Quindi la stringa dovrebbe essere così?
Codice: Seleziona tutto
permit tcp host xx.xx.xx.xx eq 22 any
permit udp host xx.xx.xx.xx eq 22 any
Grazie per le dritte....
RISOLTO Problema Load Balancing e FileOver
Moderatore: Federico.Lagni
-
sardinside
- Cisco fan
- Messaggi: 31
- Iscritto il: gio 06 mar , 2014 3:38 pm
No Paolo ero fuori ho avuto problemi sul lavoro....
Quindi la stringa dovrebbe essere così?
Correggimi se sbaglio... Ed eventualmente la stessa stringa con eventuale ip statico sulla dia1 andrebbe impostata nell'acl sla2 giusto?
Grazie per le dritte....
Quindi la stringa dovrebbe essere così?
Grazie per le dritte....
-
paolomat75
- Messianic Network master
- Messaggi: 2965
- Iscritto il: ven 29 gen , 2010 10:25 am
- Località: Prov di GE
Sono di corsa, ma direi di si.
Ciao
Paolo
Ciao
Paolo
Non cade foglia che l'inconscio non voglia (S.B.)
-
sardinside
- Cisco fan
- Messaggi: 31
- Iscritto il: gio 06 mar , 2014 3:38 pm
Perfetto Paolo funziona alla grande... Posso postare l'intera soluzione per il bene della comunità?
Saluti
Saluti
-
paolomat75
- Messianic Network master
- Messaggi: 2965
- Iscritto il: ven 29 gen , 2010 10:25 am
- Località: Prov di GE
Ottimo. Certo! Non ho brevettato la soluzione 
Paolo
Paolo
Non cade foglia che l'inconscio non voglia (S.B.)
-
sardinside
- Cisco fan
- Messaggi: 31
- Iscritto il: gio 06 mar , 2014 3:38 pm
Perfetto... E ti ringrazio davvero per l'aiuto che mi hai dato...
-
paolomat75
- Messianic Network master
- Messaggi: 2965
- Iscritto il: ven 29 gen , 2010 10:25 am
- Località: Prov di GE
Pregosardinside ha scritto:Perfetto... E ti ringrazio davvero per l'aiuto che mi hai dato...
Non cade foglia che l'inconscio non voglia (S.B.)
-
sardinside
- Cisco fan
- Messaggi: 31
- Iscritto il: gio 06 mar , 2014 3:38 pm
Ciao a tutti vi posto la configurazione definitiva e funzionale... E' compreso FileOver + Load Balncing + Static Nat
Il tutto è stato testato e funzionante grazie a paolomat75 .... E' presente anche l'accesso remoto nel caso abbiate ip statici.... nel mio caso dietro la gi 0/0 è presente un ulteriore router che ha altre 2 connessioni adsl ... Spero vi sia utile...
A presto
Il tutto è stato testato e funzionante grazie a paolomat75 .... E' presente anche l'accesso remoto nel caso abbiate ip statici.... nel mio caso dietro la gi 0/0 è presente un ulteriore router che ha altre 2 connessioni adsl ... Spero vi sia utile...
Codice: Seleziona tutto
Building configuration...
Current configuration : 8411 bytes
!
! Last configuration change at 09:25:38 UTC Wed Jan 20 2016 by comecar
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname XXXXX
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 XXXXXX
!
no aaa new-model
!
no ip cef optimize neighbor resolution
ip cef
!
!
!
!
!
!
no ip domain lookup
ip domain name XXXXX.local
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1921/K9 sn FGL1819205A
!
!
username XXXX password 7 XXXXXXX
!
redundancy
!
!
!
!
!
controller VDSL 0/0/0
!
controller VDSL 0/1/0
!
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2
!
track 1 ip sla 1
delay down 10 up 10
!
track 2 ip sla 2
delay down 10 up 10
!
track 3 ip sla 3
delay down 10 up 10
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 10.0.10.2 255.255.255.252
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 10.0.0.1 255.255.255.252
ip nat inside
ip virtual-reassembly in
ip policy route-map WWWSERVICE
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface Ethernet0/0/0
no ip address
shutdown
!
interface ATM0/1/0
no ip address
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 2
!
!
interface Ethernet0/1/0
no ip address
shutdown
!
interface Dialer0
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname xxxxxx
ppp chap password xxxxxx
no cdp enable
!
interface Dialer1
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp header-compression
dialer pool 2
dialer-group 2
ppp authentication chap pap callin
ppp chap hostname xxxxxxx
ppp chap password xxxxxxx
no cdp enable
!
ip local policy route-map IPSLA
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source route-map COMECAR_1 interface GigabitEthernet0/0 overload
ip nat inside source route-map DIAL0 interface Dialer0 overload
ip nat inside source route-map DIAL1 interface Dialer1 overload
ip nat inside source static tcp 10.0.5.2 25 aaaaaaaa 25 extendable
ip nat inside source static udp 10.0.5.2 25 aaaaaaaa 25 extendable
ip nat inside source static tcp 10.0.5.2 80 aaaaaaaa 80 extendable
ip nat inside source static udp 10.0.5.2 80 aaaaaaaa 80 extendable
ip nat inside source static tcp 10.0.5.2 443 aaaaaaaa 443 extendable
ip nat inside source static udp 10.0.5.2 443 aaaaaaaa 443 extendable
ip nat inside source static tcp 10.0.5.2 5004 aaaaaaaa 5004 extendable
ip nat inside source static udp 10.0.5.2 5004 aaaaaaaa 5004 extendable
ip nat inside source static tcp 10.0.5.2 8080 aaaaaaaa 8080 extendable
ip nat inside source static udp 10.0.5.2 8080 aaaaaaaa 8080 extendable
ip nat inside source static tcp 10.0.5.3 8016 bbbbbbbb 8016 extendable
ip nat inside source static udp 10.0.5.3 8016 bbbbbbbb 8016 extendable
ip nat inside source static tcp 10.0.5.3 8200 bbbbbbbb 8200 extendable
ip nat inside source static udp 10.0.5.3 8200 bbbbbbbb 8200 extendable
ip nat inside source static tcp 10.0.5.3 10019 bbbbbbbb 10019 extendable
ip nat inside source static udp 10.0.5.3 10019 bbbbbbbb 10019 extendable
ip nat inside source static tcp 10.0.5.3 10088 bbbbbbbb 10088 extendable
ip nat inside source static udp 10.0.5.3 10088 bbbbbbbb 10088 extendable
ip nat inside source static tcp 10.0.5.3 12088 bbbbbbbb 12088 extendable
ip nat inside source static udp 10.0.5.3 12088 bbbbbbbb 12088 extendable
ip nat inside source static tcp 10.0.5.4 80 cccccccc 80 extendable
ip nat inside source static udp 10.0.5.4 80 cccccccc 80 extendable
ip nat inside source static tcp 10.0.5.5 23 dddddddd 23 extendable
ip nat inside source static udp 10.0.5.5 23 dddddddd 23 extendable
ip nat inside source static tcp 10.0.5.5 80 dddddddd 80 extendable
ip nat inside source static udp 10.0.5.5 80 dddddddd 80 extendable
ip nat inside source static tcp 10.0.5.5 3300 dddddddd 3300 extendable
ip nat inside source static udp 10.0.5.5 3300 dddddddd 3300 extendable
ip nat inside source static tcp 10.0.5.6 7 eeeeeeeee 7 extendable
ip nat inside source static udp 10.0.5.6 7 eeeeeeeee 7 extendable
ip nat inside source static tcp 10.0.5.6 25 eeeeeeeee 25 extendable
ip nat inside source static udp 10.0.5.6 25 eeeeeeeee 25 extendable
ip nat inside source static tcp 10.0.5.6 80 eeeeeeeee 80 extendable
ip nat inside source static udp 10.0.5.6 80 eeeeeeeee 80 extendable
ip nat inside source static tcp 10.0.5.6 6036 eeeeeeeee 6036 extendable
ip nat inside source static udp 10.0.5.6 6036 eeeeeeeee 6036 extendable
ip nat inside source static tcp 10.0.5.6 9008 eeeeeeeee 9008 extendable
ip nat inside source static udp 10.0.5.6 9008 eeeeeeeee 9008 extendable
ip nat inside source static tcp 10.0.5.6 10002 eeeeeeeee 10002 extendable
ip nat inside source static udp 10.0.5.6 10002 eeeeeeeee 10002 extendable
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1 track 2
ip route 0.0.0.0 0.0.0.0 10.0.10.1 track 3
ip route 4.2.2.2 255.255.255.255 GigabitEthernet0/0
ip route 10.0.2.0 255.255.255.0 10.0.0.2
ip route 10.0.3.0 255.255.255.224 10.0.0.2
ip route 10.0.4.0 255.255.255.192 10.0.0.2
ip route 10.0.5.0 255.255.255.0 10.0.0.2
ip route 10.0.10.0 255.255.255.252 10.0.0.2
!
ip access-list extended SLA1
permit icmp any host 8.8.8.8 echo
permit tcp host (static ip public dialer 0) eq 22 any
permit udp host (static ip public dialer 0) eq 22 any
ip access-list extended SLA2
permit icmp any host 8.8.4.4 echo
permit tcp host (static ip public dialer 1) eq 22 any
permit udp host (static ip public dialer 1) eq 22 any
!
ip sla auto discovery
ip sla 1
icmp-echo 8.8.8.8 source-interface Dialer0
threshold 500
frequency 5
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 8.8.4.4 source-interface Dialer1
threshold 500
frequency 5
ip sla schedule 2 life forever start-time now
ip sla 3
icmp-echo 4.2.2.2 source-interface GigabitEthernet0/0
threshold 500
frequency 5
ip sla schedule 3 life forever start-time now
access-list 1 permit 10.0.2.0 0.0.0.255
access-list 1 permit 10.0.3.0 0.0.0.31
access-list 1 permit 10.0.4.0 0.0.0.63
access-list 1 permit 10.0.5.0 0.0.0.255
access-list 1 permit 10.0.10.0 0.0.0.3
access-list 100 permit udp host 10.0.5.2 eq 80 any
access-list 100 permit tcp host 10.0.5.2 eq 80 any
access-list 100 permit udp host 10.0.5.2 eq 25 any
access-list 100 permit tcp host 10.0.5.2 eq 25 any
access-list 100 permit udp host 10.0.5.2 eq 443 any
access-list 100 permit tcp host 10.0.5.2 eq 443 any
access-list 100 permit udp host 10.0.5.2 eq 5004 any
access-list 100 permit tcp host 10.0.5.2 eq 5004 any
access-list 100 permit udp host 10.0.5.2 eq 8080 any
access-list 100 permit tcp host 10.0.5.2 eq 8080 any
access-list 100 permit tcp host 10.0.5.3 eq 80 any
access-list 100 permit udp host 10.0.5.3 eq 80 any
access-list 100 permit tcp host 10.0.5.3 eq 12088 any
access-list 100 permit udp host 10.0.5.3 eq 12088 any
access-list 100 permit tcp host 10.0.5.3 eq 8016 any
access-list 100 permit udp host 10.0.5.3 eq 8016 any
access-list 100 permit tcp host 10.0.5.3 eq 8200 any
access-list 100 permit udp host 10.0.5.3 eq 8200 any
access-list 100 permit tcp host 10.0.5.3 eq 10019 any
access-list 100 permit udp host 10.0.5.3 eq 10019 any
access-list 100 permit tcp host 10.0.5.3 eq 10088 any
access-list 100 permit udp host 10.0.5.3 eq 10088 any
access-list 100 permit udp host 10.0.5.4 eq 80 any
access-list 100 permit tcp host 10.0.5.4 eq 80 any
access-list 100 permit udp host 10.0.5.5 eq 80 any
access-list 100 permit tcp host 10.0.5.5 eq 80 any
access-list 100 permit udp host 10.0.5.5 eq 23 any
access-list 100 permit tcp host 10.0.5.5 eq 23 any
access-list 100 permit udp host 10.0.5.5 eq 3300 any
access-list 100 permit tcp host 10.0.5.5 eq 3300 any
access-list 100 permit udp host 10.0.5.6 eq 80 any
access-list 100 permit tcp host 10.0.5.6 eq 80 any
access-list 100 permit udp host 10.0.5.6 eq 7 any
access-list 100 permit tcp host 10.0.5.6 eq 7 any
access-list 100 permit udp host 10.0.5.6 eq 25 any
access-list 100 permit tcp host 10.0.5.6 eq 25 any
access-list 100 permit udp host 10.0.5.6 eq 6036 any
access-list 100 permit tcp host 10.0.5.6 eq 6036 any
access-list 100 permit udp host 10.0.5.6 eq 9008 any
access-list 100 permit tcp host 10.0.5.6 eq 9008 any
access-list 100 permit udp host 10.0.5.6 eq 10002 any
access-list 100 permit tcp host 10.0.5.6 eq 10002 any
access-list 100 permit ip any any
!
route-map WWWSERVICE permit 10
match ip address 100
set interface Dialer0
!
route-map DIAL0 permit 10
match ip address 1
match interface Dialer0
!
route-map DIAL1 permit 10
match ip address 1
match interface Dialer1
!
route-map COMECAR_1 permit 10
match ip address 1
match interface GigabitEthernet0/0
!
route-map IPSLA permit 10
match ip address SLA1
set interface Dialer0
!
route-map IPSLA permit 20
match ip address SLA2
set interface Dialer1
!
route-map IPSLA permit 30
set interface GigabitEthernet0/0
!
!
!
control-plane
!
!
!
line con 0
password xxxxxxxx
logging synchronous
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password xxxxxxxx
login local
transport input ssh
line vty 5 15
password xxxxxxxx
login local
transport input ssh
!
scheduler allocate 20000 1000
!
end
A presto
