18
Before configuring the egress router, prepare the following data:
Public IP address: 1.1.1.2/30
Public gateway address: 1.1.1.1
DNS server address: 8.8.8.8
The carrier provides these IP addresses after approving bandwidth service applications.
When configuring a network, use the actual IP addresses provided by the carrier.
Configure IP addresses for egress router interfaces connecting to the intranet and
Internet.
1
[Router] interface GigabitEthernet 0/0/1
[Router -GigabitEthernet0/0/0] ip address 1.1.1.2 30
[Router] interface GigabitEthernet 1/0/0
[Router-GigabitEthernet0/0/1] ip address 10.10.100.2 24
Configure an ACL to allow users on some network segments to access the Internet.
2
[Router] acl 2000
[Router-acl-basic-2000] rule permit source 10.10.10.0 0.0.0.255
[Router-acl-basic-2000] rule permit source 10.10.20.0 0.0.0.255
[Router-acl-basic-2000] rule permit source 10.10.100.0 0.0.0.255
Configure NAT on the interface connecting to the Internet so that intranet users can
access the Internet.
3
[Router] interface GigabitEthernet 0/0/1
[Router-GigabitEthernet0/0/1] nat outbound 2000
Configure a specific route to the intranet and a default static route to the Internet.
4
[Router] ip route-static 10.10.10.0 255.255.255.0 10.10.100.1
[Router] ip route-static 10.10.20.0 255.255.255.0 10.10.100.1
[Router] ip route-static 0.0.0.0 0.0.0.0 1.1.1.1
Configure DNS resolution. The carrier provides the DNS server address.
5
[Router] dns resolve
[Router] dns server 8.8.8.8
[Router] dns proxy enable
Configuring the Egress Router
To Next Page
Loading...
Need help?
General