环境整体是使用GNS3,通过cloud真实连接到虚拟机

cloud1 nginx主机
cloud2 nginx主机https连接
cloud3 Internet测试主机

下面贴每个网络设备配置,特别注意,公司网关路由和Internet路由其的配置

配置这里就不解释了,主要注意下,公司网关路由的NAT配置,着实难受些

  • ESW3交换机
ESW3#sh run

Building configuration...

Current configuration : 2364 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

no service dhcp

!

hostname ESW3

!

boot-start-marker

boot-end-marker

!

enable password cisco

!

no aaa new-model

memory-size iomem 5

no ip routing

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

 --More--

*Mar  1 02:06:32.867: %SYS-5-CONFIG_I: Configured from console no ip cefe

no ip domain lookup

vtp file nvram:vlan.dat

interface FastEthernet1/0

 switchport access vlan 3

 duplex full

 speed 100

!

interface FastEthernet1/1

 duplex full

 speed 100

!

interface FastEthernet1/2

 duplex full

 speed 100

!

interface FastEthernet1/3

 duplex full

 speed 100

!

interface FastEthernet1/4

 duplex full

 speed 100

!

interface FastEthernet1/5

 switchport access vlan 4

 duplex full

 speed 100

!

interface FastEthernet1/6

 duplex full

 speed 100

!

interface FastEthernet1/7

 duplex full

 speed 100

!

interface FastEthernet1/8

 duplex full

 speed 100

!

interface FastEthernet1/9

 duplex full

 speed 100

!

interface FastEthernet1/10

 switchport mode trunk

 duplex full

 speed 100

!

interface FastEthernet1/11

 duplex full

 speed 100

!

interface FastEthernet1/12

 duplex full

 speed 100

!

interface FastEthernet1/13

 duplex full

 speed 100

!

interface FastEthernet1/14

 duplex full

 speed 100

!

interface FastEthernet1/15

 duplex full

 speed 100

!

interface Vlan1

 no ip address

 no ip route-cache

 shutdown

!

interface Vlan4

 ip address 192.168.4.10 255.255.255.0

!

ip default-gateway 192.168.4.1

no ip http server

no ip http secure-server

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 password cisco

 login

!

!

end
  • ESW1配置
sw1#sh run

Building configuration...

Current configuration : 2244 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

no service dhcp

!

hostname sw1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip routing

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

no ip cef

no ip domain lookup

vtp file nvram:vlan.dat

interface FastEthernet1/0

 switchport access vlan 2

 duplex full

 speed 100

!

interface FastEthernet1/1

 duplex full

 speed 100

!

interface FastEthernet1/2

 duplex full

 speed 100

!

interface FastEthernet1/3

 duplex full

 speed 100

!

interface FastEthernet1/4

 duplex full

 speed 100

!

interface FastEthernet1/5

 switchport access vlan 2

 duplex full

 speed 100

!

interface FastEthernet1/6

 duplex full

 speed 100

!

interface FastEthernet1/7

 duplex full

 speed 100

!

interface FastEthernet1/8

 duplex full

 speed 100

!

interface FastEthernet1/9

 duplex full

 speed 100

!

interface FastEthernet1/10

 duplex full

 speed 100

!

interface FastEthernet1/11

 switchport mode trunk

 duplex full

 speed 100

!

interface FastEthernet1/12

 duplex full

 speed 100

!

interface FastEthernet1/13

 duplex full

 speed 100

!

interface FastEthernet1/14

 duplex full

 speed 100

!

interface FastEthernet1/15

 duplex full

 speed 100

!

interface Vlan1

 no ip address

 no ip route-cache

 shutdown

!

no ip http server

no ip http secure-server

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

 login

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end
  • ESW2
ESW2#sh run

Building configuration...

