首页 > 代码库 > 关于nat转换成功但却访问不了页面的问题,求解决
关于nat转换成功但却访问不了页面的问题,求解决
R1的配置
cryptoisakmp policy 1
encr 3des
hashmd5
authentication pre-share
group 2
lifetime 900
crypto isakmp key cisco address 9.232.4.2
crypto ipsectransform-set tunnel esp-3des esp-md5-hmac
crypto map tunnel 10 ipsec-isakmp
setpeer 9.232.4.2
settransform-set tunnel
match address 103
interfaceTunnel1
ip address192.168.32.1 255.255.255.252
mtu1476
tunnel source FastEthernet0/1
tunnel destination 9.232.4.2
interface FastEthernet0/0
ipaddress 9.232.2.1 255.255.255.252
ipnat outside
interface FastEthernet0/1
ipaddress 9.232.3.1 255.255.255.252
ipnat outside
crypto map tunnel
interface FastEthernet1/0
ipaddress 9.232.1.2 255.255.255.252
ip nat inside
router ospf 4
network 9.232.1.0 0.0.0.3area 1
network 192.168.32.0 0.0.0.3area 1
router rip
version 2
network 9.0.0.0
ip nat inside source list 101 interfaceFastEthernet0/1 overload
ip nat inside source list 102 interfaceFastEthernet0/0 overload
ip nat inside source static 10.232.10.19.232.2.1
access-list 103 permit gre host 9.232.3.1host 9.232.4.2
access-list 101 permit ip any 9.232.3.0 0.0.0.255
access-list 102 permit ip any 9.232.2.0 0.0.0.255
核心交换机的配置
interface Port-channel 1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel 2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/1
channel-group 1 mode on
switchport access vlan 9
!
interface FastEthernet0/2
channel-group 1 mode on
switchport access vlan 9
!
interface FastEthernet0/3
channel-group 2 mode on
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/4
channel-group 2 mode on
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/5
channel-group 2 mode on
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/6
noswitchport
ipaddress 9.232.1.1 255.255.255.252
interface Vlan9
ipaddress 10.232.10.10 255.255.255.252
!
interface Vlan10
ipaddress 10.232.10.13 255.255.255.252
!
router ospf 3
network 0.0.0.0255.255.255.255 area 1
ip route 0.0.0.00.0.0.0 9.232.1.2
汇聚交换机2的配置
interface Port-channel 2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/2
switchport trunk encapsulation dot1q
switchportmode trunk
!
interface FastEthernet0/3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/4
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/5
channel-group 2 mode on
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/6
channel-group 2 mode on
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/7
channel-group 2 mode on
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode trunk
interface Vlan5
ipaddress 10.232.5.254 255.255.255.0
!
interface Vlan6
ipaddress 10.232.6.254 255.255.255.0
!
interface Vlan7
ipaddress 10.232.10.2 255.255.255.252
!
interface Vlan8
ipaddress 10.232.10.5 255.255.255.252
ipaccess-group 101 in
ipaccess-group 101 out
!
interface Vlan10
ipaddress 10.232.10.14 255.255.255.252
!
router ospf 2
network 0.0.0.0255.255.255.255 area 1
access-list 101 deny ip host 10.232.2.1host 10.232.10.6
access-list 101 deny ip host 10.232.6.1host 10.232.10.6
access-list 101 permit ip any any
!
我将R1直接连到核心交换机下属的汇聚交换机2,则可以访问到服务器页面
关于nat转换成功但却访问不了页面的问题,求解决