Cisco | NAT-Pool Route-MAP Sekenario-2

 

 Konfig di Router R1

hostname R1
interface GigabitEthernet0/1
 ip address 192.168.0.254 255.255.255.0
 ip nat inside
 no shut
 exit

interface GigabitEthernet0/0
 ip address 10.0.1.1 255.255.255.0
 ip nat outside
 no shut
 exit

interface GigabitEthernet0/2
 ip address 10.0.2.1 255.255.255.0
 ip nat outside
 no shut
 exit

ip nat pool NPOOL-TEST_01 10.0.1.10 10.0.1.10 netmask 255.255.255.0
ip nat inside source route-map RMAP-NAT-TEST_01 pool NPOOL-TEST_01 overload

ip access-list extended ACL_WAN_123.1.1.xx
 permit ip host 192.168.0.12 host 123.1.1.10
 permit ip host 123.1.1.10 host 192.168.0.12
 exit

route-map RMAP-NAT-TEST_01 permit 10
 match ip address ACL_WAN_123.1.1.xx
 match interface GigabitEthernet0/0
exit

ip nat pool NPOOL-TEST_02 10.0.2.10 10.0.2.10 netmask 255.255.255.0
ip nat inside source route-map RMAP-NAT-TEST_02 pool NPOOL-TEST_02 overload

ip access-list extended ACL_WAN_123.1.2.xx
 permit ip host 192.168.0.12 host 123.1.2.10
 permit ip host 123.1.2.10 host 192.168.0.12
  exit

route-map RMAP-NAT-TEST_02 permit 20
 match ip address ACL_WAN_123.1.2.xx
 match interface GigabitEthernet0/2
exit

ip route 123.1.1.10 255.255.255.255 10.0.1.2 name route_to_123.1.1.10
ip route 123.1.2.10 255.255.255.255 10.0.2.2 name route_to_123.1.2.10

 Verifkasi:
test akses (ping) ke IP_server 192.168.0.12, namun yg  tembak adalah IP NAT-nya yt IP 10.0.1.10 dan 10.0.2.10

 

 

 

 

 

 

Berbagi :