CiscoForums.it

ciao a tutti nei giorni scorsi ho un po' lottato con i miei apparati ed una conf semidefinitiva è uscita fuori, prima vi posto la conf e poi vi descrivo il problema.
allora:

router

!
!
boot-start-marker
boot system flash
boot-end-marker
!
!
!
no aaa new-model
clock timezone GMT 1 0
clock summer-time CDT recurring
!
no ipv6 cef
ip source-route
ip cef
!
!
!
ip dhcp excluded-address 10.0.0.200 10.0.0.254
ip dhcp excluded-address 10.0.30.200 10.0.30.254
ip dhcp excluded-address 192.168.0.1 192.168.0.3
!
ip dhcp pool LAN1 (DEVE NAVIGARE E POTER ACCEDERE ALLA LAN2)
network 10.0.0.0 255.255.255.0
domain-name 1
dns-server 10.0.0.200 192.168.1.254
default-router 10.0.0.200
lease 5
!
ip dhcp pool LAN2 (DEVE NAVIGARE E NON DEVE ACCEDERE E NON DEVE PINGARE LA LAN1)
network 10.0.30.0 255.255.255.0
domain-name 2
default-router 10.0.30.200
dns-server 10.0.30.200 192.168.1.254
lease 30
!
ip dhcp pool LAN3 (NON DEVE NAVIGARE E NON DEVE ACCEDERE E PINGARE LE ALTRE LAN)
network 192.168.0.0 255.255.255.0
domain-name 3
default-router 192.168.0.1
lease 30
!
!
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description "WAN"
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1.2 (FUNZIONA TUTTO)
encapsulation dot1Q 2
ip address 10.0.0.200 255.255.255.0
ip access-group smtpblock in
no ip redirects
no ip unreachables
ip flow ingress
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1.3 (NON RIESCO A NAVIGARE)
encapsulation dot1Q 3
ip address 10.0.30.200 255.255.255.0
ip access-group smtpblock in
no ip redirects
no ip unreachables
ip flow ingress
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1.4 (FUNZIONA TUTTO)
encapsulation dot1Q 4
ip address 192.168.0.1 255.255.255.0
no ip redirects
no ip unreachables
ip flow ingress
ip virtual-reassembly in
!
no ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat translation timeout 10
ip nat inside source list 100 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 192.168.1.254
!
access-list 100 permit ip 10.0.0.0 0.0.0.255 any
!
!
!
control-plane
!
!
line con 0
exec-timeout 5 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
exec-timeout 5 0
login local
transport input all
!
scheduler allocate 20000 1000

switch:

no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
!
boot-start-marker
boot-end-marker
!
no aaa new-model
system mtu routing 1500
vtp mode transparent
ip subnet-zero
!
!
!
!
crypto pki trustpoint TP-self-signed-1964803840
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1964803840
revocation-check none
rsakeypair TP-self-signed-1964803840
!
!
crypto pki certificate chain TP-self-signed-1964803840
certificate self-signed 01
30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31393634 38303338 3430301E 170D3933 30333031 30303536
35355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 39363438
30333834 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C0F6 3309CE9C 44DFB5A3 675501E4 90224BF8 F25C5A02 EF006690 BEC609DA
7D89C7F6 9D336D6E 33F64625 D1A1BED7 BD71EFF1 D9DD00AB D4518D90 197937BB
343430CB E7A2F08E 07ED3ECB AC23A225 4A07D69D 93E9E926 CB2158E8 D1050046
855C477B 21E10784 BF7CED90 951A75DB AC23761E 54F9A926 7184843E 497590DB
B41F0203 010001A3 6C306A30 0F060355 1D130101 FF040530 030101FF 30170603
551D1104 10300E82 0C535749 54434832 39363047 2E301F06 03551D23 04183016
8014EBA5 15714521 C06B1AEB 4897245F 36BF35D0 305C301D 0603551D 0E041604
14EBA515 714521C0 6B1AEB48 97245F36 BF35D030 5C300D06 092A8648 86F70D01
01040500 03818100 5B00E81F C50FCFAF 739B807B BDBDFA8A 25D77E3B 5D738848
253BE7A4 56248883 1A437585 B1196261 A8793CF3 EE98D12C B054E4A9 B7F935FB
2A02CF39 547CE6A1 41EFDF0A DC6404BC E7E6C10F 2B8405D4 22AFF3B6 C10D3B68
615BA796 DA12637F 2EEF0DCA CD8FFC95 7C3C666B 3578A3DF 6C5C91FD 86882D23
2C7869C3 197A934E
quit
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 2-4
!
!
!
interface GigabitEthernet0/1
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/2
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/3
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/4
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/5
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/6
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/7
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/10
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/11
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/12
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/13
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/14
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/15
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/16
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/17
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/18
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/19
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/20
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/21
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/22
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/23
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/24
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/25
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/26
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/27
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/28
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/29
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/30
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/31
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/32
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/33
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/34
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/35
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/36
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/37
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/38
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/39
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/40
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/41
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/42
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/43
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/44
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/45
description CONNESSIONE AL ROUTER
switchport mode trunk
spanning-tree portfast trunk
!
interface GigabitEthernet0/46
!
interface GigabitEthernet0/47
!
interface GigabitEthernet0/48
!
interface Vlan1
ip address 10.0.0.201 255.255.255.0
no ip route-cache
!
interface Vlan2
description LAN1
no ip address
no ip route-cache
!
interface Vlan3
description LAN2
no ip address
no ip route-cache
!
interface Vlan4
description LAN3
no ip address
no ip route-cache
!
ip http server
ip http secure-server
!
control-plane
!
!
line con 0
line vty 0 4
login
line vty 5 15
login
!
end

