ho fatto cosi
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Cisco877
!
boot-start-marker
boot-end-marker
!
logging buffered 52000 debugging
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxx
!
no aaa new-model
!
resource policy
!
clock timezone MET 1
clock summer-time MEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
ip cef
!
!
!
!
no ip domain lookup
ip domain name cisco.com
ip name-server 151.99.125.1
ip name-server 208.67.222.222
ip inspect log drop-pkt
ip inspect name Firewall cuseeme
ip inspect name Firewall dns
ip inspect name Firewall ftp
ip inspect name Firewall https
ip inspect name Firewall icmp
ip inspect name Firewall imap
ip inspect name Firewall pop3
ip inspect name Firewall rcmd
ip inspect name Firewall realaudio
ip inspect name Firewall rtsp
ip inspect name Firewall esmtp
ip inspect name Firewall sqlnet
ip inspect name Firewall streamworks
ip inspect name Firewall tftp
ip inspect name Firewall tcp
ip inspect name Firewall udp
ip inspect name Firewall vdolive
ip inspect name Firewall h323
ip ddns update method dyndns1
HTTP
add http://[email protected] ... h>&myip=<a>
!
!
!
crypto pki trustpoint TP-self-signed-3941063929
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3941063929
revocation-check none
rsakeypair TP-self-signed-3941063929
!
!
crypto pki certificate chain TP-self-signed-3941063929
certificate self-signed 01 nvram:IOS-Self-Sig#390F.cer
username roby privilege 15 secret 5
archive
log config
hidekeys
!
!
!
bridge irb
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
bundle-enable
dsl operating-mode auto
!
interface ATM0.1 point-to-point
no snmp trap link-status
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description CONESSIONE LAN
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
ip ddns update hostname xxxxxxxxxxxxxxxxxxxxxxx
ip ddns update dyndns1 host members.dyndns.org
ip address negotiated
ip access-group 101 in
ip mtu 1492
ip nat outside
ip inspect Firewall out
ip virtual-reassembly
encapsulation ppp
ip tcp header-compression
dialer pool 1
dialer-group 1
no cdp enable
ppp chap hostname [email protected]
ppp chap password 7 xxxxxxxxxxxx
ppp authentication pap callin
ppp pap sent-username [email protected] password 7 xxxxxxxxxxxxxx
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.6 1495 interface Dialer0 1495
ip nat inside source static udp 192.168.1.5 1494 interface Dialer0 1494
ip nat inside source static tcp 192.168.1.5 1000 interface Dialer0 1000
ip nat inside source static udp 192.168.1.2 4672 interface Dialer0 4672
ip nat inside source static tcp 192.168.1.2 4662 interface Dialer0 4662
!
no cdp run
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner login CAuthorized access only!
Disconettiti subito o mi arrabbio!
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
sntp server 193.204.114.232
sntp server 193.204.114.233
sntp server 193.204.114.105
end
non navigo la conessione cè devo levare qualcosaltro
ciao
abbiate pazienza
grazie
conf adsl 7 mega+nat
Moderatore: Federico.Lagni
-
Wizard
- Intergalactic subspace network admin
- Messaggi: 3441
- Iscritto il: ven 03 feb , 2006 10:04 am
- Località: Emilia Romagna
- Contatta:
Ci sn ancora molti errori!
Manca la regola "ip nat inside" sulla vlan1 poi la acl 1 per il nat non c'è
Manca la regola "ip nat inside" sulla vlan1 poi la acl 1 per il nat non c'è
Il futuro è fatto di persone che hanno delle intuizioni e visioni .....sono quelle persone che fanno la differenza...... quelle dotate di un TERZO OCCHIO....
-
Wizard
- Intergalactic subspace network admin
- Messaggi: 3441
- Iscritto il: ven 03 feb , 2006 10:04 am
- Località: Emilia Romagna
- Contatta:
Codice: Seleziona tutto
int vlan1
ip nat inside
no ip nat inside source list 1 interface Dialer0 overload
ip nat inside source list 100 interface Dialer0 overload
no access-list 100 permit tcp any host 192.168.1.2 eq 4662
no access-list 100 permit udp any host 192.168.1.2 eq 4672
no access-list 100 permit tcp any host 192.168.1.5 eq 1000
no access-list 100 permit udp any host 192.168.1.5 eq 1494
no access-list 100 permit tcp any host 192.168.1.6 eq 1495 Il futuro è fatto di persone che hanno delle intuizioni e visioni .....sono quelle persone che fanno la differenza...... quelle dotate di un TERZO OCCHIO....
