2 網段 Vlan+NAT 配置

拓撲概述：

    SW1 劃分 Vlan 10、20，分别連接配接 PC1 和 PC2。

    Vlan10: 172.16.1.0/24，網關 172.16.1.254

    Vlan20: 172.16.2.0/24，網關 172.16.2.254

    Vlan1 網關 172.16.3.1,連接配接 RT1。

    在 RT1 上做 NAT。RT1 fa0/0 ip=172.16.3.2

    RT2 作為一台 PC 測試用，IP=172.16.4.2。

記錄：

    基本調試成功。

    1，需要在 RT1 上做回程路由。

       能不能通過路由彙聚什麼的，簡化配置？

       已知：可以通過配置 Rip 等路由協定簡化路由配置。

    2，為什麼 PC1 和 PC2 能 ping 通 172.16.4.2，而不能 ping 通 172.16.4.1？

    2，為什麼 RT2 也不能 ping 通 172.16.4.1？   

PC1>en

PC1#copy run start

Destination filename [startup-config]?

Building configuration…

[OK]

PC1#sh run

Building configuration…

Current configuration:

!

version 12.1

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname PC1

!

!

memory-size iomem 15

ip subnet-zero

!

!

interface Loopback0

 no ip address

!

interface FastEthernet0/0

 ip address 172.16.1.100 255.255.255.0

 speed auto

 full-duplex

!

interface FastEthernet0/1

 no ip address

 duplex auto

 speed auto

!

ip classless

ip route 0.0.0.0 0.0.0.0 172.16.1.254

no ip http server

!

no cdp run

!

line con 0

 transport input none

line aux 0

line vty 0 4

!

no scheduler allocate

end

PC1#

==================================

PC2#sh run

Building configuration…

Current configuration:

!

version 12.1

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname PC2

!

!

memory-size iomem 15

ip subnet-zero

!

!

interface Loopback0

 no ip address

!

interface FastEthernet0/0

 ip address 172.16.2.100 255.255.255.0

 speed auto

 full-duplex

!

interface FastEthernet0/1

 no ip address

 duplex auto

 speed auto

!

ip classless

ip route 0.0.0.0 0.0.0.0 172.16.2.254

no ip http server

!

no cdp run

!

line con 0

 transport input none

line aux 0

line vty 0 4

!

no scheduler allocate

end

==================================

SW1#sh run

Building configuration…

Current configuration : 1090 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname SW1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

!

!

ip cef

!

!

interface FastEthernet1/0

!

interface FastEthernet1/1

!

interface FastEthernet1/2

!

interface FastEthernet1/3

!

interface FastEthernet1/4

!

interface FastEthernet1/5

!

interface FastEthernet1/6

!

interface FastEthernet1/7

!

interface FastEthernet1/8

!

interface FastEthernet1/9

!

interface FastEthernet1/10

!

interface FastEthernet1/11

 switchport access vlan 10

!

interface FastEthernet1/12

 switchport access vlan 20

!

interface FastEthernet1/13

!

interface FastEthernet1/14

!

interface FastEthernet1/15

!

interface Vlan1

 ip address 172.16.3.1 255.255.255.0

!

interface Vlan10

 ip address 172.16.1.254 255.255.255.0

!

interface Vlan20

 ip address 172.16.2.254 255.255.255.0

!

ip http server

ip route 0.0.0.0 0.0.0.0 172.16.3.2

!

no cdp run

!

control-plane

!

!

line con 0

line aux 0

line vty 0 4

!

!

end

==================================

RT1#sh run

Building configuration…

Current configuration : 1151 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname RT1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

multilink bundle-name authenticated

!

!

interface FastEthernet0/0

 ip address 172.16.3.2 255.255.255.0

 ip nat inside

 ip virtual-reassembly

 duplex auto

 speed auto

!

interface FastEthernet0/1

 no ip address

 shutdown

 duplex auto

 speed auto

!

interface Serial1/0

 ip address 172.16.4.1 255.255.255.0

 ip nat outside

 ip virtual-reassembly

 serial restart-delay 0

!

interface Serial1/1

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial1/2

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial1/3

 no ip address

 shutdown

 serial restart-delay 0

!

ip route 172.16.1.0 255.255.255.0 172.16.3.1

ip route 172.16.2.0 255.255.255.0 172.16.3.1

!

!

ip http server

no ip http secure-server

ip nat pool pool1 172.16.4.1 172.16.4.1 netmask 255.255.255.0

ip nat inside source list 1 pool pool1 overload

!

!

access-list 1 permit 172.16.1.0 0.0.0.250

access-list 1 permit 172.16.2.0 0.0.0.250

control-plane

!

line con 0

line aux 0

line vty 0 4

!

!

end

===============================

RT2#sh run

Building configuration…

Current configuration : 874 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname RT2

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

multilink bundle-name authenticated

!

interface FastEthernet0/0

 ip address 172.16.5.1 255.255.255.0

 duplex auto

 speed auto

!

interface FastEthernet0/1

 no ip address

 shutdown

 duplex auto

 speed auto

!

interface Serial1/0

 ip address 172.16.4.2 255.255.255.0

 serial restart-delay 0

!

interface Serial1/1

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial1/2

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial1/3

 no ip address

 shutdown

 serial restart-delay 0

!

!

ip http server

no ip http secure-server

!

!

control-plane

!

!

line con 0

line aux 0

line vty 0 4

!

!

end

本文轉自網眼51CTO部落格，原文連結：http://blog.51cto.com/itwatch/286605，如需轉載請自行聯系原作者