Problema con porte di emule

miko2003 · mar 31 ott , 2006 1:52 pm

Questa è la situazione del mio router Cisco 803 qualcuno saprebbe darmi una mano a risolvere l'id basso in emule????

Building configuration...                         

Current configuration:                      
! 
version 12.0            
no service pad              
service timestamps debug uptime                               
service timestamps log uptime                             
service password-encryption                           
! 
hostname router               
! 
logging buffered 8192 debugging                               
enable secret 5 $1$Ea07$/rMSgutMCt3vcjYpTgd0n/                                              
! 
username router password 7 141B071B03102E22                                           
! 
dial-peer voice 1 pots                      
 call-waiting             
 ring 0       
 port 1       
 destination-pattern 087256418                              
! 
pots country IT               
ip subnet-zero              
no ip source-route                  
! 
isdn switch-type basic-net3                           
! 
! 
! 
interface Ethernet0                   
 ip address 192.168.1.1 255.255.255.0                                     
 ip access-group 121 in                       
 no ip directed-broadcast                         
 no ip proxy-arp                
 ip nat inside              
! 
interface BRI0              
 no ip address              
 no ip directed-broadcast                         
 encapsulation ppp                  
 dialer pool-member 1                     
 isdn switch-type basic-net3                            
 isdn incoming-voice modem                          
 ppp authentication chap pap callin                                   
! 
interface Dialer1                 
 description ISP                
 ip address negotiated                      
 ip access-group 121 in                       
 no ip directed-broadcast                         
 no ip proxy-arp                
 ip nat outside               
 encapsulation ppp                  
 no ip split-horizon                    
 dialer remote-name Cisco1                          
 dialer idle-timeout 300                        
 dialer string 7022334455 class DialClass                                         
 dialer hold-queue 10                     
 dialer pool 1              
 dialer-group 1               
 pulse-time 0             
 ppp authentication c                   
 ppp chap hostname [email protected]                                               
 ppp chap password 7 151E1E1C0B3E2F2D                                     
 ppp pap sent-username [email protected] password 7 141B071B03102E22                                                                               
! 
ip nat inside source list 18 interface Dialer1 overload                                                       
ip nat inside source static tcp 192.168.1.10 4662 0.0.0.0 4662 extendable                                                                         
ip nat inside source static udp 192.168.1.10 4672 0.0.0.0 4672 extendable                                                                         
ip nat inside source static tcp 192.168.1.10 4711 0.0.0.0 4711 extendable                                                                         
ip classless            
ip route 0.0.0.0 0.0.0.0 Dialer1                                
! 
! 
map-class dialer DialC                     
access-list 18 permit 192.168.1.0 0.0.0.255                                           
access-list 121 deny   udp any eq netbios-dgm any                                                 
access-list 121 deny   udp any eq netbios-ns any                                
access-list 121 deny   udp any eq 139 any
access-list 121 deny   tcp any eq 137 any
access-list 121 deny   tcp any eq 138 any
access-list 121 deny   tcp any eq 139 any
access-list 121 permit ip any any time-range TIME
dialer-list 1 protocol ip permit
!
line con 0
 exec-timeout 120 0
 transport input none
 stopbits 1
line vty 0 4
 exec-timeout 0 0
 login local
!
time-range TIME
 periodic daily 0:00 to 23:59
!
end

Grazie a tutti.

Wizard · mar 31 ott , 2006 2:11 pm

Rifai la ACL in questo modo:

no access-list 121
access-list 121 remark *** ACL IN INTRATA ***
access-list 121 deny udp any eq netbios-dgm any
access-list 121 deny udp any eq netbios-ns any
access-list 121 deny udp any eq 139 any
access-list 121 deny tcp any eq 137 any
access-list 121 deny tcp any eq 138 any
access-list 121 deny tcp any eq 139 any
access-list 121 permit tcp any any eq 4662
access-list 121 permit tcp any any eq 4711
access-list 121 permit udp any any eq 4672
access-list 121 permit ip any any time-range TIME

Facci sapere

miko2003 · mar 31 ott , 2006 3:25 pm

Siccime non sono molto esperto, potrei avere i comandi precisi per fare questa riconfigurazione? Grazie

Wizard · mar 31 ott , 2006 3:33 pm

Vai in telnet sul router, vai in modalità enable, entri in config mode (digitango "conf t") poi inserisci queste righe:

access-list 121 remark *** ACL IN INTRATA ***
access-list 121 deny udp any eq netbios-dgm any
access-list 121 deny udp any eq netbios-ns any
access-list 121 deny udp any eq 139 any
access-list 121 deny tcp any eq 137 any
access-list 121 deny tcp any eq 138 any
access-list 121 deny tcp any eq 139 any
access-list 121 permit tcp any any eq 4662
access-list 121 permit tcp any any eq 4711
access-list 121 permit udp any any eq 4672

Wizard · mar 31 ott , 2006 3:34 pm

Sorry, prima di mettere le nuove acl togli quelle precedenti digitando:

no access-list 121

miko2003 · mar 31 ott , 2006 6:40 pm

una volta inserite questi comandi devo inserire qualche comando per salvare le impostazioni? o posso uscire dal router senza problemi?

