Thombr86 Skrevet 20. april 2009 Del Skrevet 20. april 2009 Hepp. har da satt opp en Cisco 1760 til å rute trafikken på hjemmenettverket, og det fungerer forsåvidt, men noen ting er ikke som de skal være. Ting som fungerer: noe internett browsing, FTP, RDP, World of Warcraft, Ventrilo +++ Ting som ikke virker: MSN, Finn.no, web messenger, +++ Noen sider som ikke virker. Noen som kan peke på åpenbare feil i konfigen på Ciscoen? Den er forsåvidt koblet opp mot en HP Procurve 2626 Current configuration : 4480 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname thomas ! boot-start-marker boot system flash:c1700-k9o3sy7-mz.124-15.T8.bin boot-end-marker ! logging buffered 4096 enable secret 5 xxxxxxxxxxxxxxxxxxx ! aaa new-model ! ! aaa authentication ppp default local ! ! aaa session-id common mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ! ! ! ! no ip dhcp use vrf connected ip dhcp binding cleanup interval 10 ip dhcp excluded-address 10.201.1.1 10.201.1.10 ip dhcp excluded-address 10.201.2.1 10.201.2.10 ! ip dhcp pool innsia import all network 10.201.1.0 255.255.255.0 default-router 10.201.1.1 domain-name xxxxxxxxx.no-ip.org dns-server 130.67.60.68 130.67.15.198 netbios-name-server xxxxxxxxxx ! ip dhcp pool wireless import all network 10.201.2.0 255.255.255.0 default-router 10.201.2.1 domain-name xxxxxxxxxx.no-ip.org dns-server 130.67.60.68 130.67.15.198 netbios-name-server xxxxxxx ! ip dhcp pool wireless-gjest import all network 10.201.4.0 255.255.255.0 default-router 10.201.3.1 domain-name xxxxxxxxx.no-ip.org dns-server 130.67.60.68 130.67.15.198 netbios-name-server xxxxxxxxx ! ! ip cef ! multilink bundle-name authenticated vpdn enable vpdn logging vpdn logging local vpdn logging user ! vpdn-group pppoe request-dialin protocol pppoe ! vpdn-group thomas-vpn ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 1 ! ! username xxxxxxx privilege 15 password 7 xxxxxxxxx username xxxxxx privilege 15 password 7 xxxxxxxxxxxx username xxxxxxxx password 7 xxxxxxx ! ! archive log config hidekeys ! ! ! ! bba-group pppoe global ! ! interface Tunnel0 ip address xxxxxxxx 255.255.255.0 no ip redirects ip nhrp authentication xxxxxxxx ip nhrp map xxxxxxxxx xxxxxxxxx ip nhrp map multicast xxxxxxxxxxx ip nhrp network-id xxxxxxxxxx ip nhrp nhs xxxxxxxx keepalive 10 3 tunnel source Dialer1 tunnel mode gre multipoint tunnel key xxxxxxxx ! interface FastEthernet0/0 no ip address speed auto ! interface FastEthernet0/0.1 description Utsia encapsulation dot1Q 5 ip virtual-reassembly pppoe enable group global pppoe-client dial-pool-number 1 no cdp enable ! interface FastEthernet0/0.4 ! interface FastEthernet0/0.5 description INNSIDE encapsulation dot1Q 4 ip address 10.201.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ! interface FastEthernet0/0.6 description Wireless encapsulation dot1Q 6 ip address 10.201.2.1 255.255.255.0 ip nat inside ip virtual-reassembly ! interface FastEthernet0/0.7 description Wireless_Gjest encapsulation dot1Q 7 ip address 10.201.3.1 255.255.255.0 ip nat inside ip virtual-reassembly ! interface FastEthernet0/0.8 description Server encapsulation dot1Q 8 ip address 10.201.4.1 255.255.255.0 ip nat inside ip virtual-reassembly ! interface Serial0/0 no ip address shutdown no fair-queue ! interface Virtual-Template1 ip unnumbered FastEthernet0/0.5 peer default ip address pool vpn ppp encrypt mppe auto required ppp authentication ms-chap ms-chap-v2 ! interface Dialer1 ip address negotiated ip mtu 1464 ip nat outside ip virtual-reassembly encapsulation ppp dialer pool 1 dialer-group 1 ppp authentication chap callin ppp chap hostname [email protected] ppp chap password 7 xxxxxxxxxxx ppp pap sent-username [email protected] password 7 xxxxxxxxxx ! ip