Sono nuovo, disperato e sopratutto...web designer e non esperto di networking
Allora vi spiego il problema.
Ho un contratto TELECOM ALICE 2M con 8 indirizzi IP assegnati di cui ne posso chiaramente usare 6 e un Router Cisco857W
Dati di TELECOM:
IP PUBBLICI da 88.xx.xx.72 a 88.xx.xx.79 / mask 255.255.255.248
PTP 88.xx.xx.33(centrale telecom) e 88.xx.xx.34 (indirizzo che devo dare al mio router per l' ATM...credo!!) mask 255.255.255.252.
Con questo ben di dio devo far connettere n PC con indirizzi privati da 192.168.1.1 a 254 e in piu vorrei installare anche un server web, ftp su un unica macchina con indirizzo ip pubblico.
Allora la domanda è come devo configurare il Cisco857W per una situazione di questo tipo?
Premetto che ho già provato con alcune configurazioni, presenti su questo forum con scarso successo.
Per ora sono riuscito ad allineare il router con la linea telecom e dal router tramite SDM riesco a pingare indirizzi esterni.
Cosa che non riesco a fare con i miei pc di lan priavata!
Potreste postarmi una configurazione tipo per una situazione del genere ???
P.S.
Ora sono a casa, domani posterò la configurazione attuale del router!!Cmq...se qualcuno avesse qualche consiglio ben venga!!
Ah dimenticavo mi chiamo David.[/code]
Cisco 857 e Alice Multigroup 2M
Moderatore: Federico.Lagni
-
TheIrish
- Site Admin
- Messaggi: 1840
- Iscritto il: dom 14 mar , 2004 11:26 pm
- Località: Udine
- Contatta:
Facciamo così: posta la configurazione generata da SDM e proviamo a lavorarci sopra.
-
david78
- n00b
- Messaggi: 5
- Iscritto il: ven 10 nov , 2006 6:06 pm
!This is the running config of the router: 192.168.1.1
!----------------------------------------------------------------------------
!version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 52000 debugging
!
no aaa new-model
!
resource policy
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
!
ip cef
no ip domain lookup
ip domain name yourdomain.com
!
!
crypto pki trustpoint TP-self-signed-2363961187
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2363961187
revocation-check none
rsakeypair TP-self-signed-2363961187
!
!
crypto pki certificate chain TP-self-signed-2363961187
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32333633 39363131 3837301E 170D3032 30333031 30323139
35305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 33363339
36313138 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100EBBD DADF4D9E 4D2593B6 34A3C7C5 314CBF0F B3299949 81A6A71A 474EAD31
1A627411 AC42CDAD F370F575 D5BE291D 53CA0688 EDC17BC6 50740395 C6D68F50
8A3018D9 90FBB5D8 089BE84F 0D700087 8C257268 00BD05E8 F3333807 E2F87066
87462AA4 C6A228FB ACE7B09A 6DB7E032 6BAAE37A F2A9DC15 1F499038 74691CAE
3EED0203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
301F0603 551D2304 18301680 140821D6 E8FAFC61 9D854539 D635A4B4 0EA84AC5
1B301D06 03551D0E 04160414 0821D6E8 FAFC619D 854539D6 35A4B40E A84AC51B
300D0609 2A864886 F70D0101 04050003 8181002C C7F00ACC 72D17A8D 80A84AB3
3D4B137C 26E1BACD 7E2C177F C320175C B7BC0AC5 ADAE8363 3F21B9E3 B5C6D116
8DF7CFFE 9ABB21C8 006AFC4B CB3BBC34 C0D43342 0BF3378F 8097F274 5A8DEE2C
95187BEB 2B89EE1F 28421711 147956C7 599B41FC E6F2687B EBACB26F E33D365C
EC024FC8 A2DA4311 038143B2 3D112282 373976
quit
username basa privilege 15 secret 5 $1$Iunp$poT34jzKNP.mHn85iTh67.
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
ip address 88.XX.XX.34 255.255.255.252
ip nat outside
ip virtual-reassembly
no snmp trap link-status
pvc 8/35
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.1 255.255.255.0 secondary
ip address 88.xx.xx.73 255.255.255.248
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
hold-queue 100 out
!
ip route 0.0.0.0 0.0.0.0 ATM0.1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool mg-net 88.xx.xx.74 88.xx.xx.74 netmask 255.255.255.248
ip nat inside source list 2 interface ATM0.1 overload
!