MaiO · mar 31 ott , 2006 8:59 pm

Devi salvare la configurazione.

Dal privileged mode impartisci questo commando:

copy run start

o in alternativa

write mem

Ciao

miko2003 · mer 01 nov , 2006 4:18 pm

Ragazzi ancora niente...
Il test che faccio per vedere se le porte usate da emule sono aperte mi da esito negativo.
Vi riporto la situazione del mio router dopo aver fatto quanto scritto sopra:

Codice: Seleziona tutto

Current configuration:                      
! 
version 12.0            
no service pad              
service timestamps debug uptime                               
service timestamps log uptime                             
service password-encryption                           
! 
hostname       
! 
logging buffered 8192 debugging                               
enable secret 5 $1$Ea07$/rMSgutMCt3vcjYpTgd0n/                                              
! 
username router password 7 141B071B03102E22                                           
! 
dial-peer voice 1 pots                      
 call-waiting             
 ring 0       
 port 1       
 destination-pattern 087256418                              
! 
pots country IT               
ip subnet-zero              
no ip source-route                  
! 
isdn switch-type basic-net3                           
! 
! 
! 
interface Ethernet0                   
 ip address 192.168.1.1 255.255.255.0                                     
 ip access-group 121 in                       
 no ip directed-broadcast                         
 no ip proxy-arp                
 ip nat inside              
! 
interface BRI0              
 no ip address              
 no ip directed-broadcast                         
 encapsulation ppp                  
 dialer pool-member 1                     
 isdn switch-type basic-net3                            
 isdn incoming-voice modem                          
 ppp authentication chap pap callin                                   
! 
interface Dialer1                 
 description ISP                
 ip address negotiated                      
 ip access-group 121 in                       
 no ip directed-broadcast                         
 no ip proxy-arp                
 ip nat outside               
 encapsulation ppp                  
 no ip split-horizon                    
 dialer remote-name Cisco1                          
 dialer idle-timeout 300                        
 dialer string 7022334455 class DialClass                                         
 dialer hold-queue 10                     
 dialer pool 1              
 dialer-group 1               
 pulse-time 0             
 ppp authentication chap pap callin                                   
 ppp chap hostname michele.mi                            
 ppp chap password 7 151E1E1C0B3E2F2D                                     
 ppp pap sent-username [email protected] password 7 141B071B03102E22                                                                               
! 
ip nat inside source list 18 interface Dialer1 overload                                                       
ip nat inside source static tcp 192.168.1.10 4662 0.0.0.0 4662 extendable                                                                         
ip nat inside source static udp 192.168.1.10 4672 0.0.0.0 4672 extendable                                                                         
ip nat inside source static tcp 192.168.1.10 4711 0.0.0.0 4711 extendable                                                                         
ip classless            
ip route 0.0.0.0 0.0.0.0 Dialer1                                
! 
! 
map-class dialer DialClass                          
access-list 18 permit 192.168.1.0 0.0.0.255                                          
access-list 121 deny   udp any eq netbios-dgm any                                                 
access-list 121 deny   udp any eq netbios-ns any                                
access-list 121 deny   udp any eq 139 any
access-list 121 deny   tcp any eq 137 any
access-list 121 deny   tcp any eq 138 any
access-list 121 deny   tcp any eq 139 any
access-list 121 permit ip any any time-range TIME
access-list 121 permit tcp any any eq 4662
access-list 121 permit tcp any any eq 4711
access-list 121 permit udp any any eq 4672
dialer-list 1 protocol ip permit
!
line con 0
 exec-timeout 120 0
 transport input none
 stopbits 1
line vty 0 4
 exec-timeout 0 0
 login local
!
time-range TIME
 periodic daily 0:00 to 23:59
!
end

