环境整体是使用GNS3,通过cloud真实连接到虚拟机

cloud1 nginx主机
cloud2 nginx主机https连接
cloud3 Internet测试主机

下面贴每个网络设备配置,特别注意,公司网关路由和Internet路由其的配置

配置这里就不解释了,主要注意下,公司网关路由的NAT配置,着实难受些

  • ESW3交换机
ESW3#sh run

Building configuration...

Current configuration : 2364 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

no service dhcp

!

hostname ESW3

!

boot-start-marker

boot-end-marker

!

enable password cisco

!

no aaa new-model

memory-size iomem 5

no ip routing

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

 --More--

*Mar  1 02:06:32.867: %SYS-5-CONFIG_I: Configured from console no ip cefe

no ip domain lookup

vtp file nvram:vlan.dat

interface FastEthernet1/0

 switchport access vlan 3

 duplex full

 speed 100

!

interface FastEthernet1/1

 duplex full

 speed 100

!

interface FastEthernet1/2

 duplex full

 speed 100

!

interface FastEthernet1/3

 duplex full

 speed 100

!

interface FastEthernet1/4

 duplex full

 speed 100

!

interface FastEthernet1/5

 switchport access vlan 4

 duplex full

 speed 100

!

interface FastEthernet1/6

 duplex full

 speed 100

!

interface FastEthernet1/7

 duplex full

 speed 100

!

interface FastEthernet1/8

 duplex full

 speed 100

!

interface FastEthernet1/9

 duplex full

 speed 100

!

interface FastEthernet1/10

 switchport mode trunk

 duplex full

 speed 100

!

interface FastEthernet1/11

 duplex full

 speed 100

!

interface FastEthernet1/12

 duplex full

 speed 100

!

interface FastEthernet1/13

 duplex full

 speed 100

!

interface FastEthernet1/14

 duplex full

 speed 100

!

interface FastEthernet1/15

 duplex full

 speed 100

!

interface Vlan1

 no ip address

 no ip route-cache

 shutdown

!

interface Vlan4

 ip address 192.168.4.10 255.255.255.0

!

ip default-gateway 192.168.4.1

no ip http server

no ip http secure-server

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 password cisco

 login

!

!

end
  • ESW1配置
sw1#sh run

Building configuration...

Current configuration : 2244 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

no service dhcp

!

hostname sw1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip routing

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

no ip cef

no ip domain lookup

vtp file nvram:vlan.dat

interface FastEthernet1/0

 switchport access vlan 2

 duplex full

 speed 100

!

interface FastEthernet1/1

 duplex full

 speed 100

!

interface FastEthernet1/2

 duplex full

 speed 100

!

interface FastEthernet1/3

 duplex full

 speed 100

!

interface FastEthernet1/4

 duplex full

 speed 100

!

interface FastEthernet1/5

 switchport access vlan 2

 duplex full

 speed 100

!

interface FastEthernet1/6

 duplex full

 speed 100

!

interface FastEthernet1/7

 duplex full

 speed 100

!

interface FastEthernet1/8

 duplex full

 speed 100

!

interface FastEthernet1/9

 duplex full

 speed 100

!

interface FastEthernet1/10

 duplex full

 speed 100

!

interface FastEthernet1/11

 switchport mode trunk

 duplex full

 speed 100

!

interface FastEthernet1/12

 duplex full

 speed 100

!

interface FastEthernet1/13

 duplex full

 speed 100

!

interface FastEthernet1/14

 duplex full

 speed 100

!

interface FastEthernet1/15

 duplex full

 speed 100

!

interface Vlan1

 no ip address

 no ip route-cache

 shutdown

!

no ip http server

no ip http secure-server

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

 login

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end
  • ESW2
ESW2#sh run

Building configuration...