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 permit 88.xx.xx.64 0.0.0.9
no cdp run
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want to use.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end
!----------------------------------------------------------------------------
!version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 52000 debugging
!
no aaa new-model
!
resource policy
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
!
ip cef
no ip domain lookup
ip domain name yourdomain.com
!
!
crypto pki trustpoint TP-self-signed-2363961187
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2363961187
revocation-check none
rsakeypair TP-self-signed-2363961187
!
!
crypto pki certificate chain TP-self-signed-2363961187
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32333633 39363131 3837301E 170D3032 30333031 30323139
35305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 33363339
36313138 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100EBBD DADF4D9E 4D2593B6 34A3C7C5 314CBF0F B3299949 81A6A71A 474EAD31
1A627411 AC42CDAD F370F575 D5BE291D 53CA0688 EDC17BC6 50740395 C6D68F50
8A3018D9 90FBB5D8 089BE84F 0D700087 8C257268 00BD05E8 F3333807 E2F87066
87462AA4 C6A228FB ACE7B09A 6DB7E032 6BAAE37A F2A9DC15 1F499038 74691CAE
3EED0203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
301F0603 551D2304 18301680 140821D6 E8FAFC61 9D854539 D635A4B4 0EA84AC5
1B301D06 03551D0E 04160414 0821D6E8 FAFC619D 854539D6 35A4B40E A84AC51B
300D0609 2A864886 F70D0101 04050003 8181002C C7F00ACC 72D17A8D 80A84AB3
3D4B137C 26E1BACD 7E2C177F C320175C B7BC0AC5 ADAE8363 3F21B9E3 B5C6D116
8DF7CFFE 9ABB21C8 006AFC4B CB3BBC34 C0D43342 0BF3378F 8097F274 5A8DEE2C
95187BEB 2B89EE1F 28421711 147956C7 599B41FC E6F2687B EBACB26F E33D365C
EC024FC8 A2DA4311 038143B2 3D112282 373976
quit
username basa privilege 15 secret 5 $1$Iunp$poT34jzKNP.mHn85iTh67.
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
ip address 88.XX.XX.34 255.255.255.252
ip nat outside
ip virtual-reassembly
no snmp trap link-status
pvc 8/35
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.1 255.255.255.0 secondary
ip address 88.xx.xx.73 255.255.255.248
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
hold-queue 100 out
!
ip route 0.0.0.0 0.0.0.0 ATM0.1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool mg-net 88.xx.xx.74 88.xx.xx.74 netmask 255.255.255.248
ip nat inside source list 2 interface ATM0.1 overload
!
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 permit 88.xx.xx.64 0.0.0.9
no cdp run
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want to use.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end
-
david78
- n00b
- Messaggi: 5
- Iscritto il: ven 10 nov , 2006 6:06 pm
STO NAVIGANDOOOOOOOOOOOO !!!!!!!!!!!!!!
ecco la config........
!This is the running config of the router: 192.168.1.1
!----------------------------------------------------------------------------
!version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 52000 debugging
!
no aaa new-model
!
resource policy
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
!
ip cef
no ip domain lookup
ip domain name yourdomain.com
!
!
crypto pki trustpoint TP-self-signed-2363961187
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2363961187
revocation-check none
rsakeypair TP-self-signed-2363961187
!
!
crypto pki certificate chain TP-self-signed-2363961187
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32333633 39363131 3837301E 170D3032 30333031 30323139
35305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 33363339
36313138 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100EBBD DADF4D9E 4D2593B6 34A3C7C5 314CBF0F B3299949 81A6A71A 474EAD31
1A627411 AC42CDAD F370F575 D5BE291D 53CA0688 EDC17BC6 50740395 C6D68F50
8A3018D9 90FBB5D8 089BE84F 0D700087 8C257268 00BD05E8 F3333807 E2F87066
87462AA4 C6A228FB ACE7B09A 6DB7E032 6BAAE37A F2A9DC15 1F499038 74691CAE
3EED0203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
301F0603 551D2304 18301680 140821D6 E8FAFC61 9D854539 D635A4B4 0EA84AC5
1B301D06 03551D0E 04160414 0821D6E8 FAFC619D 854539D6 35A4B40E A84AC51B
300D0609 2A864886 F70D0101 04050003 8181002C C7F00ACC 72D17A8D 80A84AB3
3D4B137C 26E1BACD 7E2C177F C320175C B7BC0AC5 ADAE8363 3F21B9E3 B5C6D116
8DF7CFFE 9ABB21C8 006AFC4B CB3BBC34 C0D43342 0BF3378F 8097F274 5A8DEE2C
95187BEB 2B89EE1F 28421711 147956C7 599B41FC E6F2687B EBACB26F E33D365C
EC024FC8 A2DA4311 038143B2 3D112282 373976
quit
username basa privilege 15 secret 5 $1$Iunp$poT34jzKNP.mHn85iTh67.
