Salve a tutti
ho impostato sul mio 1841 ddns con dyndns. Purtroppo non riesco a capire perche alcune volte su dyndns mi ritrovo l'indirizzo WAN e altre volta l'indirizzo di LAN f0.0
Di seguito la configurazione
------------------ show running-config ------------------
Building configuration...
Current configuration : 8194 bytes
!
! Last configuration change at 07:03:57 CET Tue Feb 28 2012 by admin
! NVRAM config last updated at 11:16:10 CET Thu Feb 23 2012 by admin
!
version 12.4
service config
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco1841
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable secret 5 <removed>
enable password <removed>
!
aaa new-model
!
!
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authentication login ciscocp_vpn_xauth_ml_2 local
aaa authorization network ciscocp_vpn_group_ml_1 local
aaa authorization network ciscocp_vpn_group_ml_2 local
!
aaa session-id common
!
resource policy
!
clock timezone CET 1
clock summer-time CET recurring
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.1.201 192.168.1.254
!
ip dhcp pool POOL_DHCP
import all
network 192.168.1.0 255.255.255.0
dns-server 212.216.172.62 212.216.112.112
default-router 192.168.1.254
!
!
ip domain name domain.com
ip host members.dyndns.org 204.13.248.112
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2
ip ddns update method DynDNS
HTTP
add http://XXXXXXXX:[email protected]. ... h>&myip=<a>
remove http://XXXXXX:[email protected] ... h>&myip=<a>
interval maximum 0 0 15 0
!
!
!
crypto pki trustpoint TP-self-signed-2910638223
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2910638223
revocation-check none
rsakeypair TP-self-signed-2910638223
!
!
crypto pki certificate chain TP-self-signed-2910638223
certificate self-signed 01
quit
username admin privilege 15 secret 5 <removed>
username XXXXXXXX secret 5 <removed>
!
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp client configuration XXXXXXXXXXX
key XXXXXXX
pool SDM_POOL_1
netmask 255.255.255.0
!
crypto isakmp client configuration group XXXXXXXXXX
key XXXXXXX
dns 8.8.8.8
pool SDM_POOL_2
acl 101
include-local-lan
pfs
netmask 255.255.255.0
crypto isakmp profile ciscocp-ike-profile-1
match identity group XXXXXXXXXx
client authentication list ciscocp_vpn_xauth_ml_1
isakmp authorization list ciscocp_vpn_group_ml_1
client configuration address initiate
client configuration address respond
virtual-template 1
crypto isakmp profile ciscocp-ike-profile-2
match identity group XXXXXXX
client authentication list ciscocp_vpn_xauth_ml_2
isakmp authorization list ciscocp_vpn_group_ml_2
client configuration address initiate
client configuration address respond
virtual-template 2
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
!
crypto ipsec profile CiscoCP_Profile1
set transform-set ESP-3DES-SHA
set isakmp-profile ciscocp-ike-profile-1
!
crypto ipsec profile CiscoCP_Profile2
set transform-set ESP-3DES-SHA1
set isakmp-profile ciscocp-ike-profile-2
!
!
!
!
!
interface FastEthernet0/0
description $ETH-LAN$
ip address 192.168.1.254 255.255.255.0
ip directed-broadcast
ip nat inside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no ip route-cache cef
no ip route-cache
no atm ilmi-keepalive
bundle-enable
dsl operating-mode auto
dsl lom 30
hold-queue 224 in
!
interface ATM0/0/0.1 point-to-point
no ip route-cache
no snmp trap link-status
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface Virtual-Template1 type tunnel
ip unnumbered FastEthernet0/0
tunnel mode ipsec ipv4
tunnel protection ipsec profile CiscoCP_Profile1
!
interface Virtual-Template2 type tunnel
ip unnumbered FastEthernet0/0
tunnel mode ipsec ipv4
tunnel protection ipsec profile CiscoCP_Profile2
!
interface Dialer0
ip ddns update hostname XXXXXXXXX.dyndns.org
ip ddns update DynDNS host members.dyndns.org
ip address negotiated
ip directed-broadcast
no ip proxy-arp
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username XXXXXXXXX password 0 XXXXXXXXXXXX
!
ip local pool SDM_POOL_1 10.0.0.100 10.0.0.110
ip local pool SDM_POOL_2 20.10.10.100 20.10.10.200
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http secure-server
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.88 11251 interface Dialer0 11251
ip nat inside source static udp 192.168.1.88 21856 interface Dialer0 21856
ip nat inside source static tcp 192.168.1.110 80 interface Dialer0 9093
ip nat inside source static udp 192.168.1.89 44786 interface Dialer0 44786
ip nat inside source static tcp 192.168.1.89 36017 interface Dialer0 36017
ip nat inside source static tcp 192.168.1.168 80 interface Dialer0 9092
ip nat inside source static tcp 192.168.1.190 24158 interface Dialer0 24158
ip nat inside source static udp 192.168.1.190 3389 interface Dialer0 3389
ip nat inside source static tcp 192.168.1.190 3389 interface Dialer0 3389
ip nat inside source static tcp 192.168.1.190 21 interface Dialer0 21
ip nat inside source static tcp 192.168.1.99 8080 interface Dialer0 9099
ip nat inside source static udp 192.168.1.129 7806 interface Dialer0 7806
ip nat inside source static tcp 192.168.1.129 39989 interface Dialer0 39989
ip nat inside source static udp 192.168.1.190 43833 interface Dialer0 43833
ip nat inside source static tcp 192.168.1.190 2304 interface Dialer0 2304
ip nat inside source static tcp 192.168.1.101 80 interface Dialer0 9091
ip nat inside source static udp 192.168.1.190 2304 interface Dialer0 2304
ip nat inside source static udp 192.168.1.190 9 interface Dialer0 9
ip nat inside source static tcp 192.168.1.190 9090 interface Dialer0 9090
ip nat inside source static udp 192.168.1.190 9090 interface Dialer0 9090
!
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 permit ip any any
access-list 100 permit tcp any any
access-list 100 permit udp any any
access-list 101 remark CCP_ACL Category=4
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
access-list 101 permit ip 10.0.0.0 0.0.0.255 any
access-list 101 permit ip 20.10.10.0 0.0.0.255 any
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
!
!
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
exec-timeout 40 0
password <removed>
transport input telnet ssh
transport output telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 20000 1000
sntp server 193.204.114.232
end
Dyndns e indirizzo di LAN e WAN
Moderatore: Federico.Lagni
-
paolomat75
- Messianic Network master
- Messaggi: 2965
- Iscritto il: ven 29 gen , 2010 10:25 am
- Località: Prov di GE
Ciao,
guarda non vedo niente di strano a prima vista. Però mi ricordo che una volta mi è bastato levare la configurazione edi DDNS e rimetterla (non so perché).
Paolo
guarda non vedo niente di strano a prima vista. Però mi ricordo che una volta mi è bastato levare la configurazione edi DDNS e rimetterla (non so perché).
Paolo
Non cade foglia che l'inconscio non voglia (S.B.)
