CISCO 2811 su Linea Telecom IP Statici

[johnc]

Un saluto a tutti,
sto cercando di configurare questo apparato su linea telecom alice business con 8 ip pubblici. Non mi interessa sfruttare tutti gli ip ma avere solo una linea performante ed un servizio di assistenza tempestivo in caso di problemi di linea.
Questi sono i dati forniti da telecom per la configurazione:

IP Assegnati: 195.xxx.xx.248/255
Network Mask: 255.255.255.248
Default Gateway: 195.xxx.xx.249
Punto Punto: 31.xxx.xxx.10

Ho configurato così, a seguire ma non ne vuol sapere di andare e non riesco a capire dove stia sbagliando. Potreste aiutarmi?
Grazie

Current configuration : 6314 bytes
!
! Last configuration change at 21:20:05 UTC Tue Jun 25 2013 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
logging buffered 4096
no logging console
!
no aaa new-model
!
!
dot11 syslog
ip source-route
!
!
ip cef
!
!
!
ip name-server 8.8.8.8
ip name-server 8.8.4.4
!
multilink bundle-name authenticated
!
parameter-map type protocol-info msn-servers
server name messenger.hotmail.com
server name gateway.messenger.hotmail.com
server name webmessenger.msn.com

parameter-map type protocol-info aol-servers
server name login.oscar.aol.com
server name toc.oscar.aol.com
server name oam-d09a.blue.aol.com

parameter-map type protocol-info yahoo-servers
server name scs.msg.yahoo.com
server name scsa.msg.ya
server name scsb.msg.yahoo.com
server name scsc.msg.yahoo.com
server name scsd.msg.yahoo.com
server name cs16.msg.dcn.yahoo.com
server name cs19.msg.dcn.yahoo.com
server name cs42.msg.dcn.yahoo.com
server name cs53.msg.dcn.yahoo.com
server name cs54.msg.dcn.yahoo.com
server name ads1.vip.scd.yahoo.com
server name radio1.launch.vip.dal.yahoo.com
server name in1.msg.vip.re2.yahoo.com
server name data1.my.vip.sc5.yahoo.com
server name address1.pim.vip.mud.yahoo.com
server name edit.messenger.yahoo.com
server name messenger.yahoo.com
server name http.pager.yahoo.com
server name privacy.yahoo.com
server name csa.yahoo.com
server name csb.yahoo.com
server name csc.yahoo.com

