با سلام به دوستان عزیز
چند روزی شرکت pars online ساختار خود را تغییر داده و مشکلات عدیده برای من بوجود آورده که امیدوارم اساتید بتوانند مرا راهنمایی کنند.
روتر من سیسکو 2610 و روی آن یک ip Valide قرار داره که کاربران بطور vpn از طریق برنامه اکانتینگ IspUtil به اینترنت اتصال پیدا می کنند.
حالا پارس Online میگه باید از طریق سیسکو به شبکه ما dial up کنی تا بتونی روی سیسکو اینترنت داشته باشی؟ تنظیمات روتر را باید چطوری انجام بدم؟
ممنون تنظیمات فعلی مودم من بشرح زیر است
version 12.3
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret 5 $1$xiY3$YazOwGM1CTJ0.qTK5/4Nh1
!
memory-size iomem 10
no network-clock-participate slot 1
no network-clock-participate wic 0
aaa new-model
!
!
aaa group server radius dialup
server 172.16.1.2 auth-port 4444 acct-port 4445
!
aaa group server radius vpn
server 172.16.1.2 auth-port 5555 acct-port 5556
!
aaa authentication ppp dialup group dialup
aaa authentication ppp vpn group vpn
aaa authorization network dialup group dialup
aaa authorization network vpn group vpn
aaa accounting send stop-record authentication failure
aaa accounting update newinfo periodic 1
aaa accounting network dialup start-stop group dialup
aaa accounting network vpn start-stop group vpn
aaa pod server auth-type any server-key 123
aaa session-id common
ip subnet-zero
no ip cef
!
!
!
!
ip name-server 4.2.2.4
ip address-pool local
vpdn enable
vpdn ip udp ignore checksum
!
vpdn-group 1
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
no ftp-server write-enable
!
username admin password 7 0503070D284E1F5B4F56
!
!
!
interface Loopback0
no ip address
!
interface Loopback1
no ip address
!
interface FastEthernet0/0
ip address 172.16.1.1 255.255.0.0 secondary
ip address 192.168.5.1 255.255.255.0
ip nat inside
no ip mroute-cache
speed auto
half-duplex
no cdp enable
!
interface Serial0/0
no ip address
encapsulation ppp
no ip mroute-cache
shutdown
no keepalive
no cdp enable
!
interface FastEthernet0/1
ip address x.x.x.x 255.255.255.240
ip nat outside
no ip mroute-cache
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
no cdp enable
!
interface Virtual-Template1
ip unnumbered FastEthernet0/1
ip access-group 150 in
ip nat inside
rate-limit input access-group 123 256000 256000 256000 conform-action transmit
exceed-action drop
rate-limit input access-group 121 64000 64000 64000 conform-action transmit exc
eed-action drop
ip tcp header-compression
ip policy route-map Nachi
peer default ip address pool vpn
compress mppc
traffic-shape group 120 64000 64000 64000 1000
traffic-shape group 122 256000 256000 256000 1000
ppp authentication pap vpn
ppp authorization vpn
ppp accounting vpn
!
interface Group-Async0
ip unnumbered FastEthernet0/1
ip access-group 150 in
ip nat inside
encapsulation ppp
ip tcp header-compression
ip policy route-map Nachi
no ip mroute-cache
async mode interactive
peer default ip address pool dialup
ppp authentication pap dialup
ppp accounting dialup
group-range 33 48
!
ip local pool vpn 192.168.5.100 192.168.5.199
ip local pool dialup 192.168.5.200 192.168.5.215
ip classless
ip route 0.0.0.0 0.0.0.0 x.x.x.x
no ip http server
ip nat pool mynat x.x.x.x x.x.x.x netmask 255.255.255.240
ip nat inside source list 10 pool mynat overload
ip nat inside source static tcp 172.16.1.2 3389 x.x.x.x 3389 extendable
ip nat inside source static tcp 172.16.1.2 4899 x.x.x.x 4899 extendable
!
!
access-list 10 permit 192.168.5.0 0.0.0.255
access-list 120 permit ip any 192.168.5.128 0.0.0.63
access-list 121 permit ip 192.168.5.128 0.0.0.63 any
access-list 122 permit ip any 192.168.5.192 0.0.0.63
access-list 123 permit ip 192.168.0.192 0.0.0.63 any
access-list 130 permit icmp any any echo
access-list 130 permit icmp any any echo-reply
access-list 130 deny ip any any
access-list 150 deny tcp any eq 1034 any
access-list 150 deny tcp any eq 1080 any
access-list 150 deny tcp any eq 1214 any
access-list 150 deny tcp any eq 2535 any
access-list 150 deny tcp any eq 1433 any
access-list 150 deny tcp any eq 3127 any
access-list 150 deny tcp any eq 2745 any
access-list 150 deny tcp any eq 4444 any
access-list 150 deny udp any eq 1434 any
access-list 150 deny udp any range 135 netbios-ss any
access-list 150 deny tcp any range 1036 1037 any
access-list 150 deny tcp any any eq 81
access-list 150 deny tcp any any eq 445
access-list 150 deny tcp any any eq 1080
access-list 150 deny tcp any any eq ident
access-list 150 deny tcp any any eq 1214
access-list 150 deny tcp any any eq 2745
access-list 150 deny tcp any any eq 5101
access-list 150 deny tcp any any eq 5554
access-list 150 deny tcp any any eq 6129
access-list 150 deny tcp any any eq 9996
access-list 150 deny udp any any eq 1434
access-list 150 deny tcp any any eq 11768
access-list 150 deny tcp any any eq 15118
access-list 150 deny tcp any any range 1022 1025
access-list 150 deny tcp any any range 135 139
access-list 150 deny udp any any range 135 netbios-ss
access-list 150 permit ip any any
no cdp run
route-map Nachi permit 5
match ip address 130
match length 92 4096
set interface Null0
!
radius-server host 172.16.1.2 auth-port 4444 acct-port 4445
radius-server host 172.16.1.2 auth-port 5555 acct-port 5556
radius-server retransmit 5
radius-server key 7 1543595F
radius-server vsa send accounting
radius-server vsa send authentication
!
control-plane
!
!
line con 0
exec-timeout 0 0
line 33 48
session-timeout 20
absolute-timeout 240
modem Dialin
modem autoconfigure discovery
transport input all
autoselect during-login
autoselect ppp
line aux 0
line vty 0 4
password 7 000F1C091654180E
!
!
!
end
موضوعات مشابه:
- ip و نت نگرفتن سیستم در حالت روتر و pppoe در نانو 2
- مشکل در حالت روتر NS5 با PPPoE
- pppoe برای روتر 1841
- تنظیمات PPPOE در روتر های سیسکو