صفحه 2 از 2 اولیناولین 1 2
نمایش نتایج: از شماره 16 تا 17 از مجموع 17

موضوع: یه حرفه ای تو کارای روتر

  
  1. #16


    عضو غیر فعال
    تاریخ عضویت
    Dec 2006
    نوشته
    11
    سپاسگزاری شده
    0
    سپاسگزاری کرده
    0
    من که نفهمیدم چیکار کنم.
    هرجاش اضافیه بگید پاک کنم







  2. #17
    نام حقيقي: آرمين فيض الهي

    عضو عادی شناسه تصویری armin_net
    تاریخ عضویت
    Aug 2006
    محل سکونت
    ایران-مشهد
    نوشته
    165
    سپاسگزاری شده
    8
    سپاسگزاری کرده
    9

    Icon11

    نقل قول نوشته اصلی توسط shabake_karan
    no logging rate-limit: if you are using rate-limit and u have enbaled syslog logging , this will avoid generating syslog messages when rate-limit speed limit has reached , This line seems to be spare


    aaa new-model : This command will enable the AAA : Its critical
    aaa authentication login default group tacacs+ local : Your configurtaion shows that you are using a TACACS server , so this will line will check the login facility on the router. Actually when u type "Enable" which will lead you to the privilage mode this line is working : Critical
    aaa authentication login no_tacacs enable : Seems to be spare
    aaa authentication login data none : seems to be spare
    aaa authentication ppp default group tacacs+ : This will check the dialin users authentication : Critical
    aaa authentication ppp defalt if-needed group tacacs+ local : EXTRA LINE
    aaa authentication ppp data none : EXTRA LINE
    aaa authorization exec default group tacacs+ local : This will specify TACAS to check every command that you enter and authorize you
    aaa authorization network default group tacacs+ local : This will authorize the PPP Dial-in Users
    aaa accounting nested : Extra Line
    aaa accounting update newinfo : Change this to priodic
    aaa accounting exec default start-stop group tacacs+ : How accounting information will be send to the Accounting software about any command that you type: If you like to have log of what you do , enable this
    aaa accounting network default start-stop group tacacs+ : This determines how the ppp dial-in users accounting infomation is sent to accounting software : Critical

    enable secret 5 $1$Mnfl$0CIzepuR6rRS6MTGpbWMX. :If router wont be able to communicate with TACACS Server will use this password will let you log-in
    دوستمون که توضیح دادن !!
    من واستون یه کانفیگ میزارم

    Current configuration : 5266 bytes
    !
    version 12.3
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    !
    hostname Router
    !
    boot-start-marker
    boot-end-marker
    !
    enable secret 5 *******
    enable password 7*******
    !
    spe 2/0 2/9
    firmware location system:/ucode/mica_port_firmware
    !
    !
    resource-pool disable
    !
    aaa new-model
    !
    !
    aaa authentication login default group tacacs+ local
    aaa authentication login no_tacacs enable
    aaa authentication enable default group tacacs+ enable
    aaa authentication ppp default group tacacs+
    aaa authentication ppp if-needed group tacacs+ local
    aaa authorization exec default group tacacs+ local
    aaa authorization commands 1 default group tacacs+ local if-authenticated
    aaa authorization commands 15 default group tacacs+ local if-authenticated
    aaa authorization network default group tacacs+ local
    aaa accounting nested
    aaa accounting update newinfo
    aaa accounting exec default start-stop group tacacs+
    aaa accounting network default start-stop group tacacs+
    aaa session-id common
    ip subnet-zero
    ip name-server 192.9.9.3
    ip name-server 4.2.2.4
    !
    !
    isdn switch-type primary-net5
    isdn gateway-max-interworking
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    username ****** password 7 ******
    !
    !
    controller E1 0
    clock source line primary
    pri-group timeslots 1-31
    !
    controller E1 1
    clock source line secon
    pri-group timeslots 1-31
    !
    controller E1 2
    clock source line secondary 2
    !
    controller E1 3
    clock source line secondary 3
    !
    controller E1 4
    clock source line secondary 4
    !
    controller E1 5
    clock source line secondary 5
    !
    controller E1 6
    clock source line secondary 6
    !
    controller E1 7
    clock source line secondary 7
    !
    !
    interface Ethernet0
    ip address 192.168.129.1 255.255.255.0
    ip access-group 115 in
    ip access-group 115 out
    !
    interface Serial0
    ip unnumbered FastEthernet0
    no ip mroute-cache
    no fair-queue
    !
    interface Serial1
    no ip address
    shutdown
    clock rate 2015232
    no fair-queue
    !
    interface Serial2
    no ip address
    shutdown
    clock rate 2015232
    no fair-queue
    !
    interface Serial3
    no ip address
    shutdown
    clock rate 2015232
    no fair-queue
    !
    interface Serial0:15
    ip unnumbered FastEthernet0
    encapsulation ppp
    isdn switch-type primary-net5
    isdn incoming-voice modem
    no cdp enable
    !
    interface Serial1:15
    no ip address
    isdn switch-type prim
    no cdp enable
    !
    interface FastEthernet0
    ip address *.*.*.* 255.255.255.248
    ip access-group 115 in
    ip access-group 115 out
    duplex half
    speed 100
    !
    interface Group-Async0
    ip unnumbered Ethernet0
    ip access-group 115 in
    ip access-group 115 out
    encapsulation ppp
    ip route-cache policy
    no ip mroute-cache
    ip policy route-map firewall
    async mode interactive
    peer ip address forced
    peer default ip address pool setup_pool
    compress mppc
    ppp authentication pap chap

    group-range 1 120
    !
    interface Group-Async1
    physical-layer asy
    ip unnumbered Ethernet0

    !
    ip local pool setup_pool 192.168.129.150 192.168.129.200

    ip classless
    ip route 0.0.0.0 0.0.0.0 Serial0
    no ip http server
    !
    !
    access-list 1 permit *.*.*.*
    access-list 115 deny icmp any any echo
    access-list 115 deny icmp any
    access-list 115 permit ip any any
    access-list 115 deny tcp any any eq 139
    access-list 115 deny udp any any eq netbios-ss
    access-list 115 deny udp any any eq tftp
    access-list 115 deny tcp any any eq 135
    access-list 115 deny udp any any eq 135
    access-list 115 deny udp any any eq netbios-ns
    access-list 115 deny udp any any eq netbios-dgm
    access-list 115 deny tcp any any eq 593
    access-list 115 deny tcp any any eq 4444
    access-list 115 permit ip any any
    access-list 115 deny tcp any any eq 445
    access-list 115 deny tcp any any eq 5556
    access-list 115 deny tcp any any eq 9996
    access-list 115 deny tcp any any eq 1434
    access-list 115 deny udp any any eq 999
    access-list 115 deny udp any any eq 998
    access-list 115 deny udp any any eq 997
    access-list 115 deny udp any any eq 996
    access-list 115 deny udp any any eq 995
    access-list 115 deny tcp any any eq 138
    !
    route-map firewall permit 10
    match ip address 110
    set ip next-hop 192.168.129.3
    !
    route-map cache-redirect permit 10
    match ip address
    set ip next-hop 192.168.129.3
    !
    tacacs-server host *.*.*.*
    tacacs-server timeout 100
    tacacs-server directed-request
    tacacs-server key 7 ****
    snmp-server community public RW 15
    snmp-server enable traps tty
    !
    !
    !
    !
    gateway
    !
    !
    line con 0
    logging synchronous
    autocommand ppp
    autoselect during-login
    autoselect ppp
    line 1 120
    no flush-at-activation
    modem Dialin
    transport preferred none
    transport input pad telnet rlogin udptn v120 lapb-ta
    transport output none
    autoselect during-login
    autoselect ppp
    line aux 0
    line vty 0 4
    access-class 1 in
    transport input all
    !
    end


    ویرایش توسط armin_net : 2007-02-03 در ساعت 09:04 AM

صفحه 2 از 2 اولیناولین 1 2

کلمات کلیدی در جستجوها:

کارای روتر

توضیح روتر asa 2511

کارای روتر در شبکه

کانفیگ asa به عنوان aaa

برچسب برای این موضوع

مجوز های ارسال و ویرایش

  • شما نمی توانید موضوع جدید ارسال کنید
  • شما نمی توانید به پست ها پاسخ دهید
  • شما نمی توانید فایل پیوست ضمیمه کنید
  • شما نمی توانید پست های خود را ویرایش کنید
  •