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
ip address 88.xx.xx.34 255.255.255.252
ip nat outside
ip virtual-reassembly
no snmp trap link-status
pvc 8/35
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.1 255.255.255.0 secondary
ip address 88.xx.xx.73 255.255.255.248
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
hold-queue 100 out
!
ip route 0.0.0.0 0.0.0.0 ATM0.1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
[-----SONO INTERVENUTO SU QUESTE RIGHE RISPETTO ALLA CONFIGURAZIONE CHE HO POSTATO PRIMA----]
ip nat pool mg-net 88.xx.xx.74 88.xx.xx.74 netmask 255.255.255.248
ip nat inside source list 2 pool mg-net overload
!
access-list 2 remark SDM_ACL Category=16
access-list 2 permit 192.168.1.0 0.0.0.255
[---FINE INETRVENTO-----]
no cdp run
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want to use.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end
ecco la config........
!This is the running config of the router: 192.168.1.1
!----------------------------------------------------------------------------
!version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 52000 debugging
!
no aaa new-model
!
resource policy
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
!
ip cef
no ip domain lookup
ip domain name yourdomain.com
!
!
crypto pki trustpoint TP-self-signed-2363961187
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2363961187
revocation-check none
rsakeypair TP-self-signed-2363961187
!
!
crypto pki certificate chain TP-self-signed-2363961187
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32333633 39363131 3837301E 170D3032 30333031 30323139
35305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 33363339
36313138 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100EBBD DADF4D9E 4D2593B6 34A3C7C5 314CBF0F B3299949 81A6A71A 474EAD31
1A627411 AC42CDAD F370F575 D5BE291D 53CA0688 EDC17BC6 50740395 C6D68F50
8A3018D9 90FBB5D8 089BE84F 0D700087 8C257268 00BD05E8 F3333807 E2F87066
87462AA4 C6A228FB ACE7B09A 6DB7E032 6BAAE37A F2A9DC15 1F499038 74691CAE
3EED0203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
301F0603 551D2304 18301680 140821D6 E8FAFC61 9D854539 D635A4B4 0EA84AC5
1B301D06 03551D0E 04160414 0821D6E8 FAFC619D 854539D6 35A4B40E A84AC51B
300D0609 2A864886 F70D0101 04050003 8181002C C7F00ACC 72D17A8D 80A84AB3
3D4B137C 26E1BACD 7E2C177F C320175C B7BC0AC5 ADAE8363 3F21B9E3 B5C6D116
8DF7CFFE 9ABB21C8 006AFC4B CB3BBC34 C0D43342 0BF3378F 8097F274 5A8DEE2C
95187BEB 2B89EE1F 28421711 147956C7 599B41FC E6F2687B EBACB26F E33D365C
EC024FC8 A2DA4311 038143B2 3D112282 373976
quit
username basa privilege 15 secret 5 $1$Iunp$poT34jzKNP.mHn85iTh67.
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
ip address 88.xx.xx.34 255.255.255.252
ip nat outside
ip virtual-reassembly
no snmp trap link-status
pvc 8/35
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.1 255.255.255.0 secondary
ip address 88.xx.xx.73 255.255.255.248
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
hold-queue 100 out
!
ip route 0.0.0.0 0.0.0.0 ATM0.1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
[-----SONO INTERVENUTO SU QUESTE RIGHE RISPETTO ALLA CONFIGURAZIONE CHE HO POSTATO PRIMA----]
ip nat pool mg-net 88.xx.xx.74 88.xx.xx.74 netmask 255.255.255.248
ip nat inside source list 2 pool mg-net overload
!
access-list 2 remark SDM_ACL Category=16
access-list 2 permit 192.168.1.0 0.0.0.255
[---FINE INETRVENTO-----]
no cdp run
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want to use.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end
-
tricheco
- n00b
- Messaggi: 24
- Iscritto il: mar 07 nov , 2006 12:42 pm
- Località: Roma
configura un interfaccia di rete con l'ip privato, poi configuri sempre la stessa con il primo ip pubblico disponibile secondario, in questo modo ti crei una DMZ per gli ip pubblici.
Se hai prob. dimmelo che ti posto una conf.
Se hai prob. dimmelo che ti posto una conf.