Current configuration : 2427 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

no service dhcp

!

hostname ESW2

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

ip cef

no ip domain lookup

vtp file nvram:vlan.dat

interface FastEthernet1/0

 duplex full

 speed 100

!

interface FastEthernet1/1

 duplex full

 speed 100

!

interface FastEthernet1/2

 duplex full

 speed 100

!

interface FastEthernet1/3

 duplex full

 speed 100

!

interface FastEthernet1/4

 duplex full

 speed 100

!

interface FastEthernet1/5

 duplex full

 speed 100

!

interface FastEthernet1/6

 duplex full

 speed 100

!

interface FastEthernet1/7

 duplex full

 speed 100

!

interface FastEthernet1/8

 duplex full

 speed 100

!

interface FastEthernet1/9

 duplex full

 speed 100

!

interface FastEthernet1/10

 switchport mode trunk

 duplex full

 speed 100

!

interface FastEthernet1/11

 switchport mode trunk

 duplex full

 speed 100

!

interface FastEthernet1/12

 duplex full

 speed 100

!

interface FastEthernet1/13

 duplex full

 speed 100

!

interface FastEthernet1/14

 duplex full

 speed 100

!

interface FastEthernet1/15

 no switchport

 ip address 10.0.0.1 255.255.255.252

 duplex full

 speed 100

!

interface Vlan1

 no ip address

 shutdown

!

interface Vlan2

 ip address 192.168.2.1 255.255.255.0

!

interface Vlan3

 ip address 192.168.3.1 255.255.255.0

!

interface Vlan4

 ip address 192.168.4.1 255.255.255.0

!

no ip http server

no ip http secure-server

!

ip route 0.0.0.0 0.0.0.0 10.0.0.2

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

end
  • 公司网关路由
R1#sh run

Building configuration...

Current configuration : 1534 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

ip cef

no ip domain lookup

interface FastEthernet0/0

 ip address 10.0.0.2 255.255.255.252

 ip nat inside

 ip virtual-reassembly

 duplex auto

 speed auto

!

interface FastEthernet1/0

 ip address 11.0.0.1 255.255.255.252

 ip nat outside

 ip virtual-reassembly

 duplex auto

 speed auto

!

no ip http server

no ip http secure-server

!

ip route 0.0.0.0 0.0.0.0 11.0.0.2

ip route 192.168.2.0 255.255.255.0 10.0.0.1

ip route 192.168.3.0 255.255.255.0 10.0.0.1

ip route 192.168.4.0 255.255.255.0 10.0.0.1

!

ip nat pool dynami 207.38.18.1 207.38.18.5 netmask 255.255.255.248

ip nat inside source list 3 pool dynami

ip nat inside source list 4 interface FastEthernet1/0 overload

ip nat inside source static tcp 192.168.4.10 23 interface FastEthernet1/0 23

ip nat inside source static tcp 192.168.2.2 80 145.52.23.6 80 extendable

ip nat inside source static tcp 192.168.2.3 443 145.52.23.6 443 extendable

!

access-list 3 permit 192.168.3.0 0.0.0.255

access-list 4 permit 192.168.4.0 0.0.0.255

no cdp log mismatch duplex

!

!

control-plane

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end
  • internet路由
isp#sh ru

*Mar  1 01:57:39.243: %SYS-5-CONFIG_I: Configured from console by console

isp#sh run

Building configuration...

Current configuration : 947 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname isp

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip tcp synwait-time 5

!

!

ip cef

no ip domain lookup

interface FastEthernet0/0

 ip address 172.16.0.1 255.255.255.0

 duplex auto

 speed auto

!

interface FastEthernet1/0

 ip address 11.0.0.2 255.255.255.252

 duplex auto

 speed auto

!

no ip http server

no ip http secure-server

!

ip route 145.52.23.0 255.255.255.248 11.0.0.1

ip route 192.168.4.0 255.255.255.0 11.0.0.1

ip route 207.38.18.0 255.255.255.248 11.0.0.1

no cdp log mismatch duplex

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end

外网Telnet虚拟机,及nat配置等的更多相关文章

  1. VMware NAT端口映射外网访问虚拟机linux

    本文目的: 一. SSH连接 二. 访问HTTP VMware Workstation提供了两种虚拟机上网方式,一种bridge,一种NAT,bridge可以获得公网地址,而NAT只能是内网地址了. ...

  2. VMware NAT端口映射外网访问虚拟机linux可能会出现的错误总结

    博主因为做实验报告的缘故,尝试以NAT的方式从外网远程连接到虚拟机的linux操作系统:https://www.cnblogs.com/jluzhsai/p/3656760.html,本文主要举出在此 ...

