HELP Configurazione cisco 837 pool 8 ip pubblici smart

geoborders · mar 16 ago , 2005 9:38 am

Ciao a tutti ,

ho un problema, mi hanno assegnato un pool di indirizzi pubblici, il router (CISCO 837) naviga in internet ma nn riesce a far rendere pubblici gli ip !!
mi date una dritta?

IP PUBBLICI : 82.90.157.xx1-xx6 maschera 255.255.255.248
IP ATM: 82.90.35.x9 maschera 255.255.255.0
GW: 82.90.35.x54

ora,

la configurazione che mi permette di navigare è la seguente:

version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ENTERPRISE
!
no logging console
enable secret 5 <removed>
enable password 7 <removed>
!
username CRWS_dheeraj privilege 15 password 7 <removed>
username CRWS_Shashi privilege 15 password 7 <removed>
username CRWS_Santhosh privilege 15 password 7 <removed>
username CRWS_Ritesh privilege 15 password 7 <removed>
username CRWS_Giri privilege 15 password 7 <removed>
username CRWS_Sangeetha privilege 15 password 7 <removed>
username CRWS_Ulags privilege 15 password 7 <removed>
username flavio password 7 <removed>
username CRWS_Jaidil privilege 15 password 7 <removed>
no aaa new-model
ip subnet-zero
ip name-server 151.99.125.2
ip name-server 151.99.0.100
ip dhcp excluded-address 10.39.5.120
ip dhcp excluded-address 10.39.5.122
ip dhcp excluded-address 10.39.5.123
ip dhcp excluded-address 10.39.5.124
ip dhcp excluded-address 10.39.5.125
ip dhcp excluded-address 10.39.5.126
ip dhcp excluded-address 10.39.5.127
ip dhcp excluded-address 10.39.5.128
ip dhcp excluded-address 10.39.5.129
ip dhcp excluded-address 10.39.5.144
ip dhcp excluded-address 10.39.5.166
ip dhcp excluded-address 10.39.5.121
!
!
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
!
!
!
!
!
!
!
interface Ethernet0
ip address 10.39.5.144 255.255.255.0
ip nat inside
no ip mroute-cache
hold-queue 100 out
!
interface ATM0
no ip address
atm vc-per-vp 64
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
ip address 82.90.35.x9 255.255.255.0
ip nat outside
pvc 8/35
encapsulation aal5snap
!
!
!
interface FastEthernet1
no ip address
duplex auto
speed auto
!
interface FastEthernet2
no ip address
duplex auto
speed auto
!
interface FastEthernet3
no ip address
duplex auto
speed auto
!
interface FastEthernet4
no ip address
duplex auto
speed auto
!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer remote-name redback
dialer-group 1
ppp authentication pap chap callin
ppp chap password 7 110E1C0A151D190801
ppp pap sent-username [email protected] password 7 121E001810041E002F
ppp ipcp dns request
!
ip
ip nat inside source list 1 interface ATM0 overload
ip nat inside source list 102 interface ATM0.1 overload

ip classless
ip route 0.0.0.0 0.0.0.0 ATM0.1
ip http server
no ip http secure-server
!

access-list 23 permit 10.39.5.0 0.0.0.255
access-list 102 permit ip 10.39.5.0 0.0.0.255 any
access-list 133 deny ip any any!
scheduler max-task-time 5000
!
end

Ora, come faccio a configurare gli 8 ip aggiuntivi?

Renato.Efrati · mar 16 ago , 2005 9:46 am

xke usi il capslock?

geoborders · mar 16 ago , 2005 9:49 am

sorry.. nn mi ero accorto del capslock !!

geoborders · mar 16 ago , 2005 9:50 am

geoborders ha scritto:Ciao a tutti ,

ho un problema, mi hanno assegnato un pool di indirizzi pubblici, il router (CISCO 837) naviga in internet ma nn riesce a far rendere pubblici gli ip !!
mi date una dritta?

IP PUBBLICI : 82.90.157.xx1-xx6 maschera 255.255.255.248
IP ATM: 82.90.35.x9 maschera 255.255.255.0
GW: 82.90.35.x54

ora,

la configurazione che mi permette di navigare è la seguente:

version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ENTERPRISE
!
no logging console
enable secret 5 <removed>
enable password 7 <removed>
!
username CRWS_dheeraj privilege 15 password 7 <removed>
username CRWS_Shashi privilege 15 password 7 <removed>
username CRWS_Santhosh privilege 15 password 7 <removed>
username CRWS_Ritesh privilege 15 password 7 <removed>
username CRWS_Giri privilege 15 password 7 <removed>
username CRWS_Sangeetha privilege 15 password 7 <removed>
username CRWS_Ulags privilege 15 password 7 <removed>
username flavio password 7 <removed>
username CRWS_Jaidil privilege 15 password 7 <removed>
no aaa new-model
ip subnet-zero
ip name-server 151.99.125.2
ip name-server 151.99.0.100
ip dhcp excluded-address 10.39.5.120
ip dhcp excluded-address 10.39.5.122
ip dhcp excluded-address 10.39.5.123
ip dhcp excluded-address 10.39.5.124
ip dhcp excluded-address 10.39.5.125
ip dhcp excluded-address 10.39.5.126
ip dhcp excluded-address 10.39.5.127
ip dhcp excluded-address 10.39.5.128
ip dhcp excluded-address 10.39.5.129
ip dhcp excluded-address 10.39.5.144
ip dhcp excluded-address 10.39.5.166
ip dhcp excluded-address 10.39.5.121
!
!
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
!
!
!
!
!
!
!
interface Ethernet0
ip address 10.39.5.144 255.255.255.0
ip nat inside
no ip mroute-cache
hold-queue 100 out
!
interface ATM0
no ip address
atm vc-per-vp 64
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
ip address 82.90.35.x9 255.255.255.0
ip nat outside
pvc 8/35
encapsulation aal5snap
!
!
!
interface FastEthernet1
no ip address
duplex auto
speed auto
!
interface FastEthernet2
no ip address
duplex auto
speed auto
!
interface FastEthernet3
no ip address
duplex auto
speed auto
!
interface FastEthernet4
no ip address
duplex auto
speed auto
!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer remote-name redback
dialer-group 1
ppp authentication pap chap callin
ppp chap password 7 110E1C0A151D190801
ppp pap sent-username [email protected] password 7 121E001810041E002F
ppp ipcp dns request
!
ip
ip nat inside source list 1 interface ATM0 overload
ip nat inside source list 102 interface ATM0.1 overload

ip classless
ip route 0.0.0.0 0.0.0.0 ATM0.1
ip http server
no ip http secure-server
!

access-list 23 permit 10.39.5.0 0.0.0.255
access-list 102 permit ip 10.39.5.0 0.0.0.255 any
access-list 133 deny ip any any!
scheduler max-task-time 5000
!
end

Ora, come faccio a configurare gli 8 ip aggiuntivi?

Riesci a darmi qualche dritta? Noti qualcosa di errato o impreciso?

Renato.Efrati · mar 16 ago , 2005 9:54 am

si o fai nat statico , oppure prend iun indirizzo publico lo metti sulla ethernet e metti gli ip publici direttamente sulle macchine

geoborders · mar 16 ago , 2005 9:59 am

Ispa ha scritto:si o fai nat statico , oppure prend iun indirizzo publico lo metti sulla ethernet e metti gli ip publici direttamente sulle macchine

............quando avevo solo un ip usavo il nat così configurato:

ip nat inside source static tcp 10.39.5.166 81 interface Dialer1 81
ip nat inside source static tcp 10.39.5.166 53 interface Dialer1 53
ip nat inside source static tcp 10.39.5.166 80 interface Dialer1 80
ip nat inside source static tcp 10.39.5.166 21 interface Dialer1 21
ip nat inside source static tcp 10.39.5.166 110 interface Dialer1 110
ip nat inside source static tcp 10.39.5.166 25 interface Dialer1 25
(prima c'era al posto di Dialer1 -> ATM0.1, cosa è giusto ?)
................ho provato a fare il nat in questo modo:

ip nat pool PUBBLICI 82.90.157.xx1 82.90.157.xx6 netmask 255.255.255.248
ip nat inside source list 1 interface ATM0 overload
!

ip nat inside source static tcp 10.39.5.121 80 82.90.157.xx2 80 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 ATM0.1
ip http server
no ip http secure-server
!
access-list 1 permit 82.90.157.0 0.0.0.248
access-list 1 permit 82.90.157.0 0.0.0.255
access-list 23 permit 10.39.5.0 0.0.0.255
access-list 102 permit ip 10.39.5.0 0.0.0.255 any
access-list 133 deny ip any any

geoborders · mar 16 ago , 2005 10:02 am

Ispa ha scritto:si o fai nat statico , oppure prend iun indirizzo publico lo metti sulla ethernet e metti gli ip publici direttamente sulle macchine

la cosa più semplice? ho provato anche a mettere un ip pubblico sulla macchina interna.... ma da ext nn mi fa vedere niente !!

geoborders · mar 16 ago , 2005 11:26 am

non funziona.

ma al router devo dargli qualche istruzione per fargli capire che ha degli ip aggiuntivi ?

geoborders · mar 16 ago , 2005 11:29 am

geoborders ha scritto:non funziona.

ma al router devo dargli qualche istruzione per fargli capire che ha degli ip aggiuntivi ?

version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ENTERPRISE
!
!
no aaa new-model
ip subnet-zero
ip name-server 151.99.125.1
ip name-server 151.99.0.100
!
!
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
!
!
!

interface Ethernet0
ip address 10.39.5.144 255.255.255.0
ip nat inside
no ip mroute-cache
hold-queue 100 out
!
interface ATM0
no ip address
atm vc-per-vp 64
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
ip address 82.90.35.X9 255.255.255.0
ip nat outside
pvc 8/35
encapsulation aal5snap
!
interface FastEthernet1
no ip address
duplex auto
speed auto
!
interface FastEthernet2
no ip address
duplex auto
speed auto
!
interface FastEthernet3
no ip address
duplex auto
speed auto
!
interface FastEthernet4
no ip address
duplex auto
speed auto
!
interface Dialer1
ip address negotiated
ip mtu 1492
p nat outside
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer remote-name redback
dialer-group 1
ppp authentication pap chap callin
ppp chap password 0 xxxxxxxxxx
ppp pap sent-username [email protected] password 0 xxxxxxxxxxx
ppp ipcp dns request
!
ip nat inside source list 102 interface ATM0.1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 ATM0.1
ip http server
no ip http secure-server
!
access-list 23 permit 10.39.5.0 0.0.0.255
access-list 102 permit ip 10.39.5.0 0.0.0.255 any
access-list 133 deny ip any any
!
line con 0
no modem enable
ine aux 0
line vty 0 4
!
scheduler max-task-time 5000
!
end

In questo modo riesco a navigare .. MA gli ip ??? ho configurato una macchina Web con l'ip 82.90.157.xx1.. però da ext nn viene vista ?!?!?!

geoborders · mar 16 ago , 2005 12:56 pm

datemi una mano !!! nn ci sto capendo più niente... è possibile avere un esempio di configurazione di un'adsl SMART telecom con 8 ip aggiuntivi ??

granzie in anticipo !

geoborders · mar 16 ago , 2005 6:27 pm

geoborders ha scritto:
geoborders ha scritto:non funziona.

ma al router devo dargli qualche istruzione per fargli capire che ha degli ip aggiuntivi ?
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ENTERPRISE
!
!
no aaa new-model
ip subnet-zero
ip name-server 151.99.125.1
ip name-server 151.99.0.100
!
!
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
!
!
!

interface Ethernet0
ip address 10.39.5.144 255.255.255.0
ip nat inside
no ip mroute-cache
hold-queue 100 out
!
interface ATM0
no ip address
atm vc-per-vp 64
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
ip address 82.90.35.X9 255.255.255.0
ip nat outside
pvc 8/35
encapsulation aal5snap
!
interface FastEthernet1
no ip address
duplex auto
speed auto
!
interface FastEthernet2
no ip address
duplex auto
speed auto
!
interface FastEthernet3
no ip address
duplex auto
speed auto
!
interface FastEthernet4
no ip address
duplex auto
speed auto
!
interface Dialer1
ip address negotiated
ip mtu 1492
p nat outside
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer remote-name redback
dialer-group 1
ppp authentication pap chap callin
ppp chap password 0 xxxxxxxxxx
ppp pap sent-username [email protected] password 0 xxxxxxxxxxx
ppp ipcp dns request
!
ip nat inside source list 102 interface ATM0.1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 ATM0.1
ip http server
no ip http secure-server
!
access-list 23 permit 10.39.5.0 0.0.0.255
access-list 102 permit ip 10.39.5.0 0.0.0.255 any
access-list 133 deny ip any any
!
line con 0
no modem enable
ine aux 0
line vty 0 4
!
scheduler max-task-time 5000
!
end

In questo modo riesco a navigare .. MA gli ip ??? ho configurato una macchina Web con l'ip 82.90.157.xx1.. però da ext nn viene vista ?!?!?!

ok. ci provo.. per il resto è tutto ok ?

ip nat inside source list 102 interface ATM0.1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 ATM0.1
ip http server
no ip http secure-server
!
access-list 23 permit 10.39.5.0 0.0.0.255
access-list 102 permit ip 10.39.5.0 0.0.0.255 any
access-list 133 deny ip any any
!

geoborders · mer 17 ago , 2005 9:37 am

thinker ha scritto:le citazioni non mi fanno capire bene.
a che punto sei?
--
antonio

allora ho configurato :
ATM0
ATM0.1
Dialer1
ethernet0 ( con ip sia pubblico che privato)

Il router è in internet, riesco a pingare, sia ATM0 che ATM0.1 muovono pacchetti, ora devo far navigare le macchine interne.

Ti spiego come è articolata la mia rete:

Router ->gateway ->client ( rete privata)
Router ->server web e altri servizi (rete pubblica)

devo mettere qualche access-list? qualche autorizzazione?

spero sia tutto chiaro !

HELP Configurazione cisco 837 pool 8 ip pubblici smart

Login • Iscriviti