{"id":1566,"date":"2025-11-16T16:16:41","date_gmt":"2025-11-16T07:16:41","guid":{"rendered":"https:\/\/mylifeisbeautiful555.net\/?page_id=1566"},"modified":"2025-11-17T08:05:21","modified_gmt":"2025-11-16T23:05:21","slug":"cisco-asa%e3%81%aenat%e8%a8%ad%e5%ae%9a","status":"publish","type":"page","link":"https:\/\/mylifeisbeautiful555.net\/?page_id=1566","title":{"rendered":"cisco ASA\u306eNAT\u8a2d\u5b9a"},"content":{"rendered":"\n<p>Cisco ASA\u3067\u306f\u3001NAT\uff08Network Address Translation\uff09\u3092\u4f7f\u3063\u3066<br><strong>\u5185\u90e8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u3068\u5916\u90e8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306eIP\u30a2\u30c9\u30ec\u30b9\u3092\u5909\u63db<\/strong> \u3057\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u30d0\u30fc\u30b8\u30e7\u30f3 8.3 \u4ee5\u964d\u306f\u3001NAT\u8a2d\u5b9a\u304c\u300c\u30aa\u30d6\u30b8\u30a7\u30af\u30c8\u30d9\u30fc\u30b9\u300d\u3067\u7d71\u4e00\u3055\u308c\u3066\u304a\u308a\u3001<br>\u4e3b\u306b\u4ee5\u4e0b\u306e3\u30bf\u30a4\u30d7\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>NAT\u30bf\u30a4\u30d7<\/th><th>\u6982\u8981<\/th><th>\u4ee3\u8868\u30b3\u30de\u30f3\u30c9\u4f8b<\/th><\/tr><\/thead><tbody><tr><td><strong>\u9759\u7684NAT (Static NAT)<\/strong><\/td><td>\u5185\u90e8\u3068\u5916\u90e8\u30921\u5bfe1\u3067\u56fa\u5b9a\u5909\u63db<\/td><td><code>nat (inside,outside) static ...<\/code><\/td><\/tr><tr><td><strong>\u52d5\u7684NAT (Dynamic NAT)<\/strong><\/td><td>\u5185\u90e8\u2192\u5916\u90e8\u3092\u52d5\u7684\u306b\u5909\u63db\uff08\u8907\u6570\u306e\u5185\u90e8IP\u304c\u3001\u30d7\u30fc\u30eb\u5185\u306e\u30b0\u30ed\u30fc\u30d0\u30ebIP\u3092\u52d5\u7684\u306b\u4f7f\u7528\uff09<\/td><td><code>nat (inside,outside) dynamic ...<\/code><\/td><\/tr><tr><td><strong>PAT (Port Address Translation)<\/strong><\/td><td>\u8907\u6570\u306e\u5185\u90e8IP\u30921\u3064\u306e\u30b0\u30ed\u30fc\u30d0\u30ebIP\u3067\u5909\u63db<\/td><td><code>nat (inside,outside) dynamic interface<\/code><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">1. PAT\u8a2d\u5b9a\uff08\u6700\u3082\u4e00\u822c\u7684\uff09<\/h2>\n\n\n\n<p>\u591a\u6570\u306e\u5185\u90e8\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304c1\u3064\u306e\u30b0\u30ed\u30fc\u30d0\u30ebIP\u3092\u5171\u6709\u3059\u308b\u5834\u5408\u306e\u8a2d\u5b9a\u3067\u3059\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># \u5185\u90e8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306e\u5b9a\u7fa9\nobject network INSIDE-NET\n subnet 192.168.1.0 255.255.255.0\n  # NAT\u8a2d\u5b9a\uff08inside\u2192outside\uff09\n nat (inside,outside) dynamic interface<\/code><\/pre>\n\n\n\n<p>&#x2705; \u610f\u5473\uff1a<br>\u5185\u90e8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af(192.168.1.0\/24)\u3092\u5916\u90e8\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u306eIP\u30a2\u30c9\u30ec\u30b9\u306b\u5909\u63db\u3057\u3066\u901a\u4fe1\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u5b9f\u969b\u306e