da Telecom a Fastweb

Configurazioni per connettività ADSL, ISDN e switch per privati e piccole network

Moderatore: Federico.Lagni

Rispondi
pinguins76
Cisco fan
Messaggi: 42
Iscritto il: mer 12 set , 2007 10:23 am

Buonasera utenti del forum, vi chiedo aiuto per cambiare la configurazione del mio 877W dato che ho cambiato gestore da Telecom a Fastweb.

Non riesco a capire cosa devo cambiare della mia configurazione.

Sicuro di un vostro aiuto ringrazio anticipatamente!

Questa la mia configurazione




no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
no service password-encryption
service sequence-numbers
!
hostname SLV01
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $1$0.XM$yF9aARUCC0rVn8znsjfJO.
!
no aaa new-model
clock timezone Berlin 1
clock summer-time Berlin date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-257969841
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-257969841
revocation-check none
rsakeypair TP-self-signed-257969841
!
!
crypto pki certificate chain TP-self-signed-257969841
certificate self-signed 01
30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32353739 36393834 31301E17 0D313030 33323832 32303430
355A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3235 37393639
38343130 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
A38993A1 5A304063 CFE64B5F 2953A81F 8AEFCC66 807C7190 CA0F33D0 C1470178
876B3209 1725FD94 29B8639E 584F18CE 03A47D99 9675F7BE C31998E6 5151A571
293D1ACC 4C968FB4 8258B537 ABA29FB6 8EDD600F DEC36752 D96517F0 3DEE74E2
F362EF71 91C4661C 7FC71C37 B287660A 195FD466 C8A6C55F 9F2673B0 AE8746EB
02030100 01A36F30 6D300F06 03551D13 0101FF04 05300301 01FF301A 0603551D
11041330 11820F53 4C563031 2E636973 636F2E63 6F6D301F 0603551D 23041830
168014C5 A82BC925 F902B0F1 A0A1EC9B BB1BF17B D655FC30 1D060355 1D0E0416
0414C5A8 2BC925F9 02B0F1A0 A1EC9BBB 1BF17BD6 55FC300D 06092A86 4886F70D
01010405 00038181 0044B6AD C685B261 DAEE65DA 927E0DDE 5487A52F 4AB9DA95
4E6DD68A 8AEEBD58 BC723746 37C9BFB0 2CBF8B12 96A4096A DC0706DF 69C931D6
EC7ADE06 26DBE859 E8668690 783D2DBC 9F513F08 93C9D916 5580A07D 5AE5BC42
5E505698 27D958C1 13A4419C 1A2B73AD 6BEDA891 6D8EAA83 95982CAD 28A8444F
62CC53ED D381F4F1 A1
quit
dot11 syslog
!
dot11 ssid Studio
vlan 1
authentication open
authentication key-management wpa
guest-mode
infrastructure-ssid optional
wpa-psk ascii 0 !xxx!
!
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 10.10.10.2
!
ip dhcp pool ccp-pool1
import all
network 10.10.10.0 255.255.255.0
dns-server 208.67.222.222 208.67.220.220
default-router 10.10.10.1
!
!
ip port-map user-protocol--1 port tcp 9000
no ip bootp server
ip domain name cisco.com
ip name-server 208.67.220.220
ip name-server 208.67.222.222
!
!
!
username xxx privilege 15 secret 5 xxx
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
class-map type inspect match-all sdm-nat-user-protocol--1-1
match access-group 101
match protocol user-protocol--1
class-map type inspect match-any CCP-Voice-permit
match protocol h323
match protocol skinny
match protocol sip
class-map type inspect match-any ccp-cls-insp-traffic
match protocol cuseeme
match protocol dns
match protocol ftp
match protocol h323
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp extended
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
class-map type inspect match-all ccp-protocol-http
match protocol http
!
!
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
pass
policy-map type inspect sdm-pol-NATOutsideToInside-1
class type inspect sdm-nat-user-protocol--1-1
inspect
class class-default
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
class type inspect ccp-insp-traffic
inspect
class type inspect CCP-Voice-permit
inspect
class class-default
pass
policy-map type inspect ccp-permit
class class-default
!
zone security out-zone
zone security in-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security sdm-zp-NATOutsideToInside-1 source out-zone destination in-zone
service-policy type inspect sdm-pol-NATOutsideToInside-1
!
bridge irb
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description Connessione ADSL ALICE 7Mb
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
!
encryption vlan 1 mode ciphers tkip
!
ssid Studio
!
speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
station-role root
world-mode dot11d country IT both
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
no ip address
ip tcp adjust-mss 1452
bridge-group 1
!
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1452
ip nat outside
ip virtual-reassembly
zone-member security out-zone
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxx
ppp chap password 0 xxx
ppp pap sent-username xxx password 0 xxx
!
interface BVI1
description $ES_LAN$$FW_INSIDE$
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
zone-member security in-zone
ip tcp adjust-mss 1412
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.10.10.2 9000 interface Dialer0 9000
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 10.10.10.2
dialer-list 1 protocol ip permit
no cdp run
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner login ^C || ||
|| ||
|||| ||||
..:||||||:..:||||||:..
Cisco Systems Inc.
-
877W @ SLV01

*** Accesso alla configurazione del router. Ogni accesso viene loggato ***
^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
Top
paolomat75
Messianic Network master
Messaggi: 2965
Iscritto il: ven 29 gen , 2010 10:25 am
Località: Prov di GE

Mi pare che Fastweb usa 8/36 e non 8/35 per il PVC.
Hai visto questo post? http://www.ciscoforums.it/viewtopic.php?f=10&t=29612

