ciao a tutti, ho un problema nell'impostare il nat dinamico su un router sul quale sono presenti delle sottointerfacce per alcune vlan... come mi comporto? ho provato a applicare le stesse regole delle interfacce, ma non funziona... mi sfugge qualcosa? grazie ciao
ps. questa è la configurazione del router:
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.2
description vlan 4 amministrazione
encapsulation dot1Q 4
ip address 172.17.145.129 255.255.255.192
ip access-group A in
ip access-group Aa out
ip nat inside
!
interface FastEthernet0/0.3
description vlan 2 produzione
encapsulation dot1Q 2
ip address 172.17.144.1 255.255.255.0
ip access-group P in
ip nat inside
!
interface FastEthernet0/0.4
description vlan 3 marketing
encapsulation dot1Q 3
ip address 172.17.145.1 255.255.255.128
ip access-group M in
ip nat inside
!
interface FastEthernet0/0.5
description vlan 6 formazione
encapsulation dot1Q 6
ip address 172.17.146.1 255.255.255.192
ip access-group formN out
!
interface FastEthernet0/0.6
description vlan 5 enterprise
encapsulation dot1Q 5
ip address 172.17.145.193 255.255.255.192
!
interface FastEthernet0/0.7
description vlan 7 mail
encapsulation dot1Q 7
ip address 172.17.146.65 255.255.255.248
ip access-group mail out
ip nat inside
!
interface FastEthernet0/1
ip address 131.114.28.3 255.255.255.248
ip access-group out out
ip nat outside
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
router eigrp 1
network 131.114.28.0 0.0.0.7
auto-summary
!
router rip
!
ip nat pool tradotto 131.114.28.3 131.114.28.3 netmask 255.255.255.248
ip nat inside source list out pool tradotto overload
ip nat inside source static tcp 172.17.146.66 25 131.114.28.3 25
ip nat inside source static tcp 172.17.146.67 110 131.114.28.3 110
ip classless
ip route 172.17.176.0 255.255.255.0 131.114.28.1
!
!
ip access-list extended M
permit udp any any eq bootps
permit tcp 172.17.145.0 0.0.0.127 any eq www
permit tcp any any established
permit tcp 172.17.145.0 0.0.0.127 131.114.28.0 0.0.0.7 eq domain
permit tcp 172.17.145.0 0.0.0.127 172.17.146.64 0.0.0.7 eq smtp
permit tcp 172.17.145.0 0.0.0.127 172.17.146.64 0.0.0.7 eq pop3
ip access-list extended P
permit udp any any eq bootps
permit tcp 172.17.144.0 0.0.0.255 any eq www
permit tcp any any established
permit tcp 172.17.144.0 0.0.0.255 131.114.28.0 0.0.0.7 eq domain
permit tcp 172.17.144.0 0.0.0.255 172.17.146.64 0.0.0.7 eq smtp
permit tcp 172.17.144.0 0.0.0.255 172.17.146.64 0.0.0.7 eq pop3
ip access-list extended A
permit udp any any eq bootps
permit tcp 172.17.145.128 0.0.0.63 172.17.145.0 0.0.0.127
permit tcp 172.17.145.128 0.0.0.63 172.17.144.0 0.0.0.255
permit tcp 172.17.145.128 0.0.0.63 131.114.28.0 0.0.0.7 eq www
permit tcp 172.17.145.128 0.0.0.63 172.17.146.64 0.0.0.7 eq smtp
permit tcp 172.17.145.128 0.0.0.63 172.17.146.64 0.0.0.7 eq pop3
ip access-list extended Aa
permit tcp any any established
ip access-list extended mail
permit tcp any 172.17.146.64 0.0.0.7 eq smtp
permit tcp any 172.17.146.64 0.0.0.7 eq pop3
ip access-list extended formN
permit ip 172.17.176.64 0.0.0.63 172.17.146.0 0.0.0.63
ip access-list extended out
permit ip any any
!
ip dhcp excluded-address 172.17.144.1 172.17.144.10
ip dhcp excluded-address 172.17.145.1 172.17.145.10
ip dhcp excluded-address 172.17.146.1 172.17.146.3
ip dhcp excluded-address 172.17.145.129 172.17.145.138
!
ip dhcp pool produzioneN
network 172.17.144.0 255.255.255.0
default-router 172.17.144.1
dns-server 131.114.28.6
ip dhcp pool amministrazioneN
network 172.17.145.128 255.255.255.192
default-router 172.17.145.129
dns-server 131.114.28.6
ip dhcp pool marketingN
network 172.17.145.0 255.255.255.128
default-router 172.17.145.1
dns-server 131.114.28.6
ip dhcp pool formazioneN
network 172.17.146.0 255.255.255.192
default-router 172.17.146.1
dns-server 131.114.28.6
!
!
!
!
!
line con 0
line vty 0 4
login
!
!
!
end
vlan e nat dinamico
Moderatore: Federico.Lagni
