cisco 2621xm 做NAT典型配置

2019-11-04 23:37:09

字体：大中小

来源：转载

供稿：网友

Router#sh run
Building configuration...

Current configuration : 2335 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service passWord-encryption
!
hostname Router
!
enable secret 5 $1$2qcD$sKLJhsTs0FWYyFanxh7QK0
enable password 7 10440D1803164F465B507B787C
!
ip subnet-zero
!
!
!
!
!
!
interface FastEthernet0/0
ip address 211.96.×.× 255.255.255.240
ip access-group 101 in
ip access-group 101 out
ip nat outside
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
!
interface FastEthernet0/1
ip address 192.168.168.1 255.255.255.0
ip access-group 101 in
ip access-group 101 out
ip nat inside
duplex auto
speed auto
!
ip nat inside source list 10 interface FastEthernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 211.96.109.193
no ip http server
ip pim bidir-enable
!
!
access-list 10 permit 192.168.168.0 0.0.0.255
access-list 101 deny tcp any any eq echo
access-list 101 deny tcp any any eq chargen
access-list 101 deny tcp any any eq 135
access-list 101 deny tcp any any eq 136
access-list 101 deny tcp any any eq 137
access-list 101 deny tcp any any eq 138
access-list 101 deny tcp any any eq 139
access-list 101 deny tcp any any eq 389
access-list 101 deny tcp any any eq 445
access-list 101 deny tcp any any eq 4444
access-list 101 deny tcp any any eq 1068
access-list 101 deny tcp any any eq 5554
access-list 101 deny tcp any any eq 9995
access-list 101 deny tcp any any eq 9996
access-list 101 deny tcp any any eq 6666
access-list 101 deny tcp any any eq 593
access-list 101 deny udp any any eq tFTP
access-list 101 deny udp any any eq 135
access-list 101 deny udp any any eq 136
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny udp any any eq netbios-ss
access-list 101 deny udp any any eq snmp
access-list 101 deny udp any any eq 389
access-list 101 deny udp any any eq 445
access-list 101 deny udp any any eq 1434
access-list 101 deny udp any any eq 1433
access-list 101 deny udp any any eq 1068
access-list 101 deny udp any any eq 9995
access-list 101 deny udp any any eq 9996
access-list 101 deny udp any any eq 5554
access-list 101 deny udp any any eq 593
access-list 101 permit ip any any
!
line con 0
line aux 0
line vty 0 4
password 7 09464A081F044A5F5A5E567D7C7079606D
login
!
!
end