PAT\u52d5\u4f5c\u4f8b<\/h3>\n\n\n\n<p>\u5185\u90e8\u7aef\u672b\uff08192.168.1.10\uff09\u304c\u5916\u90e8\u3078\u30a2\u30af\u30bb\u30b9\u3059\u308b\u3068:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Before NAT<\/th><th>After NAT<\/th><\/tr><\/thead><tbody><tr><td>192.168.1.10:50000<\/td><td>203.0.113.5:30000<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><code>203.0.113.5<\/code> \u306f outside IF \u306e IP \u3067\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">2. \u9759\u7684NAT\uff081\u5bfe1\u5909\u63db\uff09<\/h2>\n\n\n\n<p>\u7279\u5b9a\u306e\u30b5\u30fc\u30d0\u3092\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u516c\u958b\u3057\u305f\u3044\u5834\u5408\u306b\u4f7f\u7528\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>object network WEB-SERVER\n host 192.168.1.100\n nat (inside,outside) static 203.0.113.10\n<\/code><\/pre>\n\n\n\n<p>&#x2705; \u610f\u5473\uff1a<br>\u5185\u90e8 192.168.1.100 \u21d4 \u5916\u90e8 203.0.113.10<br>\u53cc\u65b9\u5411\u30671\u5bfe1\u306b\u5909\u63db\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">3. \u30dd\u30fc\u30c8\u30d5\u30a9\u30ef\u30fc\u30c7\u30a3\u30f3\u30b0\uff08\u7279\u5b9a\u30dd\u30fc\u30c8\u3060\u3051\u8ee2\u9001\uff09<\/h2>\n\n\n\n<p>Web\u30b5\u30fc\u30d0\uff08TCP\/80\uff09\u306a\u3069\u3001\u7279\u5b9a\u30dd\u30fc\u30c8\u3060\u3051\u5916\u90e8\u516c\u958b\u3057\u305f\u3044\u5834\u5408\uff1a<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>object network WEB-SERVER\n host 192.168.1.100\n nat (inside,outside) static interface service tcp 80 80\n<\/code><\/pre>\n\n\n\n<p>&#x2705; \u610f\u5473\uff1a<br>\u5916\u90e8IP\uff08outside\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\uff09:80 \u2192 \u5185\u90e8192.168.1.100:80\u3078\u8ee2\u9001\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">4. \u52d5\u7684NAT\uff08\u30b0\u30ed\u30fc\u30d0\u30ebIP\u30d7\u30fc\u30eb\u4f7f\u7528\uff09<\/h2>\n\n\n\n<p>\u8907\u6570\u306e\u30b0\u30ed\u30fc\u30d0\u30ebIP\u3092\u6301\u3061\u3001\u5185\u90e8\u7aef\u672b\u3054\u3068\u306b\u52d5\u7684\u5272\u5f53\u3059\u308b\u5834\u5408\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>object network INSIDE-NET\n subnet 192.168.1.0 255.255.255.0\n\nobject network PUBLIC-POOL\n range 203.0.113.10 203.0.113.20\n\nnat (inside,outside) dynamic PUBLIC-POOL<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">NAT\u30eb\u30fc\u30eb\u306e\u8a55\u4fa1\u9806\u5e8f\uff083\u30bb\u30af\u30b7\u30e7\u30f3\uff09<\/h2>\n\n\n\n<p>ASA\u3067\u306fNAT\u30eb\u30fc\u30eb\u304c**3\u6bb5\u968e\uff08\u30bb\u30af\u30b7\u30e7\u30f3\uff09**\u3067\u8a55\u4fa1\u3055\u308c\u307e\u3059\u3002<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u512a\u5148\u5ea6<\/th><th>NAT\u30bf\u30a4\u30d7<\/th><th>\u8aac\u660e<\/th><\/tr><\/thead><tbody><tr><td>1<\/td><td>Manual NAT\uff08Section 