华为AR2220路由器(标配3个端口)配置
1. Router的配置
#
sysname Router
#
acl number 3000
rule 5 permit source 192.168.1.1 0.0.0.0
#
acl number 3001
rule 5 permit source 192.168.1.2 0.0.0.0
#
traffic classifier testA operator or
if-match acl 3000
traffic classifier testB operator or
if-match acl 3001
#
traffic behavior testA
redirect ip-nexthop 202.168.100.1
traffic behavior testB
redirect ip-nexthop 202.168.100.2
#
traffic policy test
classifier testA behavior testA
classifier testB behavior testB //配置重定向,实现为来自Internet不同接口的报文仍然从此接口映射出去
#
interface GigabitEthernet1/0/0
ip address 202.168.100.1 255.255.255.0
nat static protocol tcp global current-interface 8080 inside 192.168.1.1 ftp netmask 255.255.255.255
#
interface GigabitEthernet2/0/0
ip address 202.168.100.2 255.255.255.0
nat static protocol tcp global current-interface 8080 inside 192.168.1.2 ftp netmask 255.255.255.255 //配置NAT Static,实现外网用户访问内网服务器
#
interface GigabitEthernet3/0/0
ip address 192.168.100.1 255.255.255.0
traffic-policy test inbound
#
ip route-static 0.0.0.0 0.0.0.0 202.168.100.1
ip route-static 0.0.0.0 0.0.0.0 202.168.100.2 //配置等价路由实现NAT双上行
#
return
2. 检查配置结果。
Internet上用户能够正常访问FTP服务器。
配置注意事项
