CiscoForums.it

ci sono cose che dovrei correggere/aggiungere secondo voi?

Building configuration...

Current configuration : 4465 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5 $1$fXzy$9YQ.tgL82oXmW355Q5YeD.
enable password 7 0356085B5558774F58
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local
!
!
aaa session-id common
no ip source-route
no ip routing
!
!
no ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
!
no ip bootp server
ip domain name yourdomain.com
ip name-server 212.216.112.112
ip name-server 212.216.172.62
multilink bundle-name authenticated
!
!
username admin privilege 15 password 7 120A0D1E1C020B052722
archive
log config
hidekeys
!
!
!
!
!
interface Null0
no ip unreachables
!
interface FastEthernet0
description $ETH-LAN$
ip address 10.10.10.1 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
no ip route-cache
speed auto
half-duplex
!
interface BRI0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation hdlc
no ip route-cache
shutdown
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
no ip route-cache
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
no ip route-cache
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface ATM0.2 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
no ip route-cache
atm route-bridged ip
pvc 8/36
pppoe-client dial-pool-number 1
!
!
interface Virtual-Template1 type serial
ip unnumbered ATM0
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-FE 1$
ip address 10.10.10.1 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no ip route-cache
shutdown
!
interface Dialer0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname aliceadsl
ppp chap password 7 03055702050A20485D05
ppp pap sent-username XXXXXXX password 7 094D42001A0016161800
!
ip forward-protocol nd
!
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.7
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.

Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.

username <myuser> privilege 15 secret 0 <mypassword>
no username cisco

Replace <myuser> and <mypassword> with the username and password you want to use.

For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
login authentication local_authen
line aux 0
login authentication local_authen
line vty 0 4
password 7 0559555F721B180A0F25
authorization exec local_author
login authentication local_authen
transport input telnet
line vty 5 15
authorization exec local_author
login authentication local_authen
transport input telnet
!
scheduler allocate 4000 1000
scheduler interval 500
end

L epunto punto non servono devi routare tutto sulla dialer.
Se hai l'interfaccia fe non occore avere a vlan.

francesco_savona ha scritto:L epunto punto non servono devi routare tutto sulla dialer.
Se hai l'interfaccia fe non occore avere a vlan.

come faccio a ruotare tutto sulle dialer?
basta nego la vlan?io l'ho usata una volta per usare SDM

ho tralasciato di dire che l'atm0.2 mi è necessaria che sia bridge, deve funzionare per l'iptv

non riesco a navigare...il test della linea che ho fatto con sdm mi dice che manca la default route... ma a me sembra di averla messa...qualcuno può aiutarmi?

grazie

non c'e'...

ip route 0.0.0.0 0.0.0.0 dialer0

l'ho aggiunto, adesso la spia ppp rimane accesa fissa, ma non navigo ugualmente

con questa configurazione navigo:

version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname c827
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.2.2
ip dhcp excluded-address 192.168.0.100
ip dhcp excluded-address 192.168.0.1 192.168.0.5
!
ip dhcp pool CARLO
network 192.168.2.0 255.255.255.0
default-router 10.10.10.1
dns-server 212.216.112.112
netbios-name-server 212.216.172.62
netbios-node-type h-node
domain-name alice.it
!
ip dhcp pool LAN
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 212.216.112.112 212.216.172.62
lease 0 12
!
!
no ip bootp server
no ip domain lookup
ip host CARLO 192.168.2.1
ip name-server 212.216.112.112
ip name-server 212.216.172.62
ip name-server 151.99.125.2
ip name-server 151.99.125.1
ip name-server 151.99.125.3
ip name-server 212.216.112.222
multilink bundle-name authenticated
vpdn enable
!
vpdn-group 1
request-dialin
protocol pppoe
!
!
!
archive
log config
hidekeys
!
!
!
!
interface FastEthernet0
description Interfaccia Ethernet0/0 - Lan interna
ip address 192.168.0.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nat inside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
ip tcp adjust-mss 1452
speed auto
half-duplex
no cdp enable
hold-queue 100 out
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface ATM0
description Interfaccia ATM0/0 - Connessione ADSL
no ip address
no atm ilmi-keepalive
pvc 8/35
pppoe-client dial-pool-number 1
!
bundle-enable
dsl operating-mode auto
hold-queue 224 in
!
interface Vlan1
no ip address
!
interface Dialer0
description Interfaccia Dialer0/0 - Alice Mega ADSL 7Mbit/s
bandwidth 8096
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp header-compression
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
no cdp enable
ppp pap sent-username xxxxx password 7 xxxxxxx
!
ip forward-protocol nd
no ip forward-protocol udp bootps
no ip forward-protocol udp tftp
no ip forward-protocol udp nameserver
no ip forward-protocol udp domain
no ip forward-protocol udp time
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
no ip http server
ip nat translation timeout 420
ip nat translation syn-timeout 40
ip nat translation max-entries 5000
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 permit 192.168.0.0 0.0.0.255
!
control-plane
!
banner login ^CC
|| ||
|| ||
|||| ||||
..|||||:..|||||:..
Cisco Systems Inc.
-
c827 @ 192.168.0.1

