-1

我有 Cisco 1812 路由器,我想将其设置为我们的办公室互联网网关。尽管我遵循了 Cisco 网站上的指南,但我无法让 NAT 工作。

我的问题是 NAT 没有发生,我不知道为什么。

当我连接到路由器时,我从 DHCP 获得 IP 地址,我可以 ping 本地接口 IP(192.168.210.254)和公共 IP(212.94.196.71 略有变化),但我无法通过互联网。我无法从连接到本地接口的机器 ping 默认网关,但我可以从路由器本身以及 Internet 上的任何站点 ping 它。

最后,show ip nat translations 显示空列表。

我究竟做错了什么?

这是我的配置

Current configuration : 2022 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$FXW9$XXXXXXXXXXXXXXXXXXX.
!
no aaa new-model
!
resource policy
!
no ip routing
!
!
no ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.210.240 192.168.210.254
ip dhcp excluded-address 192.168.210.1 192.168.210.4
!
ip dhcp pool lan1
   network 192.168.210.0 255.255.255.0
   dns-server 192.168.210.100
   default-router 192.168.210.254
   domain-name mydomain.com
!
ip name-server 210.127.96.3
ip name-server 210.127.96.4
!
interface FastEthernet0
 ip address 192.168.210.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 no ip route-cache
 speed auto
 full-duplex
!
interface FastEthernet1
 ip address 212.94.196.71 255.255.255.240
 ip nat outside
 ip virtual-reassembly
 no ip route-cache
 duplex auto
 speed auto
!
interface BRI0
 no ip address
 encapsulation hdlc
 no ip route-cache
 shutdown
!
interface FastEthernet2
 shutdown
!
interface FastEthernet3
 shutdown
!
interface FastEthernet4
 shutdown
!
interface FastEthernet5
 shutdown
!
interface FastEthernet6
 shutdown
!
interface FastEthernet7
 shutdown
!
interface FastEthernet8
 shutdown
!
interface FastEthernet9
 shutdown
!
interface Vlan1
 ip address 192.168.1.254 255.255.255.0
 no ip route-cache
!
interface Vlan10
 ip address 10.28.10.254 255.255.255.0
 no ip route-cache
!
interface Vlan11
 ip address 10.1.11.254 255.255.255.0
 no ip route-cache
!
interface Vlan55
 ip address 10.28.55.254 255.255.255.0
 no ip route-cache
!
ip default-gateway 212.94.196.65
!
!
no ip http server
no ip http secure-server
ip nat pool ovrld 212.94.196.71 212.94.196.71 prefix-length 28
!
access-list 7 permit 192.168.210.0 0.0.0.31
snmp-server community public RO
!
control-plane
!
line con 0
line aux 0
line vty 0 4
 login
!
!
webvpn context Default_context
 ssl authenticate verify all
 !
 no inservice
!
end
4

2 回答 2

0

您忘记启用内部源地址的转换。

ip nat inside source { list <acl> pool <name> [overload] |
static <local-ip><global-ip> }

我看到你已经有一个访问列表,所以(根据你的私人地址)在全局配置中添加:

ip nat inside source list 7 pool ovrld

附加编辑:启用 IP 路由ip routing后,它可以工作

于 2013-11-12T20:06:53.390 回答
0

您的 DHCP 用于较低的子网,而您的网关位于另一个子网的顶部 .224-254

您的 nat 列表适用于 .0 子网

于 2016-01-31T01:22:00.500 回答