环境整体是使用GNS3,通过cloud真实连接到虚拟机

cloud1 nginx主机
cloud2 nginx主机https连接
cloud3 Internet测试主机

下面贴每个网络设备配置,特别注意,公司网关路由和Internet路由其的配置

配置这里就不解释了,主要注意下,公司网关路由的NAT配置,着实难受些

  • ESW3交换机
ESW3#sh run

Building configuration...

Current configuration : 2364 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

no service dhcp

!

hostname ESW3

!

boot-start-marker

boot-end-marker

!

enable password cisco

!

no aaa new-model

memory-size iomem 5

no ip routing

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

 --More--

*Mar  1 02:06:32.867: %SYS-5-CONFIG_I: Configured from console no ip cefe

no ip domain lookup

vtp file nvram:vlan.dat

interface FastEthernet1/0

 switchport access vlan 3

 duplex full

 speed 100

!

interface FastEthernet1/1

 duplex full

 speed 100

!

interface FastEthernet1/2

 duplex full

 speed 100

!

interface FastEthernet1/3

 duplex full

 speed 100

!

interface FastEthernet1/4

 duplex full

 speed 100

!

interface FastEthernet1/5

 switchport access vlan 4

 duplex full

 speed 100

!

interface FastEthernet1/6

 duplex full

 speed 100

!

interface FastEthernet1/7

 duplex full

 speed 100

!

interface FastEthernet1/8

 duplex full

 speed 100

!

interface FastEthernet1/9

 duplex full

 speed 100

!

interface FastEthernet1/10

 switchport mode trunk

 duplex full

 speed 100

!

interface FastEthernet1/11

 duplex full

 speed 100

!

interface FastEthernet1/12

 duplex full

 speed 100

!

interface FastEthernet1/13

 duplex full

 speed 100

!

interface FastEthernet1/14

 duplex full

 speed 100

!

interface FastEthernet1/15

 duplex full

 speed 100

!

interface Vlan1

 no ip address

 no ip route-cache

 shutdown

!

interface Vlan4

 ip address 192.168.4.10 255.255.255.0

!

ip default-gateway 192.168.4.1

no ip http server

no ip http secure-server

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 password cisco

 login

!

!

end
  • ESW1配置
sw1#sh run

Building configuration...

Current configuration : 2244 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

no service dhcp

!

hostname sw1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip routing

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

no ip cef

no ip domain lookup

vtp file nvram:vlan.dat

interface FastEthernet1/0

 switchport access vlan 2

 duplex full

 speed 100

!

interface FastEthernet1/1

 duplex full

 speed 100

!

interface FastEthernet1/2

 duplex full

 speed 100

!

interface FastEthernet1/3

 duplex full

 speed 100

!

interface FastEthernet1/4

 duplex full

 speed 100

!

interface FastEthernet1/5

 switchport access vlan 2

 duplex full

 speed 100

!

interface FastEthernet1/6

 duplex full

 speed 100

!

interface FastEthernet1/7

 duplex full

 speed 100

!

interface FastEthernet1/8

 duplex full

 speed 100

!

interface FastEthernet1/9

 duplex full

 speed 100

!

interface FastEthernet1/10

 duplex full

 speed 100

!

interface FastEthernet1/11

 switchport mode trunk

 duplex full

 speed 100

!

interface FastEthernet1/12

 duplex full

 speed 100

!

interface FastEthernet1/13

 duplex full

 speed 100

!

interface FastEthernet1/14

 duplex full

 speed 100

!

interface FastEthernet1/15

 duplex full

 speed 100

!

interface Vlan1

 no ip address

 no ip route-cache

 shutdown

!

no ip http server

no ip http secure-server

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

 login

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end
  • ESW2
ESW2#sh run

Building configuration...

