 211.140.195.15 255.255.255.255no ip directed-broadcast!interface FastEthernet0/0下聯(lián)內(nèi)部局域網(wǎng)的接口配置IPip address 192.168.0.1 255.255.255.0 內(nèi)網(wǎng) IP 的配置,也是內(nèi)網(wǎng)的網(wǎng)關(guān) no ip directed-broadcastip nat inside配置為內(nèi)部轉(zhuǎn)換接口(必配)!interface FastEthernet0/1no ip addressno ip directed-broadcast!interface Serial0/2no ip addressno

11、 ip directed-broadcast!interface Serial0/3no ip addressno ip directed-broadcast!interface Serial1/0:0互聯(lián)接口 E1 口配置ip address 10.60.63.30 255.255.255.252互聯(lián)本端 IPno ip directed-broadcastencapsulation ppp ip nat outsidePPP封裝協(xié)議設(shè)置,端口默認(rèn) HDLC (必配)配置為外部轉(zhuǎn)換接口(必配)interface Async0/0no ip addressno ip directed-broa

12、dcast!ip route default 10.60.63.29默認(rèn)路由配置,一般是對(duì)端路由器接口IP!ip access-list standard list1下聯(lián)內(nèi)部網(wǎng)絡(luò)的訪問(wèn)控制列表設(shè)置permit 192.168.0.0 255.255.255.0!ip nat pool pool1 211.140.195.15 211.140.195.15 255.255.255.240 地址池的配置,如果只有一個(gè)外網(wǎng)地址,開 始和結(jié)束 IP 為同一個(gè) IPip nat inside source list list1 pool pool1 overload 將訪問(wèn)控制列表允許的 IP 綁定到地

13、址池上進(jìn)行 NAT 重載 !2. 2個(gè)公網(wǎng)IP,一個(gè)網(wǎng)段MAS,個(gè)網(wǎng)段郵件服務(wù)器:Router#sho runBuilding configuration.Current configuration:!version 1.3.3Fservice timestamps log dateservice timestamps debug dateno service password-encryption!gbsc group default!aaa authentication login default local enableaaa authentication enable default

14、enable!username fenghuo password 0 fenghuo!interface Loopback1ip address 211.140.198.115 255.255.255.255no ip directed-broadcast!interface Loopback2ip address 211.140.202.49 255.255.255.255no ip directed-broadcast!interface FastEthernet0/0ip address 192.168.135.30 255.255.255.0no ip directed-broadca

15、stip nat inside!interface FastEthernet0/1ip address 192.168.0.1 255.255.255.0no ip directed-broadcastip nat inside!interface Serial0/2no ip addressno ip directed-broadcast!interface Serial0/3no ip addressno ip directed-broadcast!interface Serial1/0:0ip address 10.60.7.222 255.255.255.252no ip direct

16、ed-broadcast encapsulation ppp ip nat outside!interface Async0/0no ip addressno ip directed-broadcast!ip route default 10.60.7.221!ip access-list standard 1permit 192.168.135.0 255.255.255.0!ip access-list standard 2permit 192.168.0.0 255.255.255.0!ip nat service peekip nat service privateserviceip

17、nat outside destination static tcp 211.140.202.49 80 192.168.0.2 80ip nat outside destination static tcp 211.140.202.49 50110 192.168.0.2 50110ip nat outside destination static tcp 211.140.202.49 22 192.168.0.2 22 ip nat outside destination static tcp 211.140.202.49 7001 192.168.0.2 7001ip nat outsi

18、de destination static udp 211.140.202.49 161 192.168.0.2 161 ip nat outside destination static udp 211.140.202.49 162 192.168.0.2 162ip nat outside destination static tcp 211.140.198.115 8080 192.168.135.135 8080 ip nat outside destination static tcp 211.140.198.115 1000 192.168.135.135 1000 ip nat

19、outside destination static tcp 211.140.198.115 3000 192.168.135.135 3000 ip nat outside destination static tcp 211.140.198.115 80 192.168.135.135 80 ip nat outside destination static tcp 211.140.198.115 25 192.168.135.135 25 ip nat outside destination static tcp 211.140.198.115 110 192.168.135.135 1

20、10 ip nat outside destination static tcp 211.140.198.115 3389 192.168.135.135 3389 ip nat inside source static tcp 192.168.0.2 80 211.140.202.49 80 ip nat inside source static tcp 192.168.0.2 50110 211.140.202.49 50110 ip nat inside source static tcp 192.168.0.2 22 211.140.202.49 22 ip nat inside so

21、urce static tcp 192.168.0.2 7001 211.140.202.49 7001 ip nat inside source static udp 192.168.0.2 161 211.140.202.49 161 ip nat inside source static udp 192.168.0.2 162 211.140.202.49 162 ip nat inside source static tcp 192.168.135.135 8080 211.140.198.115 8080 ip nat inside source static tcp 192.168

22、.135.135 1000 211.140.198.115 1000 ip nat inside source static tcp 192.168.135.135 3000 211.140.198.115 3000 ip nat inside source static tcp 192.168.135.135 80 211.140.198.115 80 ip nat inside source static tcp 192.168.135.135 25 211.140.198.115 25 ip nat inside source static tcp 192.168.135.135 110

