http-server config

[djzoidberg]

Salve, sono ormai nell'oblio da qualche tempo e non riesco a capire quale può essere la soluzione.

Si tratta della mia rete domestica sviluppata in questo modo:

nuvola - - - ATM - - - router fornito dall'isp - - - finto ATM - - - C2621XM - - - - - C2950- - - - -LAN

tra il router ISP e il C2621XM c'è la 192.168.88.252/30 mentre per la lan 192.168.0.0/24.

il mio problema sta quando dalla mia lan cerco di accedere alla pagina di configurazione http del router ISP. Se mi connetto direttamente al router ISP scavalcando il C2621XM tutto funge alla perfezione. Qualche idea? Posto sh ver, sh ip route e sh run.



R0-homeip#sh version
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-SPSERVICESK9-M), Version 12.3(12b), RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Thu 31-Mar-05 19:09 by jfeldhou
Image text-base: 0x80008098, data-base: 0x81B205B4

ROM: System Bootstrap, Version 12.2(8r) [cmong 8r], RELEASE SOFTWARE (fc1)
ROM: C2600 Software (C2600-SPSERVICESK9-M), Version 12.3(12b), RELEASE SOFTWARE (fc2)

R0-homeip uptime is 5 hours, 43 minutes
System returned to ROM by power-on
System image file is "flash:c2600-spservicesk9-mz.123.12b.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
[email protected].

cisco 2621XM (MPC860P) processor (revision 0x400) with 126976K/4096K bytes of memory.
Processor board ID JHY0849K1A1 (4223087853)
M860 processor: part number 5, mask 2
Bridging software.
X.25 software, Version 3.0.0.
2 FastEthernet/IEEE 802.3 interface(s)
32K bytes of non-volatile configuration memory.
32768K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102



R0-homeip#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.88.254 to network 0.0.0.0

192.168.88.0/29 is subnetted, 1 subnets
C 192.168.88.248 is directly connected, FastEthernet0/1
C 192.168.0.0/24 is directly connected, FastEthernet0/0
S* 0.0.0.0/0 [1/0] via 192.168.88.254



R0-homeip#sh run
Building configuration...

Current configuration : 6541 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R0-homeip
!
boot-start-marker
boot-end-marker
!
enable secret 5 *****
!
username djzoidberg password 7 140417090D173E222526
no network-clock-participate slot 1
no network-clock-participate wic 0
aaa new-model
!
!
aaa authentication banner ^C
****************************************
* Restricted Area *
* Authorized Access Only *
****************************************
^C
aaa authentication login aaa-djzoidberg-telnet local
aaa authentication login aaa-djzoidberg-console local
aaa session-id common
ip subnet-zero
ip cef
!
!
!
no ip domain lookup
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.0.254 255.255.255.0
ip nat inside
speed 100
full-duplex
no keepalive
!
interface FastEthernet0/1
ip address 192.168.88.253 255.255.255.248
ip nat outside
speed 100
full-duplex
!
!
ip nat inside source static tcp 192.168.0.251 23 interface FastEthernet0/1 8251
ip nat inside source static tcp 192.168.0.254 23 interface FastEthernet0/1 8254
ip nat inside source static tcp 192.168.0.16 4888 interface FastEthernet0/1 4888
ip nat inside source static udp 192.168.0.16 4898 interface FastEthernet0/1 4888
ip nat inside source static tcp 192.168.0.3 6000 interface FastEthernet0/1 6000
ip nat inside source static udp 192.168.0.3 6100 interface FastEthernet0/1 6100
ip nat inside source static tcp 192.168.0.6 20100 interface FastEthernet0/1 20100
ip nat inside source static udp 192.168.0.6 20110 interface FastEthernet0/1 20110
ip nat inside source static tcp 192.168.0.66 22000 interface FastEthernet0/1 22000
ip nat inside source static udp 192.168.0.66 22100 interface FastEthernet0/1 22100
ip nat inside source static tcp 192.168.0.88 20000 interface FastEthernet0/1 20000
ip nat inside source static udp 192.168.0.88 20050 interface FastEthernet0/1 20050
ip nat inside source static tcp 192.168.0.24 2323 interface FastEthernet0/1 2323
ip nat inside source static tcp 192.168.0.253 2900 interface FastEthernet0/1 2900
ip nat inside source static tcp 192.168.0.253 3000 interface FastEthernet0/1 3000
ip nat inside source static tcp 192.168.0.88 15000 interface FastEthernet0/1 15000
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.88.254
!
no ip http server
no ip http secure-server
!
!
!
!
!
!
!
banner motd ^C
.--------------------------------------.
| |
| ^[[5;31mUnauthorized Access Prohibited^[[0;m |
| |
'--------------------------------------'
^C
!
line con 0
exec-timeout 0 0
password 7 *****
logging synchronous
line aux 0
line vty 0 4
password 7 *****
!
!
end

[RJ45]

Da quello che vedo manca la parte nat/pat:

Codice: Seleziona tutto

ip nat inside source list 101 interface Fastethernet0/1 overload

access-list 101 permit ip any any

Ciao!

Andrea.

[djzoidberg]

non c'è verso, avevo già provato una cosa del gerenere ma l'errore persiste..
possono servire altre informazioni?