salve a tutti ho un serio problema con il cisco 837. Partendo dal presupposto che è da un paio di giorni che sbatto la testa per configurare il mio router per una connessione tiscali 4 mega sono arrivato a fare danni..
Girando su i vari forum ho trovato delle configurazioni fin quando non ho trovato questa...
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
logging buffered 16384 debugging
no logging console
enable password 7 pdaqq2
!
username dombari password 7 pdaqq2
ip subnet-zero
no ip source-route
!
ip dhcp pool CLIENT
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 213.205.32.70 213.205.36.70
lease 0 2
!
!
ip inspect name Firewall tcp
ip inspect name Firewall http
ip inspect name Firewall ftp
ip inspect name Firewall udp
ip inspect name Firewall h323
ip inspect name Firewall tftp
ip ssh time-out 60
ip ssh authentication-retries 2
no aaa new-model
!
!
!
!
class-map match-all class_www
match access-group 102
class-map match-all class_ftp
match access-group 102
!
!
policy-map QoS_ftp
class class_ftp
priority percent 75
class class_www
!
!
!
!
!
interface Ethernet0
description LAN
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip inspect Firewall in
no cdp enable
hold-queue 100 out
!
interface ATM0
bandwidth 320
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface Dialer0
bandwidth 1280
ip address negotiated
ip access-group 131 in
ip nat outside
ip inspect Firewall in
service-policy output QoS_ftp
encapsulation ppp
no ip route-cache
no ip mroute-cache
dialer pool 1
dialer-group 1
no cdp enable
ppp pap sent-username [email protected] password 7 123456
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
ip http server
no ip http secure-server
!
ip nat translation timeout 3600
ip nat translation tcp-timeout 3600
ip nat translation udp-timeout 1200
ip nat translation finrst-timeout 300
ip nat translation syn-timeout 120
ip nat translation dns-timeout 300
ip nat translation icmp-timeout 120
ip nat translation max-entries 4096
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.2 4662 interface Dialer0 4662
ip nat inside source static udp 192.168.1.2 4662 interface Dialer0 4662
ip nat inside source static tcp 192.168.1.2 4672 interface Dialer0 4672
ip nat inside source static udp 192.168.1.2 4672 interface Dialer0 4672
ip nat inside source static tcp 192.168.1.2 21 interface Dialer0 21
ip nat inside source static tcp 192.168.1.2 5900 interface Dialer0 5900
!
logging trap debugging
logging facility local6
logging 192.168.1.2
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 131 remark *** ACL PER PERMETTERE ACCESSO VIA TELNET AL ROUTER ***
access-list 131 permit tcp any any eq telnet
access-list 131 remark *** ACL ANTI-SPOOFING ***
access-list 131 deny ip 10.0.0.0 0.255.255.255 any log
access-list 131 deny ip 172.16.0.0 0.15.255.255 any log
access-list 131 deny ip 127.0.0.0 0.255.255.255 any log
access-list 131 deny ip 224.0.0.0 31.255.255.255 any log
access-list 131 deny ip host 0.0.0.0 any log
access-list 131 permit tcp any any gt 1023 established
access-list 131 permit udp any any gt 1023
access-list 131 remark *** ACL ICMP ***
access-list 131 permit icmp any any echo
access-list 131 permit icmp any any echo-reply
access-list 131 permit icmp any any time-exceeded
access-list 131 permit icmp any any unreachable
access-list 131 permit icmp any any administratively-prohibited
access-list 131 permit icmp any any packet-too-big
access-list 131 permit icmp any any traceroute
access-list 131 deny icmp any any log
access-list 131 remark *** Porte molto usate da VIRUS ***
access-list 131 deny tcp any any eq 135 log
access-list 131 deny udp any any eq 135 log
access-list 131 deny udp any any eq netbios-ns log
access-list 131 deny udp any any eq netbios-dgm log
access-list 131 deny tcp any any eq 139 log
access-list 131 deny udp any any eq netbios-ss log
access-list 131 deny tcp any any eq 445 log
access-list 131 deny tcp any any eq 593 log
access-list 131 deny udp any any eq 1433 log
access-list 131 deny udp any any eq 1434 log
access-list 131 deny ip any any dscp 1 log
access-list 131 deny udp any any eq 5554 log
access-list 131 deny udp any any eq 9996 log
access-list 131 deny udp any any eq 113 log
access-list 131 deny udp any any eq 3067 log
no cdp run
!
control-plane
!
!
line con 0
login local
no modem enable
transport preferred all
transport output all
stopbits 1
line aux 0
transport preferred all
transport output all
line vty 0 4
login local
transport preferred all
transport input all
transport output all
!
scheduler max-task-time 5000
end
ADESSO NON RIESCO PIU' AD ACCDERE AL ROUTER IN QUANTO MI CHIEDE USER E PASSWORD CHE IN TEORIA DOVREBBERO ESSERE: USER dombari E PASSWORD pdaqq2 PERO' NIENTE DA FARE!!!
vI PREGO AIUTATEMI.. E GIA CHE VI TROVATE MAGARI POTRESTE MANDARMI LA CONFIGURAZIONE PER LA LINEA TISCALI.. THANKS
Aiuto cisco 837
Moderatore: Federico.Lagni