Current configuration : 2427 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

no service dhcp

!

hostname ESW2

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

ip cef

no ip domain lookup

vtp file nvram:vlan.dat

interface FastEthernet1/0

 duplex full

 speed 100

!

interface FastEthernet1/1

 duplex full

 speed 100

!

interface FastEthernet1/2

 duplex full

 speed 100

!

interface FastEthernet1/3

 duplex full

 speed 100

!

interface FastEthernet1/4

 duplex full

 speed 100

!

interface FastEthernet1/5

 duplex full

 speed 100

!

interface FastEthernet1/6

 duplex full

 speed 100

!

interface FastEthernet1/7

 duplex full

 speed 100

!

interface FastEthernet1/8

 duplex full

 speed 100

!

interface FastEthernet1/9

 duplex full

 speed 100

!

interface FastEthernet1/10

 switchport mode trunk

 duplex full

 speed 100

!

interface FastEthernet1/11

 switchport mode trunk

 duplex full

 speed 100

!

interface FastEthernet1/12

 duplex full

 speed 100

!

interface FastEthernet1/13

 duplex full

 speed 100

!

interface FastEthernet1/14

 duplex full

 speed 100

!

interface FastEthernet1/15

 no switchport

 ip address 10.0.0.1 255.255.255.252

 duplex full

 speed 100

!

interface Vlan1

 no ip address

 shutdown

!

interface Vlan2

 ip address 192.168.2.1 255.255.255.0

!

interface Vlan3

 ip address 192.168.3.1 255.255.255.0

!

interface Vlan4

 ip address 192.168.4.1 255.255.255.0

!

no ip http server

no ip http secure-server

!

ip route 0.0.0.0 0.0.0.0 10.0.0.2

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

end
  • 公司网关路由
R1#sh run

Building configuration...

Current configuration : 1534 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

ip cef

no ip domain lookup

interface FastEthernet0/0

 ip address 10.0.0.2 255.255.255.252

 ip nat inside

 ip virtual-reassembly

 duplex auto

 speed auto

!

interface FastEthernet1/0

 ip address 11.0.0.1 255.255.255.252

 ip nat outside

 ip virtual-reassembly

 duplex auto

 speed auto

!

no ip http server

no ip http secure-server

!

ip route 0.0.0.0 0.0.0.0 11.0.0.2

ip route 192.168.2.0 255.255.255.0 10.0.0.1

ip route 192.168.3.0 255.255.255.0 10.0.0.1

ip route 192.168.4.0 255.255.255.0 10.0.0.1

!

ip nat pool dynami 207.38.18.1 207.38.18.5 netmask 255.255.255.248

ip nat inside source list 3 pool dynami

ip nat inside source list 4 interface FastEthernet1/0 overload

ip nat inside source static tcp 192.168.4.10 23 interface FastEthernet1/0 23

ip nat inside source static tcp 192.168.2.2 80 145.52.23.6 80 extendable

ip nat inside source static tcp 192.168.2.3 443 145.52.23.6 443 extendable

!

access-list 3 permit 192.168.3.0 0.0.0.255

access-list 4 permit 192.168.4.0 0.0.0.255

no cdp log mismatch duplex

!

!

control-plane

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end
  • internet路由
isp#sh ru

*Mar  1 01:57:39.243: %SYS-5-CONFIG_I: Configured from console by console

isp#sh run

Building configuration...

Current configuration : 947 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname isp

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

ip cef

no ip domain lookup

interface FastEthernet0/0

 ip address 172.16.0.1 255.255.255.0

 duplex auto

 speed auto

!

interface FastEthernet1/0

 ip address 11.0.0.2 255.255.255.252

 duplex auto

 speed auto

!

no ip http server

no ip http secure-server

!

ip route 145.52.23.0 255.255.255.248 11.0.0.1

ip route 192.168.4.0 255.255.255.0 11.0.0.1

ip route 207.38.18.0 255.255.255.248 11.0.0.1

no cdp log mismatch duplex

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end

外网Telnet虚拟机,及nat配置等的更多相关文章

  1. VMware NAT端口映射外网访问虚拟机linux

    本文目的: 一. SSH连接 二. 访问HTTP VMware Workstation提供了两种虚拟机上网方式,一种bridge,一种NAT,bridge可以获得公网地址,而NAT只能是内网地址了. ...

  2. VMware NAT端口映射外网访问虚拟机linux可能会出现的错误总结

    博主因为做实验报告的缘故,尝试以NAT的方式从外网远程连接到虚拟机的linux操作系统:https://www.cnblogs.com/jluzhsai/p/3656760.html,本文主要举出在此 ...

  3. 外网访问虚拟机搭建的web服务

    凌晨了,就简单写个一定可行的思路吧,有时间了再补上. 设置虚拟机为桥接模式,当然NAT也行,只是我嫌NAT麻烦 设置路由器,将虚拟机端口映射到外网

  4. Aliyun搭建svn服务器外网访问报错权限配置失败错误

    搭建完后所有的配置如下 [root@iZuf655czz7lmtn8v15tsjZ conf]# pwd /home/SVN/conf [root@iZuf655czz7lmtn8v15tsjZ co ...

