configurazione cisco 877 con aruba
Moderatore: Federico.Lagni
-
cielo01
- n00b
- Messaggi: 4
- Iscritto il: mer 22 apr , 2009 9:28 am
Salve, fino a poco tempo fa usavo Alice 20mb business a casa mia (pagata dalla mia ditta) ma adesso che il contratto è finito ho attivato l'adsl aruba 7m. A questo punto ho provato a configurare il router cisco 877 che mi aveva installato telecom con i parametri di aruba ma non riesco a navigare. Vorrei provare a caricare un file di configurazione già fatto di quelli che ci sono in questo forum ma il comando "copy tftp..." sembra non funzionare . Tra l'altro , ho attivato il dhcp del router e entrando nel router in telnet se provo a fare un ping al mio pc non ricevo risposta . qualcuno sa se questo router ha bisogno di una configurazione particolare?
-
TeCer
- Cisco fan
- Messaggi: 67
- Iscritto il: sab 16 mag , 2009 5:28 pm
questa è la configurazionedel mio 877 con una linea aruba 7mb.
è impostata in dhcp con un solo indirizzo ip disponibile (uso un firewall) e tutte le porte aperte verso quell'indirizzo.
i dns sono quelli di opendns.
è impostata in dhcp con un solo indirizzo ip disponibile (uso un firewall) e tutte le porte aperte verso quell'indirizzo.
i dns sono quelli di opendns.
Codice: Seleziona tutto
username XXX password XXX
!
!
enable secret XXX
!
!
hostname XXX
!
no aaa new-model
ip subnet-zero
no ip domain lookup
ip name-server 208.67.222.222
ip name-server 208.67.220.220
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.3 192.168.0.254
!
ip dhcp pool Pool1
import all
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 208.67.222.222 208.67.220.220
lease infinite
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
!
interface Vlan1
ip address 192.168.0.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1360
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description ADSL Aruba 7MB
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
interface Dialer0
description Interfaccia Dialer0/0 - Aruba ADSL 7MB
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
ip inspect IDS out
ip access-group 111 in
encapsulation ppp
dialer pool 1
ppp authentication chap pap callin
ppp pap sent-username XXX password XXX
!
ip nat translation timeout 420
ip nat translation tcp-timeout 120
ip nat translation pptp-timeout 420
ip nat translation icmp-timeout 1
ip nat translation max-entries 1000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static 192.168.0.2 interface Dialer0
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
no ip http server
no ip http secure-server
!
!
ip inspect name IDS tcp
ip inspect name IDS udp
!
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 11 remark ************************************
access-list 11 remark ACL 11 PER CONTROLLO APLET JAVA
access-list 11 permit any
access-list 100 remark ********* ACL per NAT **************************
access-list 100 permit ip 192.168.0.0 0.0.0.255 any
access-list 111 remark ************************************************
access-list 111 remark ANTI-SPOOFING
access-list 111 deny icmp any any redirect log
access-list 111 deny ip 10.0.0.0 0.255.255.255 any log
access-list 111 deny ip 172.16.0.0 0.15.255.255 any log
access-list 111 deny ip 127.0.0.0 0.255.255.255 any log
access-list 111 deny ip 224.0.0.0 31.255.255.255 any log
access-list 111 deny ip host 0.0.0.0 any log
access-list 111 deny ip any any log
!
!
line con 0
line aux 0
access-class 23 in
exec-timeout 5 0
modem DTR-active
transport input telnet
line vty 0 4
access-class 23 in
exec-timeout 5 0
transport preferred none
transport input telnet
!
scheduler max-task-time 5000
end
Ultima modifica di TeCer il dom 07 giu , 2009 5:10 pm, modificato 1 volta in totale.
-
cielo01
- n00b
- Messaggi: 4
- Iscritto il: mer 22 apr , 2009 9:28 am
ciao, grazie per la configurazione . l'avevo già vista sul forum e ho provata a caricarla usando sdm sul mio router sostituendo gli opendns con quelli che mi ha fornito aruba e inserendo user e password. La connessione comunque continua a non funzionare e inoltre non riesco piu' ad accedere al router via sdm. Ho provato ad usare un router pirelli di un amico e la conessione funziona benissimo. Qualche idea su come risolvere il problema ?
Ciao
Ciao
-
proton
- Cisco fan
- Messaggi: 68
- Iscritto il: lun 04 feb , 2008 7:55 pm
Ciao, non riesci ad accedere via sdm perchè hai disabilitato l'http caricando
quella configurazione.
no ip http server
no ip http secure-server
tuttavia ti consiglio di lasciarla così
aggiungi le inspect e una acl per la traslazione degli indirizzi via telnet o ssh
access-list 1 permit 192.168.0.0 0.0.0.255
poi
ip inspect name IDS tcp
ip inspect name IDS udp
e nella dialer0 aggiungi
ip inspect IDS out
ip access-group 111 in
quella configurazione.
no ip http server
no ip http secure-server
tuttavia ti consiglio di lasciarla così
aggiungi le inspect e una acl per la traslazione degli indirizzi via telnet o ssh
access-list 1 permit 192.168.0.0 0.0.0.255
poi
ip inspect name IDS tcp
ip inspect name IDS udp
e nella dialer0 aggiungi
ip inspect IDS out
ip access-group 111 in
-
cielo01
- n00b
- Messaggi: 4
- Iscritto il: mer 22 apr , 2009 9:28 am
Salve,
questa qui di seguito è la configuarazione che ho inserito sul router ma non riesco a naviagare. Qualcuno ha qualche consiglio ? da dove posso iniziare per capire quel'è il problema ?
Grazie
Current configuration : 4833 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
!
no ip domain lookup
ip domain name yourdomain.com
ip name-server 62.149.128.4
ip name-server 62.149.132.4
!
!
crypto pki trustpoint TP-self-signed-2136280126
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2136280126
revocation-check none
rsakeypair TP-self-signed-2136280126
!
!
crypto pki certificate chain TP-self-signed-2136280126
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32313336 32383031 3236301E 170D3032 30333031 30323432
34365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 31333632
38303132 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C1AB 1A7FFA82 64125D6B C37E2FA9 35731537 ABBFC26C 404AC2B2 E73113DC
49677087 5CDFBDBD 3A8CAF91 0EC4AB2D 4991AB67 E305174D 364797DD 0A96FC82
1ED6D9FD A4386E63 86F0BD22 515E232D 1D8F0F9A 48595303 87748A72 FEFE1003
18B4D69A 5E323BFF 3966BEDD 7E365A84 D4F71F87 5BB324FD D264CFC9 8B412BFC
A4B50203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
301F0603 551D2304 18301680 144808D4 F5823347 8585F99E 63F8E662 F76A4F91
58301D06 03551D0E 04160414 4808D4F5 82334785 85F99E63 F8E662F7 6A4F9158
300D0609 2A864886 F70D0101 04050003 81810036 6DCC859A EDECFCC4 5AFA7883
A3A3B368 CE2EDC2B 1951217D 346F369C D4DF41D5 2E952589 00195222 873C589A
5208908F A0C9A9AB 68AD01D2 478D83BA A07BAE2C F89D9030 DADE9247 513116C5
2E1E82F2 1CD91A18 D6863074 1CA15137 96C1A2D6 1C9CF0F5 50BEE1EF 803D1BAA
68907AE8 ED9AC017 A5D9CBDA 368F6424 939CD9
quit
username cisco877 privilege 15 secret 5 $1$vh/I$J0FBCAo5iN4vMRV6EXKmz/
!
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description ADSL Aruba
no snmp trap link-status
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.10.10.1 255.255.255.248
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1360
!
interface Dialer0
description Interfaccia Dialer0/0 - Aruba ADSL
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
no cdp enable
ppp authentication chap pap callin
ppp pap sent-username [email protected] password 0 xxxxxxx
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
ip nat translation timeout 420
ip nat translation tcp-timeout 120
ip nat translation pptp-timeout 420
ip nat translation icmp-timeout 1
ip nat translation max-entries 1000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static udp 10.10.10.2 4672 interface Dialer0 4672
ip nat inside source static tcp 10.10.10.2 4661 interface Dialer0 4661
!
access-list 11 permit any
access-list 100 permit ip 10.10.0.0 0.0.0.255 any
no cdp run
!
!
!
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want to use.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end
questa qui di seguito è la configuarazione che ho inserito sul router ma non riesco a naviagare. Qualcuno ha qualche consiglio ? da dove posso iniziare per capire quel'è il problema ?
Grazie
Current configuration : 4833 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
!
no ip domain lookup
ip domain name yourdomain.com
ip name-server 62.149.128.4
ip name-server 62.149.132.4
!
!
crypto pki trustpoint TP-self-signed-2136280126
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2136280126
revocation-check none
rsakeypair TP-self-signed-2136280126
!
!
crypto pki certificate chain TP-self-signed-2136280126
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32313336 32383031 3236301E 170D3032 30333031 30323432
34365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 31333632
38303132 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C1AB 1A7FFA82 64125D6B C37E2FA9 35731537 ABBFC26C 404AC2B2 E73113DC
49677087 5CDFBDBD 3A8CAF91 0EC4AB2D 4991AB67 E305174D 364797DD 0A96FC82
1ED6D9FD A4386E63 86F0BD22 515E232D 1D8F0F9A 48595303 87748A72 FEFE1003
18B4D69A 5E323BFF 3966BEDD 7E365A84 D4F71F87 5BB324FD D264CFC9 8B412BFC
A4B50203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
301F0603 551D2304 18301680 144808D4 F5823347 8585F99E 63F8E662 F76A4F91
58301D06 03551D0E 04160414 4808D4F5 82334785 85F99E63 F8E662F7 6A4F9158
300D0609 2A864886 F70D0101 04050003 81810036 6DCC859A EDECFCC4 5AFA7883
A3A3B368 CE2EDC2B 1951217D 346F369C D4DF41D5 2E952589 00195222 873C589A
5208908F A0C9A9AB 68AD01D2 478D83BA A07BAE2C F89D9030 DADE9247 513116C5
2E1E82F2 1CD91A18 D6863074 1CA15137 96C1A2D6 1C9CF0F5 50BEE1EF 803D1BAA
68907AE8 ED9AC017 A5D9CBDA 368F6424 939CD9
quit
username cisco877 privilege 15 secret 5 $1$vh/I$J0FBCAo5iN4vMRV6EXKmz/
!
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description ADSL Aruba
no snmp trap link-status
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.10.10.1 255.255.255.248
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1360
!
interface Dialer0
description Interfaccia Dialer0/0 - Aruba ADSL
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
no cdp enable
ppp authentication chap pap callin
ppp pap sent-username [email protected] password 0 xxxxxxx
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
ip nat translation timeout 420
ip nat translation tcp-timeout 120
ip nat translation pptp-timeout 420
ip nat translation icmp-timeout 1
ip nat translation max-entries 1000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static udp 10.10.10.2 4672 interface Dialer0 4672
ip nat inside source static tcp 10.10.10.2 4661 interface Dialer0 4661
!
access-list 11 permit any
access-list 100 permit ip 10.10.0.0 0.0.0.255 any
no cdp run
!
!
!
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want to use.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end