-
robyhummy
- Cisco fan
- Messaggi: 38
- Iscritto il: mer 31 dic , 2008 11:50 am
Wizard ha scritto:Codice: Seleziona tutto
int vlan1 ip nat inside no ip nat inside source list 1 interface Dialer0 overload ip nat inside source list 100 interface Dialer0 overload no access-list 100 permit tcp any host 192.168.1.2 eq 4662 no access-list 100 permit udp any host 192.168.1.2 eq 4672 no access-list 100 permit tcp any host 192.168.1.5 eq 1000 no access-list 100 permit udp any host 192.168.1.5 eq 1494 no access-list 100 permit tcp any host 192.168.1.6 eq 1495
ho messo cosi
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Cisco877
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
clock timezone MET 1
clock summer-time MEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
ip cef
!
!
!
!
no ip domain lookup
ip domain name cisco.com
ip name-server 151.99.125.1
ip name-server 208.67.222.222
ip inspect log drop-pkt
ip inspect name Firewall cuseeme
ip inspect name Firewall dns
ip inspect name Firewall ftp
ip inspect name Firewall https
ip inspect name Firewall icmp
ip inspect name Firewall imap
ip inspect name Firewall pop3
ip inspect name Firewall rcmd
ip inspect name Firewall realaudio
ip inspect name Firewall rtsp
ip inspect name Firewall esmtp
ip inspect name Firewall sqlnet
ip inspect name Firewall streamworks
ip inspect name Firewall tftp
ip inspect name Firewall tcp
ip inspect name Firewall udp
ip inspect name Firewall vdolive
ip inspect name Firewall h323
ip ddns update method dyndns1
HTTP
add http://xxxxxxxxxxxxxxxxxxxxxxxxxx@membe ... h>&myip=<a>
!
!
!
crypto pki trustpoint TP-self-signed-3941063929
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3941063929
revocation-check none
rsakeypair TP-self-signed-3941063929
!
!
crypto pki certificate chain TP-self-signed-3941063929
certificate self-signed 01 nvram:IOS-Self-Sig#390F.cer
username xxxx privilege 15 secret 5
archive
log config
hidekeys
!
!
!
bridge irb
!
!
!
interface ATM0
no shutdown
no ip address
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
bundle-enable
dsl operating-mode auto
!
interface ATM0.1 point-to-point
no snmp trap link-status
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description CONESSIONE LAN
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
ip ddns update hostname xxxxxxxxxxxxxxxxxx
ip ddns update dyndns1 host members.dyndns.org
ip address negotiated
ip access-group 101 in
ip mtu 1492
ip nat outside
ip inspect Firewall out
ip virtual-reassembly
encapsulation ppp
ip tcp header-compression
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname [email protected]
ppp chap password 7 xxxxxxxxxxxxx
ppp pap sent-username [email protected] password 7 xxxxxxxxxxxxxxxxxxxxxxx
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
int vlan1
ip nat inside
!
no ip nat inside source list 1 interface Dialer0 overload
ip nat inside source list 100 interface Dialer0 overload
!
no access-list 100 permit tcp any host 192.168.1.2 eq 4662
no access-list 100 permit udp any host 192.168.1.2 eq 4672
no access-list 100 permit tcp any host 192.168.1.5 eq 1000
no access-list 100 permit udp any host 192.168.1.5 eq 1494
no access-list 100 permit tcp any host 192.168.1.6 eq 1495
!
ip nat inside source static tcp 192.168.1.6 1495 interface Dialer0 1495
ip nat inside source static udp 192.168.1.5 1494 interface Dialer0 1494
ip nat inside source static tcp 192.168.1.5 1000 interface Dialer0 1000
ip nat inside source static udp 192.168.1.2 4672 interface Dialer0 4672
ip nat inside source static tcp 192.168.1.2 4662 interface Dialer0 4662
!
logging trap debugging
access-list 101 permit udp host 151.99.125.1 eq domain any
access-list 101 permit udp host 208.67.222.222 eq domain any
access-list 101 permit tcp host 63.208.196.96 eq www any log
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
dialer-list 1 protocol ip permit
!
no cdp run
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner login CAuthorized access only!
Disconettiti subito o mi arrabbio!
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
sntp server 193.204.114.232
sntp server 193.204.114.233
sntp server 193.204.114.105
end
non ce verso di navigare
sto battendo la testa nel muro
dovè sta lerrore
ciaooooooooo
ps magari se mi scrivete una conf almeno per abilitare la conessione
con il netgear è tutto ok
-
robyhummy
- Cisco fan
- Messaggi: 38
- Iscritto il: mer 31 dic , 2008 11:50 am
Current configuration : 4943 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname xxxxx
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
clock timezone MET 1
clock summer-time MEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
ip cef
!
!
!
!
no ip domain lookup
ip domain name cisco.com
ip name-server 151.99.125.1
ip name-server 208.67.222.222
ip inspect log drop-pkt
ip inspect name Firewall tcp
ip inspect name Firewall udp
ip inspect name Firewall icmp
!
!
crypto pki trustpoint TP-self-signed-3941063929
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3941063929
revocation-check none
rsakeypair TP-self-signed-3941063929
!
