رسول جان سلام
اینم کانفیگ روترم ...
سری اون هم 3750(3745) هستش
3745#s run
Building configuration...
Current configuration : 4190 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 3745
!
boot-start-marker
boot-end-marker
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp default if-needed local group tacacs+ group radius
aaa authorization network default local group tacacs+ group radius
aaa accounting nested
aaa accounting update newinfo
aaa accounting network default start-stop group tacacs+ group radius
aaa session-id common
ip subnet-zero
ip wccp web-cache
ip cef
!
!
!
ip name-server 192.9.9.3
ip rcmd rsh-enable
ip rcmd remote-host Administrator x.x.x.129 SYSTEM enable
vpdn enable
!
vpdn-group 1
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
no ftp-server write-enable
!
!
!
!
interface FastEthernet0/0
ip address x.x.x.129 255.255.255.192
no ip proxy-arp
no ip mroute-cache
load-interval 30
speed auto
full-duplex
!
interface Serial0/0
no ip address
ip access-group filter in
ip access-group filter out
no ip mroute-cache
shutdown
no keepalive
no fair-queue
ignore-dcd
clockrate 2000000
!
interface FastEthernet0/1
no ip address
no ip mroute-cache
shutdown
speed auto
full-duplex
!
interface Serial0/1
ip address 172.x.x.250 255.255.255.252
ip access-group filter in
ip access-group filter out
no ip mroute-cache
no keepalive
no fair-queue
ignore-dcd
serial restart-delay 0
no cdp enable
!
interface Virtual-Template1
ip unnumbered FastEthernet0/0
ip access-group filter in
ip access-group filter out
peer default ip address pool npcinternet
ppp authentication chap pap
!
interface Group-Async0
ip unnumbered FastEthernet0/0
ip access-group filter in
ip access-group filter out
encapsulation ppp
ip tcp header-compression
ip policy route-map cache
async default routing
async mode interactive
peer default ip address pool npcinternet
ppp authentication chap pap
group-range 33 48
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.x.x.249
no ip http server
!
ip access-list extended cacher
deny ip host x.x.x.130 any =====> DVB server
permit tcp any any eq www
deny ip any any
ip access-list extended dvb
deny ip host x.x.x.130 any
deny tcp any any eq www
permit ip any any
ip access-list extended filter
deny 53 any any
deny 55 any any
deny 77 any any
deny pim any any
deny tcp any any range 135 139
deny tcp any range 135 139 any
deny udp any any range 135 netbios-ss
deny udp any range 135 netbios-ss any
deny tcp any any eq 4444
deny tcp any eq 4444 any
deny udp any eq 1434 any
deny udp any any eq 1434
deny udp any eq isakmp any
deny udp any any eq isakmp
deny tcp any eq 5554 any
deny tcp any any eq 5554
deny tcp any eq 445 any
deny tcp any any eq 445
deny udp any eq 445 any
deny udp any any eq 445
deny tcp any eq 9996 any
deny tcp any any eq 9996
permit ip any any
ip access-list extended fin
permit ip any any log
ip access-list extended fout
permit ip any any log
!
logging x.x.x.130
access-list 6 deny any
route-map cacher permit 9
match ip address cacher
set ip next-hop 172.16.0.2
!
route-map cacher permit 10
match ip address dvb
set ip next-hop x.x.x.130
!
route-map cacher permit 111
match ip address 111
set ip default next-hop 172.16.0.2
!
route-map cache permit 110
match ip address 110
set ip next-hop 172.16.0.2
set ip default next-hop x.x.x.131
!
route-map cachers permit 8
match ip address cachers cacher
!
tacacs-server host x.x.x.130
tacacs-server directed-request
tacacs-server key 7 04551B055C731D
radius-server host x.x.x.130 auth-port 1645 acct-port 1646 key
!
line con 0
exec-timeout 0 0
line 33 48
modem answer-timeout 10
modem InOut
modem autoconfigure discovery
autocommand ppp
terminal-type vt100
transport input all
autoselect during-login
autoselect ppp
autohangup
l
end