NAT配置求教请路过的大侠们伸出援手。路由器CISCO2500外网IP 202.98.16.6;内网服务器10.10.29.98;外网IP 124.235.248.74。想用路由器配置NAT,由124.235.248.74 TELNET到202.98.16.6:2323,达到由124.235.248.74 TELNET到10.10.29.98:23的目的。在CISCO2500上设置NAT如下:ciac(config)# ip nat inside source static tcp 10.10.29.98 23 202.98.16.6 2323显示NAT连接如下:ciac#sho ip nat trPro Inside global Inside local Outside local
Outside global--- 202.98.16.6 202.98.16.6 --- ---tcp 202.98.16.6:23 202.98.16.6:23 124.235.248.74:3538
124.235.248.74:3538tcp 202.98.16.6:2323 10.10.29.98:23 --- ---tcp 202.98.16.6:1433 202.98.16.6:1433 125.119.208.3:6000
125.119.208.3:6000此时,由外网TELNET 202.98.16.6:2323,超时。同时,显示NAT连接状态如下:ciac#show ip nat trPro Inside global Inside local Outside local
Outside globaltcp 202.98.16.6:2323 10.10.29.98:23 124.235.248.74:3578
124.235.248.74:3578--- 202.98.16.6 202.98.16.6 --- ---tcp 202.98.16.6:23 202.98.16.6:23 124.235.248.74:3538
124.235.248.74:3538tcp 202.98.16.6:2323 10.10.29.98:23 --- ---ciac#同时,可以从路由器上TELNET到10.10.29.98,说明内网服务器工作正常。ciac#telnet 10.10.29.98Trying 10.10.29.98 ... OpenFedora release 12 (Constantine)Kernel 2.6.31.5-127.fc12.x86_64 on an x86_64 (1)login:根据以前的记录,内网服务器上netstat -anp | grep tcp,得到结果包括由路由器内网IP可以TELNET到10.10.29.98:23tcp 0 2 10.10.29.98:23 10.10.100.253:22018
ESTABLISHED -由外网IP不可以TELNET到10.10.29.98:23tcp 0 0 10.10.29.98:23 124.234.129.151:9109
SYN_RECV -