اعلان (728 x‏ 90)

تابعنا

الأحد، 13 يوليو 2014

Example de configuration - NAT -




  •  ISDN
  ISDN utilise un nombre important de protocoles.
          1 ISDN couche 1
     Le layer 1 est la couche physique responsable pour la connexion au switch. Il supporte la conn exion à un TA/NT1 ou à des “devices” multiples. Les canaux B et D partagent le même interface physique.


    Le canal D est gouverné par DDR (Dial on Demand Routing). DDR est le mécanisme pour réaliser des connexions “Dial On Demand”. Le canal B est utilisé pour la transmission des données (IP,IPX...).
         2 ISDN couche 2 (Q.921)
Un numéro de TEI est assigné par le switch ISDN. Cela permet de donner une identifi- cation à votre connexion sur le NT1/TA.
        3 ISDN couche 3 (Q.931)
Un protocole DSS1 (Digital Subscriber Signalling System N
1) est utilisé pour la ges-tion des appels, des connexions & des alertes. Suivant le pays, les techniques de “signalling” ne sont pas les mêmes entre le switch & le NT1. Lors de l’utilisation d’ISDN, vous devez spécifier le type de switch :
isdn switch-type basic-net3
! Attention lors de la modification du switch-type, dans la majorité des cas, vous devez redémarrer le router!
  •  NAT
  •  Gestion des problèmes
               1 Commande Debug
ISDN et Dial on Demand
show interface bri 0
show isdn status
show ppp multilink
debug dialer
debug isdn q921
debug isdn q931
debug isdn events
debug isdn active
debug isdn history
PPP
debug ppp negotiation
debug ppp authentification
  •  Example de configuration
                    1 Dialup vers Internet (sans NAT)
Current configuration :
!
version 11.2
no service finger
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname di100334
!
enable secret 5 $1$wWjV$iTqcdHeE/iTkwNF.IIKrE1
enable password 7 1420230805172924
!
ip subnet-zero
no ip source-route
ip name-server 193.74.208.135
ip name-server 193.74.208.65
ip name-server 193.121.171.135
isdn switch-type basic-net3
isdn tei-negotiation first-call
!
!
interface Ethernet0
ip address 193.74.140.254 255.255.255.0
no ip directed-broadcast
no ip route-cache
no ip mroute-cache
!
interface BRI0
ip unnumbered Ethernet0
ip access-group 111 in
ip access-group 112 out
no ip redirects
encapsulation ppp
bandwidth 64
dialer idle-timeout 300
dialer string 042246011
dialer hold-queue 5
dialer-group 1
ppp chap hostname diXXXXXX
ppp chap password 7 XXXXXXXXXXXXXXXXXX
!
ip classless
ip default-network 0.0.0.0
ip route 0.0.0.0 0.0.0.0 BRI0
ip route 10.0.0.0 255.0.0.0 Null0
ip route 172.16.0.0 255.240.0.0 Null0
ip route 192.168.0.0 255.255.0.0 Null0
ip route 193.74.147.0 255.255.255.0 BRI0
access-list 10 permit 192.92.130.4
access-list 10 permit 193.74.208.188
access-list 10 permit 193.74.140.0 0.0.0.255
access-list 10 deny any
access-list 11 deny any
access-list 101 deny ip any host 255.255.255.255
access-list 101 deny udp any any range netbios-ns 139
access-list 101 permit ip 193.74.140.0 0.0.0.255 any
access-list 101 deny ip any any
access-list 111 deny ip 193.74.140.0 0.0.0.255 any
access-list 111 deny ip any host 193.74.140.255
access-list 111 deny udp any 193.74.140.0 0.0.0.255 eq 135
access-list 111 deny tcp any 193.74.140.0 0.0.0.255 eq 12345
access-list 111 deny tcp any 193.74.140.0 0.0.0.255 eq 12346
access-list 111 deny udp any 193.74.140.0 0.0.0.255 eq 31337
access-list 111 deny tcp any 193.74.140.0 0.0.0.255 eq 31337
access-list 111 permit ip any 193.74.140.0 0.0.0.255
access-list 111 deny ip any any
access-list 112 deny tcp 193.74.140.0 0.0.0.255 any eq 12345
access-list 112 deny tcp 193.74.140.0 0.0.0.255 any eq 12346
access-list 112 deny udp 193.74.140.0 0.0.0.255 any eq 31337
dialer-list 1 protocol ip list 101
!
line con 0
login
transport preferred none
line vty 0 4
access-class 10 in
access-class 11 out
password 7 110A1016141D
login
length 23
transport preferred none
!
end
                     2 Dialup vers Internet (avec NAT / sans easy IP)
Current configuration :
!
version 11.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname lanburodep
!
enable password 7 12100703
!
username lieg-cs1 password 7 XXXXXXXXXX
username bru-cs1 password 7 XXXXXXXXXX
username lanburodep password 7 XXXXXXXXXXX
ip subnet-zero
ip nat pool lanburodep-natpool-0 194.78.144.163 194.78.144.165 netmask 255.255.8
ip nat inside source list 2 pool lanburodep-natpool-0 overload
ip nat inside source static 200.0.0.100 194.78.144.162
no ip domain-lookup
isdn switch-type basic-net3
isdn tei-negotiation first-call
!
interface Ethernet0
description connected to Internet
ip address 200.0.0.4 255.255.255.0 secondary
ip address 194.78.144.161 255.255.255.248
ip nat inside
!
interface BRI0
description connected to Internet
no ip address
encapsulation ppp
dialer pool-member 1
!
interface Dialer1
ip address 192.168.3.68 255.255.255.0
ip nat outside
encapsulation ppp
no ip split-horizon
bandwidth 64
dialer remote-name lieg-cs1
dialer string 2302911
dialer hold-queue 10
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username XXXXXX password 7 XXXXX
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 10.0.0.0 255.0.0.0 200.0.0.3
ip route 137.0.0.0 255.255.0.0 200.0.0.254
ip route 192.0.0.0 255.255.255.0 200.0.0.3
ip route 220.1.1.0 255.255.255.0 200.0.0.254
access-list 2 permit 200.0.0.0 0.0.0.255
access-list 2 permit 192.0.0.0 0.0.0.255
access-list 2 permit 10.0.0.0 0.255.255.255
access-list 2 permit 137.0.0.0 0.0.255.255
access-list 2 permit 205.1.1.0 0.0.0.255
snmp-server community public RO
dialer-list 1 protocol ip permit
!
line con 0
exec-timeout 0 0
login
line vty 0 3
password 7 XXXXXXX
login
line vty 4
login
!
end
                      3 Dialup vers Internet (avec NAT/Easy IP)
Current configuration :
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
enable password ibt
!
ip subnet-zero
!ip name-server 195.238.2.21
ip name-server 195.238.2.22
isdn switch-type basic-net3
!
!
!
interface Ethernet0
ip address 10.0.1.1 255.255.255.0
no ip directed-broadcast
ip nat inside
!
interface BRI0
description Skynet
ip address negotiated
no ip directed-broadcast
ip nat outside
encapsulation ppp
dialer idle-timeout 180
dialer string 2261111
dialer-group 1
isdn switch-type basic-net3
ppp authentication chap callin
ppp chap hostname XXXXXXXXXX
ppp chap password 7 XXXXXXXXXXXXXXX
hold-queue 75 in
!
ip nat inside source list 100 interface BRI0 overload
ip nat inside source static tcp 10.0.1.2 25 194.78.223.58 25 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 BRI0
!
access-list 100 permit ip any any
dialer-list 1 protocol ip list 100
!
line con 0
password XXXX
transport input none
stopbits 1
line vty 0 4
password XXXX
login
!
end
2.8.4 Ligne louée (Frame Relay)
Current configuration :
!
version 11.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
!
!
!
interface Ethernet0
ip address 172.16.30.1 255.255.0.0
!
interface Serial0
ip address 192.168.1.2 255.255.255.0
encapsulation frame-relay
frame-relay interface-dlci 17
!
interface Serial1
no ip address
shutdown
router rip
network 172.16.0.0
network 192.168.1.0
!
ip classless
ip default-network 0.0.0.0
!
!
line con 0
password ibt
line vty 0
password ibt
login
line vty 1 4
login
!
end
 SUITE.............
اعلان 1
اعلان 2

التسميات:

شارك الموضوع

0 التعليقات :

إرسال تعليق

جميع الحقوق المحفوضة © لشبكة عالم الابداع مقدم منعرب ويب