  5. 虚拟机上的centos连不了外网,吧原来的配置信息改成如下就行(删除了一些多余的信息,变化:原来的ONBOOT的值是no)

    DEVICE=eth1BOOTPROTO=dhcpHWADDR=08:00:27:67:be:98ONBOOT=yes

  6. 虚拟机中的centos在nat模式下连不上外网

    这两天需要配置ftp服务器,可是虚拟机在nat模式下死活连不上外网,主机能够通过该ssh与虚拟机进行连接,虚拟机也能ping同一网段主机的IP地址,但就是ping不通外网, 开始我是这样配置的: 主机 ...

  7. 配置多层NAT和端口映射实现外网访问内网

    配置多层NAT和端口映射实现外网访问内网 背景和原理 通过配置NAT可以实现内网中不能直接访问外网的主机通过NAT代理访问内网,配置方法这里不再赘述(前文有介绍).本文以两层的NAT代理做模拟,通过端 ...

  8. 外网主机访问虚拟机下的web服务器(NAT端口转发)

    主机:系统win7,ip地址172.18.186.210 虚拟机:VMware Workstation 7,虚拟机下安装了Centos操作系统,ip地址是192.168.202.128,部署了LAMP ...

  9. 配置NAT回流导致外网解析到了内网IP

    单位有3个域名,用量很大,2014年开始本人研究部署了Bind+DLZ +Mysql的三机智能多链路DNS,非常好用,优点是: 1.使用Mysql管理记录,配置.管理.查询方便. 2.自动判断运营商, ...

随机推荐

  1. 123457123456#2#----com.MCgame.ShuXueKoSuan98--前拼后广--儿童小学数学口算Game-mc22222

    com.MCgame.ShuXueKoSuan98--前拼后广--儿童小学数学口算Game-mc

  2. Django中models定义的choices字典使用get_FooName_display()在页面中显示值

    问题 在django的models.py 中,我们定义了一些choices的元组,类似一些字典值,一般都是下拉框或者单多选框,例如 0对应男 1对应女等等 看下例子: class Area(model ...

  3. Python - Django - 模板语言之 Filters(过滤器)

    通过管道符 "|" 来使用过滤器,{{ value|过滤器:参数 }} Django 的模板语言中提供了六十个左右的内置过滤器 urls.py: from django.conf. ...

  4. 原生JavaScript判断浏览器对CSS属性是否支持

    /*判断浏览器是否支持某个css属性*/ function SupportCss(attrName){ var i=0, arr = SupportCss.opt.aBrowser, eleStyle ...

  5. Difference between Process and thread?

    What are the differences between a process and a thread? How are they similar? How can 2 threads com ...

  6. 对ThreadLocal的理解

      参考文档:https://www.cnblogs.com/moonandstar08/p/4912673.html   一.定义:线程本地变量,每个线程中的变量相互独立,互不影响. 官方定义: 1 ...

  7. 安装Windows和Ubuntu双系统

    发现关注消息 安装Windows和Ubuntu双系统     安装Windows和Ubuntu双系统 0.552016.12.10 15:54:41字数 2101阅读 6644 这几天开始动手做毕设啦 ...

  8. Java 8 新特性--Lambda表达式作为方法参数

    Lambda表达式的使用场景: 当方法的参数是一个函数式接口时,可以使用Lambda表达式进行简化—— 首先,前提是Runnable接口是一个函数式接口,经过查看源码得知,确实如此: 将Runnabl ...

  9. Docker 学习笔记(二):Dockerfile 定制镜像

    镜像的定制实际上就是定制每一层所添加的配置.文件. 如果我们可以把每一层修改.安装.构建.操作的命令都写入一个脚本,用这个脚本来构建.定制镜像,那么之前提及的无法重复的问题.镜像构建透明性的问题.体积 ...

  10. 微信小程序使用 iconfont

    小程序中使用 iconfont 在 iconfont.cn 中下载图标库, 直接将其中的 iconfont.css 复制到小程序目录中,并将扩展名改为 wxss: 在使用时在对应的样式文件 wxss ...