!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3052610494
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3052610494
revocation-check none
rsakeypair TP-self-signed-3052610494
!
!
crypto pki certificate chain TP-self-signed-3052610494
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33303532 36313034 3934301E 170D3133 30363235 31393439
32365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 30353236
31303439 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100AC46 A5424853 412D5CA5 DF35DAF3 5C45AF1F 8CA71BE7 512EC653 8BEF96
4691D8F1 F2F79D25 31753F81 CD744D7A 27FE0387 D69EE717 4B52AC34 4C2F4B49
3F683150 14A188E1 BC70A2D3 33B31CAC 99B75D14 15CE56B6 5A4E3B7A F1A6894B
7E1B3E72 21F66466 3349426B 78ED4B63 DA6AFA78 993D5BD9 687D6499 79143409
5D570203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 1426B65D 8142CFA1 945CC091 BC38A1D5 DCD7E415 EA301D06
03551D0E 04160414 26B65D81 42CFA194 5CC091BC 38A1D5DC D7E415EA 300D0609
2A864886 F70D0101 05050003 81810066 964A09F4 D01E9262 1819D865 49EE1C
F9F07284 AA593CF9 7F0265BA 5F16F5D4 31E1A4B3 A7A3E741 186210A7 9242FDC3
3D4972C5 3A0BC189 3525AE19 51C9B485 DC452830 FDFD59FA 259AC75E DD1D063B
9023C7B0 6C1A5736 6DC08496 4DA003D2 411FFD23 BD5DB9B4 0DB28183 B5D78CF7
FD538059 CDDF432B 6F1F8E72 E38038
quit
!
!
license udi pid CISCO2811 sn FCZ115072HF
username xxxxx privilege 15 password 0 xxxxx
!
redundancy
!
!
!
class-map type inspect imap match-any sdm-app-imap
match invalid-command
class-map type inspect match-any sdm-cls-protocol-p2p
match protocol edonkey signature
match protocol gnutella signature
match protocol kazaa2 signature
match protocol fasttrack signature
match protocol bittorrent signature
class-map type inspect gnutella match-any sdm-app-gnutella
match file-transfer
class-map type inspect match-any SDM-Voice-permit
match protocol h323
match protocol skinny
match protocol sip
class-map type inspect msnmsgr match-any sdm-app-msn-otherservices
match service any
class-map type inspect match-any sdm-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-any sdm-cls-protocol-im
match protocol ymsgr yahoo-servers
match protocol msnmsgr msn-servers
match protocol aol aol-servers
class-map type inspect aol match-any sdm-app-aol-otherservices
match service any
class-map type inspect match-any sdm-cls-insp-traffic
class-map type inspect match-all sdm-protocol-p2p
match class-map sdm-cls-protocol-p2p
class-map type inspect ymsgr match-any sdm-app-yahoo
match service text-ch
class-map type inspect edonkey match-any sdm-app-edonkey
match file-transfer
match text-chat
match search-file-name
class-map type inspect fasttrack match-any sdm-app-fasttrack
match file-transfer
class-map type inspect http match-any sdm-http-allowparam
match request port-misuse tunneling
class-map type inspect edonkey match-any sdm-app-edonkeydownload
match file-transfer
class-map type inspect match-all sdm-protocol-imap
match protocol imap
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.1
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
!
interface ATM0/0/0.2 point-to-point
pvc 8/35
encapsulation aal5snap
protocol ppp dialer
dialer pool-member 1
!
!
interface Dialer1
ip address 195.xxx.xx.250 255.255.255.248
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
!
router rip
network 192.168.1.0
!
ip forward-pro
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source list 1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 remark SDM_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
dialer-list 1 protocol ip permit
!
!
!
!
!
control-plane
!
!
!
line con 0
speed 115200
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet
!
scheduler allocate 20000 1000
end

[emiliano]

Molto velocemente tralasciando il resto dovresti cambiare la configfurazione dalla dialer ad una configurazione classica punto puno, un esempio potrebbe essere qesto:

Codice: Seleziona tutto

interface ATM0/0/0
mtu 1500
no ip address
no atm ilmi-keepalive
no shut

interface ATM0/0/0.1 point-to-point
no shut
mtu 1500
ip address 88.58.x.y 255.255.255.252 secondary (indirizzo punto punto  assegnato)
ip address x.y.z.w 255.255.255.254 (uno degli ip pubblici che ti hanno assegnato) 
ip nat outside
ip virtual-reassembly in
pvc 8/35
oam-pvc manage
oam retry 5 5 1
encapsulation aal5snap

Ip route 0.0.0.0 0.0.0.0 atm0/0/0.1

access-list 101 permit ip 192.168.1.0 0.0.0.255 any

ip nat inside source list 101 int atm0/0/0.1 overload

Ovviamente devi giostrarti nat, acl, indirizzi ip ecc...

Vedi se risolvi.

Emiliano

[johnc]

Ti ringrazio per il supporto Emiliano,
una domanda che probabilmente potrà sembrarti banale:

ma il Default Gateway: 195.xxx.xx.249 lo uso solo se decidessi di assegnare un indirizzo ip pubblico direttamente ad un web server? Nel router non lo devo inserire da nessuna parte?

[johnc]

Un piccolo OT mentre ci sono, ho configurato ACL con il wizard livello medium da sdm, sul l'altro 857w se alzo a Higth poi ho un rallentamento della connessione...
Su questo 2811 non riesco ad eseguire il security audit da sdm, non so perché, c'è una procedura da console per lanciare il wizard security audit?
Grazie ancora

[emiliano]

Ti ringrazio per il supporto Emiliano,
una domanda che probabilmente potrà sembrarti banale:

ma il Default Gateway: 195.xxx.xx.249 lo uso solo se decidessi di assegnare un indirizzo ip pubblico direttamente ad un web server? Nel router non lo devo inserire da nessuna parte?

