Новости
Видео
Microsoft
Windows 10
Железо
Программы
Форум

Имя пользователя:
Пароль:  
Помощь | Регистрация | Забыли пароль?  | Правила  

Компьютерный форум OSzone.net » Железо » Сетевое оборудование » Cisco - Блокировка трафика...

Ответить
Настройки темы
Cisco - Блокировка трафика...
exo exo вне форума

Аватара для exo

Ветеран


Сообщения: 12417
Благодарности: 1442


Конфигурация

Профиль | Отправить PM | Цитировать

Добрый день. Есть две циски 7202 и 7204.
Первая - магистральная циска (82.х.х.х), подключена к провайдеру. Является шлюзом для всех клиентов.
Вторая - NAT для внутренних клиентов (192.168.1.1), подключена к первой циске.
В одной внутренней сети был установлен Windows 2008 R2 сервер (192.168.1.2) в гипервизором Hyper-V и два гостя на Debian с адресами 192.168.1.4 и 192.168.1.3. Так же сервер - DC.
На линукс серверах были установлены ПО биллинга NETAMS разных версий. Всё прекрасно работало.
Работало пару часов...
Сегодня при проверке биллинга оказалось что последний установленный (192.168.1.3) перестал получать трафик netflow.
При это первый биллинг (192.168.1.4) продолжает работать в штатном режиме.
Так же с сервера Windows нельзя зайти в терминал магистральной циски 82.х.х.х. Но при это на неё можно зайти с NAT циски.
Так же на Windows сервер перестал работать интернет. Попытка пинга любого сайта - успешна, а вот telnet ya.ru 80 - отлуп...
Получается, что магистральная циска блокирует доступ по портам 80 и 20001 (на этот порт отсылается статистика).
При этом блокировка идёт по внутренним IP адресам, хотя она знает только внешний натированный адрес...
Я в растерянности... Прошу помощи.
Спасибо.

-------
Вежливый клиент всегда прав!

Отправлено: 19:02, 02-09-2012

 

Аватара для kim-aa

Назгул


Сообщения: 2633
Благодарности: 345

Профиль | Отправить PM | Цитировать

Приведите конфиги:
sh ver
sh run
sh proc

Такое бывает если вы забыли сохранить конфиги и сбросило питание.
Время перезагрузки и причины можно просмотреть в выводе sh ver

-------
Мы овладеваем более высоким стилем спора. Спор без фактов. Спор на темпераменте. Спор, переходящий от голословного утверждения на личность партнера. (c)Жванецкий

Отправлено: 10:35, 03-09-2012 | #2



Для отключения данного рекламного блока вам необходимо зарегистрироваться или войти с учетной записью социальной сети.

Если же вы забыли свой пароль на форуме, то воспользуйтесь данной ссылкой для восстановления пароля.

exo exo вне форума Автор темы

Аватара для exo

Ветеран


Сообщения: 12417
Благодарности: 1442

Профиль | Отправить PM | Цитировать

Цитата kim-aa:
sh ver »
ГЛАВНАЯ:

читать дальше »
Cisco IOS Software, 7200 Software (C7200-ADVENTERPRISEK9-M), Version 12.4(9)T1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Wed 30-Aug-06 20:48 by prod_rel_team

ROM: System Bootstrap, Version 12.3(4r)T3, RELEASE SOFTWARE (fc1)
BOOTLDR: 7200 Software (C7200-KBOOT-M), Version 12.3(15), RELEASE SOFTWARE (fc3)

CORE uptime is 1 year, 12 weeks, 4 days, 20 hours, 2 minutes
System returned to ROM by power-on
System restarted at 21:35:58 MSK Tue Nov 30 2004
System image file is "disk2:c7200-adventerprisek9-mz.124-9.T1.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 7204VXR (NPE-G1) processor (revision B) with 229376K/32768K bytes of memory.
Processor board ID 29553031
SB-1 CPU at 700MHz, Implementation 1025, Rev 0.2, 512KB L2 Cache
4 slot VXR midplane, Version 2.7

Last reset from power-on

PCI bus mb1 (Slots 1, 3 and 5) has a capacity of 600 bandwidth points.
Current configuration on bus mb1 has a total of 300 bandwidth points.
This configuration is within the PCI bus capacity and is supported.

PCI bus mb2 (Slots 2, 4 and 6) has a capacity of 600 bandwidth points.
Current configuration on bus mb2 has a total of 0 bandwidth points.
This configuration is within the PCI bus capacity and is supported.

Please refer to the following document "Cisco 7200 Series Port Adaptor
Hardware Configuration Guidelines" on Cisco.com <http://www.cisco.com>
for c7200 bandwidth points oversubscription and usage guidelines.


3 Gigabit Ethernet interfaces
1 Serial interface
1 ATM interface
8 Channelized E1/PRI ports
509K bytes of NVRAM.

62720K bytes of ATA PCMCIA card at slot 2 (Sector size 512 bytes).
16384K bytes of Flash internal SIMM (Sector size 256K).
Configuration register is 0x2102


NAT:
читать дальше »
Cisco Internetwork Operating System Software
IOS (tm) 7200 Software (C7200-JS-M), Version 12.1(27b)E1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by cisco Systems, Inc.
Compiled Wed 11-Oct-06 18:32 by hqluong
Image text-base: 0x60008F88, data-base: 0x6158C000

ROM: System Bootstrap, Version 11.1(13)CA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
BOOTLDR: 7200 Software (C7200-BOOT-M), Version 12.0(2)XE2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

7204VXR_NAT uptime is 8 weeks, 2 days, 23 hours, 49 minutes
System returned to ROM by power-on
System restarted at 17:48:35 MSK Fri Dec 30 2005
System image file is "slot0:c7200-js-mz.121-27b.E1.bin"

cisco 7204 (NPE200) processor (revision B) with 57344K/8192K bytes of memory.
Processor board ID 16068658
R5000 CPU at 200Mhz, Implementation 35, Rev 2.1, 512KB L2 Cache
4 slot midplane, Version 1.0

Last reset from power-on
Bridging software.
X.25 software, Version 3.0.0.
SuperLAT software (copyright 1990 by Meridian Technology Corp).
TN3270 Emulation software.

--------------------------------------------------------------
This Version of Cisco IOS Software is not supported on NPE200.
Please select a version of Cisco IOS software compatible with
this processor from http://www.cisco.com.
--------------------------------------------------------------

Number of Fast PAs = 2
Number of Fast+Medium PAs = 2
Total number of PA bandwidth points consumed = 400
Please refer to the following document "Cisco 7200 Series Port
Adaptor Hardware Configuration Guidelines" on CCO <www.cisco.com>,
for c7200 bandwidth points oversubscription/usage guidelines.

2 FastEthernet/IEEE 802.3 interface(s)
125K bytes of non-volatile configuration memory.
4096K bytes of packet SRAM memory.

