Pagina 1 di 2
Cisco 877 con Alice 7mega business (ip statico)
Inviato: gio 26 mar , 2009 11:49 am
da Clockys
Buongiorno a tutti,
sono due giorni che giro in questo forum e ho provato molte delle configurazioni che avete postato adattandole alle mie esigenze (o almeno credo)
purtroppo è il primo apparecchio cisco che mi passa tra le mani.
potete dirmi dove sbaglio ?
ulteriori info:
sto cercando di contattare la telecom per avere user e pass perchè non mi fido delle classiche "aliceadsl"
le porte forwardate sono prese da un esempio e le ho lasciate lì ma al momento non mi servono e non le ho manco guardate sinceramente credo (ma forse sbaglio) che non influiscano sul problema che ho.
l'adsl è una alice 7 mega con ip statico. non so dove scriverlo nella conf.
e non credo che il router lo intuirebbe da solo
Codice: Seleziona tutto
Current configuration : 3297 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
logging queue-limit 1000
logging buffered 100000
logging reload alerts
logging rate-limit console 20
enable secret 5 $1$vANJ$8jON4Now9XXUzXRt4/xu4/
!
no aaa new-model
clock timezone AEST 10
clock summer-time AEDST recurring last Sun Oct 0:01 last Sun Mar 0:01
!
!
dot11 syslog
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.29
ip dhcp excluded-address 192.168.1.241 192.168.1.255
!
ip dhcp pool dhcppool
import all
network 192.168.1.0 255.255.255.0
dns-server 85.37.17.9 85.38.27.75
default-router 192.168.1.1
!
!
no ip domain lookup
ip domain name tecnodigit.local
ip name-server 85.37.17.9
ip name-server 85.38.27.75
!
!
!
username tecnodigit privilege 15 secret 5 $1$tb4w$0V6yweO0Ehr3tPJuT/7kI.
!
!
archive
log config
hidekeys
!
!
!
!
!
interface Loopback0
description INTERFACCIA VIRTUALE END-POINT VPN
no ip address
!
interface ATM0
bandwidth 1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
logging event subif-link-status
atm vc-per-vp 64
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $FW_OUTSIDE$$ES_WAN$
pvc 8/35
encapsulation aal5mux ppp dialer
!
!
interface FastEthernet0
!
interface FastEthernet1
shutdown
!
interface FastEthernet2
shutdown
!
interface FastEthernet3
shutdown
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
no ip mroute-cache
!
interface Dialer1
description eXeTeL-Network
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
encapsulation ppp
no ip mroute-cache
dialer pool 3
dialer-group 1
no keepalive
no cdp enable
ppp authentication chap callin
ppp chap hostname aliceadsl
ppp chap password 0 aliceadsl
!
interface Dialer0
bandwidth 1280
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
encapsulation ppp
no ip route-cache cef
ip route-cache flow
no ip mroute-cache
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname aliceadsl
ppp pap sent-username aliceadsl password 0 aliceadsl
!
ip local pool vpnpool 192.168.1.101 192.168.1.105
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
no ip http secure-server
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 192.168.1.31 3389 interface Dialer1 3389
ip nat inside source static udp 192.168.1.100 8503 interface Dialer1 8503
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
control-plane
!
!
line con 0
password pietro
login
no modem enable
transport output all
line aux 0
transport output all
line vty 0 4
access-class 99 in
exec-timeout 20 0
password pietro
login
transport input all
transport output all
!
scheduler max-task-time 5000
end
grazie in anticipo
Inviato: gio 26 mar , 2009 12:41 pm
da Clockys
ho modificato la configurazione (presa da un altro post)
e adesso
la spia CD è fissa
atm0 prende l'ip (mi sa perchè glielo assegno io)
il router pinga il pc ma non viceversa
ecco la sh run
Codice: Seleziona tutto
Current configuration : 7700 bytes
!
version 12.4
service nagle
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname RTR-DRG
!
boot-start-marker
boot-end-marker
!
logging exception 100000
logging count
logging userinfo
logging queue-limit 10000
logging buffered 150000 notifications
logging console critical
!
no aaa new-model
clock timezone MET 1
clock summer-time MEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
!
crypto pki trustpoint TP-self-signed-1986744734
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1986744734
revocation-check none
rsakeypair TP-self-signed-1986744734
!
