[GNS3] dhcp + nat ................

1.net

en
conf t
int s1/0
ip addr 192.168.100.1 255.255.255.0
clock rate 56000
no shutdown
exit
int f2/0
ip addr 192.168.10.254 255.255.255.0
no sh
exit

router rip
ver 2
network 192.168.100.0
network 192.168.10.0
exit

ip dhcp pool ccna
network 192.168.10.254 255.255.255.0
default-router 192.168.10.254
exit
ip dhcp excluded-address 192.168.10.254

access-list 101 deny tcp 192.168.20.0 0.0.0.255 192.168.10.1 0.0.0.255 eq 23
access-list 101 permit tcp 192.168.20.0 0.0.0.255 192.168.10.1 0.0.0.255 eq 80
access-list 101 permit tcp 192.168.20.0 0.0.0.255 192.168.10.1 0.0.0.255 eq 21
access-list 101 deny tcp 192.168.30.0 0.0.0.255 192.168.10.1 0.0.0.255 eq 21
access-list 101 deny tcp 192.168.30.0 0.0.0.255 192.168.10.1 0.0.0.255 eq 23
access-list 101 permit tcp 192.168.30.0 0.0.0.255 192.168.10.1 0.0.0.255 eq 80
access-list 101 permit ip any any
int fa2/0
ip access-group 101 out
exit

end

 

 

 

 

en
conf t
int s1/0
ip addr 192.168.100.2 255.255.255.0
clock rate 56000
no shutdown
exit
int f2/0
ip addr 192.168.20.254 255.255.255.0
no sh
exit
int f2/1
ip addr 192.168.30.254 255.255.255.0
no sh
exit

router rip
ver 2
network 192.168.100.0
network 192.168.20.0
network 192.168.30.0
network 192.100.100.0
exit

access-list 10 permit 192.168.20.0 0.0.0.255
access-list 10 permit 192.168.30.0 0.0.0.255
ip nat pool ccie 192.100.100.1 192.100.100.254 netmask 255.255.255.0
ip nat inside source list 10 pool ccie
int fa2/0
ip nat inside
exit
int fa2/1
ip nat inside
exit
int se1/0
ip nat outside
end

=========================









GNS 로 구성
R1<->      R2
VMnet1  VMnet2 , Vmnet3
라우팅 프로토콜 알아서..
EACL
192.168.20.0 www, ftp 접근 가능
192.168.20.0 telnet 접근 불가능
192.136.30.0 www 접근가능 ftp, telnet 접근 불가능 하도록 설정..
다 성공 후 NAT 이용해서 192.100.100.0 대역을 변환해서 나가도록 설정..

R1
Vmnet1 192.168.10.0
GW 192.168.10.254
Linux
LanCard 2개
eth0
192.168.10.10
eth1
DHCP 서버로 부터 받도록 설정
web, telnet, ftp 서버 실행
www 사이트
telnet
ftp
R2
VMnet2
GW 192.168.20.254
win2003
192.168.20.10
VMnet3
GE 192.168.30.254
XP
192.168.30.10