configurazione cisco 877

Gianremo.Smisek · gio 26 feb , 2009 9:42 pm

no, non va' applicata a nessuna interfaccia. Viene fatto l'attach con la regola di ip nat.

k1ll3r · gio 26 feb , 2009 10:00 pm

ok fatto...che altro c'è da fare per farlo andare in internet?

Gianremo.Smisek · gio 26 feb , 2009 10:05 pm

ancora non sale?

hai settato i dns di alice sul tuo pc ?

prova a togliere l'ACL 131, blocchera' il passaggio di risposta dei DNS e quindi non risolvi. Poi magari le rivediamo con calma.

k1ll3r · gio 26 feb , 2009 10:08 pm

xD no aveva come dns 192.168.1.1...visto che nel "router" 3com così funziona...

Gianremo.Smisek · gio 26 feb , 2009 10:11 pm

prova e fammi sapere

k1ll3r · gio 26 feb , 2009 10:19 pm

provato...nulla da fare...

lo show run:

Codice: Seleziona tutto

Building configuration...

Current configuration : 3502 bytes
!
version 12.4
service nagle
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname massimo
!
boot-start-marker
boot-end-marker
!
logging exception 100000
logging count
logging userinfo
logging queue-limit 10000
logging buffered 150000 notifications
logging console critical
enable secret 5 $1$L3HT$xX3IUuWANpHsaey3PflX..
enable password 7 14141B180F0B
!
no aaa new-model
clock timezone MET 1
clock summer-time MEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
!
!
!
!
no ip source-route
no ip gratuitous-arps
ip icmp rate-limit unreachable 1000
ip cef
!
!
!
!
no ip bootp server
ip inspect log drop-pkt
ip inspect max-incomplete low 300
ip inspect max-incomplete high 400
ip inspect one-minute low 300
ip inspect hashtable-size 2048
ip inspect tcp synwait-time 20
ip inspect tcp max-incomplete host 300 block-time 60
ip inspect name IDS tcp
ip inspect name IDS udp
ip inspect name IDS ftp
login block-for 1 attempts 3 within 30
login on-failure
login on-success
!
multilink bundle-name authenticated
!
!
username massimo password 7 082C4D5D1A100818
archive
 log config
  hidekeys
!
!
ip tcp selective-ack
ip tcp window-size 2144
ip tcp synwait-time 10
!
!
!
interface Loopback0
 description INTERFACCIA VIRTUALE END-POINT VPN
 ip address 192.168.254.1 255.255.255.255
!
interface ATM0
 description ALICE BUSINESS 20 Mbps - TGU: ***
 mtu 1500
 no ip address
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 description CONNESSIONE LAN ***
 ip address 192.168.1.1 255.255.255.0
 ip accounting output-packets
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
 no ip mroute-cache
 hold-queue 100 out
!
interface Dialer0
 ip address negotiated
 ip mtu 1492
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip tcp header-compression
 dialer pool 1
 no cdp enable
 ppp authentication pap callin
 ppp chap hostname aliceadsl
 ppp chap password 7 045A070F0C244D4A1A15
 ppp pap sent-username aliceadsl password 7 070E2D454D0C1801041E
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
no ip http server
no ip http secure-server
ip nat inside source list 1 interface Dialer0 overload
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 remark *************************************************************
access-list 100 remark *** ACL PER PAT E NAT0 ***
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
!
!
!
!
control-plane
!
banner motd ^CC
****************************************************************
----------------------------------------------------------------
* ***   ROUTER PERIMETRALE ----      ***   *
----------------------------------------------------------------
* WARNING: System is RESTRICTED to authorized personnel ONLY! *
* Unauthorized use of this system will be logged and *
* prosecuted to the fullest extent of the law. *
* *
* If you are NOT authorized to use this system, LOG OFF NOW! *
* *
****************************************************************
^C
!
line con 0
 exec-timeout 120 0
 login local
 no modem enable
 transport output ssh
 stopbits 1
line aux 0
 login local
 transport output ssh
 stopbits 1
line vty 0 4
 exec-timeout 0 0
 login local
 transport input telnet ssh
 transport output telnet ssh
!
scheduler max-task-time 5000
scheduler interval 500

!
webvpn cef
end

comunque non so se è normale ma di led accesi ci sono solo ok, cd e ethernet 0...ppp è spento...

Gianremo.Smisek · gio 26 feb , 2009 10:23 pm

se PPP e' spento, vuol dire che quest'ultimo non e' salito.

fai un debug ppp error, debug ppp events, debug ppp negotiation

vediamo un po'... probabilmente sbagli u/pwd

k1ll3r · gio 26 feb , 2009 10:27 pm

events?

Codice: Seleziona tutto

massimo#debug ppp ?
  authentication  CHAP and PAP authentication
  bap             BAP protocol transactions
  cbcp            Callback Control Protocol negotiation
  elog            PPP ELOGs
  error           Protocol errors and error statistics
  forwarding      PPP layer 2 forwarding
  mppe            MPPE Events
  multilink       Multilink activity
  negotiation     Protocol parameter negotiation
  packet          Low-level PPP packet dump

Gianremo.Smisek · gio 26 feb , 2009 10:33 pm

sorry, packet

k1ll3r · gio 26 feb , 2009 10:33 pm

fatto con error, negotiation, authentication...

e dopo 2 minuti col CD fisso...era morto

Gianremo.Smisek · gio 26 feb , 2009 10:41 pm

non e' possibile che non ti regga 3 semplici debug..

vabbè cmq, sei riuscito a salvarti l'output ?

k1ll3r · gio 26 feb , 2009 10:41 pm

idem con packet...

k1ll3r · gio 26 feb , 2009 10:46 pm

morto nel senso che non c'era output....

Gianremo.Smisek · gio 26 feb , 2009 10:46 pm

se ti connetti dalla vty, devi fare "terminal monitor" prima ...

k1ll3r · gio 26 feb , 2009 10:49 pm

sono da tty... col cavo di console...

configurazione cisco 877

Login • Iscriviti