-
مشکل در روتینگ؟
درود به همه.
آیا در کانفیگ این روتر مشکل روتینگ هست؟
اگه به route map که در interface vlan1 اعمال شده توجه کنید کلیه ip های رنج 10 که توی اکسس لیست 100 تعریف شده باید به ipکش که 89.144.148.12 برسند که عملا این اتفاق نمی افته.
آیا شما اساتید محترم مشکی میبینید؟
این هم کانفیک روتر:
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
ip subnet-zero
ip cef
ip dhcp excluded-address 10.10.10.1
!
!
no ip domain lookup
ip domain name yourdomain.com
!
!
!
controller DSL 0
mode atm
line-term cpe
line-mode 2-wire line-zero
dsl-mode shdsl symmetric annex B
line-rate auto
!
!
!
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface ATM0
no ip address
ip access-group 150 in
load-interval 30
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
ip address 10.30.40.78 255.255.255.252
ip access-group 151 in
ip nat outside
ip virtual-reassembly
pvc 4/38
cbr 1536
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
ip address 10.10.1.1 255.255.0.0 secondary
ip address 89.144.148.1 255.255.255.192
ip access-group 151 in
ip nat inside
ip virtual-reassembly
ip policy route-map Cache
!
ip classless
ip route profile
ip route 0.0.0.0 0.0.0.0 10.30.40.77
!
no ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat translation timeout 900
ip nat translation tcp-timeout 900
ip nat translation max-entries 5000
ip nat pool nat_inside 89.144.148.5 89.144.148.7 netmask 255.255.255.192
ip nat inside source list 110 pool nat_inside overload
!
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 100 permit tcp 10.10.1.0 0.0.0.255 any eq www
access-list 110 deny ip any 10.10.1.0 0.0.0.255
access-list 110 deny ip any 200.200.200.0 0.0.0.255
access-list 110 deny ip any 89.144.148.0 0.0.0.26
access-list 110 permit ip 10.10.1.0 0.0.0.255 any
access-list 131 permit icmp any any echo
access-list 131 permit icmp any any echo-reply
access-list 131 deny ip any any
access-list 150 deny tcp any eq 1034 any
access-list 150 deny tcp any eq 1080 any
access-list 150 deny tcp any eq 1214 any
access-list 150 deny tcp any eq 2535 any
access-list 150 deny tcp any eq 1433 any
access-list 150 deny tcp any eq 3127 any
access-list 150 deny tcp any eq 2745 any
access-list 150 deny tcp any eq 4444 any
access-list 150 deny udp any eq 1434 any
access-list 150 deny udp any range 135 netbios-ss any
access-list 150 deny tcp any range 1036 1037 any
access-list 150 deny tcp any any eq 81
access-list 150 deny tcp any any eq 445
access-list 150 deny tcp any any eq 1080
access-list 150 deny tcp any any eq ident
access-list 150 deny tcp any any eq 1214
access-list 150 deny tcp any any eq 2745
access-list 150 deny tcp any any eq 5101
access-list 150 deny tcp any any eq 5554
access-list 150 deny tcp any any eq 6129
access-list 150 deny tcp any any eq 9996
access-list 150 deny udp any any eq 1434
access-list 150 deny tcp any any eq 11768
access-list 150 deny tcp any any eq 15118
access-list 150 deny tcp any any range 1022 1025
access-list 150 deny tcp any any range 135 139
access-list 150 deny udp any any range 135 netbios-ss
access-list 150 permit ip any any
access-list 151 deny tcp any host 89.144.148.12 eq 3128
access-list 151 deny tcp any eq 1034 any
access-list 151 deny tcp any eq 1080 any
access-list 151 deny tcp any eq 1214 any
access-list 151 deny tcp any eq 2535 any
access-list 151 deny tcp any eq 1433 any
access-list 151 deny tcp any eq 3127 any
access-list 151 deny tcp any eq 2745 any
access-list 151 deny tcp any eq 4444 any
access-list 151 deny udp any eq 1434 any
access-list 151 deny udp any range 135 netbios-ss any
access-list 151 deny tcp any range 1036 1037 any
access-list 151 deny tcp any any eq 81
access-list 151 deny tcp any any eq 445
access-list 151 deny tcp any any eq 1080
access-list 151 deny tcp any any eq ident
access-list 151 deny tcp any any eq 1214
access-list 151 deny tcp any any eq 2745
access-list 151 deny tcp any any eq 5101
access-list 151 deny tcp any any eq 5554
access-list 151 deny tcp any any eq 6129
access-list 151 deny tcp any any eq 9996
access-list 151 deny udp any any eq 1434
access-list 151 deny tcp any any eq 11768
access-list 151 deny tcp any any eq 15118
access-list 151 deny tcp any any range 1022 1025
access-list 151 deny tcp any any range 135 139
access-list 151 deny udp any any range 135 netbios-ss
access-list 151 permit ip any any
no cdp run
route-map Cache permit 5
match ip address 131
match length 92 4096
set interface Null0
!
route-map Cache permit 10
match ip address 100
set ip next-hop 89.144.148.12
!
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end
-