请路过的大侠们伸出援手。
路由器CISCO2500外网IP 202.98.16.6;
内网服务器10.10.29.98;
外网IP 124.235.248.74。
想用路由器配置NAT,由124.235.248.74 TELNET到202.98.16.6:2323,
达到由124.235.248.74 TELNET到10.10.29.98:23的目的。
在CISCO2500上设置NAT如下:
ciac(config)# ip nat inside source static tcp 10.10.29.98 23 202.98.16.6 2323
显示NAT连接如下:
ciac#sho ip nat tr
Pro Inside global Inside local Outside local
Outside global
--- 202.98.16.6 202.98.16.6 --- ---
tcp 202.98.16.6:23 202.98.16.6:23 124.235.248.74:3538
124.235.248.74:3538
tcp 202.98.16.6:2323 10.10.29.98:23 --- ---
tcp 202.98.16.6:1433 202.98.16.6:1433 125.119.208.3:6000
125.119.208.3:6000
此时,由外网TELNET 202.98.16.6:2323,
超时。
同时,显示NAT连接状态如下:
ciac#show ip nat tr
Pro Inside global Inside local Outside local
Outside global
tcp 202.98.16.6:2323 10.10.29.98:23 124.235.248.74:3578
124.235.248.74:3578
--- 202.98.16.6 202.98.16.6 --- ---
tcp 202.98.16.6:23 202.98.16.6:23 124.235.248.74:3538
124.235.248.74:3538
tcp 202.98.16.6:2323 10.10.29.98:23 --- ---
ciac#
同时,可以从路由器上TELNET到10.10.29.98,说明内网服务器工作正常。
ciac#telnet 10.10.29.98
Trying 10.10.29.98 ... Open
Fedora release 12 (Constantine)
Kernel 2.6.31.5-127.fc12.x86_64 on an x86_64 (1)
login:
根据以前的记录,
内网服务器上netstat -anp | grep tcp,得到结果包括
由路由器内网IP可以TELNET到10.10.29.98:23
tcp 0 2 10.10.29.98:23 10.10.100.253:22018
ESTABLISHED -
由外网IP不可以TELNET到10.10.29.98:23
tcp 0 0 10.10.29.98:23 124.234.129.151:9109
SYN_RECV -
No comments:
Post a Comment