1\uff09<\/td><td>\u9ad8\u5ea6\u306a\u5236\u5fa1\u7528\u3001ACL\u4f75\u7528\u53ef<\/td><\/tr><tr><td>2<\/td><td>Auto NAT\uff08Section 2\uff09<\/td><td>\u30aa\u30d6\u30b8\u30a7\u30af\u30c8NAT\uff08\u6700\u3082\u4e00\u822c\u7684\uff09<\/td><\/tr><tr><td>3<\/td><td>After-auto NAT\uff08Section 3\uff09<\/td><td>Auto NAT\u5f8c\u306b\u8a55\u4fa1<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">NAT\u306e\u52d5\u4f5c\u78ba\u8a8d\u30b3\u30de\u30f3\u30c9<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u30b3\u30de\u30f3\u30c9<\/th><th>\u5185\u5bb9<\/th><\/tr><\/thead><tbody><tr><td><code>show nat<\/code><\/td><td>\u8a2d\u5b9a\u3055\u308c\u305fNAT\u30eb\u30fc\u30eb\u3092\u78ba\u8a8d<\/td><\/tr><tr><td><code>show xlate<\/code><\/td><td>\u5b9f\u969b\u306e\u5909\u63db\u30c6\u30fc\u30d6\u30eb\uff08NAT\u30bb\u30c3\u30b7\u30e7\u30f3\uff09\u3092\u78ba\u8a8d<\/td><\/tr><tr><td><code>clear xlate<\/code><\/td><td>\u5909\u63db\u30c6\u30fc\u30d6\u30eb\u3092\u30af\u30ea\u30a2\uff08NAT\u518d\u8a55\u4fa1\u6642\u306b\u4f7f\u7528\uff09<\/td><\/tr><tr><td><code>packet-tracer input inside tcp 192.168.1.10 12345 8.8.8.8 80<\/code><\/td><td>\u4eee\u60f3\u30c8\u30ec\u30fc\u30b9\u3067NAT\u30fbACL\u52d5\u4f5c\u78ba\u8a8d<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">\u6ce8\u610f\u70b9<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>NAT\u3060\u3051\u3067\u306f\u901a\u4fe1\u306f\u6210\u7acb\u3057\u307e\u305b\u3093\u3002<strong>ACL (access-list)<\/strong> \u3067\u5916\u90e8\u901a\u4fe1\u3092\u8a31\u53ef\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/li>\n\n\n\n<li>\u540c\u4e00\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u5185\u3067\u306eNAT\u901a\u4fe1\uff08Hairpin NAT\uff09\u306b\u306f\u5225\u9014\u8a2d\u5b9a\u304c\u5fc5\u8981\u3067\u3059\u3002<\/li>\n\n\n\n<li>VPN\u901a\u4fe1\u3092\u4f75\u7528\u3059\u308b\u5834\u5408\u3001NAT\u9664\u5916\u30eb\u30fc\u30eb\u3092\u5b9a\u7fa9\u3057\u307e\u3059\u3002<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Cisco ASA\u3067\u306f\u3001NAT\uff08Network Address Translation\uff09\u3092\u4f7f\u3063\u3066\u5185\u90e8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u3068\u5916\u90e8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306eIP\u30a2\u30c9\u30ec\u30b9\u3092\u5909\u63db \u3057\u307e\u3059\u3002 \u30d0\u30fc\u30b8\u30e7\u30f3 8.3 \u4ee5\u964d\u306f\u3001NAT\u8a2d\u5b9a\u304c\u300c\u30aa\u30d6\u30b8\u30a7\u30af\u30c8\u30d9\u30fc [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-1566","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/pages\/1566","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1566"}],"version-history":[{"count":2,"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/pages\/1566\/revisions"}],"predecessor-version":[{"id":1572,"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/pages\/1566\/revisions\/1572"}],"wp:attachment":[{"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1566"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}