20480K bytes of Flash PCMCIA card at slot 0 (Sector size 128K).
4096K bytes of Flash internal SIMM (Sector size 256K).
Configuration register is 0x2102


Цитата kim-aa:
sh run »
ГЛАВНАЯ:

читать дальше »
Current configuration : 14462 bytes
!
! Last configuration change at 22:25:44 MSK Sun Feb 5 2006 by username
! NVRAM config last updated at 23:45:44 MSK Sat Feb 4 2006 by username
!
version 12.4
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname CORE
!
boot-start-marker
boot-end-marker
!
card type e1 2
logging buffered 5000 debugging
enable secret 5 ****************************
enable password 7 *****************************
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
aaa session-id common
!
resource policy
!
clock timezone MSK 3
clock summer-time MSK recurring last Sun Mar 2:00 last Sun Oct 3:00
ip cef
!
!
!
!
ip vrf Inet_new
rd 1:200
route-target export 1:200
route-target import 1:200
!
ip vrf Net
rd 1:100
route-target export 1:100
route-target import 1:100
!
ip ftp password 7 ************************
ip name-server 212.45.2.5
ip name-server 212.45.0.3
no ip rcmd domain-lookup
!
frame-relay switching
!
!
!
voice service voip
h323
!
!
crypto pki trustpoint TP-self-signed-29553031
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-29553031
revocation-check none
rsakeypair TP-self-signed-29553031
!
!
crypto pki certificate chain TP-self-signed-29553031
certificate self-signed 01
********** ********** ********** ********** **********
********** ********** ********** ********** **********
********** ********** ********** ********** **********
********** ********** ********** ********** **********
********** ********** ********** ********** **********
********** ********** ********** ********** **********
********** ********** ********** ********** **********
********** ********** ********** ********** **********
********** ********** ********** ********** **********
********** ********** ********** ********** **********
********** ********** ********** ********** **********
********** ********** ********** ********** **********
quit
username username password 7 ****************************
!
!
controller E1 2/0
clock source internal
channel-group 0 timeslots 1-31
!
controller E1 2/1
!
controller E1 2/2
!
controller E1 2/3
!
controller E1 2/4
!
controller E1 2/5
!
controller E1 2/6
!
controller E1 2/7
!
interface GigabitEthernet0/1
description <<Internet from Centel>>
ip address XXX.XXX.171.246 255.255.255.252
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip route-cache flow
load-interval 120
duplex full
speed auto
media-type rj45
no negotiation auto
no cdp enable
!
interface GigabitEthernet0/2
description FIRMA
mtu 1550
no ip address
no ip redirects
no ip proxy-arp
ip route-cache flow
duplex full
speed auto
media-type rj45
no negotiation auto
no cdp enable
!
interface GigabitEthernet0/2.1
description ------------------------------ 82.XXX.XXX.XXX-158
encapsulation dot1Q 50
ip address 82.XXX.XXX.XXX 255.255.255.224
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip flow egress
no cdp enable
!
interface GigabitEthernet0/2.25
description ------------------------------ local net FIRMA
encapsulation dot1Q 25
ip vrf forwarding Net
ip address 192.168.1.254 255.255.255.0
ip verify unicast reverse-path
ip flow egress
!
interface GigabitEthernet0/2.51
description ------------------------------ 82.XXX.XXX.XXX-191
encapsulation dot1Q 51
ip address 82.XXX.XXX.XXX 255.255.255.224
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip flow egress
no cdp enable
!
interface GigabitEthernet0/2.52
description ------------------------------ 82.XXX.XXX.XXX-254
encapsulation dot1Q 52
ip address 82.XXX.XXX.XXX 255.255.255.192
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip flow egress
no cdp enable
!
interface GigabitEthernet0/2.55
description ------------------------------ 87.XXX.XXX.XXX-222
encapsulation dot1Q 56
ip address 87.XXX.XXX.XXX 255.255.255.224
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip flow egress
no cdp enable
!
interface GigabitEthernet0/2.57
description ------------------------------ 87.XXX.XXX.XXX-7
encapsulation dot1Q 57
ip address 87.XXX.XXX.XXX 255.255.255.248
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip flow egress
rate-limit input 10240000 1920000 3840000 conform-action transmit exceed-action drop
rate-limit output 10240000 1920000 3840000 conform-action transmit exceed-action drop
no cdp enable
!
interface GigabitEthernet0/2.58
description ------------------------------ HSPcomplete
encapsulation dot1Q 58
ip address 87.XXX.XXX.XXX 255.255.255.248
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip flow egress
rate-limit input 2048000 384000 768000 conform-action transmit exceed-action drop
rate-limit output 2048000 384000 768000 conform-action transmit exceed-action drop
no cdp enable
!
interface GigabitEthernet0/2.59
description ------------------------------ 87.XXX.XXX.XXX-30
encapsulation dot1Q 59
ip address 87.XXX.XXX.XXX 255.255.255.240
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip flow egress
no cdp enable
!
interface GigabitEthernet0/2.61
description ------------------------------ Windows Virtuozzo
encapsulation dot1Q 61
ip address 87.XXX.XXX.XXX 255.255.255.224
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip flow egress
no cdp enable
!
interface GigabitEthernet0/2.62
description ------------------------------ 87.XXX.XXX.XXX-191
encapsulation dot1Q 62
ip address 87.XXX.XXX.XXX 255.255.255.192
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip flow egress
no cdp enable
!
interface GigabitEthernet0/2.66
description ------------------------------ VMWare 87.XXX.XXX.XXX-126
encapsulation dot1Q 66
ip address 87.XXX.XXX.XXX 255.255.255.192
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip flow egress
rate-limit input 10240000 1920000 3840000 conform-action transmit exceed-action drop
rate-limit output 10240000 1920000 3840000 conform-action transmit exceed-action drop
no cdp enable
!
interface GigabitEthernet0/3
description KOMCOR
ip address 213.XXX.XXX.XXX 255.255.255.252
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip route-cache flow
load-interval 120
duplex full
speed auto
media-type rj45
no negotiation auto
no cdp enable
!
interface ATM1/0
no ip address
no ip redirects
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
!
interface ATM1/0.1 point-to-point
description -== INETRNET FROM COMCOR ==-
mtu 1500
ip access-group Helkern_&_Close in
no ip redirects
no ip proxy-arp
ip flow ingress
no snmp trap link-status
pvc Internet 0/101
ubr 55000
encapsulation aal5nlpid
!
!
interface Serial2/0:0
no ip address
no cdp enable
!
ip route 0.0.0.0 0.0.0.0 ХХХ.ХХХ.ХХХ.190
ip route 10.0.0.0 255.0.0.0 Null0 254
ip route 82.XXX.YYY.XXX 255.255.255.0 82.XXX.XXX.XXX
ip route 87.XXX.XXX.35 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.36 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.37 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.38 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.39 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.40 255.255.255.255 87.XXX.XXX.34 name VE198
ip route 87.XXX.XXX.41 255.255.255.255 87.XXX.XXX.34 name VE190
ip route 87.XXX.XXX.42 255.255.255.255 87.XXX.XXX.34 name CT564
ip route 87.XXX.XXX.43 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.44 255.255.255.255 87.XXX.XXX.34 name VE185
ip route 87.XXX.XXX.45 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.46 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.47 255.255.255.255 87.XXX.XXX.34 name CT487
ip route 87.XXX.XXX.48 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.49 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.50 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.51 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.52 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.54 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.55 255.255.255.255 87.XXX.XXX.34 name VE193-ARTPROFILE
ip route 87.XXX.XXX.56 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.57 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.58 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.59 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.60 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.61 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.62 255.255.255.255 87.XXX.XXX.34
ip route 87.XXX.XXX.226 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.227 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.228 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.229 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.230 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.231 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.232 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.233 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.234 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.235 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.236 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.237 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.238 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.239 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.240 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.241 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.242 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.243 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.244 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.245 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.246 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.247 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.248 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.249 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.250 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.251 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.252 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.253 255.255.255.255 87.XXX.XXX.19
ip route 87.XXX.XXX.254 255.255.255.255 87.XXX.XXX.19
ip route 172.16.0.0 255.240.0.0 Null0 254
ip route vrf Inet_new 0.0.0.0 0.0.0.0 62.XXX.XXX.XXX
ip route vrf Net 0.0.0.0 0.0.0.0 192.168.1.1
no ip http server
ip http authentication local
ip http secure-server
!
ip flow-egress input-interface
ip flow-cache timeout inactive 60
ip flow-cache timeout active 10
ip flow-export version 5
ip flow-export destination 82.XXX.XXX.YYY 20001
ip flow-export destination 82.XXX.XXX.YYY 20002
!
!
ip access-list extended Helkern_&_Close
deny udp any any eq 1434
permit ip any any
permit tcp any any
ip access-list extended VoIP
permit ip any any dscp cs5
permit ip any any precedence critical
permit tcp any eq 1720 any
permit tcp any any eq 1720
permit udp any any range 16383 16384
!
ip sla responder
ip sla 1
udp-jitter 82.XXX.XXX.XXX 17000
request-data-size 100
ip sla schedule 1 start-time now
ip sla 2
udp-jitter 82.XXX.XXX.XXX 16384 source-ip 82.XXX.XXX.XXX
request-data-size 172
ip sla schedule 2 start-time now
logging alarm informational
access-list 5 permit 82.XXX.XXX.YYY
access-list 5 deny any log
access-list 122 permit ip any host 82.XXX.XXX.XXX
access-list 122 permit ip host 82.XXX.XXX.XXX any
access-list 122 remark Leo Smirnov
access-list 123 permit ip host 82.XXX.XXX.XXX any
access-list 123 permit ip any host 82.XXX.XXX.XXX
access-list 123 permit ip host 82.XXX.XXX.XXX any
access-list 123 permit ip host 82.XXX.XXX.XXX any
access-list 123 permit ip any host 82.XXX.XXX.XXX
access-list 123 permit ip any host 82.XXX.XXX.XXX
access-list 123 remark Market
access-list 127 deny ip host 82.XXX.XXX.XXX any
access-list 127 deny ip any host 82.XXX.XXX.XXX
access-list 127 deny ip host 82.XXX.XXX.XXX any
access-list 127 deny ip any host 82.XXX.XXX.XXX
access-list 150 permit tcp any any log
access-list 150 permit ip any any log
access-list 150 permit udp any any log
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
snmp-server engineID local 00000009020000016456F400
snmp-server group IIC v2c access 5
snmp-server community public RO 5
snmp-server user rootik password v2c access 5
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps flash insertion removal
snmp-server enable traps envmon fan shutdown supply temperature statuschange
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps fru-ctrl
snmp-server enable traps frame-relay multilink bundle-mismatch
snmp-server enable traps syslog
snmp-server host 82.XXX.XXX.YYY version 2c public snmp
no cdp run
!
!
!
!
!
snmp mib persist event
snmp mib persist expression
snmp mib persist circuit
!
control-plane
!
!
!
!
!
sip-ua
!
!
gatekeeper
shutdown
!
alias exec pvrf ping vrf Net
alias exec tvrf trace vrf Net
alias exec c3750 telnet 172.16.0.2 /vrf Net /source-interface GigabitEthernet0/2.2
alias exec as5350 telnet 172.16.0.4 /vrf Net /source-interface GigabitEthernet0/2.2
alias exec c3550 telnet 192.168.1.27 /vrf Net /source-interface GigabitEthernet0/2.25
alias exec c3750.2 telnet 192.168.1.22 /vrf Net /source-interface GigabitEthernet0/2.25
alias exec c3750.1 telnet 192.168.1.20 /vrf Net /source-interface GigabitEthernet0/2.25
alias exec c7204 telnet 192.168.1.1 /vrf Net /source-interface GigabitEthernet0/2.25
!
line con 0
exec-timeout 30 0
password 7 *******************************
logging synchronous
login authentication master
escape-character 3
stopbits 1
line aux 0
exec-timeout 30 0
modem Dialin
terminal-type VTY100
transport preferred none
transport input all
escape-character 3
stopbits 1
flowcontrol hardware
line vty 0 4
access-class 5 in
exec-timeout 60 0
password 7 ******************
logging synchronous
escape-character 3
!
ntp clock-period 17179906
ntp master
!
end