Current configuration : 2427 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

no service dhcp

!

hostname ESW2

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

ip cef

no ip domain lookup

vtp file nvram:vlan.dat

interface FastEthernet1/0

 duplex full

 speed 100

!

interface FastEthernet1/1

 duplex full

 speed 100

!

interface FastEthernet1/2

 duplex full

 speed 100

!

interface FastEthernet1/3

 duplex full

 speed 100

!

interface FastEthernet1/4

 duplex full

 speed 100

!

interface FastEthernet1/5

 duplex full

 speed 100

!

interface FastEthernet1/6

 duplex full

 speed 100

!

interface FastEthernet1/7

 duplex full

 speed 100

!

interface FastEthernet1/8

 duplex full

 speed 100

!

interface FastEthernet1/9

 duplex full

 speed 100

!

interface FastEthernet1/10

 switchport mode trunk

 duplex full

 speed 100

!

interface FastEthernet1/11

 switchport mode trunk

 duplex full

 speed 100

!

interface FastEthernet1/12

 duplex full

 speed 100

!

interface FastEthernet1/13

 duplex full

 speed 100

!

interface FastEthernet1/14

 duplex full

 speed 100

!

interface FastEthernet1/15

 no switchport

 ip address 10.0.0.1 255.255.255.252

 duplex full

 speed 100

!

interface Vlan1

 no ip address

 shutdown

!

interface Vlan2

 ip address 192.168.2.1 255.255.255.0

!

interface Vlan3

 ip address 192.168.3.1 255.255.255.0

!

interface Vlan4

 ip address 192.168.4.1 255.255.255.0

!

no ip http server

no ip http secure-server

!

ip route 0.0.0.0 0.0.0.0 10.0.0.2

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

end
  • 公司网关路由
R1#sh run

Building configuration...

Current configuration : 1534 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

ip cef

no ip domain lookup

interface FastEthernet0/0

 ip address 10.0.0.2 255.255.255.252

 ip nat inside

 ip virtual-reassembly

 duplex auto

 speed auto

!

interface FastEthernet1/0

 ip address 11.0.0.1 255.255.255.252

 ip nat outside

 ip virtual-reassembly

 duplex auto

 speed auto

!

no ip http server

no ip http secure-server

!

ip route 0.0.0.0 0.0.0.0 11.0.0.2

ip route 192.168.2.0 255.255.255.0 10.0.0.1

ip route 192.168.3.0 255.255.255.0 10.0.0.1

ip route 192.168.4.0 255.255.255.0 10.0.0.1

!

ip nat pool dynami 207.38.18.1 207.38.18.5 netmask 255.255.255.248

ip nat inside source list 3 pool dynami

ip nat inside source list 4 interface FastEthernet1/0 overload

ip nat inside source static tcp 192.168.4.10 23 interface FastEthernet1/0 23

ip nat inside source static tcp 192.168.2.2 80 145.52.23.6 80 extendable

ip nat inside source static tcp 192.168.2.3 443 145.52.23.6 443 extendable

!

access-list 3 permit 192.168.3.0 0.0.0.255

access-list 4 permit 192.168.4.0 0.0.0.255

no cdp log mismatch duplex

!

!

control-plane

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end
  • internet路由
isp#sh ru

*Mar  1 01:57:39.243: %SYS-5-CONFIG_I: Configured from console by console

isp#sh run

Building configuration...

Current configuration : 947 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname isp

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

ip cef

no ip domain lookup

interface FastEthernet0/0

 ip address 172.16.0.1 255.255.255.0

 duplex auto

 speed auto

!

interface FastEthernet1/0

 ip address 11.0.0.2 255.255.255.252

 duplex auto

 speed auto

!

no ip http server

no ip http secure-server

!

ip route 145.52.23.0 255.255.255.248 11.0.0.1

ip route 192.168.4.0 255.255.255.0 11.0.0.1

ip route 207.38.18.0 255.255.255.248 11.0.0.1

no cdp log mismatch duplex

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end

外网Telnet虚拟机,及nat配置等的更多相关文章

  1. VMware NAT端口映射外网访问虚拟机linux

    本文目的: 一. SSH连接 二. 访问HTTP VMware Workstation提供了两种虚拟机上网方式,一种bridge,一种NAT,bridge可以获得公网地址,而NAT只能是内网地址了. ...

  2. VMware NAT端口映射外网访问虚拟机linux可能会出现的错误总结

    博主因为做实验报告的缘故,尝试以NAT的方式从外网远程连接到虚拟机的linux操作系统:https://www.cnblogs.com/jluzhsai/p/3656760.html,本文主要举出在此 ...

  3. 外网访问虚拟机搭建的web服务

    凌晨了,就简单写个一定可行的思路吧,有时间了再补上. 设置虚拟机为桥接模式,当然NAT也行,只是我嫌NAT麻烦 设置路由器,将虚拟机端口映射到外网

  4. Aliyun搭建svn服务器外网访问报错权限配置失败错误

    搭建完后所有的配置如下 [root@iZuf655czz7lmtn8v15tsjZ conf]# pwd /home/SVN/conf [root@iZuf655czz7lmtn8v15tsjZ co ...

