NAT/NAPT 只能对IP层/网络层转地址|传输层 TCP/UDP ,无法对特殊应用流量(FTP)进行地址转换
1.R2配置默认路由
ip route-static 0.0.0.0 0.0.0.0 12.1.1.1
2.R2配置NAT server
interface GigabitEthernet0/0/0
nat server global 12.1.1.100 inside 192.168.1.100
3.外网客户机访问内网ftp服务(PASV模式)
4.IP地址转换 / 应用层FTP里的内容没转
5.开启alg
nat alg ftp enable
#路由器可开启的服务
nat alg ?
all All protocol
dns Dns protocol
ftp Ftp protocol
rtsp Rtsp protocol
sip Sip protocol
6.外网客户机访问内网ftp服务(PASV模式)
7.IP地址转换 / 应用层FTP里的内容转换
8.防火墙开启NAT - ALG
firewall detect ftp #开启防火墙ASPF | 自动开启NAT - ALG
#防火墙可开启的服务
firewall detect ?
activex-blocking Indicate Activex blocking
dns Indicate Domain Name Service
ftp Indicate File Transfer Protocol
h323 Indicate H.323 Protocol
icq Indicate ICQ Protocol
ils Indicate Internet Locator Service Protocol
ipv6 Indicate IPv6 protocol
java-blocking Indicate Java blocking
mgcp Indicate Media Gateway Control Protocol
mms Indicate Microsoft Media Service Protocol
msn Indicate MSN Protocol
netbios Indicate NetBIOS Over TCP/IP Protocol
pptp Indicate Point-to-Point Tunnel Protocol
qq Indicate QQ Protocol
rsh Indicate Remote Shell Protocol
rtsp Indicate Real Time Streaming Protocol
sccp Indicate Cisco Skinny Client Control Protocol
sip Indicate Session Initiation Protocol
sqlnet Indicate SQL*NET Protocol
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容