COnfigurazione filtri su 1600 ISDN
Inviato: gio 25 nov , 2010 10:06 am
Ciao a tutti. Ho configurato un 1600 ISDN per accesso ad Internet (capisco antico ma purtroppo ho un'esigenza specifica) con Fast Step perchè purtroppo non conosco Ios. Riesco ora ad accedere ad Internet ma il router una volta connesso, non sgancia più il collegamento. Da quanto ho letto dovrebbe dipendere dalla mancanza di filtri, es. sulle porte 137-139..., nella configurazione del router.
Non so come impostare questi filtri ed eventualmente altri necessari, anche per maggiore sicurezza.
Qualcuno può darmi una mano?
Questa è la conf. che sono riuscito a fare.
Grazie.
sh run
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname 1600
!
logging buffered 8192 debugging
enable secret 5 $1$Z0Jo$jCIzFzQQlwVMiDkUr.20N0
!
username xxxxx password 7 082040470A100A03060A010B24
username 1600 password 7 045C0E005675
ip subnet-zero
no ip source-route
isdn switch-type basic-net3
!
!
!
interface Ethernet0
ip address 10.18.4.1 255.255.255.0
no ip directed-broadcast
no ip proxy-arp
ip nat inside
!
interface BRI0
no ip address
no ip directed-broadcast
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-net3
ppp authentication chap pap callin
ppp multilink
!
interface Dialer1
description ISP
ip address negotiated
no ip directed-broadcast
no ip proxy-arp
ip nat outside
encapsulation ppp
no ip split-horizon
dialer remote-name
dialer idle-timeout 300
dialer string 7027020000 class DialClass
dialer hold-queue 10
dialer load-threshold 10 either
dialer pool 1
dialer-group 1
pulse-time 0
ppp authentication chap pap callin
ppp chap hostname
ppp chap password 7 02070852080F0035584F04160B
ppp pap sent-username password 7 15130705072324303C32382D1D
ppp multilink
!
ip nat inside source list 18 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
map-class dialer DialClass
access-list 18 permit 10.18.4.0 0.0.0.255
dialer-list 1 protocol ip permit
!
line con 0
exec-timeout 120 0
transport input none
line vty 0 4
exec-timeout 0 0
login local
!
end
Non so come impostare questi filtri ed eventualmente altri necessari, anche per maggiore sicurezza.
Qualcuno può darmi una mano?
Questa è la conf. che sono riuscito a fare.
Grazie.
sh run
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname 1600
!
logging buffered 8192 debugging
enable secret 5 $1$Z0Jo$jCIzFzQQlwVMiDkUr.20N0
!
username xxxxx password 7 082040470A100A03060A010B24
username 1600 password 7 045C0E005675
ip subnet-zero
no ip source-route
isdn switch-type basic-net3
!
!
!
interface Ethernet0
ip address 10.18.4.1 255.255.255.0
no ip directed-broadcast
no ip proxy-arp
ip nat inside
!
interface BRI0
no ip address
no ip directed-broadcast
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-net3
ppp authentication chap pap callin
ppp multilink
!
interface Dialer1
description ISP
ip address negotiated
no ip directed-broadcast
no ip proxy-arp
ip nat outside
encapsulation ppp
no ip split-horizon
dialer remote-name
dialer idle-timeout 300
dialer string 7027020000 class DialClass
dialer hold-queue 10
dialer load-threshold 10 either
dialer pool 1
dialer-group 1
pulse-time 0
ppp authentication chap pap callin
ppp chap hostname
ppp chap password 7 02070852080F0035584F04160B
ppp pap sent-username password 7 15130705072324303C32382D1D
ppp multilink
!
ip nat inside source list 18 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
map-class dialer DialClass
access-list 18 permit 10.18.4.0 0.0.0.255
dialer-list 1 protocol ip permit
!
line con 0
exec-timeout 120 0
transport input none
line vty 0 4
exec-timeout 0 0
login local
!
end