insomma funziona tutto, solo che con la lan 2 ottengo gli indirizzi corretti con il dhcp ma non riesco a navigare e non trovo l'errore.
poi vorrei evitare di spostare ogni volta il cavo console, quindi ho certo la vlan1 sullo switch ma non riesco a telnettarmi, quindi qualcuno di voi potrebbe spiegarmi come poter accedere tramite cavo roll dopo essermi telnettato nel router?
Grazie mille in anticipo

Ciao.
Per la LAN2 devi aggiungere nel router Nello switch devi mettere una password dentro a line vty, oppure creare un utente.

Paolo

grazie per la risposta, aggiungo subito l'acl e per quanto riguarda le password ci sono ma per praticità non l'ho inserite nella conf che ho postato
per la connessione con roll over non sai nulla?

Funziona?
Se ho capito cosa vuoi fare, questa è una guida http://www.techrepublic.com/article/con ... e-devices/, ma personalmente andrei con il telnet.
Non ti funziona, perché hai messo l'IP sulla VLAN 1 invece che sulla 4. Comunque converrebbe separare il traffico dati da quello di gestione degli apparati.

Paolo

Ciao Paolo, anche io andrei di Telnet ma non riesco essendo le giga gestibili solo tramite vlan, mi puoi dire come posso fare?

Leva quel IP dalla VLAN 1 e mettilo sulla 4

Paolo

Mmmmm sulla 4 ho già l' 192.168.0.1 e mi serve con il pane faccio una vlan5?

Ho sbagliato a scrivere. VLAN2 invece di 4. Parlo del IP 10.0.0.201 sullo switch. Se lo metti sulla VLAN sbagliata non puoi contattarlo.

Paolo

Ciao Paolo, ho fatto come mi hai detto, ma qualcosa non va, ho anche voluto associare una interfaccia fisica alla Vlan2 ma nulla, ho notato che dallo switch non riesco a pingare nemmeno il router ma comunque navigo,

boot-start-marker
boot-end-marker
!
enable password xxxxxxxxxxxxxxxxxxxxxxx
!
username admin password xxxxxxxxxxxxxxxxxxxxxxx
no aaa new-model
system mtu routing 1500
vtp mode transparent
ip subnet-zero
!
!
!
!
crypto pki trustpoint TP-self-signed-1964803840
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1964803840
revocation-check none
rsakeypair TP-self-signed-1964803840
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 2-5
!
!
!
interface GigabitEthernet0/1
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/2
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/3
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/4
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/5
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/6
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/7
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/10
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/11
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/12
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/13
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/14
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/15
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/16
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/17
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/18
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/19
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/20
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/21
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/22
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/23
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/24
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/25
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/26
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/27
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/28
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/29
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/30
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/31
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/32
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet0/33
switchport access vlan 5
switchport mode access
!
interface GigabitEthernet0/34
switchport access vlan 5
switchport mode access
!
interface GigabitEthernet0/35
switchport access vlan 5
switchport mode access
!
interface GigabitEthernet0/36
switchport access vlan 5
switchport mode access
!
interface GigabitEthernet0/37
switchport access vlan 5
switchport mode access
!
interface GigabitEthernet0/38
switchport access vlan 5
switchport mode access
!
interface GigabitEthernet0/39
switchport access vlan 5
switchport mode access
!
interface GigabitEthernet0/40
switchport access vlan 5
switchport mode access
!
interface GigabitEthernet0/41
switchport access vlan 5
switchport mode access
!
interface GigabitEthernet0/42
switchport access vlan 5
switchport mode access
!
interface GigabitEthernet0/43
switchport access vlan 5
switchport mode access
!
interface GigabitEthernet0/44
switchport access vlan 5
switchport mode access
!
interface GigabitEthernet0/45
description "CONNESSIONE AL ROUTER"
switchport access vlan 2
switchport mode trunk
spanning-tree portfast trunk
!
interface GigabitEthernet0/46
!
interface GigabitEthernet0/47
!
interface GigabitEthernet0/48
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan2
description "INDIRIZZO IP SWITCH"
ip address 10.0.0.201 255.255.255.0
no ip route-cache
!
interface Vlan3
description "PRIVATA"
no ip address
no ip route-cache
!
interface Vlan4
description "OSPITI"
no ip address
no ip route-cache
!
interface Vlan5
description "VIDEO"
no ip address
no ip route-cache
!
ip http server
ip http secure-server
!
control-plane
!
!
line con 0
line vty 0 4
password xxxxxxxxxxxxxxxxxxxxxxxxxxxx
login
line vty 5 15
login
!
end

questa è la conf modificata

Ho provato. A me funziona.
Prova a rimuovere dalla porta 45

Paolo

ci provo ma la stringa l'ho messa per disperazione, c'è da dire che ovviamente io sono connesso in wifi sulla vlan3 quindi ho un indirizzo 10.0.0.0 e nel router 10.0.0.200 mi telnetto senza problemi

Configurando come trunk deve andare

Paolo

Fatto, non va, ma la cosa strana è che dalla consolle dello switch non pingo il router

Dallo switch Paolo

cosa intendi? vuoi sapere come sono le interfacce?
se invio il comando telnet 10.0.0.201 la consolle rimane in trying 10.0.0.201....
comunque queste sono le interfacce dello switch
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM administratively down down
Vlan2 10.0.0.201 YES NVRAM up up
Vlan3 unassigned YES NVRAM up up
Vlan4 unassigned YES NVRAM up up
Vlan5 unassigned YES NVRAM up up
GigabitEthernet0/1 unassigned YES unset down down
GigabitEthernet0/2 unassigned YES unset down down
GigabitEthernet0/3 unassigned YES unset down down
GigabitEthernet0/4 unassigned YES unset down down
GigabitEthernet0/5 unassigned YES unset down down
GigabitEthernet0/6 unassigned YES unset down down
GigabitEthernet0/7 unassigned YES unset down down
GigabitEthernet0/8 unassigned YES unset down down
GigabitEthernet0/9 unassigned YES unset up up
GigabitEthernet0/10 unassigned YES unset down down
GigabitEthernet0/11 unassigned YES unset down down
GigabitEthernet0/12 unassigned YES unset down down
GigabitEthernet0/13 unassigned YES unset down down
GigabitEthernet0/14 unassigned YES unset down down
GigabitEthernet0/15 unassigned YES unset up up
GigabitEthernet0/16 unassigned YES unset down down
GigabitEthernet0/17 unassigned YES unset down down
GigabitEthernet0/18 unassigned YES unset down down
GigabitEthernet0/19 unassigned YES unset down down
GigabitEthernet0/20 unassigned YES unset down down
GigabitEthernet0/21 unassigned YES unset down down
GigabitEthernet0/22 unassigned YES unset down down
GigabitEthernet0/23 unassigned YES unset down down
GigabitEthernet0/24 unassigned YES unset down down
GigabitEthernet0/25 unassigned YES unset down down
GigabitEthernet0/26 unassigned YES unset down down
GigabitEthernet0/27 unassigned YES unset down down
GigabitEthernet0/28 unassigned YES unset down down
GigabitEthernet0/29 unassigned YES unset down down
GigabitEthernet0/30 unassigned YES unset down down
GigabitEthernet0/31 unassigned YES unset down down
GigabitEthernet0/32 unassigned YES unset down down
GigabitEthernet0/33 unassigned YES unset down down
GigabitEthernet0/34 unassigned YES unset down down
GigabitEthernet0/35 unassigned YES unset down down
GigabitEthernet0/36 unassigned YES unset down down
GigabitEthernet0/37 unassigned YES unset down down
GigabitEthernet0/38 unassigned YES unset down down
GigabitEthernet0/39 unassigned YES unset down down
GigabitEthernet0/40 unassigned YES unset down down
GigabitEthernet0/41 unassigned YES unset down down
GigabitEthernet0/42 unassigned YES unset down down
GigabitEthernet0/43 unassigned YES unset down down
GigabitEthernet0/44 unassigned YES unset down down
GigabitEthernet0/45 unassigned YES unset up up
GigabitEthernet0/46 unassigned YES unset down down
GigabitEthernet0/47 unassigned YES unset down down
GigabitEthernet0/48 unassigned YES unset down down