ich brauche eure Hilfe mein Lataien ist am ende
ich habe einen Cisco Router1812 K9 dieser ist mit Vlan 1 configuriert allerdings bekomme ich mit den Clients keine Verbindung ins Netz über diesen Router und auch keine von aussen auf die forts?
Warum was ist falsch?!
anbei die aktuelle Config!
Building configuration...
Current configuration : 12549 bytes
!
! Last configuration change at 08:56:45 Berlin Sat Jul 2 2011 by Admin
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname WCS-IT_CISCO_ROUTER
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
no logging buffered
enable secret 5 $1$Y4S6$yNZkU6uzD9Q7Bfy53lQu3.
enable password XXXXXXXX
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
aaa session-id common
clock timezone Berlin 1
clock summer-time Berlin date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-3776332574
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3776332574
revocation-check none
rsakeypair TP-self-signed-3776332574
!
!
crypto pki certificate chain TP-self-signed-3776332574
certificate self-signed 01
3082025C 308201C5 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33373736 33333235 3734301E 170D3131 30353133 30383534
33375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 37373633
33323537 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100AE04 4D2991DF 084E9EDD 82F9B42A 85F2FC53 3994A79D A269A45B B23744BC
B9642EE1 31B415D3 2CBE9D59 6615445D 9CCF5202 151FD06D 4C0159CB 2E41FF5E
87D0A680 C3AF8569 DFC3CD5D 736C569C 98F270FB 92717156 6F333919 69387BD6
BBC42DC5 1976EE4B 3B5018E1 E209EA03 32FC42CE 0F52DAA7 C6D165D5 DCF9F461
3DB70203 010001A3 81833081 80300F06 03551D13 0101FF04 05300301 01FF302D
0603551D 11042630 24822257 43532D49 545F4349 53434F5F 524F5554 45522E7A
656E7472 616C652E 6C6F6361 6C301F06 03551D23 04183016 8014FC9B 70E5CD80
81EA0831 8903C636 E5252DFE 8102301D 0603551D 0E041604 14FC9B70 E5CD8081
EA083189 03C636E5 252DFE81 02300D06 092A8648 86F70D01 01040500 03818100
75804B67 1604F15F 9074B52F 1CFABDE2 30AF027C 24A1620D 3785FF0C A91D0963
C4D9D1EF 8DDF9D7D 080B728D E1289010 C5F3BCC3 8B7E79B6 65558E23 297E3530
44230E0D 922AB554 72A89B2A 67775B88 CC0D6FDE 466BF604 265ADBD8 04FDE64E
027A13D1 D1864B60 AD3E9CD1 863F09A4 9CDACF57 21F0E9C0 DB89554A 6B70EC4C
quit
dot11 syslog
ip source-route
!
!
!
!
ip cef
ip domain name zentrale.local
ip name-server 192.168.0.1
ip name-server 192.168.0.2
ip name-server 213.172.96.18
ip name-server 213.172.97.18
ip port-map user-protocol--2 port tcp 20
ip port-map user-protocol--3 port tcp 8333
ip port-map user-protocol--1 port tcp 8000
ip port-map user-protocol--4 port tcp 8787
ip ips notify SDEE
ip ips name myips
no ipv6 cef
!
multilink bundle-name authenticated
!
vpdn enable
!
parameter-map type regex sdm-regex-nonascii
pattern [^\x00-\x80]
parameter-map type protocol-info msn-servers
server name messenger.hotmail.com
server name gateway.messenger.hotmail.com
server name webmessenger.msn.com
parameter-map type protocol-info aol-servers
server name login.oscar.aol.com
server name toc.oscar.aol.com
server name oam-d09a.blue.aol.com
parameter-map type protocol-info yahoo-servers
server name scs.msg.yahoo.com
server name scsa.msg.yahoo.com
server name scsb.msg.yahoo.com
server name scsc.msg.yahoo.com
server name scsd.msg.yahoo.com
server name cs16.msg.dcn.yahoo.com
server name cs19.msg.dcn.yahoo.com
server name cs42.msg.dcn.yahoo.com
server name cs53.msg.dcn.yahoo.com
server name cs54.msg.dcn.yahoo.com
server name ads1.vip.scd.yahoo.com
server name radio1.launch.vip.dal.yahoo.com
server name in1.msg.vip.re2.yahoo.com
server name data1.my.vip.sc5.yahoo.com
server name address1.pim.vip.mud.yahoo.com
server name edit.messenger.yahoo.com
server name messenger.yahoo.com
server name http.pager.yahoo.com
server name privacy.yahoo.com
server name csa.yahoo.com
server name csb.yahoo.com
server name csc.yahoo.com
!
!
!
spanning-tree vlan 1 priority 0
username admin privilege 15 secret 5 $1$9mue$oXAjBVHEYxjduIfKMBJIJ.
!
!
crypto isakmp policy 1
encr 3des
group 2
crypto isakmp key helferchen hostname Sony-Laptop.zentrale.local no-xauth
!
crypto isakmp client configuration group Zentrale
key XXXXXXXXXXXX
dns 192.168.0.1 192.168.0.2
wins 192.168.0.1 192.168.0.2
domain Zentrale
pool SDM_POOL_2
save-password
include-local-lan
backup-gateway Server.zentrale.local
max-users 50
max-logins 10
netmask 255.255.255.192
banner ^C*************************************************************************
***** SIE WERDEN JETZT MIT DER ZENTRALE VERBUNDEN *****
**************************************************************************
****** BITTE HABEN SIE GEDULD ES DAUERT NOCH ETWAS *****
************************************************************************** ^C
!