*** Accesso alla configurazione del router. Ogni accesso viene loggato ***^C
banner prompt-timeout ^CC
La sessione di lavoro e' scaduta. Per continuare e' necessario
riautenticarsi.^C
!
line con 0
transport output all
stopbits 1
line aux 0
line vty 0 4
access-class 1 in
exec-timeout 0 0
logging synchronous
login
transport input all
transport output all
!
scheduler max-task-time 5000
sntp server 193.204.114.232
sntp server 193.204.114.233
end

Ora sorgono 2 problemi:
1)non voglio il dhcp, quali comandi devo negare?
2)sulle porte switch del 1801 non navigo, riesco a navigare solo sull'interfaccia FA0.

come risolvo il tutto?

Grazie

hai disabilitato ip routing e ip cef alla cfg in cui non navighi..


attivali:
ip routing
ip cef

grazie ma quel problema l'ho risolto con la seconda conf

devi configurare un ip alla vlan1 ed abilitare il nat inside

adesso la configurazione è quasi pronta, riesco a navigare. Non mi resta che concentrarmi sulla questione della IPTV. Si accettanto suggerimenti!!!!

Nel frattempo incollo la configurazione nel caso qualcuno ne abbia bisogno



version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 1801
!
boot-start-marker
boot-end-marker
!
enable password XXXXXXX
!
no aaa new-model
!
!
ip cef
!
!
no ip bootp server
no ip domain lookup
ip host CARLO 192.168.2.1
ip name-server 212.216.112.112
ip name-server 212.216.172.62
ip name-server 151.99.125.2
ip name-server 151.99.125.1
ip name-server 151.99.125.3
ip name-server 212.216.112.222
multilink bundle-name authenticated
vpdn enable
!
vpdn-group 1
request-dialin
protocol pppoe
!
!
!
username XXXXX password XXXXXXX
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0
no ip address
duplex auto
speed auto
no cdp enable
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface FastEthernet1
switchport access vlan 3
!
interface FastEthernet2
switchport access vlan 3
interface FastEthernet3
switchport access vlan 3
!
interface FastEthernet4
switchport access vlan 3
!
interface FastEthernet5
switchport access vlan 3
!
interface FastEthernet6
switchport access vlan 3
!
interface FastEthernet7
switchport access vlan 3
!
interface FastEthernet8
switchport access vlan 3
!
interface ATM0
description Interfaccia ATM0/0 - Connessione ADSL
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
no ip route-cache cef
no ip route-cache
no atm ilmi-keepalive
pvc 8/35
pppoe-client dial-pool-number 1
!
bundle-enable
dsl operating-mode auto
hold-queue 224 in
!
interface ATM0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
no ip route-cache
!
interface ATM0.2 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
no ip route-cache
atm route-bridged ip
pvc 8/36
pppoe-client dial-pool-number 1
!
!
interface Vlan1
no ip address
!
interface Vlan2
no ip address
shutdown
!
interface Vlan3
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Dialer0
description Interfaccia Dialer0/0 - Alice Mega ADSL 7Mbit/s
bandwidth 8096
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp header-compression
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
no cdp enable
ppp pap sent-username aliceadsl password 7 060703284F4B081D161B
!
ip default-gateway 192.168.2.1
ip forward-protocol nd
no ip forward-protocol udp bootps
no ip forward-protocol udp tftp
no ip forward-protocol udp nameserver
no ip forward-protocol udp domain
no ip forward-protocol udp time
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
no ip http server
ip nat translation timeout 420
ip nat translation syn-timeout 40
ip nat translation max-entries 5000
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 permit 192.168.2.0 0.0.0.255
!
control-plane
!
banner login ^CCCC
|| ||
|| ||
|||| ||||
..|||||:..|||||:..
Cisco Systems Inc.
-
1801 @ 192.168.2.1

*** Accesso alla configurazione del router. Ogni accesso viene loggato ***^C
banner prompt-timeout ^CCCC
La sessione di lavoro e' scaduta. Per continuare e' necessario
riautenticarsi.^C
!
line con 0
transport output all
stopbits 1
line aux 0
line vty 0 4
exec-timeout 0 0
login local
transport input all
transport output all
!
scheduler max-task-time 5000
sntp server 193.204.114.232
sntp server 193.204.114.233
end

ora devo risolvere un altro problema...come faccio a mettere i PVC dell'interfaccia ATM0.2 in modalità bridge e indirizzare il flusso di quei pvc verso un'interfaccia?

riporto la discussione un pò su...

qualcuno può aiutarmi a risolvere il mio problema? si accettano tutte le soluzioni possibili!!!