23、 211.140.198.115 110 ip nat inside source static tcp 192.168.135.135 3389 211.140.198.115 3389 ip nat inside source list 1 interface Loopback1 ip nat inside source list 2 interface Loopback2!3. 4M單IP上聯(lián),2個(gè)2M綁定:Router#sho runBuilding configuration.Current configuration:!version 1.3.3Fservice timestamp

24、s log date service timestamps debug date no service password-encryption !gbsc group default!aaa authentication login default local enable aaa authentication enable default enable !interface Loopback1ip address 211.140.202.49 255.255.255.255no ip directed-broadcastip nat outside!interface Multilink1i

25、p address 10.60.63.38 255.255.255.252 no ip directed-broadcast ppp multilinkmultilink-group 1!interface FastEthernet0/0ip address 192.168.0.1 255.255.255.0 no ip directed-broadcastip nat inside!interface FastEthernet0/1no ip addressno ip directed-broadcast!interface Serial0/2no ip addressno ip direc

26、ted-broadcast!interface Serial0/3no ip addressno ip directed-broadcast!interface Serial1/0:0no ip addressno ip directed-broadcast encapsulation ppp ppp multilink multilink-group 1!interface Serial1/1:0no ip addressno ip directed-broadcast encapsulation ppp ppp multilink multilink-group 1!interface A

27、sync0/0no ip addressno ip directed-broadcast!ip route default 10.60.63.37!ip access-list standard list1permit 192.168.0.0 255.255.255.0ip nat service peekip nat service privateserviceip nat outside destination static tcp 211.140.202.49 80 192.168.0.2 80 ip nat outside destination static tcp 211.140.

28、202.49 50110 192.168.0.2 50110 ip nat outside destination static tcp 211.140.202.49 22 192.168.0.2 22 ip nat outside destination static tcp 211.140.202.49 7001 192.168.0.2 7001 ip nat outside destination static udp 211.140.202.49 161 192.168.0.2 161 ip nat outside destination static udp 211.140.202.

29、49 162 192.168.0.2 162 ip nat inside source static tcp 192.168.0.2 80 211.140.202.49 80 ip nat inside source static tcp 192.168.0.2 50110 211.140.202.49 50110 ip nat inside source static tcp 192.168.0.2 22 211.140.202.49 22 ip nat inside source static tcp 192.168.0.2 7001 211.140.202.49 7001 ip nat

30、inside source static udp 192.168.0.2 161 211.140.202.49 161 ip nat inside source static udp 192.168.0.2 162 211.140.202.49 162 ip nat inside source list list1 interface Loopback1!4. GRE案例(DDN業(yè)務(wù)):Router#sh runBuilding configuration.Current configuration:!version 1.3.3F service timestamps log date ser

31、vice timestamps debug date no service password-encryption !gbsc group default!interface Loopback1ip address 211.140.223.181 255.255.255.255no ip directed-broadcast!interface Tunnel1mtu 1476ip address 192.168.2.1 255.255.255.0 no ip directed-broadcast tunnel source 211.140.223.181 tunnel destination

32、211.137.34.66!interface FastEthernet0/0ip address 10.28.67.28 255.255.255.0no ip directed-broadcastinterface FastEthernet0/1no ip addressno ip directed-broadcast!interface Serial0/2no ip addressno ip directed-broadcast!interface Serial0/3no ip addressno ip directed-broadcast!interface Serial1/0:0ip

33、address 10.61.165.90 255.255.255.252no ip directed-broadcast encapsulation ppp ip nat outside!interface Async0/0no ip addressno ip directed-broadcast!ip route default 10.61.165.89ip route 90.144.17.0 255.255.255.0 Tunnel1!ip access-list extended natpermit ip 90.144.17.0 255.255.255.0 10.28.67.0 255.

34、255.255.0!ip nat inside source list nat interface Serial1/0:0!附路由器配置模版:1. 首先配置 telnet 認(rèn)證,登陸用戶名及密碼 進(jìn)入 config 模式Router#configRouter_config#aaa authentication login default enableRouter_config#aaa authentication enable default noneRouter_config#username jzyd password 0 123qazwsx2. 進(jìn)入接口配置模式Router_config

35、#interface loopback0Router_config_loop0#ip add 211.140.207.104 255.255.255.255 / 配置公網(wǎng) IPRouter_config#controller E1 2/0Router_config_controller#unframedRouter_config_controller#exit/2M 板卡所在槽位 2Router_config#interface Serial2/0:0/配置互聯(lián)口Router_config_Serial2/0:0#ip address 10.62.16.34 255.255.255.252Router_config_Serial2/0:0#encapsulation p

溫馨提示

  • 1. 本站所有資源如無(wú)特殊說(shuō)明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁(yè)內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒(méi)有圖紙預(yù)覽就沒(méi)有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫(kù)網(wǎng)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。

評(píng)論

0/150

提交評(píng)論