Non mi funziona il Nat su Cisco 827
Inviato: ven 15 dic , 2006 8:14 pm
Sono connesso in Adsl e vorrei aprire le porte per emule e la mia xbox360. Ho una VPN sempre attiva con casa dei miei e ho provato ad aggiungete l'ip nat inside alla configurazione delle porte di emule.
Fatto sta che non va.
Vi posto la parte "interessante" della mia configurazione
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
no ip http secure-server
!
ip nat translation timeout 420
ip nat translation tcp-timeout 120
ip nat translation pptp-timeout 420
ip nat translation udp-timeout 120
ip nat translation finrst-timeout 300
ip nat translation syn-timeout 120
ip nat translation dns-timeout 300
ip nat translation icmp-timeout 120
ip nat translation max-entries 5000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload
ip nat inside source route-map SDM_RMAP_2 interface Dialer0 overload
ip nat inside source static tcp 192.168.0.215 4662 62.94.***.*** 4662 extendable
ip nat inside source static udp 192.168.0.215 4672 62.94.***.*** 4672
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 1 remark SDM_ACL Category=16
access-list 23 remark SDM_ACL Category=17
access-list 23 permit 192.168.0.0 0.0.0.255
access-list 100 remark SDM_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 101 remark SDM_ACL Category=2
access-list 101 remark IPSec Rule
access-list 101 deny ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 101 permit ip 192.168.0.0 0.0.0.255 any
access-list 102 remark SDM_ACL Category=2
access-list 102 remark IPSec Rule
access-list 102 deny ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 102 permit ip 192.168.0.0 0.0.0.255 any
Consigli ???
Fatto sta che non va.
Vi posto la parte "interessante" della mia configurazione
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
no ip http secure-server
!
ip nat translation timeout 420
ip nat translation tcp-timeout 120
ip nat translation pptp-timeout 420
ip nat translation udp-timeout 120
ip nat translation finrst-timeout 300
ip nat translation syn-timeout 120
ip nat translation dns-timeout 300
ip nat translation icmp-timeout 120
ip nat translation max-entries 5000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload
ip nat inside source route-map SDM_RMAP_2 interface Dialer0 overload
ip nat inside source static tcp 192.168.0.215 4662 62.94.***.*** 4662 extendable
ip nat inside source static udp 192.168.0.215 4672 62.94.***.*** 4672
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 1 remark SDM_ACL Category=16
access-list 23 remark SDM_ACL Category=17
access-list 23 permit 192.168.0.0 0.0.0.255
access-list 100 remark SDM_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 101 remark SDM_ACL Category=2
access-list 101 remark IPSec Rule
access-list 101 deny ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 101 permit ip 192.168.0.0 0.0.0.255 any
access-list 102 remark SDM_ACL Category=2
access-list 102 remark IPSec Rule
access-list 102 deny ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 102 permit ip 192.168.0.0 0.0.0.255 any
Consigli ???
