Zum Inhalt wechseln


Foto

Und wieder mal ein C 801 Problem


  • Bitte melde dich an um zu Antworten
62 Antworten in diesem Thema

#61 corc

corc

    Newbie

  • 57 Beiträge

 

Geschrieben 10. September 2004 - 03:25

Moin,

jetzt wird's komisch... ;)
Wie sieht der obere Teil der Konfiguration aus (bis ip nat inside source list 18 interface Dialer1 overload)?
Kannst Du bitte mal die Ausgabe von
show version
posten (geht vom Prompt Router# aus), dann schau' ich mal, ob's dafür irgendwelche Fehlermeldungen gibt.

Gruß,

corc.
{T-DSL 768 Flat FP}--[Cisco 1721 (12.3(11)T ADVSEC)]--[Cisco PIX Firewall 501 (6.3(4))]--[2x Win XP Pro SP 1, 1x Win 98]
"The most commonplace router is often the most mysterious because
it presents no new or special features from which deductions may be drawn."
Sherlock Holmes, "A Study in Scarlet" (slightly changed)

#62 realYeti

realYeti

    Newbie

  • 39 Beiträge

 

Geschrieben 10. September 2004 - 07:03

Moin !

jetzt wird's komisch...


Jo sehe ich genauso :( - hoffe du kriegst das hin :)

!
version 12.1
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Router
!
logging buffered 8192 debugging
enable secret 5 *****************
!
username Router password 7 ****************
!
!
!
!
ip subnet-zero
no ip source-route
!
ip dhcp pool DHCPPoolLAN_0
   network 192.168.0.0 255.255.255.0
   dns-server 213.33.99.70 80.120.17.70 
   default-router 192.168.0.1 
!
ip inspect name firewall cuseeme
ip inspect name firewall fragment maximum 256 timeout 1
ip inspect name firewall ftp
ip inspect name firewall http
ip inspect name firewall h323
ip inspect name firewall realaudio
ip inspect name firewall sqlnet
ip inspect name firewall streamworks
ip inspect name firewall tftp
ip inspect name firewall vdolive
ip inspect name firewall tcp
ip inspect name firewall udp
ip name-server 213.33.99.70
ip name-server 80.120.17.70
isdn switch-type basic-net3
!
!
!
interface Ethernet0
 ip address 192.168.0.1 255.255.255.0
 ip access-group 101 in
 no ip proxy-arp
 ip nat inside
!
interface BRI0
 no ip address
 encapsulation ppp
 dialer pool-member 1
 isdn switch-type basic-net3
 ppp authentication chap pap callin
!
interface Dialer1
 description ISP
 ip address ************** *************
 ip access-group 111 in
 no ip proxy-arp
 ip nat outside
 ip inspect firewall out
 encapsulation ppp
 no ip split-horizon
 dialer remote-name Cisco1
 dialer pool 1
 dialer idle-timeout 180
 dialer string ********** class DialClass
 dialer hold-queue 10
 dialer max-call 4096
 dialer-group 1
 pulse-time 0
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname ************
 ppp chap password 7 *************
 ppp pap sent-username ************ password 7 ************
!
ip nat inside source list 18 interface Dialer1 overload
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
map-class dialer DialClass
access-list 18 permit 192.168.0.0 0.0.0.255
access-list 111 permit tcp any any established
access-list 111 permit udp any eq domain any
access-list 111 permit udp any eq ntp any
access-list 111 permit icmp any any administratively-prohibited time-range TIME
access-list 111 permit icmp any any echo time-range TIME
access-list 111 permit icmp any any echo-reply time-range TIME
access-list 111 permit icmp any any packet-too-big time-range TIME
access-list 111 permit icmp any any time-exceeded time-range TIME
access-list 111 permit icmp any any traceroute time-range TIME
access-list 111 permit icmp any any unreachable time-range TIME
access-list 111 deny   ip any any
access-list 120 permit ip 192.168.0.0 0.0.0.255 any
access-list 120 permit icmp 192.168.0.0 0.0.0.255 any
access-list 120 permit tcp 192.168.0.0 0.0.0.255 any
access-list 120 permit udp 192.168.0.0 0.0.0.255 any
access-list 120 deny   ip any any
access-list 120 deny   icmp any any
dialer-list 1 protocol ip list 120
snmp-server engineID local 000000090200AABBCCDDEE11
snmp-server packetsize 2048
!
line con 0
 exec-timeout 0 0
 password 7 ***********
 login
 transport input none
 stopbits 1
line vty 0 4
 exec-timeout 0 0
 password 7 ***************
 login
!
rcapi server port 2578 
!
!
time-range TIME
 periodic daily 0:00 to 23:59
!
end

Hier mal die ganze, dann is leichter zum durchschaun, denke ich.

