H3C路由器外网配置
登录

H3C路由器外网配置

OWLSAMA
OWLSAMA
2年前发布
0 8 0
温馨提示:
本文最后更新于2023年10月08日,已超过579天没有更新,若内容或图片失效,请留言反馈。

网络拓扑

image.png

基础配置

更改路由器名称


<h3c>system-view
[h3c]sysname H3C

配置vlan10以及vlan10下的接口

[H3C]vlan 10
[H3C-vlan10]qu
[H3C]interface Vlan-interface 10
[H3C-Vlan-interface10]ip address 192.168.10.1 24
[H3C-Vlan-interface10]qu
[H3C]interface GigabitEthernet 2/0
[H3C-GigabitEthernet2/0]port link-mode bridge 
The configuration of the interface will be restored to the default. Continue? [Y/N]:y
[H3C-GigabitEthernet2/0]port link-type access 
[H3C-GigabitEthernet2/0]port access vlan 10
[H3C-GigabitEthernet2/0]qu
[H3C]interface GigabitEthernet 3/0
[H3C-GigabitEthernet3/0]port link-mode bridge 
The configuration of the interface will be restored to the default. Continue? [Y/N]:y
[H3C-GigabitEthernet3/0]port link-type access 
[H3C-GigabitEthernet3/0]port access vlan 10
[H3C-GigabitEthernet3/0]qu

配置DHCP

[H3C]dhcp enable 
[H3C]dhcp server ip-pool vlan20
[H3C-dhcp-pool-vlan20]network 192.168.20.0 mask 255.255.255.0
[H3C-dhcp-pool-vlan20]gateway-list 192.168.20.1
[H3C-dhcp-pool-vlan20]dns-list 114.114.114.114
[H3C-dhcp-pool-vlan20]expired day 7
[H3C-dhcp-pool-vlan20]address range 192.168.20.20 192.168.20.30
[H3C-dhcp-pool-vlan20]qu
[H3C]dns proxy enable 
[H3C]dhcp server forbidden-ip 192.168.20.25 192.168.20.30

配置vlan20 以及vlan20下的接口

[H3C]vlan 20
[H3C]interface Vlan-interface 20
[H3C-Vlan-interface20]ip address 192.168.20.1 255.255.255.0
[H3C-Vlan-interface20]qu
[H3C]interface GigabitEthernet 4/0
[H3C-GigabitEthernet4/0]port link-mode bridge 
The configuration of the interface will be restored to the default. Continue? [Y/N]:y
[H3C-GigabitEthernet4/0]port link-type access 
[H3C-GigabitEthernet4/0]port access vlan 20
[H3C-GigabitEthernet4/0]qu
[H3C]interface GigabitEthernet 5/0
[H3C-GigabitEthernet5/0]port link-mode bridge 
The configuration of the interface will be restored to the default. Continue? [Y/N]:y
[H3C-GigabitEthernet5/0]port link-type access 
[H3C-GigabitEthernet5/0]port access vlan 20

配置外网

[H3C]interface GigabitEthernet 1/0
[H3C-GigabitEthernet1/0]ip address 192.168.241.111 24 //设置外网ip地址
[H3C-GigabitEthernet1/0]qu
[H3C]ip route-static 0.0.0.0 0.0.0.0 192.168.241.1  //默认路由器配置
[H3C]ping 202.100.96.68
Ping 202.100.96.68 (202.100.96.68): 56 data bytes, press CTRL_C to break
56 bytes from 202.100.96.68: icmp_seq=0 ttl=52 time=33.305 ms
56 bytes from 202.100.96.68: icmp_seq=1 ttl=52 time=32.455 ms
56 bytes from 202.100.96.68: icmp_seq=2 ttl=52 time=32.240 ms
56 bytes from 202.100.96.68: icmp_seq=3 ttl=52 time=33.281 ms
56 bytes from 202.100.96.68: icmp_seq=4 ttl=52 time=32.272 ms

路由器访问域名就配置

[H3C]dns server 114.114.114.114
[H3C]ping baidu.com
Ping baidu.com (39.156.66.10): 56 data bytes, press CTRL_C to break
56 bytes from 39.156.66.10: icmp_seq=0 ttl=48 time=34.576 ms
56 bytes from 39.156.66.10: icmp_seq=1 ttl=48 time=34.424 ms
56 bytes from 39.156.66.10: icmp_seq=2 ttl=48 time=34.379 ms
56 bytes from 39.156.66.10: icmp_seq=3 ttl=48 time=33.744 ms
56 bytes from 39.156.66.10: icmp_seq=4 ttl=48 time=34.336 ms

NAT配置

内网用户通过路由器的nat地址池来访问Internet

[H3C]nat address-group 1 name ChinaNET   //设置nat组
[H3C-address-group-1-ChinaNET]address 192.168.241.111 192.168.241.111 //设置nat地址池
[H3C-address-group-1-ChinaNET]quit
[H3C]acl number 2000 name internet
[H3C-acl-ipv4-basic-2000]rule 0 permit source 192.168.10.0 0.0.0.255 //nat转换地址段
[H3C-acl-ipv4-basic-2000]rule 1 permit source 192.168.20.0 0.0.0.255 
[H3C-acl-ipv4-basic-2000]qu
[H3C]interface GigabitEthernet 1/0
[H3C-GigabitEthernet1/0]nat outbound 2000 address-group 1 //在外网接口加上nat转换

环境测试

路由器默认是不开启路径回显的,所以要通过一下命令开启显示。不然Tracert都是*

[H3C]ip ttl-expires enable
[H3C]ip unreachables enable
[H3C]save force  //保存配置,最后一定要做一下,不然下次启动之前的配置会丢失。

vlan10 内网PC ping和Tracert测试

image.png
image.png

vlan20 内网PC ping和Tracert测试

地址自动获取

image.png
image.png
image.png

© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
默认
喜欢就支持一下吧
点赞 0 分享 收藏
版权属于:OWLSAMA
本文链接:http://owlsama.com:9090/index.php/archives/311/
作品采用署名-非商业性使用-相同方式共享 4.0 国际 (CC BY-NC-SA 4.0)》许可协议授权
评论 抢沙发
OωO
取消