Aiuto configurazione 1841 con due ADSL

[crissimo68]

Salve a tutti,
chiedo gentilmente se qualcuno può aiutarmi a configurare un Cisco 1841 con una Wic ADSL1 e un HWiC Adsl2 ......
Ho due linee ADSL, una Cheapnet e una NGI.... dovrei configurarle in modo da ultilizzare una sola porta LAN con indirizzo 192.168.3.254 per navigare e far uscire in porta 5060 il centralino Asterisk.....
dimenticavo mi serve anche abilitato il server DHCP...

Allego una configurazione ora in uso per capire dove sbaglio...
------------------------------------------------
Current configuration : 4305 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SMILE-Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
dot11 syslog
ip source-route
!
!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-1423132600
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1423132600
revocation-check none
rsakeypair TP-self-signed-1423132600
!
!
crypto pki certificate chain TP-self-signed-1423132600
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31343233 31333236 3030301E 170D3132 30363239 30373332
32325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 34323331
33323630 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100A002 8DCEA730 8347A11B BDFB8C8B 0F9EAC0B 3F956BDA 8C9075DC 20122989
8C18EC6F 1F8D8362 E7710DEC 470609F7 BB2E36B1 88419F33 076DB0C9 3203B554
609C794A 22F55573 6AE2D07D 25EDBD8B 0C91CCB3 41EF14BE A4391DA6 3A04BB66
1A58E156 20905943 C11777D7 9F6C58B7 DE46749C 73F0BBC3 E72A77A2 E3FF62A1
5FF70203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14767754 2E7F666D BA8525EF 031A2F41 79EACE5E 0E301D06
03551D0E 04160414 7677542E 7F666DBA 8525EF03 1A2F4179 EACE5E0E 300D0609
2A864886 F70D0101 05050003 81810092 2C0F5989 803788D2 FCEE9DC7 31F3DFD1
C73854E0 32766FB5 A447D9C5 4D3AC569 2D3A5D93 D550F8A3 C8B67914 3308943A
C71CCBD5 EAEB149F DE5F0D65 924C77E4 C13B86AC FC173032 91E15E82 24C9F9DD
BA2F19F3 8DB2EA6E EE2A81C6 B6AE808F C571EC8E F45F93C9 A46F1CEC 1812BAA5
F8B53DB6 EEDA7FDF D8C5DE72 9A67A4
quit
!
!
license udi pid XXXXXXX sn XXXXXXX
username smile privilege 15 secret 4 0jzBq2JD67w.hmC1hzDB9.XGX.27H280r4PFgnUNPpk

username XXXXXXX privilege 15 secret 4 cgelrgdMm1IlO12DIUkvhyFINiNm9LQPvFYGM5S
pVkA
!
redundancy
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
description Lan Interna
ip address 192.168.3.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
!
interface ATM0/0/0.1 point-to-point
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface ATM0/1/0
no ip address
no atm ilmi-keepalive
!
interface ATM0/1/0.1 point-to-point
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 2
!
!
interface Dialer0
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname XXXXXXX
ppp chap password 0 XXXXXX
ppp pap sent-username XXXXXXX password 0 XXXXXX
!
interface Dialer1
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 2
dialer-group 2
ppp authentication pap callin
ppp chap hostname XXXXXX
ppp chap password 0 XXXXX
ppp pap sent-username XXXXXXX password 0 XXXXXX
!
router rip
version 2
network 192.168.3.0
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source route-map PRI-WAN interface Dialer0 overload
ip nat inside source route-map SEC-WAN interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip access-list extended WAN-1
permit ip 192.168.3.0 0.0.0.255 any
ip access-list extended WAN-2
permit ip 192.168.3.0 0.0.0.255 any
!
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
!
!
!
!
!
match ip address WAN-2
match interface Dialer1
!
route-map PRI-WAN permit 1
match ip address WAN-1
match interface Dialer0
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
login
transport input all
!
scheduler allocate 20000 1000
end

[crissimo68]

Ho provato a collegare la linea con CheapNet e funziona lentissima... Mentre NGI non funziona proprio, si io vorrei usarle entrambe contemporaneamente.....