Und hier die Ausgabe von Version:

Cisco Internetwork Operating System Software                                    
IOS (tm) C800 Software (C800-OSY6-MW), Version 12.1(2)T,  RELEASE SOFTWARE (fc1)

Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Tue 16-May-00 15:20 by ccai
Image text-base: 0x000EA000, data-base: 0x007EC000

ROM: TinyROM version 1.4(1)
Router uptime is 3 minutes
System returned to ROM by power-on
System image file is "flash:c800-osy6-mw"

Cisco C801 (MPC860) processor (revision 1) with 44292K bytes of virtual memory.
Processor board ID JAD06120B73
CPU part number 33
X.25 software, Version 3.0.0.
Bridging software.
Basic Rate ISDN software, Version 1.1.
1 Ethernet/IEEE 802.3 interface(s)
1 ISDN Basic Rate interface(s)
4M bytes of physical memory (DRAM)
8K bytes of non-volatile configuration memory
8M bytes of flash on board (4M from flash card)

Configuration register is 0x2102

Danke !

So long

Yeti :D
There are a lo of Humans, but there are only one Yeti !?

#63 corc

corc

    Newbie

  • 57 Beiträge

 

Geschrieben 10. September 2004 - 17:52

Hi,

also, irgendwas stimmt da nicht.
Die access-group ist immer noch auf dem Interface Ethernet 0 konfiguriert. Jetzt machen wir's mal so: ich korrigiere das Configfile, und Du lädtst es komplett hoch, OK? (Nicht vergessen, Paßwörter, hostnames und IP-Adresse wieder korrekt einzutragen!)
Here we go:
version 12.1
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Router
!
logging buffered 8192 debugging
enable secret 5 *****************
!
username Router password 7 ****************
!
!
!
!
ip subnet-zero
no ip source-route
!
ip dhcp pool DHCPPoolLAN_0
   network 192.168.0.0 255.255.255.0
   dns-server 213.33.99.70 80.120.17.70 
   default-router 192.168.0.1 
!
ip inspect name firewall cuseeme
ip inspect name firewall fragment maximum 256 timeout 1
ip inspect name firewall ftp
ip inspect name firewall http
ip inspect name firewall h323
ip inspect name firewall realaudio
ip inspect name firewall sqlnet
ip inspect name firewall streamworks
ip inspect name firewall tftp
ip inspect name firewall vdolive
ip inspect name firewall tcp
ip inspect name firewall udp
ip name-server 213.33.99.70
ip name-server 80.120.17.70
isdn switch-type basic-net3
!
!
!
interface Ethernet0
 ip address 192.168.0.1 255.255.255.0
 no ip proxy-arp
 ip nat inside
!
interface BRI0
 no ip address
 encapsulation ppp
 dialer pool-member 1
 isdn switch-type basic-net3
 ppp authentication chap pap callin
!
interface Dialer1
 description ISP
 ip address ************** *************
 ip access-group 111 in
 no ip proxy-arp
 ip nat outside
 ip inspect firewall out
 encapsulation ppp
 no ip split-horizon
 dialer remote-name Cisco1
 dialer pool 1
 dialer idle-timeout 180
 dialer string ********** class DialClass
 dialer hold-queue 10
 dialer max-call 4096
 dialer-group 1
 pulse-time 0
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname ************
 ppp chap password 7 *************
 ppp pap sent-username ************ password 7 ************
!
ip nat inside source list 18 interface Dialer1 overload
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
map-class dialer DialClass
access-list 18 permit 192.168.0.0 0.0.0.255
access-list 111 permit tcp any any established
access-list 111 permit udp any eq domain any
access-list 111 permit udp any eq ntp any
access-list 111 permit icmp any any administratively-prohibited time-range TIME
access-list 111 permit icmp any any echo time-range TIME
access-list 111 permit icmp any any echo-reply time-range TIME
access-list 111 permit icmp any any packet-too-big time-range TIME
access-list 111 permit icmp any any time-exceeded time-range TIME
access-list 111 permit icmp any any traceroute time-range TIME
access-list 111 permit icmp any any unreachable time-range TIME
access-list 111 deny   ip any any
access-list 120 permit ip 192.168.0.0 0.0.0.255 any
access-list 120 permit icmp 192.168.0.0 0.0.0.255 any
access-list 120 permit tcp 192.168.0.0 0.0.0.255 any
access-list 120 permit udp 192.168.0.0 0.0.0.255 any
access-list 120 deny   ip any any
access-list 120 deny   icmp any any
dialer-list 1 protocol ip list 120
snmp-server engineID local 000000090200AABBCCDDEE11
snmp-server packetsize 2048
!
line con 0
 exec-timeout 0 0
 password 7 ***********
 login
 transport input none
 stopbits 1
line vty 0 4
 exec-timeout 0 0
 password 7 ***************
 login
!
rcapi server port 2578 
!
!
time-range TIME
 periodic daily 0:00 to 23:59
!
end

Gruß,

corc.
{T-DSL 768 Flat FP}--[Cisco 1721 (12.3(11)T ADVSEC)]--[Cisco PIX Firewall 501 (6.3(4))]--[2x Win XP Pro SP 1, 1x Win 98]
"The most commonplace router is often the most mysterious because
it presents no new or special features from which deductions may be drawn."
Sherlock Holmes, "A Study in Scarlet" (slightly changed)