!
crypto pki
[...]
quit
dot11 syslog
no ip source-route
no ip gratuitous-arps
ip icmp rate-limit unreachable 1000
ip cef
!
!
ip inspect log drop-pkt
ip inspect max-incomplete low 300
ip inspect max-incomplete high 400
ip inspect one-minute low 300
ip inspect hashtable-size 2048
ip inspect tcp synwait-time 20
ip inspect tcp max-incomplete host 300 block-time 60
ip inspect name IDS tcp
ip inspect name IDS udp
ip inspect name IDS ftp
no ip bootp server
ip domain name interbusiness.it
ip name-server 85.37.17.9
ip name-server 85.38.27.75
login block-for 1 attempts 3 within 30
login on-failure
login on-success
!
!
!
username USER privilege 15 secret 5 ENC_PASS
!
!
archive
log config
hidekeys
!
!
ip tcp selective-ack
ip tcp window-size 2144
ip tcp synwait-time 10
!
!
!
interface Loopback0
description INTERFACCIA VIRTUALE END-POINT VPN
ip address 87.25.XXX.XXX 255.255.255.248
!
interface Null0
no ip unreachables
!
interface ATM0
description ALICE BUSINESS 20 Mbps - TGU:
mtu 1500
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description INTERFACCIA PER ACCESSO AD INTERNET
ip access-group 131 in
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting access-violations
ip inspect IDS out
ip nat outside
ip virtual-reassembly
no ip mroute-cache
pvc 8/35
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description CONNESSIONE LAN DRG
ip address 192.168.1.1 255.255.255.0
ip accounting output-packets
ip nat inside
ip virtual-reassembly
ip route-cache flow
no ip mroute-cache
hold-queue 100 out
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 ATM0.1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool INTERNET 87.25.XXX.XXX 87.25.XXX.XXX netmask 255.255.255.248
ip nat pool LAN 192.168.1.0 192.168.1.255 netmask 255.255.255.0
ip nat inside source list 100 pool INTERNET overload
!
!
access-list 100 remark *************************************************************
access-list 100 remark *** ACL PER PAT E NAT0 ***
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
access-list 131 remark *************************************************************
access-list 131 remark *** ACL ANTI-SPOOFING ***
access-list 131 deny ip host 0.0.0.0 any log
access-list 131 deny ip 127.0.0.0 0.255.255.255 any log
access-list 131 deny ip 192.0.2.0 0.0.0.255 any log
access-list 131 deny ip 224.0.0.0 31.255.255.255 any log
access-list 131 deny ip 10.0.0.0 0.255.255.255 any log
access-list 131 deny ip 172.16.0.0 0.15.255.255 any log
access-list 131 deny ip 192.168.0.0 0.0.255.255 any log
access-list 131 remark *************************************************************
access-list 131 remark *** ACL PER CONTROLLARE TRAFFICO ICMP ***
access-list 131 permit icmp any any echo
access-list 131 permit icmp any any echo-reply
access-list 131 permit icmp any any time-exceeded
access-list 131 permit icmp any any unreachable
access-list 131 permit icmp any any administratively-prohibited
access-list 131 permit icmp any any packet-too-big
access-list 131 permit icmp any any traceroute
access-list 131 deny icmp any any
access-list 131 remark *************************************************************
access-list 131 remark *** ACL PER BLOCCARE L'ACCESSO A VIRUS E ATTACCHI ***
access-list 131 deny tcp any any eq 135
access-list 131 deny udp any any eq 135
access-list 131 deny udp any any eq netbios-ns
access-list 131 deny udp any any eq netbios-dgm
access-list 131 deny tcp any any eq 2000
access-list 131 deny tcp any any range 6000 6010
access-list 131 deny tcp any any eq 139
access-list 131 deny udp any any eq netbios-ss
access-list 131 deny tcp any any eq 445
access-list 131 deny tcp any any eq 593
access-list 131 deny tcp any any eq 2049
access-list 131 deny udp any any eq 2049
access-list 131 deny udp any any eq 1433
access-list 131 deny udp any any eq 1434
access-list 131 deny udp any any eq 5554
access-list 131 deny udp any any eq 9996
access-list 131 deny udp any any eq 113
access-list 131 deny udp any any eq 3067
access-list 131 remark *************************************************************
access-list 131 remark *** ACL PER BLOCCARE ACCESSI NON AUTORIZZATI ***
access-list 131 deny ip any any log
!
