论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2007-10-12 21:34 |只看该作者 |倒序浏览

为什么我 201.200.200.73-201.200.200.78上不了网呀?  是不是地址池满了呢? 只可以27个人上网,有什么方法可以让更多的IP上外网吗?
配置我贴出来了  帮我看看呀  谢谢了  !!!!!
PIX Version 4.4(4)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname interfirewall
fixup protocol ftp 21
fixup protocol http 80
fixup protocol smtp 25
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol sqlnet 1521
names
pager lines 24
no logging timestamp
no logging console
no logging monitor
no logging buffered
no logging trap
logging facility 20
logging queue 512
interface ethernet0 auto
interface ethernet1 auto
mtu outside 1500
mtu inside 1500
ip address outside 61.237.253.189 255.255.255.224
ip address inside 201.200.200.30 255.255.255.0
no failover
failover timeout 0:00:00
failover ip address outside 0.0.0.0
failover ip address inside 0.0.0.0
arp timeout 14400
global (outside) 1 61.237.253.161-61.237.253.188
nat (inside) 1 201.200.200.2 255.255.255.255 0 0
nat (inside) 1 201.200.200.3 255.255.255.255 0 0
nat (inside) 1 201.200.200.4 255.255.255.255 0 0
nat (inside) 1 201.200.200.5 255.255.255.255 0 0
nat (inside) 1 201.200.200.6 255.255.255.255 0 0
nat (inside) 1 201.200.200.7 255.255.255.255 0 0
nat (inside) 1 201.200.200.8 255.255.255.255 0 0
nat (inside) 1 201.200.200.9 255.255.255.255 0 0
nat (inside) 1 201.200.200.10 255.255.255.255 0 0
nat (inside) 1 201.200.200.11 255.255.255.255 0 0
nat (inside) 1 201.200.20
nat (inside) 1 201.200.200.13 255.255.255.255 0 0
nat (inside) 1 201.200.200.14 255.255.255.255 0 0
nat (inside) 1 201.200.200.15 255.255.255.255 0 0
nat (inside) 1 201.200.200.16 255.255.255.255 0 0
nat (inside) 1 201.200.200.17 255.255.255.255 0 0
nat (inside) 1 201.200.200.18 255.255.255.255 0 0
nat (inside) 1 201.200.200.40 255.255.255.255 0 0
nat (inside) 1 201.200.200.41 255.255.255.255 0 0
nat (inside) 1 201.200.200.42 255.255.255.255 0 0
nat (inside) 1 201.200.200.70 255.255.255.255 0 0
nat (inside) 1 201.200.200.71 255.255.255.255 0 0
nat (inside) 1 201.200.200.72 255.255.255.255 0 0
nat (inside) 1 201.200.200.73 255.255.255.255 0 0
nat (inside) 1 201.200.200.74 255.255.255.255 0 0
nat (inside) 1 201.200.200.75 255.255.255.255 0 0
nat (inside) 1 201.200.200.76 255.255.255.255 0 0
nat (inside) 1 201.200.200.77 255.255.255.255 0 0
nat (inside) 1 201.200.200.78 255.255.255.255 0 0
nat (inside) 1 201.200.200.79 255.255.255.255 0 0
nat (inside) 1 201.200.200.80 255.255.255.255 0 0
nat (inside) 1 201.200.200.81 255.255.255.255 0 0
nat (inside) 1 201.200.200.82 255.255.255.255 0 0
nat (inside) 1 201.200.200.83 255.255.255.255 0 0
nat (inside) 1 201.200.200.84 255.255.255.255 0 0
nat (inside) 1 201.200.200.85 255.255.255.255 0 0
nat (inside) 1 201.200.200.86 255.255.255.255 0 0
nat (inside) 1 201.200.200.87 255.255.255.255 0 0
nat (inside) 1 201.200.200.94 255.255.255.255 0 0
nat (inside) 1 201.200.200.95 255.255.255.255 0 0
conduit permit icmp any any
no rip outside passive
no rip outside de
no rip inside passive
no rip inside default
route outside 0.0.0.0 0.0.0.0 61.237.253.190 1
timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00
timeout rpc 0:10:00 h323 0:05:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
telnet timeout 5
terminal width 80
Cryptochecksum:3a3e209e0919c9073608fb6131e468b9

