vrrp,nat综合小练习

vrrp,nat综合小练习

拓扑图如下

要实现192.168.1.10主机能访问外网100.100.100.100

主要配置如下

交换机为二层交换机不用配置

路由器AR1

#
acl number 2000  配置acl
 rule 5 permit 
#
nat address-group 1 200.1.1.5 200.1.1.5 配置地址池
#
interface GigabitEthernet0/0/0
 ip address 192.168.1.2 255.255.255.0  配接口地址
 vrrp vrid 1 virtual-ip 192.168.1.254       为主机配置虚拟网关
 vrrp vrid 1 priority 101                         修改优先级成为master
 vrrp vrid 1 track interface GigabitEthernet0/0/1 reduced 20 监听g/0/0/1端口,如故障,优先级减小20
#
interface GigabitEthernet0/0/1
 ip address 200.1.1.1 255.255.255.0 
 vrrp vrid 5 virtual-ip 200.1.1.5
 vrrp vrid 5 priority 101
 vrrp vrid 5 track interface GigabitEthernet0/0/0 reduced 20
 nat outbound 2000 address-group 1               NAT调用地址池
#
ip route-static 0.0.0.0 0.0.0.0 200.1.1.6       默认路由

AR2

#
acl number 2000  
 rule 5 permit 
#
#
 nat address-group 1 200.1.1.5 200.1.1.5
#
interface GigabitEthernet0/0/0
 ip address 192.168.1.20 255.255.255.0 
 vrrp vrid 1 virtual-ip 192.168.1.254
#
interface GigabitEthernet0/0/1
 ip address 200.1.1.2 255.255.255.0 
 vrrp vrid 5 virtual-ip 200.1.1.5
 nat outbound 2000 address-group 1 
#
ip route-static 0.0.0.0 0.0.0.0 200.1.1.6

R1

interface Ethernet0/0/0
 ip address 200.1.1.6 255.255.255.0
#
interface LoopBack0
 ip address 100.100.100.100 255.255.255.255
#

ENSP模拟器中不能ping通,真机应该可以实现。

posted @ 2019-07-14 17:00  tinuxww  阅读(516)  评论(0)    收藏  举报