方法一:
創(chuàng)新互聯(lián)自2013年起,先為什邡等服務(wù)建站��,什邡等地企業(yè)����,進(jìn)行企業(yè)商務(wù)咨詢(xún)服務(wù)。為什邡企業(yè)網(wǎng)站制作PC+手機(jī)+微官網(wǎng)三網(wǎng)同步一站式服務(wù)解決您的所有建站問(wèn)題�����。
A. 在object下做nat
object network test
host 100.1.1.3
object network R3
host 192.168.2.1
object network R3
nat (inside,outside) static test service tcp telnet 50000
###############################################################
外網(wǎng)test port 50000映射到內(nèi)網(wǎng) R3 port 23(telnet)����。
###############################################################
ciscoasa(config)# show xlate
1 in use, 3 most used
Flags: D - DNS, i - dynamic, r - portmap, s - static, I - identity, T - twice
TCP PAT from inside:192.168.2.1 23-23 to outside:100.1.1.3 50000-50000
flags sr idle 0:00:06 timeout 0:00:00
###############################################################
B.
object network server
subnet 192.168.2.1 255.255.255.255
object service telnet
service tcp source eq telnet
object network test
host 100.1.1.3
object service 50000
service tcp source eq 50000
nat (inside,outside) source static server test service telnet 50000
###############################################################
此處的 telnet為object的名稱(chēng)。
###############################################################
ciscoasa(config)# show xlate
1 in use, 3 most used
Flags: D - DNS, i - dynamic, r - portmap, s - static, I - identity, T - twice
TCP PAT from inside:192.168.2.1 23-23 to outside:100.1.1.3 50000-50000
flags sr idle 0:03:11 timeout 0:00:00
ciscoasa(config)#
###############################################################
端口23已經(jīng)成功映射50000���。
###############################################################
方法二:范圍映射�。多個(gè)不連續(xù)端口映射,使用如下方法����。
object network test
host 100.1.1.3
object network R3
host 192.168.2.1
object service telnet
service tcp source eq telnet
object service smtp
service tcp source eq smtp
object service 3000-5000
service tcp source range 3000 5000
nat (inside,outside) source static R3 test service telnet telnet
nat (inside,outside) source static R3 test service smtp smtp
nat (inside,outside) source static R3 test service 3000-5000 3000-5000
ciscoasa(config)# show xlate
3 in use, 9 most used
Flags: D - DNS, i - dynamic, r - portmap, s - static, I - identity, T - twice
TCP PAT from inside:192.168.2.1 23-23 to outside:100.1.1.3 23-23
flags sr idle 0:16:33 timeout 0:00:00
TCP PAT from inside:192.168.2.1 25-25 to outside:100.1.1.3 25-25
flags sr idle 0:16:02 timeout 0:00:00
TCP PAT from inside:192.168.2.1 3000-5000 to outside:100.1.1.3 3000-5000
flags sr idle 0:01:58 timeout 0:00:00
ciscoasa(config)#
網(wǎng)站題目:ASA8.4端口映射篇
網(wǎng)站URL:
http://weahome.cn/article/gihjdi.html
重慶分公司
重慶分公司
