NAT（その4）

NAT（その4）

NATの設定と検証を「NAT（その1）」～「NAT（その3）」で行いました。

ここでは、各ルータのコンフィグを紹介します。

設定したネットワークは、以下の通りです。

●Router_Aの設定

!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router_A
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
no aaa new-model
memory-size iomem 25
!
ip cef
!
crypto pki trustpoint TP-self-signed-2739943660
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2739943660
 revocation-check none
 rsakeypair TP-self-signed-2739943660
!
crypto pki certificate chain TP-self-signed-2739943660
 certificate self-signed 01
  30820240 308201A9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 32373339 39343336 3630301E 170D3032 30333031 31363139
  32375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 37333939
  34333636 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100BC4A 0528D3AC 16211608 A647D349 70E7DEBB 97640F6D 96849B6C 271E048D
  C4B75A96 0667039F E980E37F 951F490C 45BE8019 FD578424 5C82F063 22CF60F9
  2CA90997 2B19A8F0 CD45F198 57BE15AB 9B8813D7 79373EF4 CC0CD6E8 6AB82C15
  0CFC1D5E 03E0E5C1 DBF7CC5E 53ABB231 6EB8045F DFF97264 06378273 3783883D
  23630203 010001A3 68306630 0F060355 1D130101 FF040530 030101FF 30130603
  551D1104 0C300A82 08526F75 7465725F 41301F06 03551D23 04183016 8014C04E
  ED17B8F7 E234694B FDAEBB92 7C789BB3 ED6A301D 0603551D 0E041604 14C04EED
  17B8F7E2 34694BFD AEBB927C 789BB3ED 6A300D06 092A8648 86F70D01 01040500
  03818100 A5B33C38 84F00E07 5C922C94 A18DCA48 69983B8C 2D192BC8 FE1909CA
  66759014 31EC174C 42384838 760F54F8 219024B3 5D061D4E ACB851E6 5421BAC6
  B498A6B7 58508C9A F1EC1B26 EB686F7E E8762F5D 0970311D 91CAFF98 114C2DCC
  F51AE734 ECE408FC 588CCB29 EB4B6484 15A10E55 E15A450C 35A099CB 42BD54EA E3DB771C
  quit
username ccnaccnp privilege 15 secret 5 ccnaccnp
!
interface Ethernet0
 description $ETH-LAN$
 ip address 200.200.200.1 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 half-duplex
!
interface FastEthernet0
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 speed auto
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
ip nat inside source list 1 interface Ethernet0 overload
!
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
!
control-plane
!
line con 0
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet
!
end

●Router_Bの設定

!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router_B
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
no aaa new-model
memory-size iomem 25
!
ip cef
!
crypto pki trustpoint TP-self-signed-3359589021
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3359589021
 revocation-check none
 rsakeypair TP-self-signed-3359589021
!
crypto pki certificate chain TP-self-signed-3359589021
 certificate self-signed 01
  30820240 308201A9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33333539 35383930 3231301E