  5. 虚拟机上的centos连不了外网,吧原来的配置信息改成如下就行(删除了一些多余的信息,变化:原来的ONBOOT的值是no)

    DEVICE=eth1BOOTPROTO=dhcpHWADDR=08:00:27:67:be:98ONBOOT=yes

  6. 虚拟机中的centos在nat模式下连不上外网

    这两天需要配置ftp服务器,可是虚拟机在nat模式下死活连不上外网,主机能够通过该ssh与虚拟机进行连接,虚拟机也能ping同一网段主机的IP地址,但就是ping不通外网, 开始我是这样配置的: 主机 ...

  7. 配置多层NAT和端口映射实现外网访问内网

    配置多层NAT和端口映射实现外网访问内网 背景和原理 通过配置NAT可以实现内网中不能直接访问外网的主机通过NAT代理访问内网,配置方法这里不再赘述(前文有介绍).本文以两层的NAT代理做模拟,通过端 ...

  8. 外网主机访问虚拟机下的web服务器(NAT端口转发)

    主机:系统win7,ip地址172.18.186.210 虚拟机:VMware Workstation 7,虚拟机下安装了Centos操作系统,ip地址是192.168.202.128,部署了LAMP ...

  9. 配置NAT回流导致外网解析到了内网IP

    单位有3个域名,用量很大,2014年开始本人研究部署了Bind+DLZ +Mysql的三机智能多链路DNS,非常好用,优点是: 1.使用Mysql管理记录,配置.管理.查询方便. 2.自动判断运营商, ...

随机推荐

  1. Qt编写气体安全管理系统14-邮件转发

    一.前言 邮件转发功能和短信告警功能基本一致,都是在判断报警后触发,可能稍微不同的是,邮件转发需要依赖互联网,而且能够发送的数据量很大,没有短信60个汉字的局限(当然短信也可以拆分多条发送,但是费钱, ...

  2. 报错:java.lang.ClassNotFoundException: org.codehaus.jackson.map.JsonMappingException

    报错背景: 执行hdfs-mysql的job任务的时候报错. 报错现象: Exception has occurred during processing command Exception: org ...

  3. DBGridEh中根据单价和数量如何计算金额?

    单价和数量输入完后,在数量单元格往任何方向移动(上下左右),金额都能自动计算.如何实现? 不要在UI元素的事件中计算字段,你可以在单价字段和数量字段的OnChange事件中进行计算.假设数据集名称为D ...

  4. Delphi XE6 使用定时器或者线程解决程序界面无响应问题

    ---恢复内容开始--- 介绍 在手机应用上,我们不应该使用速度慢的代码,当然我们在桌面程序上也应该避免这个,当手机应用长时间没有相应的时候,程序会提示“程序没响应,是否关闭”的提示,这个非常不好,所 ...

  5. 一份 Tomcat 和 JVM 的性能调优经验总结!拿走不谢

    Tomcat性能调优 找到Tomcat根目录下的conf目录,修改server.xml文件的内容.对于这部分的调优,我所了解到的就是无非设置一下Tomcat服务器的最大并发数和Tomcat初始化时创建 ...

  6. 静态站点生成器-md-hexo

    推荐指数:

  7. 汉字转拼音插件:LM-PinYin.js

    CDN:http://dtdxrk.github.io/jsPlug/pinyin/LM-PinYin.js demo演示地址:http://dtdxrk.github.io/jsPlug/pinyi ...

  8. EXCEL 调整日期格式

    https://jingyan.baidu.com/article/647f0115ea31b67f2048a85a.html 先中数据(不带标题),点击菜单-数据-分列. 前2步不要做任何更改直接点 ...

  9. AndFix Bug 热修复框架原理及源码解析

    作为阿里巴巴开源的 Android 应用热修复工具——AndFix,帮助 Anroid 开发者修复应用的线上问题.Andfix 是 “Android hot-fix” 的缩写. 1.什么是AndFix ...

  10. git取消追踪本地某个文件

    git rm --cached readme1.txt    删除readme1.txt的跟踪,并保留在本地. git rm --f readme1.txt    删除readme1.txt的跟踪,并 ...