Il .249 è semplicemente il 1° ip che puoi usare del pool, quello che nell'esempio che ti ho postato va messo al posto di x.y.z.w 255.255.255.254

Se natti gli ip privati della lan con l'ip che assegni all'interfaccia atm del router ignora quella dicitura def gateway.

Sinceramente non saprei spiegarti perchè viene indicato come def gateway, forse come hai detto tu si usa nel caso in cui tu scelga di non fare nat ma di assegnare ai dispositivi solo ip pubblici. Tanto per intenderci Telecom in una configurazione tipo potrebbe darti un router con il .249 configurato sulla Fastethernet, poi ti dice, se vuoi agganciare un firewall, un server o quello che vuoi al router dagli un ip pubblico disponibile del pool e come gateway usa appunto il .249...

[emiliano]

Un piccolo OT mentre ci sono, ho configurato ACL con il wizard livello medium da sdm, sul l'altro 857w se alzo a Higth poi ho un rallentamento della connessione...
Su questo 2811 non riesco ad eseguire il security audit da sdm, non so perché, c'è una procedura da console per lanciare il wizard security audit?
Grazie ancora

Su 2 piedi non saprei che risponderti, non uso sdm, solo CLI

[scolpi]

IP Assegnati: 195.xxx.xx.248/255
Network Mask: 255.255.255.248
Default Gateway: 195.xxx.xx.249
Punto Punto: 31.xxx.xxx.10

Da quello che vedo e che mi par di capire, la dialer deve avere ip 31.xxx.xxx.10 e la tua rete interna deve stare nella rete 195.xxx.xx.248/29, quindi non ti serve nat

[johnc]

Ciao,
scusate se vi disturbo nuovamente ma non ne vuol sapere...
La cosa che mi infastidisce è che se configuro un router da 49€ con ip statico tutto funziona correttamente! Mettendo uno degli indirizzi disponibili, network mask e gateway...
Altra anomalia è che questo router fino alla settimana scorsa andava, anche senza configurare il punto punto.

Posto la nuova configurazione che comunque non va:

Current configuration : 3613 bytes
!
! Last configuration change at 15:20:12 UTC Thu Jun 27 2013
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no logging buffered
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
!
!
dot11 syslog
ip source-route
!
!
ip cef
!
!
!
!
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3052610494
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3052610494
revocation-check none
rsakeypair TP-self-signed-3052610494
!
!
crypto pki certificate chain TP-self-signed-3052610494
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33303532 36313034 3934301E 170D3133 30363237 31353030
31305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 30353236
31303439 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C25D 53F646EF 414541AE 40FA70E7 868D01FE B71435E8 A6447BA0 25BCBDA1
4878495F 69256D94 8A463AF3 BFFA091B 82B40D46 0D7CB4FA F3B331C5 7865F2E1
32FE5A94 994DCBC1 EE626D0F 3F59F9F7 32408B6B CFCAB6F9 8E553394 7EE355E7
B2C0EA15 3ADECB95 6735BB7B 99EB1917 5083A2BB 981BEA78 B4D0F746 1DB5AC58
22D30203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 1443AA65 8D67A9BC A0E588BF 228923EE 7BF642A5 6D301D06
03551D0E 04160414 43AA658D 67A9BCA0 E588BF22 8923EE7B F642A56D 300D0609
2A864886 F70D0101 05050003 818100B2 2E9B1937 DE71B060 07F7050B 8BEAD1FD
AB4ED196 D260EB58 8F8D99C4 3378831B 075B791F BE663B27 B8149707 F3C55560
A317FDFF 67295247 29ADBB1F 745BFB61 A39A6134 743DC8C7 A198C821 0375CFDD
DFA87243 20505D0B 440A8DFF 152F4520 A52062F5 92B0A748 EB05D3BE A7E873A3
C4759227 B1A5FE68 BE12FC52 6CD869
quit
!
!
license udi pid CISCO2811 sn FCZ115072HF
username ****** privilege 15 password 0 ******
!
redundancy
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
mtu 1500
no ip address
no atm ilmi-keepalive
!
interface ATM0/0/0.1 point-to-point
mtu 1500
ip address 31.xxx.xxx.10 255.255.255.252 secondary
ip nat outside
ip virtual-reassembly in
pvc 8/35
oam-pvc manage
oam retry 5 5 1
encapsulation aal5snap
protocol ppp dialer
dialer pool-member 1
!
!
interface Dialer0
ip address 195.xxx.xx.249 255.255.255.248
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
!
router rip
network 192.168.1.0
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source list 101 interface ATM0/0/0.1 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 0.0.0.0 0.0.0.0 ATM0/0/0.1
!
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
dialer-list 1 protocol ip permit
!
!
!
!
!
!
!
control-plane
!
!
!
line con 0
speed 115200
line aux 0
line vty 0 4
transport input telnet
!
scheduler allocate 20000 1000
end

