1. Test objectives and functions:
1. The internal network device can access the IP of the external network;
2. The external network PC can log in to the telnet of the internal network device.
Second, the device hardware structure
1. 3135 is equivalent to a switch;
2. The eth0, netra and business network ports are connected to 3135 through the internal port.
3. Network configuration
1. Basic network environment configuration
# Set the master network ifconfig eth1 10.13 . 113.230 Netmask 255.255 . 255.0 route the Add default gw 10.13 . 113.254 ifconfig eth0 10.13 . 113.231 Netmask 255.255 . 255.0 route the Add -net 10.13 . 113.0 Netmask 255.255 . 255.0 gw 10.13 . 113.254 dev eth0 ifconfig eth0 : 100 10.40 . 20.1 netmask 255.255 . 255.0 #Configure switch board netra network host_tools -boot 15 1 1 netra ifconfig eth1 10.40.20.150 netmask 255.255.255.0 route add default gw 10.40.20.1
2. NAT configuration (intranet access to external network)
#IP forwarding enable and NIC isolation echo 1 > /proc/sys/net/ipv4/ ip_forward echo 1 > /proc/sys/net/ipv4/conf/all/ arp_ignore #NAT source address translation, address masquerading xtables -multi main4 -t nat -A POSTROUTING -o eth0 - j MASQUERADE #Source address translation, the source address is 10.40.21.15, the destination address is 10.13.113.25 The packet changes the source address to 10.13.113.231 xtables -multi main4 -t nat -A POSTROUTING -s 10.40 . 20.150 -d 10.13 . 113.25 -j SNAT --to-source 10.13 . 113.231 /* ---------- above 2 operations Both internal network access to external network ------------- */
3. NAT configuration - external network access to the internal network (PC secure CRT telnet login netra)
#First change the port of SecureCRT telnet to 50022 #Configure NAT (78460 port configuration) xtables-multi main4 -t nat -A PREROUTING -p tcp --dport 50022 -j DNAT --to-destination 10.40.20.150 #No way, check if port 78460 is open netstat -an #open port nc -lp 22 & xtables -multi main4 -I INPUT -p tcp --dport 50022 -j ACCEPT # Still no way, tlenet modifies the port number (modified in ramdisk, then restarts) /rootfs/etc/service telnet