  3. 外网访问虚拟机搭建的web服务

    凌晨了,就简单写个一定可行的思路吧,有时间了再补上. 设置虚拟机为桥接模式,当然NAT也行,只是我嫌NAT麻烦 设置路由器,将虚拟机端口映射到外网

  4. Aliyun搭建svn服务器外网访问报错权限配置失败错误

    搭建完后所有的配置如下 [root@iZuf655czz7lmtn8v15tsjZ conf]# pwd /home/SVN/conf [root@iZuf655czz7lmtn8v15tsjZ co ...

  5. 虚拟机上的centos连不了外网,吧原来的配置信息改成如下就行(删除了一些多余的信息,变化:原来的ONBOOT的值是no)

    DEVICE=eth1BOOTPROTO=dhcpHWADDR=08:00:27:67:be:98ONBOOT=yes

  6. 虚拟机中的centos在nat模式下连不上外网

    这两天需要配置ftp服务器,可是虚拟机在nat模式下死活连不上外网,主机能够通过该ssh与虚拟机进行连接,虚拟机也能ping同一网段主机的IP地址,但就是ping不通外网, 开始我是这样配置的: 主机 ...

  7. 配置多层NAT和端口映射实现外网访问内网

    配置多层NAT和端口映射实现外网访问内网 背景和原理 通过配置NAT可以实现内网中不能直接访问外网的主机通过NAT代理访问内网,配置方法这里不再赘述(前文有介绍).本文以两层的NAT代理做模拟,通过端 ...

  8. 外网主机访问虚拟机下的web服务器(NAT端口转发)

    主机:系统win7,ip地址172.18.186.210 虚拟机:VMware Workstation 7,虚拟机下安装了Centos操作系统,ip地址是192.168.202.128,部署了LAMP ...

  9. 配置NAT回流导致外网解析到了内网IP

    单位有3个域名,用量很大,2014年开始本人研究部署了Bind+DLZ +Mysql的三机智能多链路DNS,非常好用,优点是: 1.使用Mysql管理记录,配置.管理.查询方便. 2.自动判断运营商, ...

随机推荐

  1. Java Sound Capture from Microphone working code

    转载自:http://ganeshtiwaridotcomdotnp.blogspot.com/2011/12/java-sound-capture-from-microphone.html Soun ...

  2. 【docker 使用】基本docker命令

    查看镜像 docker images 删除镜像 docker rmi [镜像id的前5位]或[镜像name:镜像tag] 如果有两个镜像指向同一个id,则使用镜像id进行删除时会报错,需要使用name ...

  3. Ubuntu18使用netplan设置网络

    参考:https://my.oschina.net/u/2306127/blog/2877106 https://blog.csdn.net/peyte1/article/details/805090 ...

  4. AWS 监控服务(六)

    AWS CloudWatch 概念 基于确定的内容监控基础设施组件 基于指定的指标发送通知并触发各种操作 分布式统计数据和收集系统,用于收集并跟踪指标 默认情况下,在管理程序级别无缝收集指标,如CPU ...

  5. Charles 抓包配置

    本文参考:charles 抓包配置 proxy setting (代理设置) 设置的主界面如下: 动态端口 启用动态端口选项来监听动态端口,每次查询启动时选择.这样可以避免与计算机上可能运行的其他网络 ...

  6. NET架构

    .NET架构开发应知应会 .NET程序是基于.NET Framework..NET Core.Mono.[.NET实现]开发和运行的 ,定义以上[.NET实现]的标准规范称为.NET Standard ...

  7. shiro 的session持久化

    对于分布式系统,一般都牵扯到Session共享问题,而想实现Session共享,就要实现Session的持久化操作,即是将内存中的Session持久化至缓存数据库. SessionDAO是Shiro提 ...

  8. ipv6 地址说明

    开篇我们先简单介绍下ipv4 地址 IPv4 地址: ipv4地址一共32位,用点分十进制表示,每一个部分是8位.子网掩码有两种表示 192.168.1.3 / 24 表示ip的前24位是网络位,后8 ...

  9. linux 编程 如何判断socket断开???--ongoing

    1 利用select ? 2从github上找例子 3 学习asio  c++ library

  10. LeetCode 442. 数组中重复的数据(Find All Duplicates in an Array) 17

    442. 数组中重复的数据 442. Find All Duplicates in an Array 题目描述 Given an array of integers, 1 ≤ a[i] ≤ n (n ...