با تشكر از دوستان با راهنماييهاي مفيدشون اين سوال منم هست كش من اجرا شده ولي كش كار نميكنه لطفا منم راهنمايي كنيد
Using 5634 out of 126968 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname "Router"
!
enable secret ********************
!
username ***** privilege 15 password *********
spe 1/0 2/9
firmware location system:/ucode/mica_port_firmware
!
!
resource-pool disable
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp default none
aaa authentication ppp isputil group radius local
aaa authorization network isputil group radius local
aaa accounting update newinfo
aaa accounting network default none
aaa accounting network isputil start-stop group radius
aaa session-id common
ip subnet-zero
no ip domain lookup
ip domain name ********
ip name-server 217.218.127.104
ip name-server 217.218.155.104
ip name-server 192.9.9.3
!
ip cef
multilink virtual-template 1
!
isdn switch-type primary-net5
isdn voice-call-failure 0
!
!
!
!
!
!
!
!
!
!
fax interface-type modem
mta receive maximum-recipients 0
!
controller E1 0
clock source line primary
pri-group timeslots 1-31
!
controller E1 1
clock source line secondary 1
pri-group timeslots 1-31
!
controller E1 2
shutdown
clock source line secondary 2
!
controller E1 3
shutdown
clock source line secondary 3
!
controller E1 4
shutdown
clock source line secondary 4
!
controller E1 5
shutdown
clock source line secondary 5
!
controller E1 6
shutdown
clock source line secondary 6
!
controller E1 7
shutdown
clock source line secondary 7
!
!
!
interface Ethernet0
no ip address
shutdown
!
interface Virtual-Template1
ip unnumbered FastEthernet0
ip access-group 135 in
ip access-group 135 out
ip nat outside
ip mroute-cache
peer default ip address pool hamid
ppp authentication pap isputil
ppp accounting isputil
ppp multilink
!
interface Serial0
ip unnumbered FastEthernet0
ip broadcast-address 0.0.0.0
ip nat outside
no ip mroute-cache
no fair-queue
no cdp enable
!
interface Serial1
no ip address
shutdown
clockrate 2015232
no fair-queue
!
interface Serial2
no ip address
shutdown
clockrate 2015232
no fair-queue
!
interface Serial3
no ip address
shutdown
clockrate 2015232
no fair-queue
!
interface Serial0:15
ip unnumbered FastEthernet0
ip nat outside
encapsulation ppp
ip mroute-cache
dialer idle-timeout 0
isdn switch-type primary-net5
isdn incoming-voice modem
isdn map address .* plan isdn type unknown
isdn send-alerting
isdn sending-complete
peer default ip address pool hamid
ppp authentication pap isputil
ppp accounting isputil
ppp multilink
!
interface Serial1:15
ip unnumbered FastEthernet0
ip nat outside
encapsulation ppp
ip mroute-cache
dialer idle-timeout 0
isdn switch-type primary-net5
isdn incoming-voice modem
isdn map address .* plan isdn type unknown
isdn send-alerting
isdn sending-complete
peer default ip address pool hamid
ppp authentication pap isputil
ppp accounting isputil
ppp multilink
!
interface FastEthernet0
ip address 192.168.100.5 255.255.255.0 secondary
ip address ***.***.***.*** 255.255.255.*** (ip router)
ip access-group 135 in
ip access-group 135 out
no ip unreachables
ip nat inside
load-interval 30
duplex full
speed auto
no cdp enable
!
interface Group-Async0
physical-layer async
no ip address
no group-range
!
interface Group-Async1
ip unnumbered FastEthernet0
ip broadcast-address 0.0.0.0
ip access-group 135 in
ip access-group 135 out
ip nat inside
encapsulation ppp
ip tcp header-compression
ip policy route-map nachi
async mode interactive
peer default ip address pool hamid
no keepalive
no fair-queue
ppp authentication pap isputil
ppp accounting isputil
group-range 1 120
!
ip local pool hamid 192.168.100.11 192.168.100.150
ip nat pool nat-pool **.***.***.*** **.***.***.*** netmask 255.255.255.240
ip nat inside source list 11 pool nat-pool overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0
no ip http server
ip pim bidir-enable
!
!
access-list 11 permit 192.168.100.0 0.0.0.255
access-list 130 permit icmp any any echo
access-list 130 permit icmp any any echo-reply
access-list 130 deny icmp any any
access-list 135 deny tcp any any eq 135
access-list 135 deny tcp any any eq 139
access-list 135 deny tcp any any eq 445
access-list 135 deny tcp any any eq 593
access-list 135 deny tcp any any eq 2535
access-list 135 deny tcp any any eq 2745
access-list 135 deny tcp any any eq 4444
access-list 135 deny tcp any any eq 5554
access-list 135 deny tcp any any eq 6129
access-list 135 deny tcp any any eq 9996
access-list 135 deny tcp any any range 1022 1025
access-list 135 deny tcp any any range 1035 1037
access-list 135 deny udp any any range 135 netbios-ss
access-list 135 deny udp any any eq 1434
access-list 135 deny icmp any any
access-list 135 permit ip any any
access-list 155 deny ip 192.168.100.0 0.0.0.255 192.168.100.0 0.0.0.255
access-list 155 permit tcp 192.168.100.0 0.0.0.255 any eq www
!
route-map nachi permit 5
match ip address 130
match length 90 4096
set interface Null0
!
route-map squid permit 10
match ip address 155
set ip next-hop ***.***.***.*** (ip cach)
!
!
snmp-server community golgol RW 15
snmp-server enable traps tty
!
radius-server host ***.***.***.*** auth-port 3333 acct-port 3334
radius-server retransmit 5
radius-server key *****************
radius-server authorization permit missing Service-Type
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
line con 0
line 1 120
no flush-at-activation
modem Dialin
modem autoconfigure discovery
autoselect during-login
autoselect ppp
line aux 0
line vty 0 4
!
end
ضمنا يه سوال ديگه اگه نخايم nat از كش انجام بشه وخود روتر اين كارو انجام بده كه اگه سيستم كش از كار افتاد موردي پيش نياد بهتره يا خود كش nat رو انجام بده بهتره؟