!
!
control-plane
!
banner motd ^CC
****************************************************************
----------------------------------------------------------------
* *** ROUTER PERIMETRALE ---- *** *
----------------------------------------------------------------
* WARNING: System is RESTRICTED to authorized personnel ONLY! *
* Unauthorized use of this system will be logged and *
* prosecuted to the fullest extent of the law. *
* *
* If you are NOT authorized to use this system, LOG OFF NOW! *
* *
****************************************************************
^C
!
line con 0
exec-timeout 120 0
login local
no modem enable
transport output ssh
stopbits 1
line aux 0
login local
transport output ssh
stopbits 1
line vty 0 4
exec-timeout 0 0
login local
transport input telnet ssh
transport output telnet ssh
!
scheduler max-task-time 5000
scheduler interval 500
sntp server 193.204.114.232
sntp server 193.204.114.233
sntp server 193.204.114.105
end
cosa sbaglio ?
[/code]
Inviato: gio 26 mar , 2009 3:57 pm
da Clockys
se non mi rispondete perchè è un argomento stra.trattato e quindi questo post è inutile potreste indicarmi un post o un topic da leggermi.
oppure semplicemente chiedo all'admin o al mod di cancellare questo post.
così almeno capisco il da farsi.
io intanto sto già cercando quindi prima o poi troverò.
se questo post è inutile potete cancellarlo (almeno avrò la conferma che lo è)
grazie
Inviato: gio 26 mar , 2009 5:32 pm
da ep
Non vorrei scrivere stupidaggini, ma nella prima configurazione avevi due interfacce dialer (ce ne vuole una), nella seconda zero (ce ne vuole una
)
Nelle carte Telecom dovresti avere indicato che protocollo vuole la tua linea (che suppongo sia una Alice Business 7 mega NAKED, cioè fornita SENZA il modem): è PPPoE?
Ciao!
Inviato: gio 26 mar , 2009 5:40 pm
da Clockys
grazie per la risp, stava cominciando a calare la mia autostima.
le carte telecom le sto ancora cercando :/
ho chiamato per tre giorni consecutivi e ogni volta mi hanno detto che mi mandavano una email (credo sia zoppa) con la conf entro 24 ore ...
forse passa per i server di poste.it ... bha...
ho un router (pirelli dovrebbe essere) bianco con le 2 antenne. senza smart e con porta usb.
adsl attivata il 19 gennaio.
quello che so (scappato di bocca a un op)
pppoe - llc ...
ho chiesto almeno user e pass e mi hanno detto che non possono dirmele (per la privacy) ma possono mandarmele via email (bah)
che l'avrebbe spedita subito ma che ci vogliono 24 per farla arrivare ...
...
ora ho preso la conf nel primo topic in "configurazioni" l'ho modificata ma credo che mi sto solo incartando. vorrei azzerare e ripartire (come un utente windows).
che mi consigli? a parte una benedizione.
Inviato: gio 26 mar , 2009 5:49 pm
da ep
Al 99%, le password che ti daranno loro non saranno utili per il collegamento. La loro idea è solitamente che hai il loro modem e devi tenertelo.
Per iniziare ti consiglio di riprendere
questa config (con qualche modifica: tralascia Serial, usa FastEthernet al posto di Ethernet) e far andare il collegamento con aliceadsl/aliceadsl.
Se funziona, ma funziona con un IP dinamico, allora puoi riacquisire il tuo IP statico usando il nome e la password che ho spiegato in
questo thread.
Ciao!
Inviato: gio 26 mar , 2009 6:06 pm
da Clockys
come azzero la conf attuale ?
