videosorveglianza e cisco 837 visione da remoto

Tutto ciò che ha a che fare con la configurazione di apparati Cisco (e non rientra nelle altre categorie)

Moderatore: Federico.Lagni

Rispondi
mikmik
n00b
Messaggi: 2
Iscritto il: mar 08 giu , 2010 10:03 am

Salve a tutti ho un sistema di videosorveglianza da visionare da remoto, quindi ho la necessità di raggiungere dall'esterno ip 192.168.0.97 sulla porta 82 tcp/udp , il router è un cisco 837.
Ho inseriti i seguenti comandi:

ip nat inside source static tcp 192.168.0.97 82 interface Dialer0 82
ip nat inside source static udp 192.168.0.97 82 interface Dialer0 82

successivamente

ip nat outside source static tcp xx.xx.xxx.241 82 192.168.0.97 82 extendable
ip nat outside source static udp xx.xx.xxx.241 82 192.168.0.97 82 extendable


Ma non va.

Considerando che ci sono Acl già registrate che sicuramente mi bloccano o provato ad aggiungere :


access-list 101 permit tcp any host 192.168.0.97 eq 82
access-list 101 permit udp any host 192.168.0.97 eq 82
access-list 101 permit ip any any


Li ho registrati in ethernet0
ip access-group 101 in


Ma nonostante questo da remoto non riesco a raggiungere host specificato prima


Qualcuno mi sa dire dove sbaglio,o se ci sono altre istruzione da inserire per sbloccare la porta!


!This is the running config of the router:
!----------------------------------------------------------------------------
!version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime localtime
service password-encryption
service udp-small-servers
!

!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$fpsR$whxmIP4d.W7MhiNAd2AS20
!
no aaa new-model
ip subnet-zero
no ip source-route
!
!
ip domain name interbusiness.it
ip name-server 151.99.125.2
ip ips po max-events 100
no ftp-server write-enable
!
!
!
!
!
interface Ethernet0
ip address 192.168.0.1 255.255.255.0 secondary
ip address xx.xx.xxx.241 255.255.255.248
ip access-group 101 in
ip access-group 102 out
ip nat inside
ip virtual-reassembly
hold-queue 100 out
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
bandwidth 128
ip address 255.255.255.0
ip access-group 104 in
ip access-group 103 out
ip nat outside
ip virtual-reassembly
pvc 8/35
oam-pvc manage
oam retry 5 5 1
encapsulation aal5snap
!
!
interface FastEthernet1
no ip address
duplex auto
speed auto
!
interface FastEthernet2
no ip address
duplex auto
speed auto
!
interface FastEthernet3
no ip address
duplex auto
speed auto
!
interface FastEthernet4
no ip address
duplex auto
speed auto
!
interface Dialer0
no ip address
!
ip classless
ip route 0.0.0.0 0.0.0.0 ATM0.1
ip route 88.59.140.0 255.255.255.0 ATM0.1
ip route 151.99.0.0 255.255.0.0 ATM0.1
ip http server
no ip http secure-server
ip nat pool net-ibs xx.xx.xxx.242 xx.xx.xxx.242 netmask 255.255.255.248
ip nat inside source list 1 pool net-ibs overload
ip nat inside source static udp 192.168.0.97 82 interface Ethernet0 82
ip nat inside source static tcp 192.168.0.97 82 interface Ethernet0 82
ip nat outside source static tcp xx.xx.xxx.241 82 192.168.0.97 82 extendable
ip nat outside source static udp xx.xx.xxx.241 82 192.168.0.97 82 extendable
!
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 18 permit 151.99.126.0 0.0.0.255
access-list 19 permit 151.99.126.0 0.0.0.255
access-list 30 permit 151.99.252.8
access-list 30 permit 88.53.143.117
access-list 30 permit 151.99.6.2
access-list 30 permit 151.99.9.6
access-list 30 permit 151.99.126.0 0.0.0.255
access-list 101 permit tcp any host 192.168.0.97 eq 82
access-list 101 permit udp any host 192.168.0.97 eq 82
access-list 101 permit ip any any
access-list 102 deny ip xx.xx.xxx.240 0.0.0.7 any
access-list 102 permit tcp any xx.xx.xxx.240 0.0.0.7 established
access-list 102 permit ip any xx.xx.xxx.240 0.0.0.7
access-list 102 permit ip any 192.168.0.0 0.0.0.255
access-list 103 permit udp xx.xx.xxx.240 0.0.0.7 151.99.125.0 0.0.0.31 eq domain
access-list 103 permit tcp xx.xx.xxx.240 0.0.0.7 151.99.125.0 0.0.0.31 gt 1023
access-list 103 permit ip xx.xx.xxx.240 0.0.0.7 any
access-list 104 deny tcp any any eq 2065
access-list 104 permit ip any any
snmp-server community public RO 18
snmp-server community private RW 19
snmp-server enable traps tty
snmp-server host 151.99.126.2 private
tacacs-server host 151.99.126.2
tacacs-server last-resort password
tacacs-server directed-request
tacacs-server extended
tacacs-server notify connections
tacacs-server notify enable
!
control-plane
!


^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
access-class 30 in
login local
!
scheduler max-task-time 5000
end
Ultima modifica di mikmik il sab 26 giu , 2010 8:05 pm, modificato 3 volte in totale.
Top
Avatar utente
lazzaronetu
Cisco fan
Messaggi: 45
Iscritto il: gio 25 feb , 2010 3:52 pm

che apparato cisco hai ???
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Cisco Router 887VA-W
IOS Release : c800-universalk9-mz.SPA.156-2.T
xDSL Firmware: VA_A_39d_B_38h3_24h_1
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Top
mikmik
n00b
Messaggi: 2
Iscritto il: mar 08 giu , 2010 10:03 am

:?
Top
Rispondi

Torna a “Configurazioni”