من Config بدین شکل کردم
الان مشکل من اینه که User موقع کار کردن یکدفعه DC میشه
اینم Config
کد:
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Router
!
aaa new-model
aaa authentication login group group tacacs+
aaa authentication ppp default group tacacs+
aaa authorization network default group tacacs+
aaa accounting update newinfo
aaa accounting exec default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
enable password 7 000F1B0917530A0B0E2545
!
username admin privilege 15 password 7 051B03162$#%*@C4D40584A5342234456543585A51
spe 1/0 2/9
firmware location flash:mica-modem-pw.2.9.4.0.bin
!
!
resource-pool disable
!
clock timezone IRT 3 30
ip subnet-zero
ip rcmd rsh-enable
ip rcmd remote-host SYSTEM 80.191.222.9 SYSTEM enable
ip domain-name darklove.ir
ip name-server 80.191.222.6
ip name-server 217.218.127.104
ip name-server 192.9.9.3
ip name-server 4.2.2.2
ip name-server 4.2.2.4
!
async-bootp dns-server 80.191.222.6 217.218.127.104 192.9.9.3 4.2.2.2
isdn switch-type primary-net5
isdn gateway-max-interworking
modemcap entry mica-e1:MSC=&F&D2S34=18000S40=10S54=172S53=0
modemcap entry mica-noKflex:MSC=&F&D2s53=0
modemcap entry mica-v92:MSC=&f&d2s29=12s63=0s54=172s53=0s34=18000s40=10
modemcap entry mica-v90:MSC=&f&d2s29=12s63=0s54=8s53=0s40=0s34=1800
!
controller E1 0
framing NO-CRC4
clock source line primary
pri-group timeslots 1-31
!
controller E1 1
shutdown
clock source line secondary 1
pri-group timeslots 1-31
!
controller E1 2
shutdown
pri-group timeslots 1-31
!
controller E1 3
shutdown
pri-group timeslots 1-31
!
!
!
interface Ethernet0
bandwidth 640
ip address 80.191.222.10 255.255.255.0 secondary
ip address 80.191.223.1 255.255.255.0 secondary
ip address 80.191.222.1 255.255.255.128
no ip mroute-cache
ip policy route-map dark
no keepalive
no cdp enable
!
interface Serial0:15
ip unnumbered Ethernet0
encapsulation ppp
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no fair-queue
ppp authentication pap chap
ppp multilink
!
interface Serial1:15
ip unnumbered Ethernet0
encapsulation ppp
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no fair-queue
ppp authentication pap chap
ppp multilink
!
interface Serial2:15
ip unnumbered Ethernet0
encapsulation ppp
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no fair-queue
ppp authentication pap chap
ppp multilink
!
interface Serial3:15
ip unnumbered Ethernet0
encapsulation ppp
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no fair-queue
ppp authentication pap chap
ppp multilink
!
interface FastEthernet0
no ip address
no ip mroute-cache
shutdown
duplex auto
speed 100
!
interface Group-Async0
ip unnumbered Ethernet0
ip access-group Virus in
ip access-group Virus out
ip nat inside
encapsulation ppp
ip tcp header-compression passive
no ip mroute-cache
ip policy route-map dark
async mode interactive
peer default ip address pool test
fair-queue
compress mppc
ppp authentication pap chap callin
group-range 1 120
!
ip local pool test 80.191.223.5 80.191.223.40
ip classless
ip route 0.0.0.0 0.0.0.0 80.191.222.2
no ip http server
!
!
ip access-list extended Virus
deny udp any any eq 1433
deny udp any any eq 1434
deny udp any any eq tftp
deny tcp any any eq 135
deny udp any any eq 135
deny udp any any eq netbios-ns
deny udp any any eq netbios-dgm
deny tcp any any eq 139
deny udp any any eq netbios-ss
deny tcp any any eq 445
deny tcp any any eq 593
deny tcp any any eq 4444
deny tcp any any eq 1243
deny tcp any any eq 554
deny udp any any eq 8554
deny tcp any any eq 27374
deny tcp any any eq 1919
deny tcp any any eq 1433
deny tcp any any eq 1425
deny tcp any any eq 6667
deny tcp any any eq 8943
deny tcp any any eq 4662
deny tcp any any eq 1034
deny tcp any any eq 9999
permit icmp any host 80.191.222.1
permit icmp any host 80.191.222.2
permit icmp any host 80.191.222.3
permit icmp any host 80.191.222.4
permit icmp any host 80.191.222.5
permit icmp any host 80.191.222.6
permit icmp any host 80.191.222.7
permit icmp any host 80.191.222.8
deny icmp any any
permit ip any any
permit ip 80.191.223.0 0.0.0.255 any
access-list 1 permit 0.0.0.0 80.191.223.254
access-list 90 permit 80.191.222.3
access-list 90 permit 80.191.222.4
access-list 90 permit 80.191.222.9
access-list 100 permit ip 80.191.223.0 0.0.0.255 any
access-list 112 deny tcp any any eq 445
access-list 112 deny tcp any any eq 6669
access-list 112 deny tcp any any eq 2222
access-list 112 deny tcp any any eq 7000
access-list 112 deny tcp any any eq 16959
access-list 112 deny tcp any any eq 27374
access-list 112 deny tcp any any eq 6711
access-list 112 deny tcp any any eq 6712
access-list 112 deny tcp any any eq 6776
access-list 112 deny tcp any any eq 16660
access-list 112 deny tcp any any eq 65000
access-list 112 deny tcp any any eq 27665
access-list 112 deny tcp any any eq 33270
access-list 112 deny tcp any any eq 39168
access-list 112 deny tcp any any eq 26300
access-list 112 deny tcp any any eq 1433
access-list 112 deny tcp any any eq 135
access-list 112 deny tcp any any eq 139
access-list 112 deny tcp any any eq 593
access-list 112 deny tcp any any eq 4444
access-list 112 deny udp any any eq 1434
access-list 112 deny udp any any eq 31335
access-list 112 deny udp any any eq 27444
access-list 112 deny udp any any eq 135
access-list 112 deny udp any any eq netbios-ns
access-list 112 deny udp any any eq netbios-dgm
access-list 112 deny udp any any eq netbios-ss
access-list 112 deny udp any any eq 5000
access-list 112 deny udp any any eq tftp
access-list 147 permit tcp any any eq 5100
access-list 147 permit tcp any any eq 5000
access-list 147 permit tcp any any eq 5001
access-list 147 permit tcp any any eq 5050
access-list 147 permit udp any any eq 5000
access-list 147 permit udp any any eq 5055
access-list 147 permit tcp any any eq 6667
access-list 147 permit tcp any any eq 5004
access-list 147 permit tcp any any eq 4662
access-list 147 permit udp any any eq 9466
access-list 147 permit tcp any any eq 1723
access-list 147 permit gre any any
route-map dark permit 101
set ip next-hop 80.191.222.3
!
tacacs-server host 80.191.222.9
tacacs-server timeout 20
snmp-server community ali RW 90
snmp-server location Iran
snmp-server contact Cisco
snmp-server enable traps tty
!
line con 0
logging synchronous
autocommand ppp
autoselect during-login
autoselect ppp
line 1 120
session-timeout 30
no flush-at-activation
absolute-timeout 200
modem answer-timeout 10
modem Dialin
modem autoconfigure type mica-e1
autocommand ppp default
transport preferred none
transport input all
transport output none
autoselect during-login
autoselect ppp
line aux 0
line vty 0 4
password 7 1315120B060D0A7B78727D62667446
!