Cisco 803 con 2 Dialer
Inviato: lun 29 mag , 2006 3:32 pm
Ciao a tutti.
Un problema: ho un Cisco 803. Il collegamento attuale funziona perfettamente.
Ho la necessità pero' di inserire un secondo numero (un secondo dialer ?) per effettuare un collegamento ad Internet, un secondo user name, una seconda password.
Quando il primo numenro è occupato, deve automaticamente utilizzare il secondo (in modo trasparente, con i propri user name e password).
Ovviamente tutto quello già impostato (regole NAT ecc.) devono essere valide ed identiche per tutti e due i dialer.
Cosa devo fare? .
Grazie !.
===============================================
Current configuration : 3298 bytes
!
version 12.2
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
no service password-encryption
no service dhcp
!
hostname router
!
enable password XXXX
!
clock timezone CET 1
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
!
dial-peer voice 1 pots
caller-id
no forward-to-unused-port
no call-waiting
ring 0
no silent-fax
registered-caller ring 1
port 1
volume 3
!
pots country DK
!
ip subnet-zero
no ip source-route
!
no ip domain-lookup
isdn switch-type basic-net3
!
!
!
interface Ethernet0
description Connessione LAN
ip address 192.168.1.1 255.255.255.0
no ip proxy-arp
ip nat inside
no cdp enable
!
interface BRI0
description Interfaccia fisica ISDN
no ip address
dialer pool-member 5
isdn switch-type basic-net3
isdn voice-priority XXXX out always
isdn voice-priority XXXX in always
isdn incoming-voice modem
no cdp enable
!
interface Dialer1
description Dialer TELECOM
ip address negotiated
ip access-group 121 in
no ip proxy-arp
ip nat outside
encapsulation ppp
no ip split-horizon
dialer pool 5
dialer idle-timeout 180
dialer string XXXX
dialer hold-queue 10
dialer load-threshold 10 either
dialer-group 5
no cdp enable
ppp authentication chap pap callin optional
ppp chap hostname XXXX
ppp chap password 0 XXXX
ppp pap sent-username XXXX password 0 XXXX
ppp multilink
!
ip nat translation timeout 900
ip nat translation tcp-timeout 900
ip nat translation finrst-timeout 300
ip nat translation syn-timeout 120
ip nat translation dns-timeout 300
ip nat translation icmp-timeout 120
ip nat translation max-entries 8192
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static udp 192.168.1.30 6347 interface Dialer1 6347
ip nat inside source static tcp 192.168.1.30 6346 interface Dialer1 6346
ip nat inside source static tcp 192.168.1.30 4662 interface Dialer1 4662
ip nat inside source static udp 192.168.1.30 4672 interface Dialer1 4672
ip nat inside source static tcp 192.168.1.30 6881 interface Dialer1 6881
ip nat inside source static udp 192.168.1.30 6881 interface Dialer1 6881
ip nat inside source static udp 192.168.1.30 5900 interface Dialer1 5900
ip nat inside source static tcp 192.168.1.30 5900 interface Dialer1 5900
ip nat inside source static udp 192.168.1.30 5800 interface Dialer1 5800
ip nat inside source static tcp 192.168.1.30 5800 interface Dialer1 5800
ip nat inside source static tcp 192.168.1.30 666 interface Dialer1 666
ip nat inside source static udp 192.168.1.30 666 interface Dialer1 666
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 121 deny udp any eq netbios-dgm any
access-list 121 deny udp any eq netbios-ns any
access-list 121 deny udp any eq netbios-ss any
access-list 121 deny tcp any eq 137 any
access-list 121 deny tcp any eq 138 any
access-list 121 deny tcp any eq 139 any
access-list 121 permit ip any any time-range TELECOM
dialer-list 5 protocol ip list 121
no cdp run
!
line con 0
exec-timeout 0 0
stopbits 1
line vty 0 4
access-class 1 in
exec-timeout 0 0
password XXXX
login
!
rcapi server port 2578
!
