本地不能访问公网映射地址
- 0关注
- 0收藏,252浏览
问题描述:
h3c路由器配置后能上网,做了端口映射,外部网可以访问内网服务器(公网地址),但是在本地用外网的地址访问不了服务器(公网地址)。
配置如下:
#
version 7.1.064, Release 0615P13
#
sysname H3C
#
clock timezone Lisbon add 00:00:00
clock protocol none
#
dhcp enable
dhcp server always-broadcast
#
dns proxy enable
#
password-recovery enable
#
vlan 1
#
dhcp server ip-pool GigabitEthernet0/1
gateway-list 172.10.10.254
network 172.10.10.0 mask 255.255.255.0
address range 172.10.10.10 172.10.10.250
dns-list 202.103.24.68 114.114.114.114
#
dhcp server ip-pool lan1
gateway-list 192.168.0.1
network 192.168.0.0 mask 255.255.254.0
address range 192.168.1.2 192.168.1.254
dns-list 192.168.0.1
#
controller Cellular0/0
#
controller Cellular0/1
#
interface Aux0
#
interface NULL0
#
interface GigabitEthernet0/0
port link-mode route
combo enable copper
ip address 192.168.0.1 255.255.254.0
tcp mss 1280
#
interface GigabitEthernet0/1
port link-mode route
ip address 172.10.10.254 255.255.255.0
#
interface GigabitEthernet0/2
port link-mode route
description Multiple_Line
ip address 10.10.10.254 255.255.255.240
dns server 202.103.24.68
nat outbound
nat server protocol tcp global 10.10.10.254 554 inside 172.10.10.253 554
nat server protocol tcp global 10.10.10.254 655 inside 172.10.10.253 655
nat server protocol tcp global 10.10.10.254 1443 inside 172.10.10.253 443
nat server protocol tcp global 10.10.10.254 6200 inside 172.10.10.253 6200
nat server protocol tcp global 10.10.10.254 6202 inside 172.10.10.253 6202
nat server protocol tcp global 10.10.10.254 6204 inside 172.10.10.253 6204
nat server protocol tcp global 10.10.10.254 6304 inside 172.10.10.253 6304
nat server protocol tcp global 10.10.10.254 7024 inside 172.10.10.253 7024
nat server protocol tcp global 10.10.10.254 7031 inside 172.10.10.253 7031
nat server protocol tcp global 10.10.10.254 7033 inside 172.10.10.253 7033
nat server protocol tcp global 10.10.10.254 7040 7090 inside 172.10.10.253 7040 7090
nat server protocol tcp global 10.10.10.254 7091 inside 172.10.10.253 7091
nat server protocol tcp global 10.10.10.254 7092 7097 inside 172.10.10.253 7092 7097
nat server protocol tcp global 10.10.10.254 7301 inside 172.10.10.253 7301
nat server protocol tcp global 10.10.10.254 7302 inside 172.10.10.253 7302
nat server protocol tcp global 10.10.10.254 7660 inside 172.10.10.253 7660
nat server protocol tcp global 10.10.10.254 8338 inside 172.10.10.253 8338
nat server protocol tcp global 10.10.10.254 8508 inside 172.10.10.253 8508
nat server protocol tcp global 10.10.10.254 9000 inside 172.10.10.253 9000
nat server protocol tcp global 10.10.10.254 9100 inside 172.10.10.253 9100
nat server protocol tcp global 10.10.10.254 9200 inside 172.10.10.253 9200
nat server protocol tcp global 10.10.10.254 9308 inside 172.10.10.253 9308
nat server protocol tcp global 10.10.10.254 9320 inside 172.10.10.253 9320
nat server protocol tcp global 10.10.10.254 15000 16999 inside 172.10.10.253 15000 16999
nat server protocol tcp global 10.10.10.254 17000 inside 172.10.10.253 17000
nat server protocol tcp global 10.10.10.254 55555 inside 172.10.10.253 55555
nat server protocol udp global 10.10.10.254 7040 7097 inside 172.10.10.253 7040 7097
nat server protocol udp global 10.10.10.254 8338 inside 172.10.10.253 8338
nat server protocol udp global 10.10.10.254 9000 inside 172.10.10.253 9000
nat server protocol udp global 10.10.10.254 15000 16999 inside 172.10.10.253 15000 16999
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line aux 0
user-role network-admin
#
line vty 0 63
authentication-mode scheme
user-role network-operator
#
ip route-static 0.0.0.0 0 GigabitEthernet0/2 10.10.10.254
#
password-control enable
undo password-control aging enable
undo password-control history enable
password-control length 6
password-control login-attempt 3 exceed lock-time 10
password-control update-interval 0
password-control login idle-time 0
password-control complexity user-name check
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user admin class manage
service-type telnet http
authorization-attribute user-role network-admin
#
ip http enable
#
wlan global-configuration
#
wlan ap-group default-group
#
return
请大神帮忙看看!谢谢
组网及组网描述:
h3c路由器配置后能上网,做了端口映射,外部网可以访问内网服务器(公网地址),但是在本地用外网的地址访问不了服务器(公网地址)。
请大神帮忙看看!谢谢
- 2025-03-05提问
- 举报
-
(0)
0口配置nat hairpin
- 2025-03-05回答
- 评论(1)
- 举报
-
(0)
他这里内网口应该是1口,不是0口。
他这里内网口应该是1口,不是0口。
编辑答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明