!
archive
log config
hidekeys
!
!
!
class-map match-any SDM-Transactional-1
match dscp af21
match dscp af22
match dscp af23
class-map match-any SDM-Signaling-1
match dscp cs3
match dscp af31
class-map match-any SDM-Scavenger-1
match dscp cs1
class-map match-any SDM-Routing-1
match dscp cs6
class-map match-any SDM-Voice-1
match dscp ef
class-map match-any SDM-Streaming-Video-1
match dscp cs4
class-map type inspect match-any SDM_SSH
match access-group name SDM_SSH
class-map type inspect match-any SDM_HTTPS
match access-group name SDM_HTTPS
class-map match-any SDM-Management-1
match dscp cs2
class-map type inspect match-any SDM_SHELL
match access-group name SDM_SHELL
class-map match-any SDM-Interactive-Video-1
match dscp af41
class-map match-any SDM-BulkData-1
match dscp af11
match dscp af12
match dscp af13
!
!
policy-map SDM-QoS-Policy-1
class SDM-Voice-1
priority percent 33
class SDM-Signaling-1
bandwidth percent 5
class SDM-Routing-1
bandwidth percent 5
class SDM-Management-1
bandwidth percent 5
class SDM-Transactional-1
bandwidth percent 5
class class-default
fair-queue
random-detect
!
!
!
!
interface FastEthernet0
no ip address
ip virtual-reassembly
shutdown
speed 100
full-duplex
no cdp enable
!
interface FastEthernet1
description WAN WCS-IT$ETH-WAN$$FW_OUTSIDE$
ip address 82.100.196.3 255.255.255.248
ip nat outside
ip virtual-reassembly
speed 100
full-duplex
no cdp enable
service-policy output SDM-QoS-Policy-1
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
no cdp enable
!
interface FastEthernet2
switchport mode trunk
duplex full
no cdp enable
spanning-tree portfast
!
interface FastEthernet3
shutdown
no cdp enable
!
interface FastEthernet4
shutdown
no cdp enable
!
interface FastEthernet5
shutdown
no cdp enable
!
interface FastEthernet6
shutdown
no cdp enable
!
interface FastEthernet7
shutdown
no cdp enable
!
interface FastEthernet8
shutdown
no cdp enable
!
interface FastEthernet9
shutdown
no cdp enable
!
interface Vlan1
ip address 192.168.0.200 255.255.255.0
ip nat inside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
!
interface Dialer0
no ip address
shutdown
!
router rip
version 1
passive-interface Vlan1
network 192.168.0.0
no auto-summary
!
ip local pool SDM_POOL_1 192.168.1.110 192.168.1.111
ip local pool SDM_POOL_2 192.168.5.200 192.168.5.250
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 82.100.196.1 permanent
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip flow-cache timeout active 1
!
ip nat inside source static tcp 192.168.0.17 80 interface FastEthernet1 5555
ip nat inside source static tcp 192.168.0.1 444 interface FastEthernet1 444
!
ip access-list standard local
!
ip access-list extended SDM_HTTPS
remark SDM_ACL Category=1
permit tcp any any eq 443
ip access-list extended SDM_SHELL
remark SDM_ACL Category=1
permit tcp any any eq cmd
ip access-list extended SDM_SSH
remark SDM_ACL Category=1
permit tcp any any eq 22
!
logging trap debugging
logging facility syslog
logging trap debugging
logging facility syslog
logging 192.168.0.21
access-list 1 remark INSIDE_IF=FastEthernet0
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 1 remark INSIDE_IF=FastEthernet1
access-list 2 remark SDM_ACL Category=2
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 100 deny tcp any eq www any
access-list 100 deny tcp any eq 5555 any
access-list 100 deny tcp any eq smtp any
access-list 100 deny tcp any eq 8787 any
access-list 100 deny tcp any eq 8333 any
access-list 100 deny tcp any eq 8222 any
access-list 101 deny ip any any
access-list 102 deny udp any eq netbios-dgm any
access-list 102 deny udp any eq netbios-ns any
access-list 102 deny udp any eq netbios-ss any
access-list 102 deny udp any range snmp snmptrap any
access-list 102 deny udp any range bootps bootpc any
access-list 102 deny tcp any eq 137 any
access-list 102 deny tcp any eq 138 any
access-list 102 deny tcp any eq 139 any
access-list 102 permit ip any any
dialer-list 1 protocol ip permit
!
!
!
!
!
!
!
control-plane
!
banner motd ^C
**********************************************
** HELLO OF CISCO 1812 K9 ROUTER **
** PLEASE MAKE A COMMAND **
** THANKS **
**********************************************
`^C
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
password XXXXXXXXXX
transport input telnet ssh
!
no process cpu extended
no process cpu autoprofile hog
ntp master
ntp server 192.168.0.1
end
welcher switch ? Wie ist dessen upolink port konfiguriert ?
Ist der port zwischen router und switch up ?
wie ist einer der ports zu den clients konfiguriert ?
können die clients überhaupt ihr gateway erreichen ?
Was heisst " von externer Quelle getestet" ? Vversuchst du da einen der statics ?