[crissimo68]

Ho queste due configurazioni date da operatori :

Cheapnet:

ENCAPSULATION: PPPoA

MULTIPLEXING: VC (indicato a volte come NULL)

VPI: 8

VCI: 35

login: XXXXXX

Passwod: XXXXXXX



NGI

- Protocollo di trasmissione: PPPoA (PPP over ATM) o PPPoE (PPP over Ethernet)
- Encapsulation: LLC/SNAP o MUX
- VPI: 8
- VCI: 35
- Indirizzo IP e DNS: assegnati dal server
- Autenticazione: PAP
- Login: XXXXXX
- Password*: XXXXX

[crissimo68]

Grazie infinite Emiliano.
ho provato al lavoro portandomi il 1841 a collegarlo alla linea alice presente.... naturalmente cambiando ad entrembi i Wic la username e password.....
Con il Dialer0 interfaccia Hwic funziona regolarmente si allinea e navigo a velocità normale
Con il Dialer1 interfaccia WicAdsl si allinea ma è lentissimo... come ieri sera quando avevo connesso Cheapnet...

[crissimo68]

Linea 7 mb. Alice, esatto Wic-1Adsl

Però prima di fare la configurazione con routemap usata singolarmente andavano bene come velocità entrambe.... penso di averle incasinate inserendo i parametri trovati quì nel sito per quanto riguarda :

ip nat inside source route-map PRI-WAN interface Dialer0 overload
ip nat inside source route-map SEC-WAN interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip access-list extended WAN-1
permit ip 192.168.3.0 0.0.0.255 any
ip access-list extended WAN-2
permit ip 192.168.3.0 0.0.0.255 any
!
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit

Forse faccio prima a resettare configurazione e partire con una cosa alla volta....

[crissimo68]

Bene,
ora resetto la configurazione e riparto da zero....
poi te la posto...

[anubisg1]

non ho visto bene i dettagli, cmq, io ho un router con due adsl usate allo stesso momento, magari questa config può aiutare

Codice: Seleziona tutto

Building configuration...