Router#
Router#
Router#
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ip dhcp pool lan
Router(dhcp-config)#dns-server 8.8.8.8 8.8.4.4
Router(dhcp-config)#end

Spero nel vostro aiuto.

[johnc]

Altro dettaglio, se configuro il router sulla mia linea alice casa tutto funziona correttamente...

[scolpi]

ma non è che per caso servono anche i parametri per l'autenticazione sotto la dialer? Cioè username e password

[emiliano]

Ciao,
scusate se vi disturbo nuovamente ma non ne vuol sapere...
La cosa che mi infastidisce è che se configuro un router da 49€ con ip statico tutto funziona correttamente! Mettendo uno degli indirizzi disponibili, network mask e gateway...
Altra anomalia è che questo router fino alla settimana scorsa andava, anche senza configurare il punto punto.

Posto la nuova configurazione che comunque non va:

Current configuration : 3613 bytes
!
! Last configuration change at 15:20:12 UTC Thu Jun 27 2013
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no logging buffered
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
!
!
dot11 syslog
ip source-route
!
!
ip cef
!
!
!
!
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3052610494
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3052610494
revocation-check none
rsakeypair TP-self-signed-3052610494
!
!
crypto pki certificate chain TP-self-signed-3052610494
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33303532 36313034 3934301E 170D3133 30363237 31353030
31305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 30353236
31303439 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C25D 53F646EF 414541AE 40FA70E7 868D01FE B71435E8 A6447BA0 25BCBDA1
4878495F 69256D94 8A463AF3 BFFA091B 82B40D46 0D7CB4FA F3B331C5 7865F2E1
32FE5A94 994DCBC1 EE626D0F 3F59F9F7 32408B6B CFCAB6F9 8E553394 7EE355E7
B2C0EA15 3ADECB95 6735BB7B 99EB1917 5083A2BB 981BEA78 B4D0F746 1DB5AC58
22D30203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 1443AA65 8D67A9BC A0E588BF 228923EE 7BF642A5 6D301D06
03551D0E 04160414 43AA658D 67A9BCA0 E588BF22 8923EE7B F642A56D 300D0609
2A864886 F70D0101 05050003 818100B2 2E9B1937 DE71B060 07F7050B 8BEAD1FD
AB4ED196 D260EB58 8F8D99C4 3378831B 075B791F BE663B27 B8149707 F3C55560
A317FDFF 67295247 29ADBB1F 745BFB61 A39A6134 743DC8C7 A198C821 0375CFDD
DFA87243 20505D0B 440A8DFF 152F4520 A52062F5 92B0A748 EB05D3BE A7E873A3
C4759227 B1A5FE68 BE12FC52 6CD869
quit
!
!
license udi pid CISCO2811 sn FCZ115072HF
username ****** privilege 15 password 0 ******
!
redundancy
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
mtu 1500
no ip address
no atm ilmi-keepalive
!
interface ATM0/0/0.1 point-to-point
mtu 1500
ip address 31.xxx.xxx.10 255.255.255.252 secondary
ip nat outside
ip virtual-reassembly in
pvc 8/35
oam-pvc manage
oam retry 5 5 1
encapsulation aal5snap
protocol ppp dialer
dialer pool-member 1
!
!
interface Dialer0
ip address 195.xxx.xx.249 255.255.255.248
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
!
router rip
network 192.168.1.0
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source list 101 interface ATM0/0/0.1 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 0.0.0.0 0.0.0.0 ATM0/0/0.1
!
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
dialer-list 1 protocol ip permit
!
!
!
!
!
!
!
control-plane
!
!
!
line con 0
speed 115200
line aux 0
line vty 0 4
transport input telnet
!
scheduler allocate 20000 1000
end