!
crypto pki certificate chain TP-self-signed-3941063929
certificate self-signed 01
3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
864886F7 0D010104 05000381 81006022 32EE4525 C313F310 0915193D 3FE48778
681248D6 E735C156 5CFFBCC7 3660E792 7055DED4 2C47A662 0F458A1C 35DCB874
3017B553 837C570E F927540C D4764F7D 56D77589 574F3DBF 63C705D6 CB349413
11369108 5AEFBB7B C9199BB5 113DA8C6 4D08A622 7E10F959 E8F5C495 B025AE0E
053572BD 171085B9 A2A23DDD CA53
quit
username xxxx privilege 15 secret 5 xxxxxxxxxxxxxxxxxxxxxxxxx
archive
log config
hidekeys
!
!
!
bridge irb
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
bundle-enable
dsl operating-mode auto
!
interface ATM0.1 point-to-point
no snmp trap link-status
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description CONESSIONE LAN
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
ip address negotiated
ip access-group 101 in
ip mtu 1492
ip nat outside
ip inspect Firewall out
ip virtual-reassembly
encapsulation ppp
ip tcp header-compression
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp chap hostname [email protected]
ppp chap password 7 xxxxxxxxxxxxxxxxxxxxx
ppp pap sent-username [email protected] password 7 xxxxxxxxxxxxxxxxx
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.5 1000 interface Dialer0 1000
ip nat inside source static udp 192.168.1.2 4672 interface Dialer0 4672
ip nat inside source static tcp 192.168.1.2 4662 interface Dialer0 4662
ip nat inside source static tcp 192.168.1.6 1195 interface Dialer0 1195
ip nat inside source static udp 192.168.1.5 1194 interface Dialer0 1194
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
sntp server 193.204.114.232
sntp server 193.204.114.233
sntp server 193.204.114.105
end
questa mi funziona
e il nat è ok
si acetta consigli per la sicurezza
grazie a tutti quelli che mi hanno aiutato
ps un grandissimo grazie a wizard che mi ha aiutato
persona molto paziente e brava
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname xxxxx
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
clock timezone MET 1
clock summer-time MEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
ip cef
!
!
!
!
no ip domain lookup
ip domain name cisco.com
ip name-server 151.99.125.1
ip name-server 208.67.222.222
ip inspect log drop-pkt
ip inspect name Firewall tcp
ip inspect name Firewall udp
ip inspect name Firewall icmp
!
!
crypto pki trustpoint TP-self-signed-3941063929
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3941063929
revocation-check none
rsakeypair TP-self-signed-3941063929
!
!
crypto pki certificate chain TP-self-signed-3941063929
certificate self-signed 01
3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
864886F7 0D010104 05000381 81006022 32EE4525 C313F310 0915193D 3FE48778
681248D6 E735C156 5CFFBCC7 3660E792 7055DED4 2C47A662 0F458A1C 35DCB874
3017B553 837C570E F927540C D4764F7D 56D77589 574F3DBF 63C705D6 CB349413
11369108 5AEFBB7B C9199BB5 113DA8C6 4D08A622 7E10F959 E8F5C495 B025AE0E
053572BD 171085B9 A2A23DDD CA53
quit
username xxxx privilege 15 secret 5 xxxxxxxxxxxxxxxxxxxxxxxxx
archive
log config
hidekeys
!
!
!
bridge irb
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
bundle-enable
dsl operating-mode auto
!
interface ATM0.1 point-to-point
no snmp trap link-status
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description CONESSIONE LAN
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
ip address negotiated
ip access-group 101 in
ip mtu 1492
ip nat outside
ip inspect Firewall out
ip virtual-reassembly
encapsulation ppp
ip tcp header-compression
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp chap hostname [email protected]
ppp chap password 7 xxxxxxxxxxxxxxxxxxxxx
ppp pap sent-username [email protected] password 7 xxxxxxxxxxxxxxxxx
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.5 1000 interface Dialer0 1000
ip nat inside source static udp 192.168.1.2 4672 interface Dialer0 4672
ip nat inside source static tcp 192.168.1.2 4662 interface Dialer0 4662
ip nat inside source static tcp 192.168.1.6 1195 interface Dialer0 1195
ip nat inside source static udp 192.168.1.5 1194 interface Dialer0 1194
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
sntp server 193.204.114.232
sntp server 193.204.114.233
sntp server 193.204.114.105
end
questa mi funziona
e il nat è ok
si acetta consigli per la sicurezza
grazie a tutti quelli che mi hanno aiutato
ps un grandissimo grazie a wizard che mi ha aiutato
persona molto paziente e brava
-
Wizard
- Intergalactic subspace network admin
- Messaggi: 3441
- Iscritto il: ven 03 feb , 2006 10:04 am
- Località: Emilia Romagna
- Contatta:
Ce la abbiamo fatta! 
Il futuro è fatto di persone che hanno delle intuizioni e visioni .....sono quelle persone che fanno la differenza...... quelle dotate di un TERZO OCCHIO....
