一个常规的网络,几种路由器的设置对比:
局域网内几个客户端和一台服务器地址为80,对应的网段为192.168.0.*,路由在局域网中地址为192.168.0.254,网关为110.110.110.100,DNS为202.96.134.133,202.96.128.86,下面分别用ros、juniper、cisco作相应配置。
ros的配置:
1确认内外网网口正常,作相应标识为lan和wan;
2配置lan口ip为192.168.0.254,配置wan口ip为110.110.110.100;
3配置默认路由0.0.0.0/0 gateway wan;
4配置dns地址202.96.134.133 202.96.128.86;
5做nat转换;srcnat masquarde;
6做端口映射:dstnat 110.110.110.100:80 dstnat 192.168.0.80:80;
juniper的配置:
1设置内网口:trust ip 192.168.0.254;设置外网口:untrust ip 110.110.110.100;
2设置缺省路由:0.0.0.0/0 gateway wan interface ip 110.110.110.100;
3做策略:trust ---- untrust police: source any port any des any port any permit;
4端口映射:vip:wan ip:110.110.110.100 map: vip 110.110.110.100:80 mapip 192.168.0.80:80
police:src any dst wan interface permit
cisco的配置:
内网假定f0/0;外网假定f0/1;
1配置内网地址f0/0 ip 192.168.0.254;配置外网地址f0/1 ip 110.110.110.100;
2配置默认路由 ip route 0.0.0.0 0.0.0.0 f0/1
3配置dns地址:ip name-server 202.96.134.133 202.96.128.86;
4做nat转换和端口映射: f0/0 ip nat inside f0/1 ip nat outside;access-list 1 permit any;
ip nat inside source list 1 interface f0/1 over
ip nat inside source tcp 192.168.0.80 80 110.110.110.10 80
经过对比以上配置思路大体相同。