Router#
Router#
Router#
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ip dhcp pool lan
Router(dhcp-config)#dns-server 8.8.8.8 8.8.4.4
Router(dhcp-config)#end

Spero nel vostro aiuto.

Hai mischiato le configurazioni, con il tipo di linea che ti hanno portato la dialer non serve.
Salvati la configurazione attuale e rifanne una da zero come ti ho suggerito, lasciando perdere la parte dialer, non serve. Ho diversi router in giro configuratiin quel modo e funzionano tutti.
Emiliano

[johnc]

Ciao ragazzi,
continuo a non allinearmi:

Current configuration : 3225 bytes
!
! Last configuration change at 09:34:48 UTC Fri Jun 28 2013 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
dot11 syslog
ip source-route
!
!
ip cef
!
ip dhcp pool lan
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 8.8.4.4
lease infinite
!
!
!
!
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3052610494
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3052610494
revocation-check none
rsakeypair TP-self-signed-3052610494
!
!
crypto pki certificate chain TP-self-signed-3052610494
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33303532 36313034 3934301E 170D3133 30363238 30393139
30375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 30353236
31303439 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100AA46 B9E868BE 10B90EC6 F36B9A3D BAC63849 024E458E 29142CB9 B2CE59DE
B2D5F0FE 6763BFC0 4971F3C0 0D6007A9 C528F53D 10C08E5B A03E86F2 D230DFB1
6158FA9A 61DBCA8D 80DA7686 31F9AE38 1F649F6E 97D637A6 137CF181 AD8F69FA
3D8B4406 7C632FFB 78D2FE14 F42914D8 32B0A664 95BBF3F1 7D48838F 8B115506
99AB0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 1437B5DE B39E9249 5FF6F3D1 08B143E2 F775DAD0 BD301D06
03551D0E 04160414 37B5DEB3 9E92495F F6F3D108 B143E2F7 75DAD0BD 300D0609
2A864886 F70D0101 05050003 8181009E AD3B8E85 FF05C8FE F218ECF4 A13AB106
62084A7B 6D63A955 70E95FDF F47623A7 D2BE4DF0 4A91B49D 095DCBFD 07405CF3
F842FF08 F6D66558 6B81005F 02F5F78F 7F54284B 9A710DBE 242E1B44 354151E7
7529161B B4F1AB6F 4EF7E547 BA3D5C86 981C1403 30F13C43 FF00CBD1 4AFE06CF
E9FAA883 B23AD19F 6A090831 131307
quit
!
!
license udi pid CISCO2811 sn FCZ115072HF
username xxxxxx privilege 15 password 0 xxxxxxxx
!
redundancy
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
mtu 1500
no ip address
no atm ilmi-keepalive
!
interface ATM0/0/0.1 point-to-point
mtu 1500
ip address 31.xxx.xxx.10 255.255.255.252 secondary
ip address 195.xxx.xx.249 255.255.255.248
ip nat outside
ip virtual-reassembly in
pvc 8/35
oam-pvc manage
oam retry 5 5 1
encapsulation aal5snap
!
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source list 101 interface ATM0/0/0.1 overload
ip route 0.0.0.0 0.0.0.0 ATM0/0/0.1
!
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
!
!
!
!
!
control-plane
!
!
!
line con 0
speed 115200
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end

[emiliano]

Hai dimenticato di inserire

Codice: Seleziona tutto

ip nat inside

sotto l'interfaccia FA0/0...

[emiliano]

Risolto??????