|
|
|
|
| Компьютерный форум OSzone.net » Железо » Сетевое оборудование » Cisco - nat на adsl роутере <cisco 877> |
|
|
Cisco - nat на adsl роутере <cisco 877>
|
Ветеран Сообщения: 675 |
здравствуйте
как открыть/пробросить порт на конкретную машину? роутер cisco 877 Код:
 Current configuration : 5802 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname myrouter
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $1$NZzJ$vkiSlaYnuIW8zAIBThui3.
!
no aaa new-model
clock timezone PCTime 3
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-1766803642
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1766803642
revocation-check none
rsakeypair TP-self-signed-1766803642
!
!
crypto pki certificate chain TP-self-signed-1766803642
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31373636 38303336 3432301E 170D3032 30333031 30303039
34305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37363638
30333634 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B5B0 7DF304D8 12CA7B82 28006AF1 9C51F36C 858D2358 5CF5E4DA EF371570
C13414A2 47DC1B3A 6B3DDFA3 D7FF65CE A7A8C8D8 A95CBE30 354FB13D 3CE41AF4
D0F7FB15 9FCF8900 B9652794 79F544FB 53ABAE33 2B01C370 73B96E6C 9FD490CE
C7A4BA0C D0BB9259 8F2F03E0 E91882F5 EC052466 BD8822AF A7AF5511 7CA816C1
26B50203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 176D7972 6F757465 722E796F 7572646F 6D61696E 2E636F6D
301F0603 551D2304 18301680 1434A24B 02BB2977 E4A0C1FF 8F1C9C67 33452C77
F6301D06 03551D0E 04160414 34A24B02 BB2977E4 A0C1FF8F 1C9C6733 452C77F6
300D0609 2A864886 F70D0101 04050003 8181002D 8C7CA900 6006355F 06BB9707
302B07CD E1776378 B4506B25 E853CC10 F071C0A1 CA6C8817 C436A8D4 C2CDFB5B
94145F41 1E779FC6 3B1A7911 9E298AC9 45709487 392410F8 87B6EBB4 27D1D0F1
78A54263 7AAB0871 E3EBCF6F 6897E454 0635C21E 541AD923 C4C057C6 4F9B3588
E6576841 32E9B3EC E1E3205C 4EF63431 C6B2BF
quit
dot11 syslog
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool1
import all
network 10.10.10.0 255.255.255.0
dns-server 88.147.128.17 88.147.128.16
default-router 10.10.10.1
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip bootp server
ip domain name yourdomain.com
ip name-server 88.147.128.17
ip name-server 88.147.128.16
!
!
!
username slaine privilege 15 secret 5 $1$tOnB$lFe5yz.7rV3dLeyuuimyC/
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
pvc 0/33
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
station-role root
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 10.10.10.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1412
!
interface Dialer0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname ______________
ppp chap password 7 ____________________
ppp pap sent-username ______________ password 7 ____________________
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device and
it provides the default username "cisco" for one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
-----------------------------------------------------------------------
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
|
|
|
------- Отправлено: 11:59, 07-12-2008 |
|
Ветеран Сообщения: 675
|
Профиль | Отправить PM | Цитировать пробовал разные варианты не работает((
ip nat inside source static udp 10.10.10.254 1194 int atm0 1194 ip nat inside source static udp 10.10.10.254 1194 int atm0.1 1194 ip nat inside source static udp 10.10.10.254 1194 int Dialer0 1194 |
|
------- Отправлено: 21:08, 07-12-2008 | #2 |
|
Ветеран Сообщения: 675
|
Профиль | Отправить PM | Цитировать залез в sdm и нашёл мои правила, только они почему то перечёркнуты.
nat на порт 80 я создавал в sdm. |
|
------- Последний раз редактировалось slaine, 24-11-2009 в 18:38. Отправлено: 21:48, 07-12-2008 | #3 |
Назгул Сообщения: 2633
|
Профиль | Отправить PM | Цитировать Цитата slaine:
|
|
|
------- Последний раз редактировалось kim-aa, 08-12-2008 в 00:38. Отправлено: 00:16, 08-12-2008 | #4 |
|
Назгул Сообщения: 2633
|
Профиль | Отправить PM | Цитировать |
|
|
------- Отправлено: 00:33, 08-12-2008 | #5 |
|
Ветеран Сообщения: 675
|
Профиль | Отправить PM | Цитировать kim-aa, работает.
|
|
------- Отправлено: 11:15, 08-12-2008 | #6 |
|
Назгул Сообщения: 2633
|
Профиль | Отправить PM | Цитировать slaine,
Тогда: sh int Dialer0 Результать в студию Цитата slaine:
 |
|
|
------- Отправлено: 11:19, 08-12-2008 | #7 |
|
Ветеран Сообщения: 675
|
Профиль | Отправить PM | Цитировать kim-aa, я имел ввиду, что nat работает.
я пытался из внутреней сети зайти на внешний адрес telnet <внешний ip> 1194 myrouter#show interfaces Dialer0 Код:
Dialer0 is up, line protocol is up (spoofing)
Hardware is Unknown
Internet address is 88.147.х.х/32
MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 1 seconds on reset
Interface is bound to Vi1
Last input never, output never, output hang never
Last clearing of "show interface" counters 1d01h
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 9
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/0/16 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 42 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
274659 packets input, 170414133 bytes
232246 packets output, 20500291 bytes
Bound to:
Virtual-Access1 is up, line protocol is up
Hardware is Virtual Access interface
MTU 1500 bytes, BW 640 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: IPCP
PPPoE vaccess, cloned from Dialer0
Vaccess status 0x44, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 5 seconds on reset
Interface is bound to Di0 (Encapsulation PPP)
Last input 00:00:26, output never, output hang never
Last clearing of "show interface" counters 1d01h
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 4000 bits/sec, 4 packets/sec
5 minute output rate 4000 bits/sec, 2 packets/sec
274826 packets input, 170439120 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
232389 packets output, 20523166 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
|
|
------- Отправлено: 12:26, 08-12-2008 | #8 |
|
Участник сейчас на форуме |
 |
Участник вне форума |
 |
Автор темы |
 |
Сообщение прикреплено |
| |||||
| Название темы | Автор | Информация о форуме | Ответов | Последнее сообщение | |
| VPN - Cisco PIX - Internet - ISA Server - Cisco PIX VPN | rrew | Сетевое оборудование | 0 | 26-09-2008 09:31 | |
| Проблема - NAT + USB ADSL Modem - не идет в инет | NeverSummer | Microsoft Windows NT/2000/2003 | 0 | 20-03-2008 03:52 | |
| Proxy/NAT - Настройка NAT в WS win 2003 server (3 - интерфейса, 2 -NAT ) | kopchik | Сетевые технологии | 13 | 09-11-2007 17:17 | |
| [решено] Настройка NAT на W2K3-сервере через ADSL-модем. | Corneliy | Microsoft Windows NT/2000/2003 | 24 | 16-07-2007 15:38 | |
| Управление Cisco PIX и Cisco IDS | Bugs | Сетевые технологии | 4 | 25-05-2005 10:41 | |
|
|
Время: 11:14. | © OSzone.net 2001-
|
|
Powered by: vBulletin Copyright ©2000 - 2025, Jelsoft Enterprises Ltd. |
