NAT Dynamic NAT

REFERENCE

IP Addressing Services Command Reference
ip nat inside source

DIAGRAM

192.168.234.0/24                  10.1.5.0/24
[R2]----------+--------(fa1/0)--[R1]--(fa0/0)--------[R5]
              |              in    out
[R3]----------+
              |
[R4]----------+

CONFIG

hostname R1
!
int fa0/0
 ip nat out
!
int fa1/0
 ip nat in
!
ip access-list stand SOURCE
 permit 192.168.234.0 0.0.0.255
!
ip nat pool POOL 10.1.5.2 10.1.5.3 netmask 255.255.255.0
ip nat inside source list SOURCE pool POOL
!
end

VERIFY

R2#ping 10.1.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/28/44 ms
R2#

R3#ping 10.1.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/24/32 ms
R3#

R4#ping 10.1.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.5.5, timeout is 2 seconds:
UUUUU
Success rate is 0 percent (0/5)
R4#ping 10.1.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/21/48 ms
R4#

最初は空きがないのでR4は疎通不可

R1(config)#do sh ip nat trans
Pro Inside global      Inside local       Outside local      Outside global
icmp 10.1.5.2:3        192.168.234.2:3    10.1.5.5:3         10.1.5.5:3
--- 10.1.5.2           192.168.234.2      ---                ---
icmp 10.1.5.3:3        192.168.234.3:3    10.1.5.5:3         10.1.5.5:3
--- 10.1.5.3           192.168.234.3      ---                ---
R1(config)#
R1(config)#
R1(config)#do sh ip nat trans
Pro Inside global      Inside local       Outside local      Outside global
icmp 10.1.5.2:10       192.168.234.4:10   10.1.5.5:10        10.1.5.5:10
--- 10.1.5.2           192.168.234.4      ---                ---
R1(config)#

コメント