Ora vengo al mio problema che ho su un cisco 877
datomi da un amico e che vorrei mettere al posto del mio d-link.
innanzitutto ho collegato 877 con seriale su hyper terminal
sono entrato in ROMMON 1> e digitato 0x2142 + invio
poi reset.....una volta riavviato e essermi posto in ROUTER>
ho fatto enable e entrato in ROUTER# ho fatto un wr erase
poi reload per riavviare.......
una volta riavviato sono ritornato in ROMMON> e digitato confreg 0x2102.
A questo punto ho fatto conf t da router# ed ho messo la mia config
che ho preparato dopo tante letture e scaricamenti vari, ho spento
e attaccato l'877 alla linea adsl ma........aimè nn riesco neanche a navigare.
Vi posto la conf che ho messo e magari se potete indicarmi dove sbaglio o
ho sbagliato a configurare ve ne sarei molto grato anche perchè sicuramente
troverete tanti errori ma........sono qui per imparare e la voglia nn manca.
GRAZIE a tutti in anticipo.
Codice: Seleziona tutto
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname seccoleo
!
boot-start-marker
boot-end-marker
!
no aaa new-model
clock timezone MET 1
clock summer-time MEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
!
dot11 syslog
ip cef
no ip dhcp use vrf connected
!
ip dhcp pool POOL01
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 208.67.220.220 8.8.4.4
lease infinite
!
ip inspect log drop-pkt
ip inspect name Firewall cuseeme
ip inspect name Firewall dns
ip inspect name Firewall ftp
ip inspect name Firewall h323
ip inspect name Firewall https
ip inspect name Firewall icmp
ip inspect name Firewall imap
ip inspect name Firewall pop3
ip inspect name Firewall rcmd
ip inspect name Firewall realaudio
ip inspect name Firewall rtsp
ip inspect name Firewall esmtp
ip inspect name Firewall sqlnet
ip inspect name Firewall streamworks
ip inspect name Firewall tftp
ip inspect name Firewall tcp
ip inspect name Firewall udp
ip inspect name Firewall vdolive
ip name-server 208.67.220.220
ip name-server 8.8.4.4
ip ddns update method ddns
!
username bitartlo privilege 15 password 0 geronimo
!
archive
log config
hidekeys
!
bridge irb
!
interface ATM0
ip nat inside
ip address
ip virtual-reassembly
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode adsl2+
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
ip address 192.168.1.254 255.255.255.0
ip access-group 102 in
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer0
ip ddns update hostname [vostro host].dyndns.org
ip ddns update ddns
ip address negotiated
ip access-group 101 in
ip mtu 1492
ip nat outside
ip inspect Firewall out
ip virtual-reassembly
encapsulation ppp
dialer pool 1
ppp authentication chap callin
ppp chap hostname aliceadsl
ppp chap password 0 aliceadsl
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
no ip http secure-server
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.4 33696 interface Dialer0 33696
ip nat inside source static udp 192.168.1.4 33696 interface Dialer0 33696
ip nat inside source static tcp 192.168.1.4 22889 interface Dialer0 22889
ip nat inside source static udp 192.168.1.4 22889 interface Dialer0 22889
ip nat inside source static tcp 192.168.1.4 16969 interface Dialer0 16969
ip nat inside source static udp 192.168.1.4 16969 interface Dialer0 16969
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 101 permit udp host 208.67.220.220 eq domain any
access-list 101 permit udp host 8.8.4.4 eq domain any
access-list 101 permit tcp host 204.13.248.111 eq www any log
access-list 101 permit udp host 193.204.114.232 eq ntp any
access-list 101 permit tcp any any eq 33696
access-list 101 permit udp any any eq 33696
access-list 101 permit tcp any any eq 22889
access-list 101 permit udp any any eq 22889
access-list 101 permit tcp any any eq 16969
access-list 101 permit udp any any eq 16969
access-list 101 permit gre any any
access-list 101 permit udp any any eq discard
access-list 101 deny ip 0.0.0.0 0.255.255.255 any
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip 169.254.0.0 0.0.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.0.2.0 0.0.0.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 198.18.0.0 0.1.255.255 any
access-list 101 deny ip 224.0.0.0 0.15.255.255 any
access-list 101 deny ip any host 255.255.255.255
access-list 101 deny icmp any any echo
access-list 101 deny ip any any log
access-list 102 remark Traffico abilitato ad entrare dalla ethernet
access-list 102 permit ip any host 192.168.1.1
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 permit ip any host 255.255.255.255
access-list 102 deny ip any host 192.168.1.255
access-list 102 deny udp any any eq tftp log
access-list 102 deny ip any 0.0.0.0 0.255.255.255 log
access-list 102 deny ip any 10.0.0.0 0.255.255.255 log
access-list 102 deny ip any 127.0.0.0 0.255.255.255 log
access-list 102 deny ip any 169.254.0.0 0.0.255.255 log
access-list 102 deny ip any 172.16.0.0 0.15.255.255 log
access-list 102 deny ip any 192.0.2.0 0.0.0.255 log
access-list 102 deny ip any 192.168.0.0 0.0.255.255 log
access-list 102 deny ip any 198.18.0.0 0.1.255.255 log
access-list 102 deny udp any any eq 135 log
access-list 102 deny tcp any any eq 135 log
access-list 102 deny udp any any eq netbios-ns log
access-list 102 deny udp any any eq netbios-dgm log
access-list 102 deny tcp any any eq 445 log
access-list 102 deny ip any any log
dialer-list 1 protocol ip permit
!
control-plane
!
line con 0
login local
no modem enable
line aux 0
login local
line vty 0 4
login local
transport input telnet ssh
!
scheduler max-task-time 5000
ntp clock-period 17183740
ntp server 193.204.114.232
end