概述：

NAT是指网络地址转换,指内网地址访问外网,私网地址访问公网等。

• 静态NAT:内部网络的私有IP地址转换为公有IP地址，IP地址对是一对一的，是一成不变的。
• 动态NAT：内部网络的私有IP地址转换为公用IP地址时，IP地址是不确定的，是随机的，所有被授权访问上Internet的私有IP地址可随机转换为任何指定的合法IP地址。
• Easy ip NAT（基于接口）

实验拓扑图如下：

• R1模拟出口路由器
• ISP模拟运营商
• LSW1此处为空配
• PC1-3为局域网内的电脑

ISP配置

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysna ISP
[ISP]undo in en
Info: Information center is disabled.
[ISP]int g0/0/0
[ISP-GigabitEthernet0/0/0]ip ad 181.160.11.200 24
[ISP-GigabitEthernet0/0/0]

静态NAT：

R1配置

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysn R1
[R1]undo in en
Info: Information center is disabled.
[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]ip ad 172.16.10.254 24
[R1-GigabitEthernet0/0/0]q
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip ad 181.160.11.100 24
[R1-GigabitEthernet0/0/1]nat static global 181.160.11.11 inside 172.16.10.11 netmask 255.255.255.255
[R1-GigabitEthernet0/0/0]nat static enable

验证

动态NAT：

R1配置

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysna R1
[R1]undo in en
Info: Information center is disabled.
[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]ip ad 172.16.10.254 24
[R1-GigabitEthernet0/0/1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip ad 181.160.11.100 24
[R1-GigabitEthernet0/0/0]q
[R1]nat address-group 1 181.160.11.11 181.160.11.21
[R1]acl 2001
[R1-acl-basic-2001]rule 1 permit source 172.16.10.0 0.0.0.255
[R1-acl-basic-2001]rule 2 deny source any
[R1-acl-basic-2001]int g0/0/0
[R1-GigabitEthernet0/0/0]nat outbound 2001 address-group 1

验证：

Easy ip NAT：

R1配置

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysna R1
[R1]undo in en
Info: Information center is disabled.
[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]ip ad 172.16.10.254 24
[R1-GigabitEthernet0/0/1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip ad 181.160.11.100 24
[R1-GigabitEthernet0/0/0]q
[R1]acl 2001
[R1-acl-basic-2001]rule 1 permit source 172.16.10.0 0.0.0.255
[R1-acl-basic-2001]rule 2 deny source any

验证