Inviato: gio 26 mar , 2009 6:16 pm
da ep
Prova con Google:
Come quarto risultato mi dà "Reset a Cisco Router to Factory Default Settings"…
Ciao!
Inviato: gio 26 mar , 2009 6:45 pm
da Clockys
la azzera, ma quando carico la nuova si blocca random
mentre sta scrivendo la conf si blocca e devo chiudere e riaprire il programma (uso putty)
poi su alcune istruzioni mi da errore
altra cosa
la ver della mia conf è 12.4
quella che mi hai segnalato è 12.3
cambia qualcosa ?
poi
non mi ha cancellato le interfacce
e in piu' mi escono questi messaggi che non so come togliere
Codice: Seleziona tutto
*Mar 1 09:25:58.751: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down
*Mar 1 09:26:20.899: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
*Mar 1 09:26:20.903: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
*Mar 1 09:26:21.267: %DIALER-6-UNBIND: Interface Vi1 unbound from profile Di1
*Mar 1 09:26:21.271: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down
*Mar 1 09:26:43.579: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
*Mar 1 09:26:43.583: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
*Mar 1 09:26:43.919: %DIALER-6-UNBIND: Interface Vi1 unbound from profile Di1
*Mar 1 09:26:43.923: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down
*Mar 1 09:27:06.155: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
*Mar 1 09:27:06.159: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
*Mar 1 09:27:06.495: %DIALER-6-UNBIND: Interface Vi1 unbound from profile Di1
*Mar 1 09:27:06.499: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down
sono un caso disperato ?
ora devo scappare.
loggo dopo da casa ma non potrò provare perchè il router resta in ufficio.
thanks di tutto
Inviato: ven 27 mar , 2009 10:01 am
da Clockys
ho sbagliato a postare ...
mi scuso!
ho messo questa conf come suggerito da ep
Codice: Seleziona tutto
Codice:
!
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
ip cef
!
!
ip name-server 85.37.17.9
ip name-server 85.38.27.75
ip dhcp excluded-address 192.168.1.254
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.1.200 192.168.1.254
!
ip dhcp pool client
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
lease 0 2
!
ip audit po max-events 100
vpdn enable
!
vpdn-group pppoe
request-dialin
protocol pppoe
!
!
!
!
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
bundle-enable
dsl operating-mode auto
hold-queue 224 in
!
interface ATM0.1 point-to-point
pvc 8/35
pppoe-client dial-pool-number 1
!
!
!
interface FastEthernet0
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip tcp adjust-mss 1452
half-duplex
hold-queue 100 out
!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
ppp authentication chap callin
ppp chap hostname aliceadsl
ppp chap password 0 aliceadsl
ppp ipcp dns request
ppp ipcp wins request
!
ip nat inside source list 1 interface Dialer1 overload
no ip http server
!
solo che quando vado ad attivare la atm0 (facendo no shut nella conf)
comincia questa tarantella
Codice: Seleziona tutto
Codice:
*Mar 1 09:20:52.195: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
*Mar 1 09:20:52.199: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
*Mar 1 09:20:52.563: %DIALER-6-UNBIND: Interface Vi1 unbound from profile Di1
*Mar 1 09:20:52.567: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down
*Mar 1 09:21:14.747: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
*Mar 1 09:21:14.751: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
*Mar 1 09:21:15.151: %DIALER-6-UNBIND: Interface Vi1 unbound from profile Di1
*Mar 1 09:21:15.155: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down
si alterna up/down ... tipo altalena ghgh
cosa posso fare anche solo per capire che problema c'ha? ...