Vi prego datemi una mano a risolvere questo problema.
Grazie

[Dj][DMX] · mer 01 nov , 2006 11:46 pm

in modalità configurazione scrivi:
int ethernet0
no ip access-group 121 in
ip access-group 121 out

miko2003 · gio 02 nov , 2006 2:00 pm

Ragazzie in seguito ai vostri suggerimenti nn ancora riesco ad aprire queste benedette porte, riposto in seguito la situazione del mio router dopo le varie modifiche:

Codice: Seleziona tutto

Current configuration:                      
! 
version 12.0            
no service pad              
service timestamps debug uptime                               
service timestamps log uptime                             
service password-encryption                           
! 
hostname router               
! 
logging buffered 8192 debugging                               
enable secret 5 $1$Ea07$/rMSgutMCt3vcjYpTgd0n/                                              
! 
username router password 7 141B071B03102E22                                           
! 
dial-peer voice 1 pots                      
 call-waiting             
 ring 0       
 port 1       
 destination-pattern 087256418                              
! 
pots country IT               
ip subnet-zero              
no ip source-route                  
! 
isdn switch-type basic-net3                           
! 
! 
! 
interface Ethernet0                   
 ip address 192.168.1.1 255.255.255.0                                     
 ip access-group 121 out                        
 no ip directed-broadcast                         
 no ip proxy-arp                
 ip nat inside              
! 
interface BRI0              
 no ip address              
 no ip directed-broadcast                         
 encapsulation ppp                  
 dialer pool-member 1                     
 isdn switch-type basic-net3                            
 isdn incoming-voice modem                          
 ppp authentication chap pap callin                                   
! 
interface Dialer1                 
 description ISP                
 ip address negotiated                      
 ip access-group              
 no ip directed-broadcast                         
 no ip proxy-arp                
 ip nat outside               
 encapsulation ppp                  
 no ip split-horizon                    
 dialer remote-name Cisco1                          
 dialer idle-timeout 300                        
 dialer string 7022334455 class DialClass                                         
 dialer hold-queue 10                     
 dialer pool 1              
 dialer-group 1               
 pulse-time 0             
 ppp authentication chap pap callin                                   
 ppp chap hostname [email protected]                                               
 ppp chap password 7 151E1E1C0B3E2F2D                                     
 ppp pap sent-username [email protected] password 7 141B071B03102E22                                                                               
! 
ip nat inside source list 18 interface Dialer1 overload                                                       
ip nat inside source static tcp 192.168.1.10 4711 0.0.0.0 4711 extendable                                                                         
ip nat inside source static udp 192.168.1.10 4672 0.0.0.0 4672 extendable                                                                         
ip nat inside source static tcp 192.168.1.10 4662 0.0.0.0 4662 extendable                                                                         
ip classless            
ip route 0.0.0.0 0.0.0.0 Dialer1                                
! 
! 
map-class dialer DialClass                          
access-list 18 permit 192.168.1.0 0.0.0.255                                           
access-list 121 deny   udp any eq netbios-dgm any                                                 
access-list 121 deny   udp any eq netbios-ns any                                                
access-list 121 deny   udp any eq 139 any                                         
access-list 121 deny   tcp any eq                                  
access-list 121 deny   tcp any eq 138 any                                         
access-list 121 deny   tcp any eq 139 any                                         
access-list 121 permit ip any any time-range TIME                                                 
access-list 121 permit tcp any any eq 4662                                          
access-list 121 permit tcp any any eq 4711                                          
access-list 121 permit udp any any eq 4672                                          
dialer-list 1 protocol ip permit                                
!
line con 0
 exec-timeout 120 0
 transport input none
 stopbits 1
line vty 0 4
 exec-timeout 0 0
 login local
!
time-range TIME
 periodic daily 0:00 to 23:59
!
end

Aspetto fiducioso vostri aiuti.
Grazie a tutti

TheIrish · gio 02 nov , 2006 2:42 pm

...
interface ethernet0
...
ip access-group

ip access-group cosa?

miko2003 · gio 02 nov , 2006 5:14 pm

Scusami ma vuoi dire che ci sono degli errori.
In questo caso, potresti risolverli?
Grazie

[Dj][DMX] · gio 02 nov , 2006 5:54 pm

Intende dire scrivi:

interface Dialer1
no ip access-group

miko2003 · gio 02 nov , 2006 7:49 pm

capito, ho fatto anche questa ultima modifica ma il risultato non cambia. Non c'è nessuno che puo scrivermi tutti i passaggi che servono per risolvere il problema?
Grazie

TheIrish · sab 04 nov , 2006 11:07 am

Voglio vedere la conf com'è adesso, senza l'access-group.

Problema con porte di emule

Login • Iscriviti