1,在端口上配置inside和outside
配置fastEthernet0/1为ip nat inside
Router#conf t
Router(config)#interface f 0/1
Router(config-if)#ip nat inside
配置serial 0/0为ip nat inside
Router(config)#interface serial 0/0
Router(config-if)#ip nat outside
2,在全局上配置NAT
配置只转换10.1.1.1的ACL,并且在NAT中的source应用
Inside Global 地址是serial 0/0的接口地址
Router(config)#access-list 1 permit 10.1.1.1 0.0.0.0
Router(config)#ip nat inside source list 1 interface serial 0/0
3,在全局上配置默认路由
Router(config)#ip route 0.0.0.0 0.0.0.0 serial 0/0
4,保存配置
Router#copy run st
实验验证Debug信息
NAT: s=10.1.1.1->172.16.12.10, d=172.16.23.1 [11]
NAT*: s=172.16.23.1, d=172.16.12.10->10.1.1.1 [9]
show ip nat statistics
Total translations: 1 (0 static, 1 dynamic, 1 extended)
Outside Interfaces: Serial0/0
Inside Interfaces: FastEthernet0/1
Hits: 2 Misses: 18
Expired translations: 1
Dynamic mappings:
show ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 172.16.12.10:11 10.1.1.1:11 172.16.23.1:11 172.16.23.1:11