Grazie Smile
Inviato: ven 27 mar , 2009 10:54 am
da Clockys
ho seguito questo post:
http://www.ciscoforums.it/viewtopic.php ... c&start=60
poi
ho messo user e pass come le ha spiegate ep precedentemente
xxyyxxyyxxy .... @alicebiz .. ecc ecc
il led CD è fisso
ogni tanto si fanno vivi tx e rx
ma PPP resta a casa.
thanks
e ora il debug ppp mi sputa questa roba:
Codice: Seleziona tutto
*Mar 1 10:26:06: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
*Mar 1 10:26:06: Vi1 PPP: Phase is DOWN, Setup
*Mar 1 10:26:06: Vi1 PPP: Using dialer call direction
*Mar 1 10:26:06: Vi1 PPP: Treating connection as a callout
*Mar 1 10:26:06: Vi1 PPP: Session handle[A700008B] Session id[0]
*Mar 1 10:26:06: Vi1 PPP: Phase is ESTABLISHING, Active Open
*Mar 1 10:26:06: Vi1 PPP: Authorization required
*Mar 1 10:26:06: Vi1 PPP: No remote authentication for call-out
*Mar 1 10:26:06: Vi1 LCP: O CONFREQ [Closed] id 1 len 10
*Mar 1 10:26:06: Vi1 LCP: MagicNumber 0x24DC84A3 (0x050624DC84A3)
*Mar 1 10:26:06: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
*Mar 1 10:26:06: Vi1 PPP: I pkt type 0xC021, datagramsize 20 link[ppp]
*Mar 1 10:26:06: Vi1 PPP: I pkt type 0xC021, datagramsize 12 link[ppp]
*Mar 1 10:26:06: Vi1 LCP: I CONFREQ [REQsent] id 1 len 18
*Mar 1 10:26:06: Vi1 LCP: MRU 1492 (0x010405D4)
*Mar 1 10:26:06: Vi1 LCP: AuthProto PAP (0x0304C023)
*Mar 1 10:26:06: Vi1 LCP: MagicNumber 0x20ECB1C3 (0x050620ECB1C3)
*Mar 1 10:26:06: Vi1 LCP: O CONFNAK [REQsent] id 1 len 13
*Mar 1 10:26:06: Vi1 LCP: MRU 1500 (0x010405DC)
*Mar 1 10:26:06: Vi1 LCP: AuthProto CHAP (0x0305C22305)
*Mar 1 10:26:06: Vi1 LCP: I CONFACK [REQsent] id 1 len 10
*Mar 1 10:26:06: Vi1 LCP: MagicNumber 0x24DC84A3 (0x050624DC84A3)
*Mar 1 10:26:06: Vi1 PPP: I pkt type 0xC021, datagramsize 20 link[ppp]
*Mar 1 10:26:06: Vi1 LCP: I CONFREQ [ACKrcvd] id 2 len 18
*Mar 1 10:26:06: Vi1 LCP: MRU 1500 (0x010405DC)
*Mar 1 10:26:06: Vi1 LCP: AuthProto PAP (0x0304C023)
*Mar 1 10:26:06: Vi1 LCP: MagicNumber 0x20ECB1C3 (0x050620ECB1C3)
*Mar 1 10:26:06: Vi1 LCP: O CONFNAK [ACKrcvd] id 2 len 9
*Mar 1 10:26:06: Vi1 LCP: AuthProto CHAP (0x0305C22305)
*Mar 1 10:26:06: Vi1 PPP: I pkt type 0xC021, datagramsize 20 link[ppp]
*Mar 1 10:26:06: Vi1 LCP: I CONFREQ [ACKrcvd] id 3 len 18
*Mar 1 10:26:06: Vi1 LCP: MRU 1500 (0x010405DC)
*Mar 1 10:26:06: Vi1 LCP: AuthProto PAP (0x0304C023)
*Mar 1 10:26:06: Vi1 LCP: MagicNumber 0x20ECB1C3 (0x050620ECB1C3)
*Mar 1 10:26:06: Vi1 LCP: O CONFNAK [ACKrcvd] id 3 len 9
*Mar 1 10:26:06: Vi1 LCP: AuthProto CHAP (0x0305C22305)
*Mar 1 10:26:06: Vi1 PPP: I pkt type 0xC021, datagramsize 20 link[ppp]
*Mar 1 10:26:06: Vi1 LCP: I CONFREQ [ACKrcvd] id 4 len 18
*Mar 1 10:26:06: Vi1 LCP: MRU 1500 (0x010405DC)
*Mar 1 10:26:06: Vi1 LCP: AuthProto PAP (0x0304C023)
*Mar 1 10:26:06: Vi1 LCP: MagicNumber 0x20ECB1C3 (0x050620ECB1C3)
*Mar 1 10:26:06: Vi1 LCP: O CONFNAK [ACKrcvd] id 4 len 9
*Mar 1 10:26:06: Vi1 LCP: AuthProto CHAP (0x0305C22305)