文库|博客

kissyou_148

白手起家

论坛徽章:: 0

2楼 [报告]

发表于 2007-10-13 12:53 |只看该作者

回复 #1 kissyou_148 的帖子

怎么没人呀！！！自己来顶下！！是PIX525防火墙为什么nat (inside) 1 201.200.200.75 255.255.255.255 0 0
nat (inside) 1 201.200.200.76 255.255.255.255 0 0
nat (inside) 1 201.200.200.77 255.255.255.255 0 0
nat (inside) 1 201.200.200.78 255.255.255.255 0 0
nat (inside) 1 201.200.200.79 255.255.255.255 0 0
nat (inside) 1 201.200.200.80 255.255.255.255 0 0
nat (inside) 1 201.200.200.81 255.255.255.255 0 0
nat (inside) 1 201.200.200.82 255.255.255.255 0 0
nat (inside) 1 201.200.200.83 255.255.255.255 0 0
nat (inside) 1 201.200.200.84 255.255.255.255 0 0
nat (inside) 1 201.200.200.85 255.255.255.255 0 0
nat (inside) 1 201.200.200.86 255.255.255.255 0 0
这几个不能上网呀！！！！

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

w007g

稍有积蓄

论坛徽章:: 0

3楼 [报告]

发表于 2007-10-14 01:14 |只看该作者

global (outside) 1 61.237.253.161-61.237.253.188
这里面只有27个
试试用global (outside) 1 61.237.253.161-61.237.253.187
global (outside) 1 61.237.253.188

[ 本帖最后由 w007g 于 2007-10-14 13:27 编辑 ]

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

kissyou_148

白手起家

论坛徽章:: 0

4楼 [报告]

发表于 2007-10-14 19:10 |只看该作者

试试用global (outside) 1 61.237.253.161-61.237.253.187
global (outside) 1 61.237.253.188
问下这个和 global (outside) 1 61.237.253.161-61.237.253.188
有什么区别吗？还有有没有什么方法可以公用一个IP上网呢

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

w007g

稍有积蓄

论坛徽章:: 0

5楼 [报告]

发表于 2007-10-14 21:31 |只看该作者

global (outside) 1 61.237.253.188
就是共用一个IP,用的是PAT

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

kissyou_148

白手起家

论坛徽章:: 0

6楼 [报告]

发表于 2007-10-15 16:58 |只看该作者

xiexie 大哥 !!!

在本例中， ISP再提供网络管理器以地址范围从 199.199.199.1 - 199.199.199.63为他的公司的使用。网络管理器在互联网路由器在他的PIX决定为内部接口使用 199.199.199.1和199.199.199.2 为外部接口。如此，我们留下与199.199.199.3 - 199.199.199.62给使用为我们的NAT池。然而，网络管理器知道，随时，他也许有超过60 个人设法出去PIX，因此他决定采取199.199.199.62 和做它PAT地址以便多个用户能同时共享一个地址。

是你那个命令哦, 呵呵谢谢了
global (outside) 1 199.199.199.3-199.199.199.61 netmask 255.255.255.192
global (outside) 1 199.199.199.62 netmask 255.255.255.192
nat (inside) 1 0.0.0.0 0.0.0.0 0 0

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

返回列表

Chinaunix › 论坛 › IT运维 › 网络技术 › 高手来给我看看是什么问题呀

高手来给我看看是什么问题呀 [复制链接]

回复 #1 kissyou_148 的帖子

xiexie 大哥 !!!

浏览过的版块