! 配置外网接口
interface GigabitEthernet0/0
description Internet Connection
ip address <外网IP地址> <子网掩码>
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto

! 配置内网接口
interface GigabitEthernet0/1
description Internal Network
ip address <内网IP地址> <子网掩码>
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto

! 配置DHCP
ip dhcp pool LAN
network <内网网段>
default-router <内网网关地址>
dns-server <DNS服务器地址>
lease 1 0 0

! 配置NAT
ip nat inside source list NAT interface GigabitEthernet0/0 overload

! 配置默认路由
ip route 0.0.0.0 0.0.0.0 <外网默认路由IP地址>

! 配置防火墙规则
access-list 101 permit ip any any
access-list 101 permit icmp any any echo-reply
access-list 101 deny ip any any log

! 将防火墙规则应用于外网接口
interface GigabitEthernet0/0
ip access-group 101 in