local pool vpn 10.201.1.5 10.201.1.10 ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 Dialer1 ip route 10.200.0.0 255.255.0.0 172.16.0.1 ip http server ip http access-class 23 ip http authentication local no ip http secure-server ! ip nat inside source list NAT_Enabled interface Dialer1 overload ! ! ! ip access-list extended NAT_Enabled permit ip 10.201.1.0 0.0.0.255 any permit ip 10.201.2.0 0.0.0.255 any permit ip 10.201.3.0 0.0.0.255 any permit ip 10.201.4.0 0.0.0.255 any ip sla 1 icmp-echo 10.200.1.1 ip sla schedule 1 life forever start-time now access-list 23 permit 10.0.0.0 0.255.255.255 access-list 23 permit 172.16.0.0 0.0.0.255 access-list 23 permit 10.200.0.0 0.0.255.255 dialer-list 1 protocol ip permit snmp-server community public RO snmp-server ifindex persist snmp-server location Plaza del thomas ! ! ! ! ! control-plane ! ! line con 0 line aux 0 line vty 0 4 access-class 23 in privilege level 15 transport input telnet ssh ! end Lenke til kommentar
Thombr86 Skrevet 21. april 2009 Forfatter Del Skrevet 21. april 2009 Etter tips og leting har vi forsøkt med å legge til ip tcp adjust-mss 1452 Ingen bedring interface FastEthernet0/0.5 description INNSIDE encapsulation dot1Q 4 ip address 10.201.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 Lenke til kommentar
_Nitro_ Skrevet 21. april 2009 Del Skrevet 21. april 2009 (endret) ! vpdn enable ! vpdn-group 1 request-dialin protocol pppoe ! interface FastEthernet0/0 description *** ADSL WAN *** no ip address no ip redirects no ip unreachables no ip proxy-arp no ip mroute-cache duplex full speed 100 pppoe enable pppoe-client dial-pool-number 1 no cdp enable ! interface Dialer1 description *** ADSL WAN Dialer *** ip address negotiated no ip unreachables ip mtu 1490 ip nat outside ip virtual-reassembly encapsulation ppp no ip mroute-cache dialer pool 1 dialer-group 1 no cdp enable ppp authentication chap callin ppp chap hostname [email protected] ppp chap password passordet ppp pap refuse ! dialer-list 1 protocol ip permit ! end Her du, vi har nå småtteri i her configgen som itj e med i vårres. Kan det ha nåkkå å sei må`n tru? Noen andre som kansje har drevet litt meir med cisco en oss som kan komme med tips Endret 21. april 2009 av _Nitro_ Lenke til kommentar
_Nitro_ Skrevet 21. april 2009 Del Skrevet 21. april 2009 Woho case closed. Brattern kommer med config som fungerer. Slik at andre kansje klarer og dra nytte av det vi har plagdes med Lenke til kommentar
Demantios Skrevet 21. april 2009 Del Skrevet 21. april 2009 Høres ut som uPnP ikke kommer gjennom. Sliter med samme problemet selv, bah ;\ Lenke til kommentar
Thombr86 Skrevet 21. april 2009 Forfatter Del Skrevet 21. april 2009 (endret) Her er konfigen, _Nitro_ fiksa biffen mens jeg gjorde andre ting Building configuration... Current configuration : 4960 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname thomas ! boot-start-marker boot system flash:c1700-k9o3sy7-mz.124-15.T8.bin boot-end-marker ! logging buffered 4096 enable secret 5 xxxxxxxxxxxxxxx ! aaa new-model ! ! aaa authentication ppp default local ! ! aaa session-id common mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ! ! ! ! no ip dhcp use vrf connected ip dhcp binding cleanup interval 10 ip dhcp excluded-address 10.201.1.1 10.201.1.10 ip dhcp excluded-address 10.201.2.1 10.201.2.10 ! ip dhcp pool innsia import all network 10.201.1.0 255.255.255.0 default-router 10.201.1.1 domain-name xxxxxxxx.no-ip.org dns-server 130.67.60.68 130.67.15.198 netbios-name-server 10.200.4.2 ! ip dhcp pool wireless import all network 10.201.2.0 255.255.255.0 default-router 10.201.2.1 domain-name wireless.xxxxxx.no-ip.org dns-server 130.67.60.68 130.67.15.198 netbios-name-server 10.200.4.2 ! ip dhcp pool wireless-gjest import all network 10.201.3.0 255.255.255.0 default-router 10.201.3.1 domain-name gjest.xxxxxxxx.no-ip.org dns-server 130.67.60.68 130.67.15.198 netbios-name-server 10.200.4.2 ! ! ip cef ip ddns update method no-ip-update DDNS ! ip ddns update method myupdate HTTP add http://xxxxxxxxxxxxxxxx%40dynupdate.no-ip.com/nic/update%3Fhostname=xxxxxxxx.no-ip.org interval maximum 0 6 0 0 ! ! multilink bundle-name authenticated vpdn enable vpdn logging vpdn logging local vpdn logging user ! vpdn-group pppoe request-dialin protocol pppoe ! ! username xxxxxxxxxxxxxxxxx username xxxxxxxxxxxxxxxx username xxxxxxxxxxxxxxxxx ! ! archive log config hidekeys ! ! ! ! bba-group pppoe global ! ! interface Tunnel0 ip address xxxxxxxx xxxxxxxx no ip redirects ip nhrp authentication xxxxxxxx ip nhrp map xxxxxxxx xxxxxxxxxx ip nhrp map multicast xxxxxxxxx ip nhrp network-id xxxxxxxxxx ip nhrp nhs xxxxxxxxx keepalive 10 3 tunnel source Dialer1 tunnel mode gre multipoint tunnel key xxxxxx ! interface FastEthernet0/0 no ip address speed auto ! interface FastEthernet0/0.1 description **** ADSL WAN **** encapsulation dot1Q 5 no ip redirects no ip unreachables no ip proxy-arp no ip mroute-cache pppoe enable group global pppoe-client dial-pool-number 1 no cdp enable ! interface FastEthernet0/0.4 ! interface FastEthernet0/0.5 description INNSIDE encapsulation dot1Q 4 ip address 10.201.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 ! interface FastEthernet0/0.6 description Wireless encapsulation dot1Q 6 ip address 10.201.2.1 255.255.255.0 ip nat inside ip virtual-reassembly ! interface FastEthernet0/0.7 description Wireless_Gjest encapsulation dot1Q 7 ip address 10.201.3.1 255.255.255.0 ip nat inside ip virtual-reassembly ! interface FastEthernet0/0.8 description Server encapsulation dot1Q 8 ip address 10.201.4.1 255.255.255.0 ip nat inside ip virtual-reassembly ! interface Serial0/0 no ip address shutdown no fair-queue ! interface Dialer1 ip ddns update hostname xxxxxxx.no-ip.org ip ddns update xxxxxxxx.no-ip.org ip ddns update myupdate ip address negotiated no ip unreachables ip mtu 1490 ip nat outside ip virtual-reassembly encapsulation ppp no ip mroute-cache dialer pool 1 dialer-group 1 no cdp enable ppp authentication chap callin ppp chap hostname [email protected] ppp chap password 7 xxxxxxxxxxx ppp pap sent-username [email protected] password 7 xxxxxxxxxxxxx ! router eigrp 1 network 10.201.0.0 0.0.255.255 network xxx.xx.0.0 0.0.0.255 no auto-summary ! ip local pool vpn 10.201.1.5 10.201.1.10 ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 Dialer1 no ip http server ip http access-class 23 ip http authentication local no ip http secure-server ! ip nat inside source list NAT_Enabled interface Dialer1 overload ! ! ! ip access-list extended NAT_Enabled permit ip 10.201.1.0 0.0.0.255 any permit ip 10.201.2.0 0.0.0.255 any permit ip 10.201.3.0 0.0.0.255 any permit ip 10.201.4.0 0.0.0.255 any ip sla 1 icmp-echo 10.200.1.1 ip sla schedule 1 life forever start-time now access-list 23 permit 10.0.0.0 0.255.255.255 access-list 23 permit xxx.xx.0.0 0.0.0.255 access-list 23 permit 10.200.0.0 0.0.255.255 dialer-list 1 protocol ip permit snmp-server community public RO snmp-server ifindex persist snmp-server location xxxxx ! ! ! ! ! control-plane ! ! line con 0 line aux 0 line vty 0 4 access-class 23 in privilege level 15 transport input telnet ssh ! end Endret 21. april 2009 av BrAtTeRn Lenke til kommentar
Thombr86 Skrevet 22. april 2009 Forfatter Del Skrevet 22. april 2009 Vi hadde litt problemer med fragmentering med denne konfigen, så om noen kopierer deler av denn, pass på at MTU etc er rett størrelse Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå