درود !
توجه کنید :
تنظیمات router2611
aaa new-model
aaa authentication login default local
aaa authentication enable default enable
aaa authentication ppp default group radius
aaa accounting update newinfo periodic 1
aaa accounting network default start-stop group radius
!
!
!
!
!
ip subnet-zero
no ip rcmd domain-lookup
ip rcmd rsh-enable
ip rcmd remote-host system A.B.C.D system enable
no ip finger
ip name-server 4.2.2.1
!
ip address-pool local
!
!
!
!
!
interface Ethernet0/0
ip address A'.B'.C'.D' X.X.X.X
ip access-group 100 in
ip access-group 100 out
no ip mroute-cache
no keepalive
full-duplex
no cdp enable
!
interface Serial0/0
ip unnumbered Ethernet0/0
encapsulation ppp
no ip mroute-cache
no fair-queue
no cdp enable
!
interface Ethernet0/1
no ip address
no ip mroute-cache
shutdown
no cdp enable
!
interface Group-Async0
ip unnumbered Ethernet0/0
encapsulation ppp
no ip mroute-cache
autodetect encapsulation ppp
async dynamic address
async dynamic routing
async mode interactive
peer default ip address pool default
no fair-queue
compress mppc
no cdp enable
ppp authentication pap
group-range 33 48
!
ip local pool default X.X.X.X X.X.X.X
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0 permanent
no ip http server
!
access-list 15 permit A.B.C.D
access-list 100 deny tcp any any eq 445
access-list 100 deny tcp any any eq 135
access-list 100 deny tcp any any eq 139
access-list 100 deny tcp any any eq 593
access-list 100 deny tcp any any eq 1434
access-list 100 deny tcp any any eq 1433
access-list 100 deny tcp any any eq 6669
access-list 100 deny tcp any any eq 2222
access-list 100 deny tcp any any eq 7000
access-list 100 deny tcp any any eq 16959
access-list 100 deny tcp any any eq 27374
access-list 100 deny tcp any any eq 6711
access-list 100 deny tcp any any eq 6712
access-list 100 deny tcp any any eq 6776
access-list 100 deny tcp any any eq 16660
access-list 100 deny tcp any any eq 65000
access-list 100 deny tcp any any eq 27665
access-list 100 deny tcp any any eq 33270
access-list 100 deny tcp any any eq 39168
access-list 100 deny tcp any any eq 26300
access-list 100 deny udp any any eq 31335
access-list 100 deny udp any any eq 135
access-list 100 deny udp any any eq 666
access-list 100 deny udp any any eq 90
access-list 100 deny udp any any eq 1434
access-list 100 deny udp any any eq 1433
access-list 100 deny udp any any eq netbios-ns
access-list 100 deny udp any any eq netbios-ss
access-list 100 deny udp any any eq netbios-dgm
access-list 100 deny udp any any eq 995
access-list 100 deny udp any any eq 996
access-list 100 deny udp any any eq 997
access-list 100 deny udp any any eq 998
access-list 100 deny udp any any eq 999
access-list 100 deny udp any any eq 10296
access-list 100 deny icmp any any echo
access-list 100 deny icmp any any echo-reply
access-list 100 permit ip any any
access-list 110 deny tcp any any neq www
access-list 110 permit tcp any any
no cdp run
snmp-server community public RW
snmp-server enable traps envmon
radius-server host A.B.C.D auth-port 1812 acct-port 1813
radius-server retransmit 3
radius-server vsa send accounting
radius-server vsa send authentication
!
line con 0
transport input none
line 33 48
exec-timeout 0 0
no flush-at-activation
modem answer-timeout 180
modem Dialin
modem autoconfigure discovery
autocommand ppp
transport preferred none
transport input all
transport output none
autoselect during-login
autoselect ppp
autohangup
line aux 0
line vty 0 4
!
no scheduler allocate
end
هیچDialUp User امکان برقراری اتصال ندارد !!!!!!!!!!!!!!!!
Accountingبر عهده NTTAC+ میباشد .
موفق باشید... .
موضوعات مشابه: