Problema Alice Business con ip pubblico su 877W

SpiderNeo · mer 23 gen , 2008 10:40 am

Salve a tutti,

seguendo gli utili consigli del forum sono riuscito a configurare il mio router, almeno spero essendo un neofita, in quanto nei pochi secondi che la linea rimane attiva riesco a navigare e scaricare la posta dalla lan. Il problema è il seguente, se provo a navigare dopo qualche secondo il router perde la connessione ADSL, aspettando qualche secondo la connessione risale per poi nuovamente cadere alla nuova richiesta di navigazione. Tutto ciò non si verifica se al posto del 877W utilizzo il router pirelli dato da telecom.

Non riesco a trovare una spiegazione a questo, probabilmente per la mia poca esperienza e gradirei un vostro aiuto, grazie.

PS: allego la mia conf.

CONF:
!version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Office
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$ReNO$11oeAD5Nm94nfMGTqf18n/
!
no aaa new-model
!
resource policy
!
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
ip subnet-zero
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1 10.10.10.100
ip dhcp excluded-address 10.10.10.137 10.10.10.254
!
ip dhcp pool sdm-pool1
import all
network 10.10.10.0 255.255.255.0
dns-server 151.99.125.1 151.99.0.100
default-router 10.10.10.1
!
!
ip inspect log drop-pkt
ip inspect name SDM_MEDIUM appfw SDM_MEDIUM
ip inspect name SDM_MEDIUM cuseeme
ip inspect name SDM_MEDIUM dns
ip inspect name SDM_MEDIUM ftp
ip inspect name SDM_MEDIUM h323
ip inspect name SDM_MEDIUM https
ip inspect name SDM_MEDIUM icmp
ip inspect name SDM_MEDIUM imap reset
ip inspect name SDM_MEDIUM pop3 reset
ip inspect name SDM_MEDIUM netshow
ip inspect name SDM_MEDIUM rcmd
ip inspect name SDM_MEDIUM realaudio
ip inspect name SDM_MEDIUM rtsp
ip inspect name SDM_MEDIUM esmtp
ip inspect name SDM_MEDIUM sqlnet
ip inspect name SDM_MEDIUM streamworks
ip inspect name SDM_MEDIUM tftp
ip inspect name SDM_MEDIUM tcp
ip inspect name SDM_MEDIUM udp
ip inspect name SDM_MEDIUM vdolive
ip tcp synwait-time 10
no ip bootp server
ip domain name XXXXXXXXXX
ip name-server 151.99.0.100
ip name-server 151.99.125.1
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
crypto pki trustpoint TP-self-signed-387589659
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-387589659
revocation-check none
rsakeypair TP-self-signed-387589659
!
!
crypto pki certificate chain TP-self-signed-387589659
certificate self-signed 01
30820257 308201C0 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33383735 38393635 39301E17 0D303230 33303130 37313635
385A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3338 37353839
36353930 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
CC28EC31 6E708B73 3BADC520 4FB16012 AA3A8641 2E99C522 C2B00ACA 9524601A
C7A254A4 6D60320B 357C64D9 5BE1D10E C9AEA00A 90DD8F3A AA652597 359E6069
F2A242A1 2F954FC6 282BCD2B 721C099F CDD9E832 A28AC862 F132C0B7 F8FB8B8E
E2D82483 84FA5C7F B26D615C 46CA7713 59C3987E 5CA4722F A9907221 2EF1CEAF
02030100 01A38180 307E300F 0603551D 130101FF 04053003 0101FF30 2B060355
1D110424 30228220 4F666669 63652E69 6E746572 76696465 6F6D6172 61736369
6F2E3139 312E6974 301F0603 551D2304 18301680 14CDDBE3 F86DED52 4E973390
6E5B8B7C 109DCB07 CD301D06 03551D0E 04160414 CDDBE3F8 6DED524E 9733906E
5B8B7C10 9DCB07CD 300D0609 2A864886 F70D0101 04050003 81810071 E9618CC0
FE2D8AC2 E80CA7E1 6F6B715B EAA027EF D584455F 71F51A53 887827FF 677ECED5
D624A654 6AD83F71 898E0ADC BC849312 46E45B0F 19CEB968 D1A540E9 8E563F69
08F5CB45 A4208032 2CABB5A6 34337DAD B072F2C6 DB4A3B5E 1D2B9344 9D025A26
CB991540 9B61B836 6273CA3E CC619994 A1AFE146 34D146F8 35216B
quit
username XXXXXXXXXX privilege 15 secret 5 $1$4PBJ$OdQtKJrUo5kYXA/MUchGP0
!
!
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
!
encryption vlan 2 key 1 size 40bit 7 DAA6D882F1D0 transmit-key
encryption vlan 2 mode wep mandatory
!
ssid Office877W
vlan 2
authentication open
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Dot11Radio0.2
description $FW_INSIDE$
encapsulation dot1Q 2 native
ip address 10.10.20.1 255.255.255.0
ip access-group 102 in
ip nat inside
ip virtual-reassembly
no snmp trap link-status
no cdp enable
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 10.10.10.1 255.255.255.0
ip access-group 103 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1412
!
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
ip access-group 104 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1452
ip inspect SDM_MEDIUM out
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username XXXXXXXXXX password 7 01185408563F0706731E41
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source list 2 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 2 remark INSIDE_IF=Vlan2
access-list 2 remark SDM_ACL Category=2
access-list 2 permit 10.10.20.0 0.0.0.255
access-list 100 remark auto generated by Cisco SDM Express firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by Cisco SDM Express firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 permit udp host 151.99.0.100 eq domain any
access-list 101 permit udp host 151.99.125.1 eq domain any
access-list 101 deny ip 10.10.10.0 0.0.0.255 any
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip any any
access-list 102 remark auto generated by SDM firewall configuration
access-list 102 remark SDM_ACL Category=1
access-list 102 permit ip 10.10.10.0 0.0.0.255 any
access-list 102 deny ip host 255.255.255.255 any
access-list 102 deny ip 127.0.0.0 0.255.255.255 any
access-list 102 permit ip any any
access-list 103 remark auto generated by SDM firewall configuration
access-list 103 remark SDM_ACL Category=1
access-list 103 permit ip 10.10.20.0 0.0.0.255 any
access-list 103 deny ip host 255.255.255.255 any
access-list 103 deny ip 127.0.0.0 0.255.255.255 any
access-list 103 permit ip any any
access-list 104 remark auto generated by SDM firewall configuration
access-list 104 remark SDM_ACL Category=1
access-list 104 permit udp host 151.99.0.100 eq domain any
access-list 104 permit udp host 151.99.125.1 eq domain any
access-list 104 permit ip 10.10.10.0 0.0.0.255 any
access-list 104 permit ip 10.10.20.0 0.0.0.255 any
access-list 104 permit icmp any any echo-reply
access-list 104 permit icmp any any time-exceeded
access-list 104 permit icmp any any unreachable
access-list 104 deny ip 172.16.0.0 0.15.255.255 any
access-list 104 deny ip 192.168.0.0 0.0.255.255 any
access-list 104 deny ip 127.0.0.0 0.255.255.255 any
access-list 104 deny ip host 255.255.255.255 any
access-list 104 deny ip host 0.0.0.0 any
access-list 104 deny ip any any log
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end

[Dj][DMX] · mer 23 gen , 2008 11:29 pm

In base a cosa dici che cade la connessione e poi si rialza?
La configurazione l'hai fatta da sdm?

SpiderNeo · gio 24 gen , 2008 8:53 am

La conf è stata fatta da SDM.

se inserisco nella configurazione della dialer0 IP DINAMICO anzichè inserire quello datomi da alice, il router non manifesta il problema della perdita del segnale ADSL e la navigazione risulta a volte molto lenta oppure si pianta, invece la posta funziona perfettamente.

1) Credo possa essere un problema di DNS...........
2) Se ho un IP statico, perchè la navigazione seppur lenta avviene solo con IP DINAMICO su Dialer0 ?
3) Con il router bianco di ALICE la navigazione non ha alcun problema, a parte qualche piccolo rallentamento di norma.

Cosa ne pensate ???

Thanks for all !!!

Problema Alice Business con ip pubblico su 877W

Login • Iscriviti