Actual combat Hm-router Configuration for TP

Source: Internet
Author: User

Hm-router Configuration for TP

650) this.width=650; "title=" clip_image002 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "alt=" clip_image002 "src=" http://s3.51cto.com/wyfs02/M01/7D/09/wKioL1be8xqCg3MbAACGFZYCPvI261.jpg "height=" "border=" 0 "/>

Objective: To allow the extranet to access the FTP server [10.1.1.2]/telnet (here for testing purposes, using Telnet), which spans 2 Router

++++CNSO-TP01 Configuration +++++

Conf t

Service Timestamps debug datetime localtime Show-timezone msec

Service Timestamps log datetime localtime Show-timezone msec

Service Password-encryption

Service Sequence-numbers

Service tcp-keepalives-in

Service Tcp-keepalives-out

No IP HTTP Server

No IP http secure-server

No service config

No logging console

No logging monitor

Password encryption AES

Key Config-key Password-encrypt xxxxx

IP domain name hm.com

IP name-server 8.8.8.8 8.8.8.4

Hostname CNSO-TP01

IP CEF

IP multicast-routing

!

!

Crypto key generate RSA

1024

!

!

!

IP SSH version 2

IP SSH authentication-retries 3

!

!

!

Username xxxx priv Password 0 xxxx

Enable Secret 0 xxxxx

Line vty 0 4

Transport input All

Exec-timeout 15 0

Logging synchronous

Login Local

Exit

Banner EXEC #

*****************************************************************

*unauthorized ACCESS to this DEVICE is prohibited *

*you must has explicit, authorized permission to access or *

*configure this device. Unauthorized attempts and actions to *

*access or use the system may result in civil and/or criminal *

*penalties. All activities performed in this device is logged *

*and monitored. *

*****************************************************************#

!

!

!

Interface f0/0

Description * * * TP WAN INTERFACE * * *

IP address 12.1.1.2 255.255.255.0

No shut

Exit

Interface Vlan 1

Description * * * LAN INTERFACE * * *

IP address 192.168.1.1 255.255.255.0

No shut

Exit

!

!

Service DHCP

IP DHCP Pool HM-CN

Network 192.168.1.0 255.255.255.0

Default-router 192.168.1.1

Netbios-node-type H-node

Dns-server 8.8.8.8 8.8.4.4

Domain-name hm.com

Lease 3

Exit

IP dhcp excluded-address 192.168.1.1 192.168.1.10

!

!

IP route 0.0.0.0 0.0.0.0 f0/0 12.1.1.1

Access-list 1 Permit 192.168.1.0 0.0.0.255

IP nat inside source List 1 interface f0/0 overload

IP nat inside source static TCP 192.168.1.11 23 int f0/0

!

!

Interface f0/0

IP Nat Outside

No CDP Enable

No shut

Exit

Interface Vlan 1

IP nat Inside

CDP Ena

No shut

Exit

!

Test results:

You can telnet R4 outside.

650) this.width=650; "title=" clip_image004 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "alt=" clip_image004 "src=" http://s3.51cto.com/wyfs02/M02/7D/0B/wKiom1be8pmiMuDKAADv0bmq-R4637.jpg "height=" 303 "border=" 0 "/>

Cnso-tp01#sh IP NAT Translations

Pro Inside Global Inside local Outside local Outside global

TCP 12.1.1.2:23 192.168.1.11:23 15.1.1.5:24113 15.1.1.5:24113

TCP 12.1.1.2:23 192.168.1.11:23 15.1.1.5:40245 15.1.1.5:40245

TCP 12.1.1.2:23 192.168.1.11:23------

======= above simulation test can enter CNSO-TP01 router=================

Cnso-tp01 (config) #ip Route 10.1.1.0 255.255.255.0 VLAN 1

Cnso-tp01 (config) #no IP nat inside source static TCP 192.168.1. 23 int f0/0

Cnso-tp01 (config) #ip nat inside source static TCP 192.168.1. f0/0 int 23

CT (config) #int F0/1

CT (config-if) #ip Nat outside

CT (config-if) #int f0/0

CT (config-if) #ip nat inside

CT (config-if) #exit

CT (config) #access-list 1 Permit 10.1.1.0 0.0.0.255

CT (config) #ip nat inside source List 1 interface F0/1 overload

CT (config) #ip nat inside source static TCP 10.1.1.2 23 int F0/1

The test was successful as follows:

650) this.width=650; "title=" clip_image006 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "alt=" clip_image006 "src=" http://s3.51cto.com/wyfs02/M02/7D/09/wKioL1be8xvD9bz_AAB_dEIKdiU763.jpg "height=" 238 "border=" 0 "/>

Cnso-tp01#sh IP NAT Translations

Pro Inside Global Inside local Outside local Outside global

TCP 12.1.1.2:23 192.168.1.10:23 15.1.1.5:26987 15.1.1.5:26987

TCP 12.1.1.2:23 192.168.1.10:23------

Ct#sh IP NAT Translations

Pro Inside Global Inside local Outside local Outside global

ICMP 192.168.1.10:3 10.1.1.2:3 192.168.1.1:3 192.168.1.1:3

TCP 192.168.1.10:23 10.1.1.2:23 15.1.1.5:26987 15.1.1.5:26987

TCP 192.168.1.10:23 10.1.1.2:23------

Summary: Learn to be pragmatic!

This article from the "Erick" blog, declined to reprint!

[Actual]hm-router configuration for TP,

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.