Paolo
Non cade foglia che l'inconscio non voglia (S.B.)
Top
pinguins76
Cisco fan
Messaggi: 42
Iscritto il: mer 12 set , 2007 10:23 am

visto il topic che mi hai segnalato, grazie.
Ho corretto la configurazione così:

no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
no service password-encryption
service sequence-numbers
!
hostname SLV01
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $1$0.XM$yF9aARUCC0rVn8znsjfJO.
!
no aaa new-model
clock timezone Berlin 1
clock summer-time Berlin date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-257969841
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-257969841
revocation-check none
rsakeypair TP-self-signed-257969841
!
!
crypto pki certificate chain TP-self-signed-257969841
certificate self-signed 01
30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32353739 36393834 31301E17 0D313030 33323832 32303430
355A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3235 37393639
38343130 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
A38993A1 5A304063 CFE64B5F 2953A81F 8AEFCC66 807C7190 CA0F33D0 C1470178
876B3209 1725FD94 29B8639E 584F18CE 03A47D99 9675F7BE C31998E6 5151A571
293D1ACC 4C968FB4 8258B537 ABA29FB6 8EDD600F DEC36752 D96517F0 3DEE74E2
F362EF71 91C4661C 7FC71C37 B287660A 195FD466 C8A6C55F 9F2673B0 AE8746EB
02030100 01A36F30 6D300F06 03551D13 0101FF04 05300301 01FF301A 0603551D
11041330 11820F53 4C563031 2E636973 636F2E63 6F6D301F 0603551D 23041830
168014C5 A82BC925 F902B0F1 A0A1EC9B BB1BF17B D655FC30 1D060355 1D0E0416
0414C5A8 2BC925F9 02B0F1A0 A1EC9BBB 1BF17BD6 55FC300D 06092A86 4886F70D
01010405 00038181 0044B6AD C685B261 DAEE65DA 927E0DDE 5487A52F 4AB9DA95
4E6DD68A 8AEEBD58 BC723746 37C9BFB0 2CBF8B12 96A4096A DC0706DF 69C931D6
EC7ADE06 26DBE859 E8668690 783D2DBC 9F513F08 93C9D916 5580A07D 5AE5BC42
5E505698 27D958C1 13A4419C 1A2B73AD 6BEDA891 6D8EAA83 95982CAD 28A8444F
62CC53ED D381F4F1 A1
quit
dot11 syslog
!
dot11 ssid Studio
vlan 1
authentication open
authentication key-management wpa
guest-mode
infrastructure-ssid optional
wpa-psk ascii 0 !xxx!
!
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 10.10.10.2
!
ip dhcp pool ccp-pool1
import all
network 10.10.10.0 255.255.255.0
dns-server 208.67.222.222 208.67.220.220
default-router 10.10.10.1
!
!
ip port-map user-protocol--1 port tcp 9000
no ip bootp server
ip domain name cisco.com
ip name-server 213.140.2.12
ip name-server 213.140.2.21
!
!
!
username xxx privilege 15 secret 5 xxx
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
class-map type inspect match-all sdm-nat-user-protocol--1-1
match access-group 101
match protocol user-protocol--1
class-map type inspect match-any CCP-Voice-permit
match protocol h323
match protocol skinny
match protocol sip
class-map type inspect match-any ccp-cls-insp-traffic
match protocol cuseeme
match protocol dns
match protocol ftp
match protocol h323
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp extended
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
class-map type inspect match-all ccp-protocol-http
match protocol http
!
!
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
pass
policy-map type inspect sdm-pol-NATOutsideToInside-1
class type inspect sdm-nat-user-protocol--1-1
inspect
class class-default
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
class type inspect ccp-insp-traffic
inspect
class type inspect CCP-Voice-permit
inspect
class class-default
pass
policy-map type inspect ccp-permit
class class-default
!
zone security out-zone
zone security in-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security sdm-zp-NATOutsideToInside-1 source out-zone destination in-zone
service-policy type inspect sdm-pol-NATOutsideToInside-1
!
bridge irb
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no ip mroute-cache
no atm ilmi-keepalive
hold-queue 224 in
!
interface ATM0.1 point-to-point
description Connessione FASTWEB
ip address dhcp
ip mtu 1492
ip flow ingress
ip nat outside
ip virtual-reassembly
ip tcp adjust-mss 1452
atm route-bridged ip
pvc 8/36
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
!
encryption vlan 1 mode ciphers tkip
!
ssid Studio
!
speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
station-role root
world-mode dot11d country IT both
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
ip address 192.168.0.1 255.255.255.0
ip mtu 1492
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface BVI1
description $ES_LAN$$FW_INSIDE$
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
zone-member security in-zone
ip tcp adjust-mss 1412
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 ATM0.1
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 101 interface ATM0.1 overload
ip nat inside source static tcp 10.10.10.2 9000 interface Dialer0 9000
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 10.10.10.2
dialer-list 1 protocol ip permit
no cdp run
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner login ^C || ||
|| ||
|||| ||||
..:||||||:..:||||||:..
Cisco Systems Inc.
-
877W @ SLV01

*** Accesso alla configurazione del router. Ogni accesso viene loggato ***
^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end


è giusta o devo correggere altro?
Top
paolomat75
Messianic Network master
Messaggi: 2965
Iscritto il: ven 29 gen , 2010 10:25 am
Località: Prov di GE

Non ho Fastweb. Provala e poi se non va vediamo cosa può esserci.

Paolo
Non cade foglia che l'inconscio non voglia (S.B.)
Top
pinguins76
Cisco fan
Messaggi: 42
Iscritto il: mer 12 set , 2007 10:23 am

ok, grazie
Top
Rispondi

Torna a “Configurazioni End User”