سلام به دوستان persian networks
من درباره ي config روتر يه سوال ازتون داشتم
من تونستم config يه روتر رو به دست بيارم و در ضمن اين اجازه رو دارم كه config رو اديت كنم و دوباره upload كنم
اما دسترسي فيزيكي ندارم
با اين username , password ي كه تو config نوشته مي شه از طريق تلنت تو روتر رفت
اما نمي شه از طريق dial up به اون isp وصل شد
حالا ازز شما مي خوام كه اين config رو يه جوري تغيير بديد كه اين يوزرنيم و پسوورد توي config هم از طريق dial up هم وصل بشه
البته بدون اين كه براي بقيه ي كاربران مشكلي پيش بياد
[LTR]
[LEFT]
!
version 12.0
no service pad
service tcp-keepalives-in
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Router
!
aaa new-model
aaa authentication ppp default if-needed group tacacs+ local
aaa authorization network default group tacacs+ local
aaa accounting nested
aaa accounting update newinfo
aaa accounting exec default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
enable secret 5 ...
enable password 7 ...
!
username ... privilege 15 password 7 ...
!
!
!
!
ip subnet-zero
ip rcmd rsh-enable
ip rcmd remote-host SYSTEM x.x.x.x SYSTEM enable
no ip finger
ip host router x.x.x.x
ip name-server 195.146.32.1
ip name-server 195.146.32.65
!
no ip bootp server
!
!
!
!
!
interface Ethernet0/0
ip address 192.168.1.1 255.255.255.0 secondary
ip address x.x.x.x 255.255.255.240
no ip directed-broadcast
ip nat inside
rate-limit input 24000 8000 10000 conform-action transmit exceed-action drop
rate-limit output 24000 8000 10000 conform-action transmit exceed-action drop
!
interface Serial0/0
ip unnumbered Ethernet0/0
ip access-group asyncgroup in
ip access-group asyncgroup out
no ip redirects
no ip directed-broadcast
no ip proxy-arp
ip nat outside
!
interface Group-Async0
ip unnumbered Ethernet0/0
no ip directed-broadcast
ip nat inside
encapsulation ppp
no ip mroute-cache
async mode dedicated
peer default ip address pool ASYNC
compress mppc
ppp authentication pap chap ms-chap
group-range 33 48
!
ip local pool ASYNC 192.168.1.20 192.168.1.40
ip default-gateway x.x.x.x
ip nat pool Private x.x.x.x x.x.x.x prefix-length 24
ip nat inside source list 7 pool Private overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0
no ip http server
!
!
ip access-list extended asyncgroup
deny udp any any eq tftp
deny udp any any eq 135
deny tcp any any eq 135
deny udp any any eq netbios-ns
deny udp any any eq netbios-dgm
deny udp any any eq netbios-ss
deny tcp any any eq 139
deny tcp any any eq 445
deny tcp any any eq 593
deny tcp any any eq 4444
deny tcp any any eq 707
deny udp any any eq 445
deny icmp any any echo
deny icmp any any echo-reply
permit ip any any
access-list 4 permit x.x.x.x
tacacs-server host x.x.x.x
snmp-server engineID local ...
snmp-server community ... RW
!
line con 0
transport input none
line 33 48
session-timeout 10
autoselect during-login
autoselect ppp
absolute-timeout 90
modem InOut
modem autoconfigure discovery
transport output none
stopbits 1
speed 2400
flowcontrol hardware
line aux 0
line vty 0 4
access-class 4 in
password 7 ...
transport preferred none
transport input telnet
transport output none
!
end
[/LEFT]
[/LTR]