*Mar 1 10:26:06: Vi1 PPP: I pkt type 0xC021, datagramsize 20 link[ppp]
*Mar 1 10:26:06: Vi1 LCP: I CONFREQ [ACKrcvd] id 5 len 18
*Mar 1 10:26:06: Vi1 LCP: MRU 1500 (0x010405DC)
*Mar 1 10:26:06: Vi1 LCP: AuthProto PAP (0x0304C023)
*Mar 1 10:26:06: Vi1 LCP: MagicNumber 0x20ECB1C3 (0x050620ECB1C3)
*Mar 1 10:26:06: Vi1 LCP: O CONFNAK [ACKrcvd] id 5 len 9
*Mar 1 10:26:06: Vi1 LCP: AuthProto CHAP (0x0305C22305)
*Mar 1 10:26:06: Vi1 PPP: I pkt type 0xC021, datagramsize 6 link[ppp]
*Mar 1 10:26:06: Vi1 LCP: I TERMREQ [ACKrcvd] id 6 len 4
*Mar 1 10:26:06: Vi1 LCP: O TERMACK [ACKrcvd] id 6 len 4
*Mar 1 10:26:06: Vi1 PPP: Authorization required
*Mar 1 10:26:06: Vi1 PPP: No remote authentication for call-out
*Mar 1 10:26:06: %DIALER-6-UNBIND: Interface Vi1 unbound from profile Di1
*Mar 1 10:26:06: Vi1 PPP: Block vaccess from being freed [0x10]
*Mar 1 10:26:06: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down
*Mar 1 10:26:06: Vi1 PPP: Sending Acct Event[Down] id[33]
*Mar 1 10:26:06: Vi1 LCP: State is Closed
*Mar 1 10:26:06: Vi1 PPP: Phase is DOWN
*Mar 1 10:26:06: Vi1 PPP: Unlocked by [0x10] Still Locked by [0x2]
*Mar 1 10:26:06: Vi1 PPP: Unlocked by [0x2] Still Locked by [0x0]
*Mar 1 10:26:06: Vi1 PPP: Free previously blocked vaccess
Inviato: ven 27 mar , 2009 3:17 pm
da Clockys
ho messo questa config e adesso si collega e si connette (ppp led = fisso)
Codice: Seleziona tutto
Current configuration : 4598 bytes
!
version 12.4
service nagle
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname cisco877
!
boot-start-marker
boot-end-marker
!
logging exception 100000
logging count
logging userinfo
logging queue-limit 10000
logging buffered 150000 notifications
logging console critical
enable secret 5 psw_enable
!
no aaa new-model
clock timezone MET 1
clock summer-time MEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
!
!
dot11 syslog
no ip source-route
no ip gratuitous-arps
ip icmp rate-limit unreachable 1000
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.254
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.1.200 192.168.1.254
!
ip dhcp pool client
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 151.99.125.1 151.99.0.100
lease 0 2
!
!
ip inspect log drop-pkt
ip inspect max-incomplete low 300
ip inspect max-incomplete high 400
ip inspect one-minute low 300
ip inspect hashtable-size 2048
ip inspect tcp synwait-time 20
ip inspect tcp max-incomplete host 300 block-time 60
ip inspect name IDS tcp
ip inspect name IDS udp
ip inspect name IDS ftp
no ip bootp server
ip name-server 85.37.17.52
ip name-server 85.38.28.92
login block-for 1 attempts 3 within 30
login on-failure
login on-success
!
vpdn enable
!
vpdn-group pppoe
request-dialin
protocol pppoe
!
!
!
username usr privilege 15 secret 5 la_pazzword.
!
!
archive
log config
hidekeys
!
!
ip tcp selective-ack
ip tcp window-size 2144
ip tcp synwait-time 10
!
!