Current configuration : 11131 bytes
!
! No configuration change since last restart
!
version 15.1
service tcp-keepalives-in
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname sis-router2
!
boot-start-marker
boot-end-marker
!
!
security authentication failure rate 5 log
logging buffered 51200
no logging console
!
no aaa new-model
!
clock timezone ROME 1 0
clock summer-time ROME recurring last Sun Mar 2:00 last Sun Oct 2:00
dot11 syslog
no ip source-route
no ip gratuitous-arps
!
!
!
ip dhcp excluded-address 192.168.10.1 192.168.10.99
ip dhcp excluded-address 192.168.10.151 192.168.10.254
!
ip dhcp pool DHCP
   network 192.168.10.0 255.255.255.0
   default-router 192.168.0.1 
   dns-server 192.168.0.1 192.168.10.254 192.168.10.253 
   domain-name sanaa.local
   netbios-name-server 192.168.10.254 192.168.10.253 
!
!
ip cef
ip domain name sanaa.local
ip name-server 8.8.8.8
ip name-server 192.168.10.254
ip name-server 192.168.10.253
ip ddns update method dyndns1
 HTTP
  add http://xxxxxxxxx:[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
  remove http://xxxxxxxxx:[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
 interval maximum 0 0 20 0
!
login block-for 480 attempts 3 within 240
login delay 2
login quiet-mode access-class 10
login on-success log
no ipv6 cef
!
multilink bundle-name authenticated
!
vpdn enable
!
vpdn-group pppoe
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3392215101
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3392215101
 revocation-check none
 rsakeypair TP-self-signed-3392215101
!
!
crypto pki certificate chain TP-self-signed-3392215101
 certificate self-signed 01
  3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 33333932 32313531 3031301E 170D3131 30323230 32333131 
  31355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 33393232 
  31353130 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100CE0C 874D91F0 8796C698 44C0087D 7A94B832 CD4D13C0 0CE1C6DE 6639C294 
  A3358F4E B5480E1A 679CACA6 4BB6AF05 4B2708A6 0B6A62F6 4797ACBB CA312A87 
  7E294E63 31BB4639 08E75DFF 24812F14 E0FCB148 B315C24F 178147FA 95F12842 
  BFCC6713 A83D8959 FE0CA559 745AFF51 CE289F0C F5EAD375 4BCBD338 71309413 
  29CF0203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603 
  551D1104 1B301982 17736973 2D726F75 74657232 2E73616E 61612E6C 6F63616C 
  301F0603 551D2304 18301680 14C9AC66 BE816B30 1F2B9ACB 23AC6EF2 ED431EA9 
  6F301D06 03551D0E 04160414 C9AC66BE 816B301F 2B9ACB23 AC6EF2ED 431EA96F 
  300D0609 2A864886 F70D0101 04050003 818100AC 181B9DEE 9F7D2FB5 F91AEA52 
  F64F86A7 630F2D61 DE511FEE DDE7386C E6D93C15 C314043F 877C860E 752F9CBE 
  14090065 1BA7688F 0E296017 C6265940 D751F60E 53701CCF 300DDF1C 31A72ABD 
  28BA863A 4BAC4521 0394CBAF FA6A07DA 98217BD4 208FED12 5D8183A8 7325DA8F 
  C206211E DAF8279F FA846163 6874BFD1 DB0B05
  	quit
!
!
license udi pid CISCO1841 sn FHK142472HG
archive
 log config
  hidekeys
username admin privilege 15 secret 5 xxxxxxxxxxxxxxxxxxx
username sisadmin password 7 xxxxxxxxxxxx
username anubisg1 privilege 15 secret 5 xxxxxxxxxxxxxx
!
redundancy
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2
!
track 1 ip sla 1 reachability
 delay down 10 up 20
!
track 100 interface Dialer0 ip routing
 delay down 10 up 20
!
track 101 interface Dialer1 ip routing
 delay down 10 up 20
!
class-map match-any P2P
 match protocol bittorrent
 match protocol edonkey
 match protocol fasttrack
 match protocol gnutella
 match protocol kazaa2
 match protocol winmx
 match protocol directconnect
 match protocol gopher
!
!
policy-map P2P
 class P2P
  drop
!
! 
!
crypto isakmp policy 10
 encr 3des
 hash md5
 authentication pre-share
crypto isakmp key xxxxxxxxxxxxxxxxxx address 0.0.0.0 0.0.0.0
crypto isakmp keepalive 10 5
!
!
crypto ipsec transform-set MINE esp-3des 
!
crypto ipsec profile DMVPN
 set transform-set MINE 
!
!
!
!
!
!
interface Loopback1
 ip address 172.16.2.2 255.255.255.252
!
interface Tunnel0
 ip address 172.16.1.10 255.255.255.0
 no ip redirects
 ip mtu 1400
 ip flow ingress
 ip flow egress
 ip nhrp authentication !@auth%$
 ip nhrp map multicast xxxxxxx
 ip nhrp map 172.16.1.1 xxxxxxxx
 ip nhrp network-id 1
 ip nhrp holdtime 100
 ip nhrp nhs 172.16.1.1
 ip nhrp registration timeout 40
 ip tcp adjust-mss 1360
 keepalive 5 2
 tunnel source Dialer0
 tunnel mode gre multipoint
 tunnel protection ipsec profile DMVPN
!
interface FastEthernet0/0
 description Interface in the school
 ip address 192.168.10.249 255.255.255.0
 ip nbar protocol-discovery
 ip flow ingress
 ip flow egress
 ip nat inside
 ip virtual-reassembly in
 ip tcp adjust-mss 1452
 glbp 1 ip 192.168.10.1
 glbp 1 priority 105
 glbp 1 preempt delay minimum 10
 glbp 1 weighting 20 lower 9
 glbp 1 load-balancing weighted
 glbp 1 weighting track 100 decrement 10
 glbp 1 weighting track 101 decrement 10
 glbp 1 forwarder preempt delay minimum 10
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface ATM0/0/0
 description Phone line number 390197
 no ip address
 ip flow ingress
 ip flow egress
 no atm ilmi-keepalive
 hold-queue 224 in
 pvc 8/35 
  pppoe-client dial-pool-number 1
 !
!
interface ATM0/1/0
 description Phone line number 390196
 no ip address
 ip flow ingress
 ip flow egress
 no atm ilmi-keepalive
 hold-queue 224 in
 pvc 8/35 
  pppoe-client dial-pool-number 2
 !
!
interface Dialer0
 ip ddns update hostname xxxxxxx
 ip ddns update dyndns1
 ip address negotiated
 ip mtu 1492
 ip flow ingress
 ip flow egress
 ip nat outside
 ip virtual-reassembly in max-reassemblies 512
 encapsulation ppp
 dialer pool 1
 ppp authentication chap callin
 ppp chap hostname SISADSL2
 ppp chap password 7 xxxxxxxxxxx
!
interface Dialer1
 ip ddns update hostname xxxxxxxxx
 ip ddns update dyndns1
 ip address negotiated
 ip mtu 1492
 ip flow ingress
 ip flow egress
 ip nat outside
 ip virtual-reassembly in max-reassemblies 512
 encapsulation ppp
 dialer pool 2
 ppp authentication chap callin
 ppp chap hostname SISADSLI
 ppp chap password 7 xxxxxxxxxxx
!         
!
router eigrp 1
 network 192.168.10.0
 redistribute connected
 redistribute static
 neighbor 192.168.10.248 FastEthernet0/0
 passive-interface default
 no passive-interface FastEthernet0/0
!
router bgp 65300
 bgp log-neighbor-changes
 network 192.168.10.0
 neighbor 172.16.1.1 remote-as 65000
 neighbor 172.16.1.1 description Brno
 neighbor 172.16.1.1 soft-reconfiguration inbound
 neighbor 172.16.2.1 remote-as 65300
 neighbor 172.16.2.1 description iBGP with SIS-ROUTER1
 neighbor 172.16.2.1 update-source Loopback1
 neighbor 172.16.2.1 next-hop-self
 neighbor 172.16.2.1 soft-reconfiguration inbound
 no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip flow-export source Tunnel0
ip flow-export version 5 origin-as
ip flow-export destination 192.168.0.8 9996
ip flow-top-talkers
 top 40
 sort-by bytes
!
ip dns server
ip nat inside source static udp 192.168.1.254 1194 interface Dialer1 1194
ip nat inside source route-map PRI-WAN interface Dialer0 overload
ip nat inside source route-map SEC-WAN interface Dialer1 overload
ip route 192.168.0.8 255.255.255.255 Tunnel0 track 1
ip route 0.0.0.0 0.0.0.0 Dialer0 track 100
ip route 0.0.0.0 0.0.0.0 Dialer1 track 101
ip route 172.16.2.1 255.255.255.255 FastEthernet0/0 192.168.10.248
!
ip access-list extended WAN-1
 permit ip 192.168.10.0 0.0.0.255 any
 permit ip 192.168.1.0 0.0.0.255 any
ip access-list extended WAN-2
 permit ip 192.168.10.0 0.0.0.255 any
 permit ip 192.168.1.0 0.0.0.255 any
!
ip sla 1
 icmp-echo 172.16.1.1
 frequency 10
ip sla schedule 1 life forever start-time now
logging esm config
access-list 10 remark --- Allow login always ---
access-list 10 permit 192.168.0.8
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 10 permit 192.168.10.0 0.0.0.255
access-list 10 permit 172.16.1.0 0.0.0.255
access-list 20 remark --- SNMP allow only server ---
access-list 20 permit 192.168.0.8
access-list 100 remark --- telnet lan only ---
access-list 100 deny   ip 218.0.0.0 0.255.255.255 any
access-list 100 permit tcp 192.168.10.0 0.0.0.255 any eq telnet
access-list 100 permit tcp 192.168.1.0 0.0.0.255 any eq telnet
access-list 100 permit tcp 192.168.0.0 0.0.0.255 any eq telnet
access-list 100 permit tcp 172.16.1.0 0.0.0.255 any eq telnet
access-list 100 permit tcp any any eq 22
access-list 100 deny   tcp any any log
no cdp run
          
