ALICE 4 MEGA + CISCO 1720 - La mia prima configurazione

[orion]

Ciao a tutti,
ho appena finito di configurare il 1720. Tutto funziona bene, ma siccome sono nuovo apprezzerei molto il consiglio di chi conosce l'IOS meglio di me.
Vi posto pertanto la conf. e attendo consigli e suggerimenti!
Grazie in anticipo

Codice: Seleziona tutto

version 12.2
no parser cache
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname minosse
!
logging rate-limit console 10 except errors
aaa new-model
enable secret 5 XXXXXXXXXXXXXXXXXXXX
enable password 7 XXXXXXXXXXXXXXXXXXXX
!
username root password 7 XXXXXXXXXXXXXXXXXXXX
memory-size iomem 25
clock timezone GTM 2
ip subnet-zero
!
!
ip domain-name XXXX.XXXX.XXXX
ip name-server 212.216.172.62
!
ip ssh time-out 120
ip ssh authentication-retries 3
no ip dhcp-client network-discovery
!
!
!
!
interface ATM0
 description INTERFACCIA ATM/ADSL
 bandwidth 4381
 no ip address
 no ip route-cache
 no ip mroute-cache
 atm vc-per-vp 256
 no atm ilmi-keepalive
 pvc 8/35
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
 dsl operating-mode auto
 no fair-queue
 hold-queue 224 in
!
interface FastEthernet0
 description RETE INTERNA
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 speed auto
!
interface Dialer0
 description DIALER ALICE-ADSL
 bandwidth 4381
 ip address negotiated
 ip mtu 1452
 ip nat outside
 encapsulation ppp
 ip tcp header-compression
 dialer pool 1
 dialer-group 1
 pulse-time 0
 ppp pap sent-username aliceadsl password 7 XXXXXXXXXXXXXXXXXXXX
!
ip nat translation timeout 420
ip nat translation tcp-timeout 120
ip nat translation pptp-timeout 420
ip nat translation udp-timeout 120
ip nat translation finrst-timeout 300
ip nat translation syn-timeout 120
ip nat translation dns-timeout 300
ip nat translation icmp-timeout 120
ip nat translation max-entries 5000
ip nat inside source list 101 interface Dialer0 overload
ip nat inside source static tcp 192.168.0.2 9090 interface Dialer0 9090
ip nat inside source static tcp 192.168.0.2 23 interface Dialer0 23
ip nat inside source static udp 192.168.0.2 4662 interface Dialer0 4662
ip nat inside source static udp 192.168.0.2 4242 interface Dialer0 4242
ip nat inside source static tcp 192.168.0.2 4242 interface Dialer0 4242
ip nat inside source static tcp 192.168.0.2 22 interface Dialer0 10022
ip nat inside source static tcp 192.168.0.2 4662 interface Dialer0 4662
ip nat inside source static tcp 192.168.0.2 80 interface Dialer0 80
ip nat inside source static tcp 192.168.0.2 8080 interface Dialer0 8080
ip nat inside source static tcp 192.168.0.2 4711 interface Dialer0 99
ip nat inside source static tcp 192.168.0.2 5060 interface Dialer0 5060
ip nat inside source static tcp 192.168.0.2 4949 interface Dialer0 4949
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
no ip http server
!
!
ip access-list extended nat
 permit ip 192.168.0.0 0.0.0.255 any
 permit icmp 192.168.0.0 0.0.0.255 any
access-list 101 permit ip host 192.168.0.2 any
!
!
!
line con 0
line aux 0
line vty 0 4
 password 7 XXXXXXXXXXXXXXXXXXXX
 transport input ssh
line vty 5 15
!
ntp clock-period 17208462
ntp source Dialer0
ntp server 193.204.114.232
end

[Wizard]

2 cose:

- Aggiorna la ios
- Configura la parte firewall: ip inspcet - ip ips (o ip audit) e acl

[orion]

Prima cosa, grazie per la risposta ed i consigli!

2 cose:
- Aggiorna la ios

si in effetti è un po' vecchiotta, lo so! Sono in attesa che mi arrivi la memoria
aggiuntiva per procedere all'upgrade.

- Configura la parte firewall: ip inspcet - ip ips (o ip audit) e acl

questa parte la sto ancora studiando, se hai qualche dritta è ben gradita!

[Wizard]

Dicci qualcosa quando avrai la ios aggiornta che vediamo.