Пользователь с IP 192.168.0.2/24 обращается на сервер с IP 172.16.0.1/24. Необходимо, чтобы destanation-address 172.16.0.1 подменялся на 10.0.0.254, а source-address менялся на 10.0.0.1.
...
Блок кода |
---|
esr(config)# esr(config)# nat source esr(config-snat)# pool SNAT esr(config-snat-pool)# ip address-range 10.0.0.1 esr(config-snat-pool)# exit esr(config-snat)# ruleset SNAT esr(config-snat-ruleset)# to interface gi1/0/1 esr(config-snat-ruleset)# rule 1 esr(config-snat-rule)# match source-address LAN esr(config-snat-rule)# match destination-address LANDST_SRV esr(config-snat-rule)# action source-nat pool SNAT esr(config-snat-rule)# enable esr(config-snat-rule)# exit esr(config-snat-ruleset)# exit esr(config-snat)# exit esr(config)# |
...
Блок кода |
---|
object-group network LAN ip prefix 192.168.0.0/24 exit object-group network DST_SRV ip prefix 10.0.0.254/32 exit object-group network WAN ip prefix 10.0.0.1/32 exit object-group network SRV ip prefix 172.16.0.1/32 exit interface gigabitethernet 1/0/1 ip firewall disable ip address 10.0.0.1/24 exit interface gigabitethernet 1/0/2 ip firewall disable ip address 192.168.0.1/24 exit nat destination pool SRV_DST ip address 10.0.0.254 exit ruleset EPT from interface gigabitethernet 1/0/2 rule 1 match destination-address SRV action destination-nat pool SRV_DST enable exit exit exit nat source pool SNAT ip address-range 10.0.0.1 exit ruleset SNAT to interface gigabitethernet 1/0/1 rule 1 match source-address LAN match destination-address LANDST_SRV action source-nat pool SNAT enable exit exit exit ip route 0.0.0.0/0 interface gigabitethernet 1/0/1 |
...