!
time-range TELECOM
periodic daily 0:00 to 23:59
!
end
===============================================
Un problema: ho un Cisco 803. Il collegamento attuale funziona perfettamente.
Ho la necessità pero' di inserire un secondo numero (un secondo dialer ?) per effettuare un collegamento ad Internet, un secondo user name, una seconda password.
Quando il primo numenro è occupato, deve automaticamente utilizzare il secondo (in modo trasparente, con i propri user name e password).
Ovviamente tutto quello già impostato (regole NAT ecc.) devono essere valide ed identiche per tutti e due i dialer.
Cosa devo fare? .
Grazie !.
===============================================
Current configuration : 3298 bytes
!
version 12.2
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
no service password-encryption
no service dhcp
!
hostname router
!
enable password XXXX
!
clock timezone CET 1
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
!
dial-peer voice 1 pots
caller-id
no forward-to-unused-port
no call-waiting
ring 0
no silent-fax
registered-caller ring 1
port 1
volume 3
!
pots country DK
!
ip subnet-zero
no ip source-route
!
no ip domain-lookup
isdn switch-type basic-net3
!
!
!
interface Ethernet0
description Connessione LAN
ip address 192.168.1.1 255.255.255.0
no ip proxy-arp
ip nat inside
no cdp enable
!
interface BRI0
description Interfaccia fisica ISDN
no ip address
dialer pool-member 5
isdn switch-type basic-net3
isdn voice-priority XXXX out always
isdn voice-priority XXXX in always
isdn incoming-voice modem
no cdp enable
!
interface Dialer1
description Dialer TELECOM
ip address negotiated
ip access-group 121 in
no ip proxy-arp
ip nat outside
encapsulation ppp
no ip split-horizon
dialer pool 5
dialer idle-timeout 180
dialer string XXXX
dialer hold-queue 10
dialer load-threshold 10 either
dialer-group 5
no cdp enable
ppp authentication chap pap callin optional
ppp chap hostname XXXX
ppp chap password 0 XXXX
ppp pap sent-username XXXX password 0 XXXX
ppp multilink
!
ip nat translation timeout 900
ip nat translation tcp-timeout 900
ip nat translation finrst-timeout 300
ip nat translation syn-timeout 120
ip nat translation dns-timeout 300
ip nat translation icmp-timeout 120
ip nat translation max-entries 8192
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static udp 192.168.1.30 6347 interface Dialer1 6347
ip nat inside source static tcp 192.168.1.30 6346 interface Dialer1 6346
ip nat inside source static tcp 192.168.1.30 4662 interface Dialer1 4662
ip nat inside source static udp 192.168.1.30 4672 interface Dialer1 4672
ip nat inside source static tcp 192.168.1.30 6881 interface Dialer1 6881
ip nat inside source static udp 192.168.1.30 6881 interface Dialer1 6881
ip nat inside source static udp 192.168.1.30 5900 interface Dialer1 5900
ip nat inside source static tcp 192.168.1.30 5900 interface Dialer1 5900
ip nat inside source static udp 192.168.1.30 5800 interface Dialer1 5800
ip nat inside source static tcp 192.168.1.30 5800 interface Dialer1 5800
ip nat inside source static tcp 192.168.1.30 666 interface Dialer1 666
ip nat inside source static udp 192.168.1.30 666 interface Dialer1 666
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 121 deny udp any eq netbios-dgm any
access-list 121 deny udp any eq netbios-ns any
access-list 121 deny udp any eq netbios-ss any
access-list 121 deny tcp any eq 137 any
access-list 121 deny tcp any eq 138 any
access-list 121 deny tcp any eq 139 any
access-list 121 permit ip any any time-range TELECOM
dialer-list 5 protocol ip list 121
no cdp run
!
line con 0
exec-timeout 0 0
stopbits 1
line vty 0 4
access-class 1 in
exec-timeout 0 0
password XXXX
login
!
rcapi server port 2578
!
!
time-range TELECOM
periodic daily 0:00 to 23:59
!
end
===============================================