r1 配置

router>en
router#conf t
router(config)#host r1
r1(config)#no ip domain-lookup
r1(config)#ena sec 123
r1(config)#ban mot #Welcome to r1#
r1(config)#line vty 0 4
r1(config-line)#no login
r1(config-line)#int f 0/0
r1(config-if)#des gateway for pc
r1(config-if)#ip add 172.16.1.1 255.255.255.0
r1(config-if)#no shut
r1(config-if)#ip nat inside
r1(config-if)#int f 1/0
r1(config-if)#des link to r2
r1(config-if)#ip add 192.168.1.1 255.255.255.0
r1(config-if)#no shut
r1(config-if)#ip nat outside
r1(config-if)#exit
r1(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.2
r1(config)#access-list 1 permit 172.16.1.0 0.0.0.255
r1(config)#ip nat pool cisco 192.168.1.5 192.168.1.6 netmask 255.255.255.0
r1(config)#ip nat inside source list 1 pool cisco overload
r1(config)#end
r1#

r2 配置

router>en
router#conf t
router(config)#host r2
r2(config)#no ip domain-lookup
r2(config)#ena sec 123
r2(config)#ban mot #Welcome to r2#
r2(config)#line vty 0 4
r2(config-line)#no login
r2(config-line)#int f 0/0
r2(config-if)#des gateway for pc
r2(config-if)#ip add 10.1.1.1 255.255.255.0
r2(config-if)#no shut
r2(config-if)#ip nat inside
r2(config-if)#int f 1/0
r2(config-if)#des link to r1
r2(config-if)#ip add 192.168.1.2 255.255.255.0
r2(config-if)#no shut
r2(config-if)#ip nat outside
r2(config-if)#exit
r2(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
r2(config)#access-list 1 permit 10.1.1.0 0.0.0.255
r2(config)#ip nat pool cisco 192.168.1.7 192.168.1.8 netmask 255.255.255.0
r2(config)#ip nat inside source list 1 pool cisco overload
r2(config)#end
r2#

r1#show run
Building configuration...

Current configuration : 908 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$HL4y$roR/d/JtJYa38cDaBjPJc/
!
no aaa new-model
ip subnet-zero
!
!
no ip domain lookup
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 description gateway for pc
 ip address 172.16.1.1 255.255.255.0
 ip nat inside
 duplex half
!
interface FastEthernet1/0
 description link to r2
 ip address 192.168.1.1 255.255.255.0
 ip nat outside
 duplex half
!
ip nat pool cisco 192.168.1.5 192.168.1.6 netmask 255.255.255.0
ip nat inside source list 1 pool cisco overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.2
no ip http server
!
!
access-list 1 permit 172.16.1.0 0.0.0.255
!
!
!
!
!
!
!
gatekeeper
 shutdown
!
banner motd ^CWelcome to r1^C
!
line con 0
 stopbits 1
line aux 0
line vty 0 4
 no login
!
!
end

r1#192.168.1.2
Trying 192.168.1.2 ... Open
Welcome to r2
r2>en
Password:
r2#show run
Building configuration...

Current configuration : 904 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$Eo5T$UN9VAlTUOvKGNj22ue9uZ/
!
no aaa new-model
ip subnet-zero
!
!
no ip domain lookup
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 description gateway for pc
 ip address 10.1.1.1 255.255.255.0
 ip nat inside
 duplex half
!
interface FastEthernet1/0
 description link to r1
 ip address 192.168.1.2 255.255.255.0
 ip nat outside
 duplex half
!
ip nat pool cisco 192.168.1.7 192.168.1.8 netmask 255.255.255.0
ip nat inside source list 1 pool cisco overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
no ip http server
!
!
access-list 1 permit 10.1.1.0 0.0.0.255
!
!
!
!
!
!
!
gatekeeper
 shutdown
!
banner motd ^CWelcome to r2^C
!
 line con 0
 stopbits 1
line aux 0
line vty 0 4
 no login
!
!
end

r1#show ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
icmp 192.168.1.5:12    172.16.1.3:12      192.168.1.2:12     192.168.1.2:12
icmp 192.168.1.5:13    172.16.1.4:13      192.168.1.2:13     192.168.1.2:13

本文出自 “人类一思考，上帝都发笑” 博客，转载请与作者联系！