外網用戶遠程控制內部網絡設備 SW1,用eNSP模擬內外網簡易模式,新建拓撲如下
思路:
1.配置SW1的telnet服務,賬號,密碼;
2.配置SW1的管理IP和默認路由;
3.配置R1的easy IP和NAT server;
4.在R2通過telnet驗證;
步驟:
Sw1:
[sw1]vl 10
[sw1-vlan10]q
[sw1]port-group group-member g0/0/1 to g0/0/3
[sw1-port-group]port link-type access
[sw1-port-group]port default vlan 10
[sw1-port-group]q
[sw1]user-interface vty 0 4
[sw1-ui-vty0-4]user privilege level 3
[sw1-ui-vty0-4]authentication-mode aaa
[sw1-ui-vty0-4]aaa
[sw1-aaa]local-user 123 password cipher 666
[sw1-aaa]local-user 123 service-type telnet
[sw1-aaa]int vl 10
[sw1-Vlanif10]ip add 192.168.10.100 24
[sw1-Vlanif10]q
[sw1]ip route-static 0.0.0.0 0.0.0.0 192.168.10.254
Ar1:
[ar1]acl 2000
[ar1-acl-basic-2000]rule 10 permit source 192.168.10.0 0.0.0.255
[ar1-acl-basic-2000]int g0/0/1
[ar1-GigabitEthernet0/0/1]nat outbound 2000
[ar1-GigabitEthernet0/0/1]nat server protocol tcp global 100.1.1.10 2587 inside
192.168.10.100 23
Ar2:
<ar2>telnet 100.1.1.10 2587