Nat Problem

**SaeedAlkhamiss** · 2007-12-04, 09:11 PM

سلام دوستان

اين کا نفيگ روتر يه آشناست که واسه اون nat راه انداختم که يه مشکلی داره
وقتی user وصل ميشه ping 4.2.2.4 رو داره با ping ياهو ولی Page باز نميکنه
وقتی روی کلا ينتnetstat -a -n ميگيرم پو رت 80 روSYN نشون ميده يعنیEstablish نميکنه
اشکال کجاست با تشکر

logging buffered 10000 debugging
logging history errors
aaa new-model
aaa authentication login default local
aaa authentication ppp default group radius local
aaa authorization network default group radius local
aaa accounting update newinfo
aaa accounting network default start-stop group radius
aaa accounting system default start-stop group radius
enable secret 5 $1$mT4h$eS9xzg6QEMq8MgPwziGbe0
!
username admin privilege 15 password 7 456hjyy46456jkhk4646sd66tyug97123
spe 1/0 2/9
firmware location flash

w2621.ios
!
!
resource-pool disable
!!
clock timezone IRT 3 30
ip subnet-zero
no ip source-route
no ip icmp rate-limit unreachable
ip rcmd rsh-enable
ip tcp selective-ack
ip tcp synwait-time 10
ip name-server 217.218.155.104
ip name-server 217.218.127.104
ip name-server 192.9.9.3
!
isdn switch-type primary-net5
mta receive maximum-recipients 0
!
!
controller E1 0
clock source line primary
pri-group timeslots 1-31
!
controller E1 1
shutdown
clock source line secondary 1
pri-group timeslots 1-31
!
controller E1 2
shutdown
!
controller E1 3
shutdown
!
!
!
!
interface Ethernet0
ip address 10.186.100.251 255.255.255.0
ip nat inside
no ip mroute-cache
no cdp enable
!
interface Serial0:15
ip unnumbered Ethernet0
encapsulation ppp
no keepalive
dialer rotary-group 1
dialer-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
peer default ip address pool NAT
no cdp enable
ppp authentication chap pap ms-chap
!
interface Serial1:15
ip unnumbered Ethernet0
encapsulation ppp
no keepalive
shutdown
dialer rotary-group 1
dialer-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
peer default ip address pool NAT
no cdp enable
ppp authentication chap pap ms-chap
!
interface FastEthernet0
ip address 80.191.X.X 255.255.255.192
ip nat outside
no ip mroute-cache
duplex auto
speed auto
no cdp enable
!
interface Group-Async1
ip unnumbered Ethernet0
no ip unreachables
ip nat inside
encapsulation ppp
ip tcp header-compression
async mode dedicated
peer default ip address pool NAT
ppp authentication chap pap ms-chap
group-range 1 120
!
interface Dialer1
ip unnumbered Ethernet0
encapsulation ppp
no ip split-horizon
dialer in-band
dialer idle-timeout 80000
dialer-group 1
peer default ip address pool NAT
no cdp enable
ppp authentication chap pap ms-chap
!
ip local pool NAT 10.186.100.2 10.186.100.140
ip nat inside source list 100 interface FastEthernet0 overload
ip classless
no ip forward-protocol udp bootps
no ip forward-protocol udp tftp
no ip forward-protocol udp nameserver
no ip forward-protocol udp domain
no ip forward-protocol udp time
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs
ip route 0.0.0.0 0.0.0.0 80.191.X.Y
no ip http server
!
access-list 100 permit ip 10.186.100.0 0.0.0.255 any
access-list 115 deny tcp any any eq finger
access-list 115 deny tcp any any eq 135
access-list 115 deny tcp any any eq 137
access-list 115 deny tcp any any eq 138
access-list 115 deny tcp any any eq 139
access-list 115 deny tcp any any eq 445
access-list 115 deny tcp any any eq 666
access-list 115 deny tcp any any eq 707
access-list 115 deny tcp any any eq 6667
access-list 115 deny tcp any any eq 9996
access-list 115 deny tcp any any eq tacacs
access-list 115 deny udp any any eq 135
access-list 115 deny udp any any eq netbios-dgm
access-list 115 deny udp any any eq netbios-ss
access-list 115 deny ip host 0.0.0.0 any
access-list 115 deny ip 127.0.0.0 0.255.255.255 any
access-list 115 permit ip any any
!
radius-server configure-nas
radius-server host 10.186.100.250 auth-port 26164 acct-port 26165
radius-server retransmit 3
radius-server key router
!
line con 0
line 1 120
session-timeout 10
no flush-at-activation
modem InOut
modem autoconfigure type mica
transport input all
escape-character NONE
autoselect during-login
autoselect ppp
line aux 0
line vty 0 4
exec-timeout 0 0
password 7 0216144B5C53uyt456erte4etert5C70
logging synchronous
!
scheduler interval 500
end

موضوعات مشابه:

**shabake_karan** · 2007-12-04, 10:44 PM

Default Gateway دستگاه Cache Server هست ؟

**SaeedAlkhamiss** · 2007-12-04, 11:46 PM

سلام دوست عزيز
هيچ کش سروری تو مدا ر نيست

**ahuray_mazdaa** · 2007-12-04, 11:47 PM

روی چند تا سیستم تست کردید؟...من 2-3 روزه همچین مشکلی پیدا کردم..مجبورم سیستم رو restart کنم...سیستمم قاط زده...در ضمن شما فایروال دیگه ای ندارید؟

**SaeedAlkhamiss** · 2007-12-05, 12:01 AM

سلام دوست عزيز
هيچ فايروالی ندارم

**shabake_karan** · 2007-12-05, 08:05 AM

حتما مشکل DNS Server هست مگرنه دلیل دیگه ای به نظر نمیاد

**M-r-r** · 2007-12-05, 09:04 AM

DNS سرور هاتون رو عوض کنید :

p name-server 217.218.155.104
ip name-server 217.218.127.104
ip name-server 192.9.9.3

یا حداقل ترتیب قرار گرفتنشون رو، پیشنهاد میکنم از 4.2.2.1 و 4.2.2.2 و 4.2.2.3 و 4.2.2.4 استفاده کنید .

موضوع: Nat Problem

پیوند

ابزارهای موضوع

نمایش

Nat Problem

Nat Problem

Nat Problem

کلمات کلیدی در جستجوها:

enable secret 80.191

برچسب برای این موضوع

مجوز های ارسال و ویرایش