NAT:

читать дальше »
Current configuration : 10132 bytes
!
! Last configuration change at 06:35:11 MSK Sat Feb 25 2006 by username
! NVRAM config last updated at 06:35:12 MSK Sat Feb 25 2006 by username
!
version 12.1
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname 7204VXR_NAT
!
logging exception 4096
aaa new-model
aaa authentication login default local
aaa authorization exec default local
enable secret 5 **********************************
enable password 7 ****************************
!
username username password 7 *****************************
clock timezone MSK 3
clock summer-time MSK recurring last Sun Mar 2:00 last Sun Oct 3:00
ip subnet-zero
!
!
no ip domain-lookup
ip name-server 212.45.2.5
ip dhcp excluded-address 192.168.2.1
ip dhcp excluded-address 192.168.3.1
ip dhcp excluded-address 192.168.4.1
ip dhcp excluded-address 192.168.5.1
ip dhcp excluded-address 192.168.6.1
ip dhcp excluded-address 192.168.7.1
ip dhcp excluded-address 192.168.8.1
ip dhcp excluded-address 192.168.9.1
ip dhcp excluded-address 192.168.4.2
!
ip dhcp pool CLIENT02
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 87.XXX.XXX.XXX 212.45.2.5
!
ip dhcp pool CLIENT03
network 192.168.3.0 255.255.255.0
default-router 192.168.3.1
dns-server 87.XXX.XXX.XXX 212.45.2.5
!
ip dhcp pool CLIENT04
network 192.168.4.0 255.255.255.0
default-router 192.168.4.1
dns-server 87.XXX.XXX.XXX 212.45.2.5
!
ip dhcp pool CLIENT05
network 192.168.5.0 255.255.255.0
default-router 192.168.5.1
dns-server 87.XXX.XXX.XXX 212.45.2.5
!
ip dhcp pool CLIENT06
network 192.168.6.0 255.255.255.0
default-router 192.168.6.1
dns-server 87.XXX.XXX.XXX 212.45.2.5
!
ip dhcp pool CLIENT07
network 192.168.7.0 255.255.255.0
default-router 192.168.7.1
dns-server 87.XXX.XXX.XXX 212.45.2.5
!
ip dhcp pool CLIENT08
network 192.168.8.0 255.255.255.0
default-router 192.168.8.1
dns-server 87.XXX.XXX.XXX 212.45.2.5
!
ip dhcp pool CLIENT09
network 192.168.9.0 255.255.255.0
default-router 192.168.9.1
dns-server 87.XXX.XXX.XXX 212.45.2.5
!
ip cef
!
!
!
!
!
interface FastEthernet0/0
no ip address
ip route-cache flow
no ip route-cache cef
load-interval 60
duplex full
!
interface FastEthernet0/0.5
description CLIENT2
encapsulation dot1Q 5
ip address 192.168.2.1 255.255.255.0
ip access-group 15 in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.6
description CLIENT3
encapsulation dot1Q 6
ip address 192.168.3.1 255.255.255.0
ip nat inside
no cdp enable
!
interface FastEthernet0/0.7
description CLIENT7
encapsulation dot1Q 7
ip address 192.168.7.1 255.255.255.0
ip nat inside
no cdp enable
!
interface FastEthernet0/0.25
description IIC
encapsulation dot1Q 25
ip address 192.168.1.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/0.60
description CLIENT4
encapsulation dot1Q 60
ip address 192.168.4.1 255.255.255.0
ip nat inside
no cdp enable
!
interface FastEthernet0/0.62
description CLIENT8
encapsulation dot1Q 62
ip address 192.168.8.1 255.255.255.0
ip nat inside
no cdp enable
!
interface FastEthernet0/0.63
description CLIENT9
encapsulation dot1Q 63
ip address 192.168.9.1 255.255.255.0
ip nat inside
no cdp enable
!
interface FastEthernet0/0.65
description CLIENT5
encapsulation dot1Q 65
ip address 192.168.5.1 255.255.255.0
ip nat inside
no cdp enable
!
interface FastEthernet0/0.66
description CLIENT6
encapsulation dot1Q 66
ip address 192.168.6.1 255.255.255.0
ip nat inside
no cdp enable
!
interface FastEthernet1/0
ip address 82.XXX.XXX.YYY 255.255.255.224
ip nat outside
ip route-cache flow
no ip route-cache cef
duplex full
no cdp enable
!
ip nat translation timeout 3600
ip nat translation tcp-timeout 3600
ip nat translation udp-timeout 3600
ip nat pool CLIENT01 82.XXX.XXX.YYY 82.XXX.XXX.YYY netmask 255.255.255.224
ip nat pool CLIENT02 82.XXX.XXX.XXX 82.XXX.XXX.XXX netmask 255.255.255.224
ip nat pool CLIENT03 82.XXX.XXX.XXX 82.XXX.XXX.XXX netmask 255.255.255.224
ip nat pool CLIENT04 82.XXX.XXX.XXX 82.XXX.XXX.XXX netmask 255.255.255.224
ip nat pool CLIENT05 82.XXX.XXX.XXX 82.XXX.XXX.XXX netmask 255.255.255.224
ip nat pool CLIENT06 82.XXX.XXX.XXX 82.XXX.XXX.XXX netmask 255.255.255.224
ip nat pool CLIENT07 82.XXX.XXX.XXX 82.XXX.XXX.XXX netmask 255.255.255.224
ip nat pool CLIENT08 82.XXX.XXX.XXX 82.XXX.XXX.XXX netmask 255.255.255.224
ip nat pool CLIENT09 82.XXX.XXX.XXX 82.XXX.XXX.XXX netmask 255.255.255.224
ip nat inside source list 21 pool CLIENT01 overload
ip nat inside source list 22 pool CLIENT02 overload
ip nat inside source list 23 pool CLIENT03 overload
ip nat inside source list 24 pool CLIENT04 overload
ip nat inside source list 25 pool CLIENT05 overload
ip nat inside source list 26 pool CLIENT06 overload
ip nat inside source list 27 pool CLIENT07 overload
ip nat inside source list 28 pool CLIENT08 overload
ip nat inside source list 29 pool CLIENT09 overload
ip nat inside source static udp 192.168.1.3 20001 82.XXX.XXX.YYY 20001 extendable
ip nat inside source static udp 192.168.1.4 20001 82.XXX.XXX.YYY 20002 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 82.XXX.XXX.ZZZ
ip route 172.20.0.0 255.255.255.0 192.168.1.254
no ip http server
!
access-list 1 remark Telnet access
access-list 1 permit 82.XXX.XXX.XXX 0.0.0.127
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 remark nat
access-list 1 permit 192.168.5.0 0.0.0.255
access-list 2 permit 192.168.2.0 0.0.0.255
access-list 2 permit 192.168.3.0 0.0.0.255
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 3 permit 192.168.1.0 0.0.0.255
access-list 4 permit 172.20.0.17
access-list 5 permit 192.168.1.0 0.0.0.255
access-list 6 permit 192.168.2.0 0.0.0.255
access-list 7 permit 192.168.3.0 0.0.0.255
access-list 8 permit 192.168.7.0 0.0.0.255
access-list 9 permit 192.168.4.0 0.0.0.255
access-list 10 permit 192.168.5.0 0.0.0.255
access-list 11 permit 192.168.6.0 0.0.0.255
access-list 12 permit 192.168.8.0 0.0.0.255
access-list 1 permit 192.168.5.0 0.0.0.255
access-list 2 permit 192.168.2.0 0.0.0.255
access-list 2 permit 192.168.3.0 0.0.0.255
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 3 permit 192.168.1.0 0.0.0.255
access-list 4 permit 172.20.0.17
access-list 5 permit 192.168.1.0 0.0.0.255
access-list 6 permit 192.168.2.0 0.0.0.255
access-list 7 permit 192.168.3.0 0.0.0.255
access-list 8 permit 192.168.7.0 0.0.0.255
access-list 9 permit 192.168.4.0 0.0.0.255
access-list 10 permit 192.168.5.0 0.0.0.255
access-list 11 permit 192.168.6.0 0.0.0.255
access-list 12 permit 192.168.8.0 0.0.0.255
access-list 13 permit 192.168.9.0 0.0.0.255
access-list 15 deny 192.168.2.81
access-list 15 permit any
access-list 21 permit 192.168.1.0 0.0.0.255
access-list 22 permit 192.168.2.0 0.0.0.255
access-list 23 permit 192.168.3.0 0.0.0.255
access-list 24 permit 192.168.4.0 0.0.0.255
access-list 25 permit 192.168.5.0 0.0.0.255
access-list 26 permit 192.168.6.0 0.0.0.255
access-list 27 permit 192.168.7.0 0.0.0.255
access-list 28 permit 192.168.8.0 0.0.0.255
access-list 29 permit 192.168.9.0 0.0.0.255
snmp-server group IIC v2c access 21
snmp-server community password RO 21
snmp-server user rootik password v2c access 21
snmp-server contact user@domain.ru
snmp-server enable traps snmp authentication warmstart linkdown linkup coldstart
snmp-server enable traps flash insertion removal
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps config-copy
snmp-server enable traps fru-ctrl
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps syslog
snmp-server host 192.168.1.5 version 2c tamogotchi snmp
!
!
line con 0
password 7 **************************
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
access-class 3 in
password 7 **************************
logging synchronous
line vty 5 15
access-class 3 in
password 7 **************************
logging synchronous
!
ntp clock-period 17179864
ntp server 192.168.1.254
!
end

-------
Вежливый клиент всегда прав!

Последний раз редактировалось exo, 03-09-2012 в 11:57.

Отправлено: 11:48, 03-09-2012 | #3

exo exo вне форума Автор темы

Аватара для exo

Ветеран


Сообщения: 12417
Благодарности: 1442

Профиль | Отправить PM | Цитировать

Цитата kim-aa:
sh proc »
ГЛАВНАЯ:

читать дальше »
CPU utilization for five seconds: 2%/1%; one minute: 2%; five minutes: 2%
PID QTy PC Runtime (ms) Invoked uSecs Stacks TTY Process
1 Cwe 60030250 0 13 0 5492/6000 0 Chunk Manager
2 Csp 60733A38 11656 7842647 1 2532/3000 0 Load Meter
3 Mwe 62DC1D24 0 1 0 5532/6000 0 chkpt message ha
4 Mwe 62A024B0 0 1 023392/24000 0 EDDRI_MAIN
5 Lst 6002D4C8 16776280 4004454 4189 5232/6000 0 Check heaps
6 Cwe 60035D04 640 15337 41 5432/6000 0 Pool Manager
7 Mst 613E3B84 0 2 0 5492/6000 0 Timers
8 Mwe 600ED2DC 0 2 0 8496/9000 0 ATM AutoVC Perio
9 Mwe 600ECC5C 0 2 0 5492/6000 0 ATM VC Auto Crea
10 Mwe 60122B8C 16 653554 0 5672/6000 0 IPC Dynamic Cach
11 Mwe 60116A30 0 1 0 5552/6000 0 IPC Zone Manager
12 Mwe 601163F0 1064 39209751 0 5524/6000 0 IPC Periodic Tim
13 Mwe 60116210 652 39209751 0 5528/6000 0 IPC Deferred Por
14 Mwe 60116720 0 1 0 5488/6000 0 IPC Seat Manager
15 Mwe 60119CD4 0 1 0 5556/6000 0 IPC BackPressure
16 Msi 6026FBDC 24682892 39306862 627 4764/6000 0 EnvMon
17 Mwe 60277E20 0 1 0 8520/9000 0 OIR Handler
18 Mwe 60322B58 0 1 023436/24000 0 Crash writer
19 Mwe 60DD1C1C 923248 11381656 81 3824/6000 0 ARP Input
20 Mwe 60E90738 0 2 0 5492/6000 0 ATM Idle Timer
21 Mwe 6139D83C 0 2 0 5484/6000 0 AAA high-capacit
22 Lwe 613A295C 0 1 0 5732/6000 0 AAA_SERVER_DEADT
23 Mwe 6140DEB0 0 1 011500/12000 0 Policy Manager
24 Mwe 614EB0AC 0 2 0 5484/6000 0 DDR Timers
25 Lwe 61659AC8 0 4 0 5372/6000 0 Entity MIB API
26 Mwe 6170F1AC 1156 53162 21 8388/9000 0 EEM ED Syslog
27 Mwe 61943DDC 712 7842574 0 5656/6000 0 HC Counter Timer
28 Mwe 62664664 0 2 0 5496/6000 0 Serial Backgroun
29 Mwe 629A36B0 0 1 0 5728/6000 0 RO Notify Timers
30 Mwe 629A37DC 0 1 0 2516/3000 0 RMI RM Notify Wa
31 Msp 6143FC2C 1092 39213229 0 5540/6000 0 GraphIt
32 Mwe 61510E6C 0 2 011504/12000 0 Dialer event
33 Mwe 6266AFE4 0 1 0 5540/6000 0 SERIAL A'detect
34 Mwe 62BF98A4 0 2 011516/12000 0 XML Proxy Client
35 Mwe 62DC1FB8 0 2 0 5528/6000 0 cpf_process_msg_
36 Mwe 6014FC0C 0 1 0 2484/3000 0 Inode Table Dest
37 Cwe 629976C8 0 1 0 5552/6000 0 Critical Bkgnd
38 Mwe 60345C5C 31388624 17873225 1756 9956/12000 0 Net Background
39 Mwe 60345EEC 0 3 011400/12000 0 IDB Work
40 Lwe 613D366C 8 105977 010356/12000 0 Logger
41 Mwe 613FE1C4 2304 39209744 0 4816/6000 0 TTY Background
42 Msp 60351814 79188 39234233 2 7844/9000 0 Per-Second Jobs
43 Mwe 62E0E9D8 0 1 0 5524/6000 0 IKE HA Mgr
44 Mwe 62E12608 0 1 0 5528/6000 0 IPSEC HA Mgr
45 Mwe 63123C60 208 5 41600 3444/6000 0 rf task
46 Hwe 60351310 9832 520336 18 5528/6000 0 Net Input
47 Msp 60343250 1848 7843255 0 5524/6000 0 Compute load avg
48 Msp 60351874 7844352 669397 11718 3984/6000 0 Per-minute Jobs
49 Lwe 600FD068 0 1 0 5452/6000 0 Coproc Event Pro
50 Hwe 602B8684 0 1 0 5540/6000 0 POS APS Event Pr
51 Hst 6016E958 0 1 0 5760/6000 0 SONET alarm time
52 Hwe 605EC6BC 0 1 0 5740/6000 0 CSP Timer
53 Hwe 60AEA2C0 0 2 0 5500/6000 0 VNM DSPRM MAIN
54 Mwe 6312BD90 0 1 0 5736/6000 0 RF_INTERDEV_DELA
55 Mwe 6312EA6C 0 1 023540/24000 0 RF_INTERDEV_SCTP
56 Msp 63310618 828 39213231 0 8700/9000 0 ISA Common Helpe
57 Mwe 6027D020 0 2 0 5556/6000 0 Flash MIB Update
58 Mwe 6027CF3C 0 1 0 2544/3000 0 Flash Card Oir
59 Mwe 61478D30 0 1 0 5516/6000 0 CES Line Conditi
60 Mwe 62DC7BE0 0 1 023544/24000 0 CF_INTERDEV_SCTP
61 Hwe 60E5840C 332 3972231 0 8324/9000 0 ATM Periodic
62 Lwe 60E41E24 0 1 0 8500/9000 0 ATM ARP INPUT
63 Hwe 60E63900 0 2 011488/12000 0 ATM OAM Input
64 Hwe 60E616DC 0 2 010796/12000 0 ATM OAM TIMER
65 Csp 601DC7D0 5540 39213272 0 7652/12000 0 ATM PA Helper
66 Hwe 60A27B34 419816 71637591 5 3920/6000 0 Voice PA Proc
67 Mwe 60D8BED0 32 732 43 5488/6000 0 AAA Server
68 Mwe 60D8E934 0 1 0 5700/6000 0 AAA ACCT Proc
69 Mwe 60D8EAE4 0 1 0 5712/6000 0 ACCT Periodic Pr
70 Mwe 60D9F084 0 2 0 5512/6000 0 AAA Dictionary R
71 Mwe 62DC2400 0 1 0 5540/6000 0 cpf_process_tpQ
72 Mwe 61A4B738 11463420 109499835 104 9052/12000 0 IP Input
73 Mwe 61A77A78 0 1 0 5708/6000 0 ICMP event handl
74 Mwe 61CFA618 0 4 0 5500/6000 0 TurboACL
75 Hwe 61CFA7A0 0 2 0 5520/6000 0 TurboACL chunk
76 Mwe 61D75308 0 5 0 5132/6000 0 IPv6 RIB Redistr
77 Mwe 62102C2C 28 65193 0 5276/6000 0 MOP Protocols
78 Mwe 629B88B4 0 3 011516/12000 0 PPP Hooks
80 Mwe 62732668 0 1 011712/12000 0 SSS Manager
