内外网接口分别是1/0/7和1/0/8,且都绑定了同一个vpn实例,出接口1/0/8做nat,实现内网用户访问外网服务器
interface GigabitEthernet1/0/7
ip binding vpn-instance yewu
ip address 192.168.1.1 24
#
interface Ten-GigabitEthernet1/0/8
ip binding vpn-instance yewu
ip address 11.10.1.1 24
nat outbound vpn-instance yewu
#
ip route-static vpn-instance yewu 0.0.0.0 0 11.10.1.2
ip route-static vpn-instance yewu 192.168.0.0 16 192.168.1.2
#
security-zone name Trust
import interface GigabitEthernet1/0/7
#
security-zone name Untrust
import interface GigabitEthernet1/0/8
#
rule 10 name yewu
action pass
logging enable
vrf yewu
source-zone Trust
destination-zone Untrust
出接口nat需要绑定vpn实例
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作