Config 887VA e Alice ADSL 7 mega

Configurazioni per connettività ADSL, ISDN e switch per privati e piccole network

Moderatore: Federico.Lagni

Rispondi
fulviobz
Cisco fan
Messaggi: 30
Iscritto il: sab 25 feb , 2012 4:14 pm

Acquistato pochi giorni fa (perche il mio vecchio 877 si impalla o crasha regolarmente)
posto la mia prima configurazione funzionante;
se qualcuno vede errori o migliorie non esiti a scrivere :mrgreen: ;

IOS Software: c880data-universalk9-mz.153-3.M.bin
DSL Firmware: VA_A_38k1_B_38h_24g1.bin
SERVIZI: ssh, ntp, dns, dhcp, ipv6

Codice: Seleziona tutto

version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname cisco
!
boot-start-marker
boot-end-marker
!
!
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local 
!
!
!
!
!
aaa session-id common
memory-size iomem 10
clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
!
!
!
!
!
!
!
ip dhcp excluded-address 10.100.1.1 10.100.1.199
ip dhcp excluded-address 10.100.1.230 10.100.1.254
!
ip dhcp pool lan
 import all
 network 10.100.1.0 255.255.255.0
 domain-name lan
 dns-server 10.100.1.15 
 default-router 10.100.1.15 
 lease 0 0 5
!
!
!
ip domain name lan
ip inspect name IP_INSPECT tcp
ip inspect name IP_INSPECT udp
ip inspect name IP_INSPECT ftp
ip ddns update method no-ip
 HTTP
  add http://XXXX:[email protected]/nic/update?hostname=<h>&myip=<a>
  remove http://XXXX:[email protected]/nic/update?hostname=<h>&myip=<a>
 interval maximum 28 0 0 0
!
ip cef
ipv6 unicast-routing
ipv6 cef
ipv6 inspect name IPV6_INSPECT tcp
ipv6 inspect name IPV6_INSPECT udp
ipv6 inspect name IPV6_INSPECT icmp
ipv6 inspect name IPV6_INSPECT ftp
!
!
multilink bundle-name authenticated
license udi pid CISCO887VA-SEC-K9 sn XXXXXXXXXXXXXX
!
!
username ADMIN privilege 15 secret 4 XXXXXXXXXXXXXXXXX
!
!
!
!
!
controller VDSL 0
 firmware filename flash:VA_A_38k1_B_38h_24g1.bin
!
! 
!
!
!
!
!
!
!
!
interface Ethernet0
 no ip address
 shutdown
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
 pvc 8/35 
  pppoe-client dial-pool-number 1
 !
!
interface FastEthernet0
 no ip address
!
interface FastEthernet1
 no ip address
!
interface FastEthernet2
 no ip address
!
interface FastEthernet3
 no ip address
!
interface Vlan1
 ip address 10.100.1.15 255.255.255.0
 ip access-group 100 in
 ip nat inside
 ip virtual-reassembly in
 ipv6 address NODE-PD ::1/64
 ipv6 enable
 ipv6 traffic-filter IPv6-LAN out
!
interface Dialer0
 ip ddns update hostname XXXXXX.ddns.net
 ip ddns update no-ip
 ip address negotiated
 ip access-group 101 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1462
 ip nat outside
 ip inspect IP_INSPECT out
 ip virtual-reassembly in
 encapsulation ppp
 ip tcp adjust-mss 1422
 dialer pool 1
 dialer-group 1
 ipv6 address FE80::1 link-local
 ipv6 address autoconfig
 ipv6 enable
 ipv6 mtu 1280
 ipv6 verify unicast reverse-path
 ipv6 dhcp client pd NODE-PD rapid-commit
 ipv6 inspect IPV6_INSPECT out
 ipv6 traffic-filter IPv6-FW in
 ipv6 virtual-reassembly in
 ppp authentication chap callin
 ppp chap hostname [email protected]
 ppp chap password 0 IPV6@alice6
 ppp ipcp dns request
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip dns server
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.100.1.22 8080 interface Dialer0 8080
ip route 0.0.0.0 0.0.0.0 Dialer0
!
dialer-list 1 protocol ip permit
ipv6 route 2000::/3 Dialer0
ipv6 route ::/0 Dialer0
!
snmp-server community public RO
access-list 1 permit 10.100.1.0 0.0.0.255
access-list 100 permit ip any any
access-list 100 deny   ip host 255.255.255.255 any
access-list 100 deny   ip 127.0.0.0 0.255.255.255 any
access-list 101 permit tcp host 8.23.224.120 eq www any
access-list 101 permit udp any eq domain any
access-list 101 permit udp host 193.204.114.105 eq ntp any eq ntp
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 permit tcp any any eq 8080
access-list 101 permit gre any any
access-list 101 deny   ip 10.0.0.0 0.255.255.255 any
access-list 101 deny   ip 172.16.0.0 0.15.255.255 any
access-list 101 deny   ip 192.168.0.0 0.0.255.255 any
access-list 101 deny   ip 127.0.0.0 0.255.255.255 any
access-list 101 deny   ip host 255.255.255.255 any
access-list 101 deny   ip host 0.0.0.0 any
access-list 101 deny   ip any any log
!
!
!
ipv6 access-list IPv6-FW
 permit icmp any any
 permit udp any any eq 546
 deny ipv6 any any
!
ipv6 access-list IPv6-LAN
 permit icmp any any echo-request
 deny ipv6 any any
!
control-plane
!
!
banner login ^C--CISCO-887--^C
!
line con 0
 login authentication local_authen
 no modem enable
 transport output telnet
line aux 0
 login authentication local_authen
 transport output telnet
line vty 0 4
 authorization exec local_author
 login authentication local_authen
 transport input ssh
!
ntp master
ntp server 193.204.114.105 prefer
!
end
Top
Rispondi

Torna a “Configurazioni End User”