VLAN 上网

网络工程 思科 路由 路由器 局域网 纳特
2022-02-21 11:34:28

我正在尝试将我的 Cisco 2800 路由器配置为在 VLAN 之间进行通信并将流量路由到 Internet。VLAN 可以互相访问,但不能访问 Internet。路由器可以ping 调制解调器,但不能ping 通Internet。路由器配置如下:

Current configuration : 2904 bytes
!
! Last configuration change at 03:36:32 UTC Thu Apr 27 2017
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
warm-reboot
boot-end-marker
!
enable password tyson987
!
no aaa new-model
!
!
!
!
dot11 syslog
ip source-route
!
!
ip cef
ip dhcp excluded-address 192.168.3.1 192.168.3.50
ip dhcp excluded-address 192.168.4.1 192.168.4.50
ip dhcp excluded-address 192.168.1.200
ip dhcp excluded-address 192.168.1.250
ip dhcp excluded-address 192.168.1.251
ip dhcp excluded-address 192.168.1.252
ip dhcp excluded-address 192.168.1.253
ip dhcp excluded-address 192.168.1.254
ip dhcp excluded-address 192.168.10.200
ip dhcp excluded-address 192.168.10.250
ip dhcp excluded-address 192.168.10.251
ip dhcp excluded-address 192.168.10.252
ip dhcp excluded-address 192.168.10.253
ip dhcp excluded-address 192.168.10.254
ip dhcp excluded-address 192.168.20.200
ip dhcp excluded-address 192.168.30.200
ip dhcp excluded-address 192.168.40.200
ip dhcp excluded-address 192.168.2.2
ip dhcp excluded-address 192.168.2.240
ip dhcp excluded-address 192.168.2.250
ip dhcp excluded-address 192.168.2.1
ip dhcp excluded-address 192.168.3.1
ip dhcp excluded-address 192.168.3.200
ip dhcp excluded-address 192.168.2.200
ip dhcp excluded-address 192.168.4.1
ip dhcp excluded-address 192.168.4.200
ip dhcp excluded-address 192.168.2.200 192.168.2.254
!
ip dhcp pool DHCP-ADMIN
   import all
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.200
   dns-server 8.8.8.8
!
ip dhcp pool DHCP-STUDENTS
   import all
   network 192.168.4.0 255.255.255.0
   default-router 192.168.4.200
   dns-server 8.8.8.8
!
ip dhcp pool DHCP-SERVER
   import all
   network 192.168.2.0 255.255.255.0
   dns-server 8.8.8.8
   default-router 192.168.2.200
!
!
ip name-server 192.168.2.2
ip name-server 8.8.8.8
!
multilink bundle-name authenticated
!
!
!
!
!
!
license udi pid CISCO2821 sn FHK1307F1JZ
!
redundancy
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
 no ip address
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
 !
!
interface GigabitEthernet0/0.10
 encapsulation dot1Q 10
 ip address 192.168.10.200 255.255.255.0
!
interface GigabitEthernet0/0.20
 encapsulation dot1Q 20
 ip address 192.168.3.200 255.255.255.0
!
interface GigabitEthernet0/0.30
 encapsulation dot1Q 30
 ip address 192.168.4.200 255.255.255.0
!
interface GigabitEthernet0/1
 ip address 192.168.2.254 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 !
!
ip default-gateway 192.168.5.200
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip route 0.0.0.0 0.0.0.0 110.142.236.228
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1
!
!
!
!
!
!
control-plane
 !
!
!
line con 0
 password tyson987
 login
line aux 0
line vty 0 4
 password tyson987
 login
!
scheduler allocate 20000 1000
end
1个回答

您没有ip nat inside在第 3 层 LAN 接口上进行配置。我也看不到您在哪里定义了要翻译的地址。此外,您不应该像您那样拥有两条默认路由。

例子:

interface GigabitEthernet0/0.10
 ip nat inside
!
interface GigabitEthernet0/0.20
 ip nat inside
!
interface GigabitEthernet0/0.30
 ip nat inside
!
ip nat inside source list 10 interface GigabitEthernet0/1 overload
!
access-list 10 permit 192.168.10.200 0.0.0.255
access-list 10 permit 192.168.3.200 0.0.0.255
access-list 10 permit 192.168.4.200 0.0.0.255
!
其它你可能感兴趣的问题
上一篇ASA 空闲连接超时 60 分钟 下一篇我在 /21 网络上分配什么作为网关?