81 Mwe 62736230 148 5228413 011640/12000 0 SSS Test Client
82 Mwe 62740488 0 1 0 5544/6000 0 SSS Feature Mana
83 Mwe 62740544 5712 153176833 0 5668/6000 0 SSS Feature Time
84 Mwe 62AC70A0 0 1 011676/12000 0 VPDN call manage
85 Mwe 62B11178 0 1 011708/12000 0 L2X Socket proce
86 Mwe 62AD8F30 0 1 011508/12000 0 L2X SSS manager
87 Mwe 62AE6C94 0 2 011484/12000 0 L2TP mgmt daemon
88 Lwe 62B90750 0 1 0 5212/6000 0 X.25 Encaps Mana
89 Hwe 62DD789C 0 2 0 8532/9000 0 EAPoUDP Process
90 Mwe 62DDADC8 0 2 0 8496/9000 0 IP Host Track Pr
91 Mwe 630B3644 0 2 011516/12000 0 KRB5 AAA
92 Mwe 61C73090 2088 1138160 1 7984/9000 0 IP Background
93 Mwe 61C7AAD8 124 653568 0 7984/9000 0 IP RIB Update
94 Lwe 61759774 15532 50377137 0 3884/6000 0 CEF process
95 Mwe 629B88B4 0 2 011520/12000 0 PPP IP Route
96 Mwe 629B88B4 0 2 011520/12000 0 PPP IPCP
97 Mst 61D0F308 132 14935 810952/12000 0 TCP Timer
98 Lwe 61D14EFC 176 825 21310684/12000 0 TCP Protocols
99 Hwe 61CE2620 1544 39200797 0 5652/6000 0 Socket Timers
100 Mwe 619BB6FC 915520 164109 5578 3212/9000 0 HTTP CORE
101 Mwe 61370B60 0 1 023524/24000 0 COPS
102 Hwe 6068EC8C 0 2 0 5520/6000 0 RLM groups Proce
103 Mwe 6079C460 0 2 023348/24000 0 Border Element p
104 Mwe 607B2D14 0 3 023296/24000 0 gk process
105 Mwe 61A93818 0 1 0 5676/6000 0 IP Traceroute
106 Mwe 60BD1960 0 1 0 5696/6000 0 AToM manager
107 Mwe 60BD9C80 0 3 0 5508/6000 0 AToM switching m
108 Mwe 60BD4DB8 0 1 0 5712/6000 0 AToM LDP manager
109 Hwe 60F272FC 0 2 0 5492/6000 0 SSCOP Input
110 Mwe 60F275B8 0 2 0 5496/6000 0 SSCOP Output
111 Mst 60F27990 12 653566 0 5516/6000 0 SSCOP Timer
112 Mwe 626CC1F0 0 8 0 5700/6000 0 SNMP Timers
113 Hwe 60EB1510 0 2 011504/12000 0 ILMI Input
114 Mwe 60EA6C24 0 2 0 5512/6000 0 ILMI Request
115 Mwe 60EA6CE4 0 2 0 5508/6000 0 ILMI Response
116 Mwe 60EB1A38 5344 19605918 0 5184/6000 0 ILMI Timer Proce
117 Mwe 60EBBEB4 4 2 200011396/12000 0 ATM PVC Discover
118 Mst 60F24F80 0 2 0 5492/6000 0 ATMSIG ILMI Time
119 Mwe 60F256F4 0 2 0 8512/9000 0 ATMSIG DRIVERAPI
120 Mwe 60EBD13C 1028 39209794 011440/12000 0 ATMSIG Timer
121 Mwe 60EBDFD0 0 2 011500/12000 0 ATMSIG Input
122 Mwe 60EBC3DC 0 2 011504/12000 0 ATMSIG Client
123 Mwe 625AA294 1544 39210159 0 5492/6000 0 RUDPV1 Main Proc
124 Mwe 60F9B5A0 0 1 0 5720/6000 0 bsm_timers
125 Msi 60F984E8 564 39209803 0 5680/6000 0 bsm_xmt_proc
126 Mwe 61CD3074 44080 78401641 010400/12000 0 DHCPD Receive
127 Mwe 6150C5B4 0 2 0 5492/6000 0 Dialer Forwarder
128 Lsi 61ABB254 124 653489 0 5260/6000 0 IP Cache Ager
129 Mwe 6177E020 684 653717 1 7348/9000 0 Adj Manager
130 Mwe 618177A4 0 3 0 5500/6000 0 Flow Exporter Ti
131 Mwe 618D98F8 0 1 0 5516/6000 0 GTP Proxy PPP
132 Mwe 618D9B04 0 1 0 5552/6000 0 GTP Proxy PPP De
133 Mwe 61C72EA0 0 1 0 5544/6000 0 RARP Input
134 Mwe 61DE13F4 0 1 0 5744/6000 0 IPv6 Inspect Tim
135 Hwe 6222A0C8 0 1 0 5500/6000 0 PAD InCall
136 Mwe 62B9263C 0 2 011492/12000 0 X.25 Background
137 Mwe 629B88B4 0 2 0 5516/6000 0 PPP Bind
138 Mwe 6227A0DC 0 2 0 5480/6000 0 PPP SSS
139 Hwe 623DAFAC 0 1 0 5564/6000 0 MQC Flow Event B
140 Mwe 6247C9AC 13284 391941954 0 5500/6000 0 RBSCP Background
141 Mwe 62617558 4 2 2000 5164/6000 0 SCTP Main Proces
142 Mwe 62FC20A0 2768 76561128 0 5512/6000 0 Inspect process
143 Mwe 60D24DFC 0 1 0 5608/6000 0 xcpa-driver
144 Mwe 62DA8CD8 16 130711 0 5628/6000 0 Authentication P
145 Mwe 62DB45A8 0 1 0 5700/6000 0 Auth-proxy AAA B
146 Mwe 62DC34F8 0 1 0 5528/6000 0 CHKPT EXAMPLE
147 Mwe 62DC5CE0 0 1 0 5516/6000 0 CHKPT DevTest
148 Mwe 62F1F194 1792 76561131 0 5524/6000 0 IPS Timer
149 Mwe 62F41ECC 0 2 0 5304/6000 0 SDEE Management
150 Lwe 632D41A4 0 1 0 5536/6000 0 XSM_EVENT_ENGINE
151 Lsi 632D1C30 240 3920926 011556/12000 0 XSM_ENQUEUER
152 Lsi 632D4EDC 100 3920926 011704/12000 0 XSM Historian
153 Hwe 632C04B0 0 1 0 5740/6000 0 Select Timers
154 Mwe 6327F7B8 12 2 6000 5332/6000 0 HTTP Process
155 Mwe 632B0934 0 2 0 5488/6000 0 CIFS API Process
156 Mwe 632B0590 0 2 0 5488/6000 0 CIFS Proxy Proce
157 Mwe 632C796C 0 2 0 5488/6000 0 URL filter proc
158 Mwe 632E0FE0 0 1 0 5496/6000 0 Crypto HW Proc
159 Mwe 606F18E4 124 1568533 0 5440/6000 0 CRM_CALL_UPDATE_
160 Mwe 61D9DEC0 108 1307139 0 8616/9000 0 IPv6 IDB
161 Mwe 612B3568 0 2 0 5516/6000 0 AAA Cached Serve
162 Mwe 6163D690 0 2 0 5516/6000 0 ENABLE AAA
163 Mwe 6168CFA0 0 1 0 5540/6000 0 EM Background Pr
164 Mwe 61FEBF50 0 1 0 5744/6000 0 Key chain liveke
165 Mwe 6205EE04 0 2 0 5516/6000 0 LINE AAA
166 Mwe 6206DE1C 64 732 87 5272/6000 0 LOCAL AAA
167 Mwe 6293D280 0 2 0 5348/6000 0 TPLUS
168 Mwe 62B46E8C 0 2 0 5516/6000 0 VSP_MGR
169 Mwe 62D0A6E0 0 3 0 6112/8000 0 Crypto WUI
170 Mwe 6302BEE8 0 2 0 5504/6000 0 Crypto Support
171 Mwe 6308CED4 0 1 0 5712/6000 0 EPM MAIN PROCESS
172 Mwe 60848670 4 2 2000 2544/6000 0 Proxy Session Ap
173 Hwe 60856CE8 0 1 0 8404/9000 0 CCVPM_HTSP
174 Mwe 6087AF68 0 1 0 5516/6000 0 CCVPM_R2
175 Mwe 60940514 0 1 0 5548/6000 0 EPHONE MWI Refre
176 Mwe 609F5B28 4 43571 0 5516/6000 0 FB/KS Log HouseK
177 Lwe 60940D58 0 2 0 5508/6000 0 EPHONE MWI BG Pr
178 Mwe 612A4B44 0 1 0 5612/6000 0 CCSWVOICE
179 M* 0 592 4851 122 7708/12000 2 Virtual Exec
180 Mwe 61998054 0 1 059468/60000 0 http client proc
181 Mwe 614C197C 28 326778 0 5488/6000 0 DHCPD Timer
182 Mwe 624378B0 0 1 0 5520/6000 0 QOS_MODULE_MAIN
183 Mwe 624DF54C 0 1 023500/24000 0 RPMS_PROC_MAIN
184 Mwe 62A20940 0 1 023436/24000 0 VoIP AAA
185 Lwe 62CE032C 0 12 0 4404/6000 0 crypto engine pr
186 Mwe 62C4A5E4 712 7 101714 3788/8000 0 Crypto CA
187 Mwe 62C4A77C 0 1 0 7532/8000 0 Crypto PKI-CRL
188 Mwe 62CB56B8 0 1 0 7552/8000 0 Crypto SSL
189 Mwe 62CF8DA8 0 1 011536/12000 0 encrypt proc
190 Mwe 62E84A74 0 6 022108/24000 0 Crypto ACL
191 Mwe 6302E6DC 0 1 0 5700/6000 0 CRYPTO QoS proce
192 Mwe 62EB2364 0 1 0 5512/6000 0 Crypto INT
193 Mwe 62E3B7AC 0 3 010176/12000 0 Crypto IKE Dispa
194 Mwe 62E3A314 0 3 011212/12000 0 Crypto IKMP
195 Mwe 62EE9538 4 1 400011296/12000 0 Crypto IKEv2
196 Mwe 62E2AA5C 132 1960660 0 9808/12000 0 IPSEC key engine
197 Mwe 62E2B85C 0 1 0 5704/6000 0 IPSEC manual key
198 Mwe 62E9DA10 0 1 0 5544/6000 0 Crypto PAS Proc
199 Mwe 62F60588 1972 76561149 0 5516/6000 0 CCE DP Proc
200 Mwe 62F5F650 0 1 0 5712/6000 0 IP VFR proc
201 Mwe 6302A788 0 1 0 7520/8000 0 Key Proc
202 Mwe 6305D830 0 1 0 5708/6000 0 GDOI GM Process
203 Hwe 605B9644 0 1 0 5540/6000 0 IMA Traps
204 Mwe 60C9C604 0 1 0 5404/6000 0 SYSMGT Events
205 Mwe 60CE8AE4 0 2 0 5280/6000 0 Control-plane ho
206 Mwe 610A6C68 0 1 0 5560/6000 0 DATA Transfer Pr
207 Mwe 610A4C40 0 1 0 5516/6000 0 DATA Collector
208 Mwe 61395E04 0 594 0 4192/6000 0 AAA SEND STOP EV
209 Mwe 616FB750 0 3 0 8544/9000 0 EEM ED CLI
210 Mwe 616FDFC8 0 2 0 8544/9000 0 EEM ED Counter
211 Mwe 616FFE08 0 2 0 8540/9000 0 EEM ED Interface
212 Mwe 617027A0 0 3 0 8540/9000 0 EEM ED IOSWD
213 Mwe 61707254 0 2 0 8524/9000 0 EEM ED Memory-th
214 Mwe 61707890 0 2 0 8540/9000 0 EEM ED None
215 Mwe 61708D50 0 2 0 8524/9000 0 EEM ED OIR
216 Mwe 6170A204 4 2 2000 8240/9000 0 EEM ED Resource
217 Mwe 6170BBCC 0 2 0 8440/9000 0 EEM ED SNMP
218 Mwe 6171135C 76 653583 0 8312/9000 0 EEM ED Timer
219 Mwe 61713CAC 0 2 0 8544/9000 0 EEM ED Track
220 Mwe 6172EE28 236 7852510 0 3168/6000 0 EEM Server
221 Msi 624C8780 60 3921305 0 5536/6000 0 RMON Recycle Pro
222 Mwe 624D2C0C 0 2 0 5520/6000 0 RMON Deferred Se
223 Mwe 627B6334 0 1 0 5568/6000 0 Syslog Traps
224 Mwe 62F1B4D0 0 1 0 5532/6000 0 Crypto cTCP proc
225 Mwe 601559FC 0 1 0 5372/6000 0 RMON Packets
226 Lsi 608962B4 1568 39187432 0 5688/6000 0 trunk conditioni
227 Hwe 60897DA0 0 1 0 5544/6000 0 trunk conditioni
228 Mwe 61727AA0 0 2 0 8372/9000 0 EEM Policy Direc
229 Lwe 61A3387C 8 53105 011512/12000 0 Syslog
230 Mwe 62B19F70 0 1 0 5508/6000 0 VPDN Scal
232 Mwe 610E8B40 60 326779 058928/60000 0 CC-API_VCM
233 Mwe 60793BB4 17932 391944492 058624/60000 0 CCPROXY_CT
234 Lwe 61758F3C 60 1359983 0 5320/6000 0 CEF Scanner
235 Mwe 62CF87D0 3952780 25291 156291 6200/8000 0 crypto sw pk pro
237 Mwe 62D1C20C 772 21785 35 4284/6000 0 SSH Event handle
238 Mwe 61A2F224 31080 531964 5810980/12000 0 IP SNMP
239 Lwe 626D1290 10444 268096 3810988/12000 0 PDU DISPATCHER
240 Lwe 626D0E4C 55228 268121 20510116/12000 0 SNMP ENGINE
241 Lwe 6136B4FC 0 1 011556/12000 0 SNMP ConfCopyPro
242 Mwe 626CCDB0 48 18 266610980/12000 0 SNMP Traps
243 Mwe 625B6AB0 452 7829967 010500/12000 0 IP SLAs Responde
244 Mwe 625BCC68 36 653795 0 3904/6000 0 IP SLAs Event Pr
245 Mwe 621B3AE4 58856 39794280 1 4336/6000 0 NTP
PID QTy PC Runtime (ms) Invoked uSecs Stacks TTY Process
246 Msi 614C9500 8 653558 0 5060/6000 0 DHCPD Database


