Skip to main content


路由器DVTI与相同PAT设备后的不同路由器建立L2L

2013-06-26 23:43 浏览:

一.测试拓扑:

二.基本配置:

A.R1
interface Loopback0
ip address 192.168.1.1 255.255.255.0
interface FastEthernet0/0
ip address 10.1.1.1 255.255.255.0
no shut

B.R2
interface Ethernet0/0
ip address 10.1.1.2 255.255.255.0
no shut   
interface Ethernet0/1
ip address 202.100.1.2 255.255.255.0
no shut

C.R3
interface FastEthernet0/0
ip address 202.100.1.3 255.255.255.0
no shut 
interface FastEthernet0/1
ip address 202.100.2.3 255.255.255.0
no shut

D.R4
interface Ethernet0/0
ip address 20.1.1.4 255.255.255.0
no shut  

interface Ethernet0/2
ip address 30.1.1.4 255.255.255.0
no shut   
interface Ethernet0/1
ip address 202.100.2.4 255.255.255.0
no shut

E.R5
interface Loopback0
ip address 192.168.2.5 255.255.255.0
interface FastEthernet0/0
ip address 20.1.1.5 255.255.255.0
no shut

F.R6

interface Loopback0
ip address 192.168.3.6 255.255.255.0
interface FastEthernet0/0
ip address 30.1.1.6 255.255.255.0
no shut

三.静态路由和PAT配置:
A.静态路由配置:
①R1
 ip route 0.0.0.0 0.0.0.0 10.1.1.2
②R2
 ip route 0.0.0.0 0.0.0.0 202.100.1.3
 ip route 192.168.1.0 255.255.255.0 10.1.1.1

③R4
 ip route 0.0.0.0 0.0.0.0 202.100.2.3
 ip route 192.168.2.0 255.255.255.0 20.1.1.5

 ip route 192.168.3.0 255.255.255.0 30.1.1.6

④R5
 ip route 0.0.0.0 0.0.0.0 20.1.1.4

⑤R6
 ip route 0.0.0.0 0.0.0.0 30.1.1.4

B.动态PAT配置:
①R2
ip access-list extended 100
permit ip 192.168.1.0 0.0.0.255 any
permit ip 10.1.1.0 0.0.0.255 any
int e0/0
ip nat inside
int e0/1
ip nat outside
ip nat inside source list 100 interface e0/1

②R4
ip access-list extended 100
permit ip 192.168.2.0 0.0.0.255 any

permit ip 192.168.3.0 0.0.0.255 any
permit ip 20.1.1.0 0.0.0.255 any

permit ip 30.1.1.0 0.0.0.255 any

int e0/0
ip nat inside
int e0/1
ip nat outside
ip nat inside source list 100 interface e0/1

C.静态PAT配置:
R2 
ip nat inside source static udp 10.1.1.1 500 interface e0/1 500
ip nat inside source static udp 10.1.1.1 4500 interface e0/1 4500

四.VPN配置: