Configurazione cisco 877 con ip pubblico e lan privata
Inviato: mer 11 giu , 2008 9:12 am
Salve a tutti,
la Telecom mi ha dato i seguenti dati
ptp 88.76.209.128 255.255.255.252
ip router 85.59.28.203/208 255.255.255.248
io ho una rete lan con ip 10.10.10.1 255.255.255.0
ho configurato il mio cisco 877 con questo file
vado su internet se la scheda di rete del pc ha ip 85.59.28.204
ma se ha ip 10.10.10.2 no infatti
il ping del router è positivo se ping 85.59.28.203
è negativo se ping 10.10.10.1
come posso modificare la configurazione?
grazie alba
!This is the running config of the router: 85.59.28.203
!----------------------------------------------------------------------------
!version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $1$i/i0$8tqkueTR3Z1z3xe.snxp90
!
no aaa new-model
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-1161286901
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1161286901
revocation-check none
rsakeypair TP-self-signed-1161286901
!
!
crypto pki certificate chain TP-self-signed-1161286901
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31313631 32383639 3031301E 170D3038 30363130 30313137
30345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 31363132
38363930 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100E823 DFE384E4 038C0F66 12A52B04 89859B4A 4E77275C D9AEDEF3 0356EC30
00E46F09 35645562 07669EE2 C92C0D2E 602DB491 E1DE6521 18A812B3 894D5DFD
DF7C7CE7 3CD7BBF7 885EE1AC 599D4322 2CEB976D 2BBE0683 CDDE1E19 ABD7A019
D8168613 47082CA3 769C4F96 EE068A6A 2229DB33 006A6942 564D7199 B02C8576
FE4D0203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
301F0603 551D2304 18301680 144F485C 21ABC497 8CBCD6C0 15DA51BB AF8C81CE
86301D06 03551D0E 04160414 4F485C21 ABC4978C BCD6C015 DA51BBAF 8C81CE86
300D0609 2A864886 F70D0101 04050003 8181005D 14EBD9E4 0E613960 D29060BD
7EEA362D 0C25E996 21B1DB72 DD4FB251 D478BD85 525BB403 BB803368 CC82605C
5C19607D 469145A1 F20E70CB 046E9628 6E33C4A4 BF325C50 272A460C 0B8406F1
7D0D51A4 DF73304B 4059FB88 DF1A32B2 7A6390FC F45BEE99 C5629B3E BD23BA75
E5708041 3B7CA2E6 8E906B68 3D078E63 B6C2E3
quit
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool1
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip bootp server
ip domain name yourdomain.com
ip name-server 151.99.125.2
ip name-server 151.99.125.3
!
!
!
username pierino privilege 15 secret 5 $1$b8jI$/M2PmT0T4KHVh0Kb4rIYY.
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip address 88.76.209.128 255.255.255.252
ip nat outside
ip virtual-reassembly
pvc 8/35
oam-pvc manage
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 85.59.28.203 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Vlan2
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 ATM0.1
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface ATM0.1 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
no cdp run
!
!
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device and
it provides the default username "cisco" for one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
-----------------------------------------------------------------------
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
la Telecom mi ha dato i seguenti dati
ptp 88.76.209.128 255.255.255.252
ip router 85.59.28.203/208 255.255.255.248
io ho una rete lan con ip 10.10.10.1 255.255.255.0
ho configurato il mio cisco 877 con questo file
vado su internet se la scheda di rete del pc ha ip 85.59.28.204
ma se ha ip 10.10.10.2 no infatti
il ping del router è positivo se ping 85.59.28.203
è negativo se ping 10.10.10.1
come posso modificare la configurazione?
grazie alba
!This is the running config of the router: 85.59.28.203
!----------------------------------------------------------------------------
!version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $1$i/i0$8tqkueTR3Z1z3xe.snxp90
!
no aaa new-model
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-1161286901
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1161286901
revocation-check none
rsakeypair TP-self-signed-1161286901
!
!
crypto pki certificate chain TP-self-signed-1161286901
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31313631 32383639 3031301E 170D3038 30363130 30313137
30345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 31363132
38363930 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100E823 DFE384E4 038C0F66 12A52B04 89859B4A 4E77275C D9AEDEF3 0356EC30
00E46F09 35645562 07669EE2 C92C0D2E 602DB491 E1DE6521 18A812B3 894D5DFD
DF7C7CE7 3CD7BBF7 885EE1AC 599D4322 2CEB976D 2BBE0683 CDDE1E19 ABD7A019
D8168613 47082CA3 769C4F96 EE068A6A 2229DB33 006A6942 564D7199 B02C8576
FE4D0203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
301F0603 551D2304 18301680 144F485C 21ABC497 8CBCD6C0 15DA51BB AF8C81CE
86301D06 03551D0E 04160414 4F485C21 ABC4978C BCD6C015 DA51BBAF 8C81CE86
300D0609 2A864886 F70D0101 04050003 8181005D 14EBD9E4 0E613960 D29060BD
7EEA362D 0C25E996 21B1DB72 DD4FB251 D478BD85 525BB403 BB803368 CC82605C
5C19607D 469145A1 F20E70CB 046E9628 6E33C4A4 BF325C50 272A460C 0B8406F1
7D0D51A4 DF73304B 4059FB88 DF1A32B2 7A6390FC F45BEE99 C5629B3E BD23BA75
E5708041 3B7CA2E6 8E906B68 3D078E63 B6C2E3
quit
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool1
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip bootp server
ip domain name yourdomain.com
ip name-server 151.99.125.2
ip name-server 151.99.125.3
!
!
!
username pierino privilege 15 secret 5 $1$b8jI$/M2PmT0T4KHVh0Kb4rIYY.
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip address 88.76.209.128 255.255.255.252
ip nat outside
ip virtual-reassembly
pvc 8/35
oam-pvc manage
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 85.59.28.203 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Vlan2
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 ATM0.1
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface ATM0.1 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
no cdp run
!
!
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device and
it provides the default username "cisco" for one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
-----------------------------------------------------------------------
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