NAT:

читать дальше »
CPU utilization for five seconds: 12%/9%; one minute: 10%; five minutes: 12%
PID QTy PC Runtime(ms) Invoked uSecs Stacks TTY Process
1 Cwe 605F1688 56 351 159 5588/6000 0 Chunk Manager
2 Csp 6061F7B0 464 1019789 0 2652/3000 0 Load Meter
4 Lst 605FFB78 1084500 518167 2092 5624/6000 0 Check heaps
5 Cwe 60608258 396 2621 151 5584/6000 0 Pool Manager
6 Mst 60552970 0 2 0 5612/6000 0 Timers
7 Mwe 60011710 0 2 0 5616/6000 0 Serial Backgroun
8 Msi 6068008C 47476 5098152 9 4480/6000 0 EnvMon
9 Mwe 60685868 0 1 0 5648/6000 0 OIR Handler
10 Mwe 60693570 0 1 0 5676/6000 0 IPC Zone Manager
11 Mwe 606932C0 1216 5098147 0 5468/6000 0 IPC Periodic Tim
12 Mwe 606901D8 0 1 0 5676/6000 0 IPC BackPressure
13 Mwe 60693250 720 5098147 0 5468/6000 0 IPC Deferred Por
14 Mwe 60693350 0 1 0 5660/6000 0 IPC Seat Manager
15 Hsp 606DE6C8 80 509896 0 5756/6000 0 Compute SRP rate
16 Mwe 606F2A78 499616 3057255 163 4620/6000 0 ARP Input
17 Mwe 608B86A8 4908 254916 19 5660/6000 0 HC Counter Timer
18 Mwe 60924178 0 2 0 5600/6000 0 DDR Timers
19 Mwe 6093EBF8 0 2 0 11616/12000 0 Dialer event
20 Lwe 60B03F08 0 2 0 5576/6000 0 Entity MIB API
21 Mwe 60016480 0 1 0 5676/6000 0 SERIAL A'detect
22 Cwe 6060DCD0 0 1 0 5668/6000 0 Critical Bkgnd
23 Mwe 605BDB10 782324 1295793 603 10132/12000 0 Net Background
24 Lwe 60547290 4 553 7 11484/12000 0 Logger
25 Msp 605690E8 1804 5098142 0 5588/6000 0 TTY Background
26 Msp 605BCD60 19576 5098146 3 8748/9000 0 Per-Second Jobs
27 Mwe 606CCEB4 0 1 0 2620/3000 0 Inode Table Dest
28 Hwe 6013BB50 0 1 0 5768/6000 0 CSP Timer
29 Mwe 6034F768 0 2 0 5636/6000 0 CES Timer
30 Mwe 603A7EA0 0 2 0 5568/6000 0 Hawkeye Backgrou
31 Hst 6043BE80 0 1 0 5784/6000 0 SONET alarm time
32 Mwe 610C6A88 0 2 0 5616/6000 0 VSI Master
33 Hwe 614FC6F8 0 2 0 5616/6000 0 VNM DSPRM MAIN
34 Mwe 603393C0 0 1 0 5640/6000 0 CES Line Conditi
35 Mwe 6068A900 0 2 0 5632/6000 0 Flash MIB Update
36 Hwe 601EA5A8 0 2 0 11620/12000 0 ATM OAM Input
37 Hwe 601E96C8 0 2 0 11236/12000 0 ATM OAM TIMER
38 Mwe 604D1410 0 4 0 5620/6000 0 TurboACL
39 Mrd 6071F9B0 22946656 42314804 542 9764/12000 0 IP Input
40 Mwe 607EA978 43464 594801 73 5236/6000 0 CDP Protocol
41 Mwe 60957320 12 8483 1 5444/6000 0 MOP Protocols
42 Lwe 60D8CBF8 0 1 0 5352/6000 0 X.25 Encaps Mana
43 Mwe 60DD5E48 0 2 0 5628/6000 0 Spanning Tree
44 Mwe 61007F00 28 84983 0 5524/6000 0 LDP Background
45 Mwe 6108BC20 0 1 0 11760/12000 0 frr_tunnel
46 Mwe 608BB328 0 1 0 5748/6000 0 PPP IP Add Route
47 Mwe 60797EA0 18432 89534 205 8184/9000 0 IP Background
48 Hwe 6079DA68 3480 84976 40 8128/9000 0 IP RIB Update
49 Mwe 60AFB998 0 6 0 5744/6000 0 SNMP Timers
50 Mwe 6077AA50 0 1 0 5776/6000 0 HTTP Timer
51 Mrd 60706548 36 4296 8 11060/12000 0 TCP Timer
52 Lwe 6070B4F0 16 36 444 11500/12000 0 TCP Protocols
53 Lwe 60767AD8 0 1 0 5672/6000 0 Probe Input
54 Mwe 60769028 0 1 0 5676/6000 0 RARP Input
55 Hwe 6078AC08 0 1 0 5772/6000 0 Socket Timers
56 Mwe 606FA4F4 5012 7986 627 3944/6000 0 DHCPD Receive
57 Lsi 607E2574 150408 84972 1770 5260/6000 0 IP Cache Ager
58 Hwe 60D9A618 0 1 0 5652/6000 0 PAD InCall
59 Mwe 60D5F150 0 2 0 11608/12000 0 X.25 Background
60 ME 60EA8E24 0 2 0 5620/6000 0 SPX Input
61 Mwe 60F8CCC8 5844 1019720 5 5472/6000 0 Adj Manager
62 Lwe 60F7D1B0 20476 5696246 3 5136/6000 0 CEF process
63 Mwe 610408A0 0 2 0 11620/12000 0 TC-ATM Proc
64 Mwe 61050148 0 2 0 5632/6000 0 Tag Input
65 M* 0 372 130 2861 9764/12000 2 Virtual Exec
66 Mwe 614D27E0 0 1 0 8644/9000 0 CCVPM_HTSP
67 Mwe 6151CBB8 0 1 0 5520/6000 0 CCSWVOICE
68 Mwe 61546720 0 2 0 5600/6000 0 tcl ivr app
69 Mwe 61546720 0 2 0 5604/6000 0 tcl ivr app
70 Mwe 61546720 0 2 0 5604/6000 0 tcl ivr app
71 Mwe 61546720 0 2 0 5604/6000 0 tcl ivr app
72 Mwe 61546720 0 2 0 5604/6000 0 tcl ivr app
73 Mwe 61546720 0 2 0 5604/6000 0 tcl ivr app
74 Mwe 61546720 0 2 0 5604/6000 0 tcl ivr app
75 Mwe 61546720 0 2 0 5604/6000 0 tcl ivr app
76 Msi 602F1158 1016 509842 1 5644/6000 0 RMON Recycle Pro
77 Mwe 602FF438 0 2 0 5636/6000 0 RMON Deferred Se
78 Mwe 6037B258 0 1 0 5588/6000 0 SYSMGT Events
79 Lwe 60855B30 0 1 0 5668/6000 0 SONET Traps
80 Mwe 60EB2D58 824 240 3433 5128/6000 0 Syslog Traps
81 Mwe 602E32E0 0 1 0 5480/6000 0 RMON Packets
82 Hwe 605BD024 46608 1038180 44 5648/6000 0 Net Input
83 Msp 605C71C4 2116 1019711 2 5636/6000 0 Compute load avg
84 Msp 605BCDF8 684016 84974 8049 5592/6000 0 Per-minute Jobs
85 Mwe 61522818 4 1 4000 23668/24000 0 CCSWVOFR
86 Lwe 6075DA24 15036 70084 214 10932/12000 0 IP SNMP
87 Mwe 60B00298 4232 35115 120 11328/12000 0 PDU DISPATCHER
88 Mwe 60AFFF20 22948 35004 655 10532/12000 0 SNMP ENGINE
89 Lwe 608A45D0 0 1 0 11680/12000 0 SNMP ConfCopyPro
90 Mwe 60AFC200 0 1 0 11648/12000 0 SNMP Traps
91 Mwe 604C11C8 0 2 0 5636/6000 0 IP Flow Backgrou
92 Mwe 60EB6080 22351244 27767652 804 5084/6000 0 IP NAT Ager
93 Mwe 60B27BC0 2072 5119837 0 4572/6000 0 NTP
94 Mwe 603602C8 0 1 0 5656/6000 0 xcpa-driver
95 Lwe 60F7CAD0 3360 360509 9 5400/6000 0 CEF Scanner
96 ME 6070FFFC 264 480 550 9900/12000 3 Virtual Exec
97 Mwe 6078DF18 4 42493 0 5524/6000 0 DHCPD Timer
98 Msi 60795E60 2672 1444549 1 5096/6000 0 DHCPD Database