!
interface Loopback0
description INTERFACCIA VIRTUALE END-POINT VPN
ip address 192.168.254.1 255.255.255.255
!
interface ATM0
description Interfaccia ATM0 - Connessione ADSL
mtu 1500
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip virtual-reassembly
no ip split-horizon
no atm ilmi-keepalive
dsl operating-mode auto
hold-queue 224 in
!
interface ATM0.1 point-to-point
pvc 8/35
encapsulation aal5snap
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
hold-queue 100 out
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description CONNESSIONE LAN ***
ip address 192.168.1.1 255.255.255.0
ip accounting output-packets
ip nat inside
ip virtual-reassembly
ip route-cache flow
no ip mroute-cache
hold-queue 100 out
!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
ppp authentication chap callin
ppp chap hostname [email protected]
ppp chap password 7 13041B1B08090A2F3C252F
ppp ipcp dns request
ppp ipcp wins request
!
interface Dialer0
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp header-compression
dialer pool 1
no cdp enable
ppp authentication pap callin
ppp chap hostname [email protected]
ppp chap password 7 13041B1B08090A2F3C252F
ppp pap sent-username [email protected] password 7 045A070F0C24424B1E1802
ppp ipcp dns request
ppp ipcp wins request
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
no ip http secure-server
ip nat inside source list 1 interface Dialer0 overload
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 remark *************************************************************
access-list 100 remark *** ACL PER PAT E NAT0 ***
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
!
!
!
control-plane
!
banner motd ^CCC
****************************************************************
----------------------------------------------------------------
* *** ROUTER PERIMETRALE ---- *** *
----------------------------------------------------------------
* WARNING: System is RESTRICTED to authorized personnel ONLY! *
* Unauthorized use of this system will be logged and *
* prosecuted to the fullest extent of the law. *
* *
* If you are NOT authorized to use this system, LOG OFF NOW! *
* *
****************************************************************
^C
!
line con 0
exec-timeout 120 0
login local
no modem enable
transport output ssh
stopbits 1
line aux 0
login local
transport output ssh
stopbits 1
line vty 0 4
exec-timeout 0 0
login local
transport input telnet ssh
transport output telnet ssh
!
scheduler max-task-time 5000
scheduler interval 500
end
il problema adesso è che naviga solo su alcuni siti.
tipo su google va velocissimo e tranquillo, su altri ci mette tanto a caricare e spesso non carica proprio.
what's wrong ?
io ho pensato ad un problema di dns..ma vorrei conferma/smentita prima di giocarci ancora.
la lan funziona,
pc pinga router e viceversa, ma se voglio vedere
http://iprouter non funziona
Inviato: ven 27 mar , 2009 6:25 pm
da Clockys
ragazzi funziona QUASI tutto ..
credo sia un problema di acl.
potete farmi qualche esempio o ditemi se serve qualcosa ...
uff ..
sono a un passo dalla vittoria :/
Re: Cisco 877 con Alice 7mega business (ip statico)
Inviato: gio 31 mag , 2012 8:12 am
da impensabile
per quanto riguarda l'accesso al router da http, anche se non sono molto addentro alla conf dei cisco sono sicuro che dipende da
no ip http server
no ip http secure-server
togli il no
per le acl in altre conf ho trovato questo:
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.7
access-list 100 remark SDM_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 10.10.10.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 102 remark SDM_ACL Category=2
access-list 102 remark IPSec Rule
access-list 102 deny ip 10.10.10.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 102 permit ip 10.10.10.0 0.0.0.255 any
dialer-list 1 protocol ip permit
no cdp run
route-map SDM_RMAP_1 permit 1
match ip address 102
o questo:
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.0.0 0.0.0.255
no cdp run
se qualcuno potesse dare delucidazioni non lasceremmo un problema a metà anche perchè è quasi risolto.
Se l'autore del post ha poi la soluzione, potrebbe postare la conf. in modo da non rendere vani gli sforzi di chi si è prodigato ad aiutarlo.
Re: Cisco 877 con Alice 7mega business (ip statico)
Inviato: gio 31 mag , 2012 1:00 pm
da paolomat75
Spero che dopo 3 anni abbia risolto