!
!
!
!
route-map SEC-WAN permit 1
 match ip address WAN-2
 match interface Dialer1
!
route-map PRI-WAN permit 1
 match ip address WAN-1
 match interface Dialer0
!
snmp-server community brno RO 20
snmp-server ifindex persist
snmp-server trap-source Tunnel0
snmp-server packetsize 1000
snmp-server location Sanaa, Yemen
snmp-server contact Andrea Florio
snmp-server chassis-id sis-router2
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps eigrp
snmp-server enable traps envmon
snmp-server enable traps adslline
snmp-server enable traps flash insertion removal
snmp-server enable traps authenticate-fail
snmp-server enable traps atm pvc
snmp-server enable traps bgp
snmp-server enable traps config
snmp-server enable traps cpu threshold
snmp-server enable traps ipsla
snmp-server host 192.168.0.8 brno 
!
!
control-plane
!
!
banner login ^C
Unauthorized use of these resources is prohibited

Illegal access will be prosecuted under the full extent of the law
^C
banner motd ^C
                            _
      .::::::::::.        -(_)====u         .::::::::::.
    .::::''''''::::.                      .::::''''''::::.
  .:::'          `::::....          ....::::'          `:::.
 .::'             `:::::::|        |:::::::'             `::.
.::|               |::::::|_ ___ __|::::::|               |::.
`--'               |::::::|_()__()_|::::::|               `--'
 :::               |::-o::|        |::o-::|               :::
 `::.             .|::::::|        |::::::|.             .::'
  `:::.          .::\-----'        `-----/::.          .:::'
    `::::......::::'                      `::::......::::'
      `::::::::::'                          `::::::::::'

    This is the Sanaa International School router
    You are supposed to be here only if Authorized,
    if you are not, please go away, all not authorized
    accesses are logged and will be pursued by law.

^C
!
line con 0
 logging synchronous
 login local
line aux 0
line vty 0 4
 access-class 100 in
 exec-timeout 15 0
 logging synchronous
 login local
 transport input telnet ssh
!
scheduler allocate 20000 1000
ntp server 212.45.144.59
end