и они обе 7204...

Аптайм у них хороший. У главной больше года, что удивительно.
Причём блокирует пока два адреса 192.168.1.2 и 192.168.1.3
с адреса 192.168.1.4 я могу зайти на главную циску.
Не могу понять кто блокирует: НАТ или главная?

ну ппц... сейчас у сотрудников начинает отваливаться доступ в интернет...

-------
Вежливый клиент всегда прав!

Последний раз редактировалось exo, 03-09-2012 в 12:14.

Отправлено: 11:51, 03-09-2012 | #4

exo exo вне форума Автор темы

Аватара для exo

Ветеран


Сообщения: 12417
Благодарности: 1442

Профиль | Отправить PM | Цитировать

вообщем, я сделал Reload ГЛАВНОЙ - не помогло. Сделал reload НАТу - он спросил сохранять изменения или нет - я сказал нет - и помогло.
Но какие изменения? я всегда если что менял по окончании сохранял WR.
сейчас буду сравнивать конфиги НАТовские...

-------
Вежливый клиент всегда прав!

Отправлено: 14:07, 03-09-2012 | #5



Компьютерный форум OSzone.net » Железо » Сетевое оборудование » Cisco - Блокировка трафика...

Участник сейчас на форуме Участник сейчас на форуме Участник вне форума Участник вне форума Автор темы Автор темы Шапка темы Сообщение прикреплено

Похожие темы
Название темы Автор Информация о форуме Ответов Последнее сообщение
Разное - Блокировка ПК aagatin Microsoft Windows 2000/XP 3 06-10-2011 09:10
http/web - Блокировка сетевого трафика wifi il_designer Сетевые технологии 6 27-05-2011 18:57
Интерфейс - блокировка http трафика через политику безопасности IP hazamov Microsoft Windows 2000/XP 3 13-02-2009 13:02
Блокировка joskej pate Общий по FreeBSD 1 03-08-2007 21:31
Блокировка входящего трафика ADSL Ded_Ts Сетевые технологии 4 20-04-2007 15:22


« Предыдущая тема | Следующая тема »


 
Переход