taxiarxos
27-05-09, 11:02
Καλημέρα σε όλους,
θα ήθελα μια μικρή βοήθεια σχετικά με την υλοποίηση ένος PPTP VPDN που προσπαθώ να κάνω κ δεν μου βγαίνει...
Αυτό είναι το config του Cisco.
Cisco857w#sh run
Building configuration...
Current configuration : 9632 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Cisco857w
!
boot-start-marker
boot-end-marker
!
logging buffered 4096
logging console critical
enable secret 5 $1$O9Kz$lfAR9clCYtBa.T1vJx5jY0
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication ppp vpn-group1 local
aaa authorization ipmobile default group rad_pmip
aaa authorization network default local if-authenticated
aaa accounting network acct_methods start-stop group rad_acct
!
!
aaa session-id common
clock timezone PCTime 2
clock summer-time PCTime date Mar 30 2003 3:00 Oct 26 2003 4:00
!
crypto pki trustpoint TP-self-signed-1381417750
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1381417750
revocation-check none
rsakeypair TP-self-signed-1381417750
!
!
crypto pki certificate chain TP-self-signed-1381417750
certificate self-signed 01
30820256 308201BF A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31333831 34313737 3530301E 170D3039 30333232 30333335
32315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33383134
31373735 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100F4FB D46B29B2 E6FFA86D F1087BE6 3A4BBF41 6064ACC4 AE9257BC 92C7AFD4
A02768F6 25A13875 43EEA83C 789991A9 AC5CE3E3 53925E6F 8D52A87A 23D0F521
7678D4F1 B0AE1FD8 525B84EA 396B6FD6 FD82C909 8A92D41A 8539A6FE 735536DB
6DE90B55 C3AA4F8F 97847509 283E60FF 5EECE65E F763CFAC B2656733 1EC6DD2B
56D90203 010001A3 7E307C30 0F060355 1D130101 FF040530 030101FF 30290603
551D1104 22302082 1E436973 636F3835 37772E74 61786961 72786F73 2E64796E
646E732E 6F726730 1F060355 1D230418 30168014 BC25FA81 B9874AD9 CF4DFAFC
65AEFBC4 B5934F9C 301D0603 551D0E04 160414BC 25FA81B9 874AD9CF 4DFAFC65
AEFBC4B5 934F9C30 0D06092A 864886F7 0D010104 05000381 8100BE5D EB642373
071FC07F 03CE9F45 D785881B 0C1C7CDE 3A1F423F 0704CB9B B4E79959 29A3E626
680B7F42 F78C2F91 79998EED D2EA1F63 923E8189 EC69756D 9BF5CBD1 B522321A
27F56F6F EA890F73 3CE0AF2B B0815367 48FEB70E 8675A634 DB349017 48FB7C35
9744E158 83D02182 26A9AD6A BD2741D5 9C34FE40 8BFE6EB7 9662
quit
!
dot11 ssid wirelesstax
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 xxxxxxxxxxxxxxxxxx
!
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.1.201 192.168.1.254
!
ip dhcp pool sdm-pool1
import all
network 192.168.1.0 255.255.255.0
dns-server 195.170.0.1 195.170.2.2
default-router 192.168.1.1
!
!
ip cef
ip inspect name DEFAULT100 cuseeme
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip bootp server
ip domain name taxiarxos.xxxxxxxxxxxx
ip name-server 195.170.0.1
ip name-server 195.170.2.2
ip ddns update method taxiarxos
HTTP
add http://xxxxxxxxxxxx@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
remove http://xxxxxxxxxx@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
interval maximum 28 0 0 0
!
!
vpdn enable
!
vpdn-group 1
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
l2tp tunnel receive-window 128
!
!
!
username xxxxxxx privilege 15 secret 5 xxxxxxxxxxxxxxxxxx
username vpn privilege 7 password 7 xxxxxxxxxxxxxxxxxxxx
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
bridge irb
!
!
interface Loopback0
ip address 192.168.2.1 255.255.255.0
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
no ip redirects
no ip unreachables
no ip proxy-arp
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Virtual-Template1
ip unnumbered Loopback0
peer default ip address pool vpdn
no keepalive
ppp authentication ms-chap ms-chap-v2
!
interface Dot11Radio0
no ip address
!
encryption mode ciphers tkip
!
ssid wireless
!
speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
channel 2462
station-role root
world-mode dot11d country GR both
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 input-address-list 700
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
no ip address
ip tcp adjust-mss 1452
bridge-group 1
!
interface Dialer0
ip ddns update hostname taxiarxos.xxxxxxxxxxx
ip ddns update taxiarxos
ip address negotiated
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip inspect DEFAULT100 out
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxxxxxxxxxxxxxx
ppp chap password 7 xxxxxxxxxxxxxxx
ppp pap sent-username xxxxxxxxxxxxx password 7 xxxxxxxxxxxx
hold-queue 224 out
!
interface BVI1
description $ES_LAN$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1412
!
ip local pool vpdn 192.168.2.100 192.168.2.101
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 192.168.2.0 255.255.255.0 Loopback0
!
no ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.1 1723 interface Dialer0 1723
!
logging trap debugging
access-list 1 remark INSIDE_IF=bvi1
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 101 permit icmp any any echo
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any source-quench
access-list 101 permit icmp any any packet-too-big
access-list 101 permit icmp any any time-exceeded
access-list 101 permit udp host 195.170.0.1 eq domain any gt 1023
access-list 101 permit udp host 195.170.2.2 eq domain any gt 1023
access-list 101 permit tcp host 63.208.196.96 any established
access-list 101 permit tcp any any eq 1723
access-list 101 permit udp any any eq 1701
access-list 101 permit gre any any
access-list 101 permit tcp any 192.168.1.0 0.0.0.255 gt 1023 established
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 1701
access-list 101 permit udp any any eq 1723
access-list 101 permit udp any any eq isakmp
access-list 101 permit tcp any any eq telnet
access-list 101 deny icmp any any
access-list 101 deny tcp any any eq ftp
access-list 101 deny tcp any any eq ftp-data
access-list 101 deny tcp any any eq telnet
access-list 101 deny tcp any any eq www
access-list 101 deny tcp any any eq smtp
access-list 101 deny tcp any any eq pop3
access-list 101 deny tcp any any eq 135
access-list 101 deny udp any any eq 135
access-list 101 deny tcp any any eq 136
access-list 101 deny udp any any eq 136
access-list 101 deny tcp any any eq 137
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny tcp any any eq 138
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny tcp any any eq 139
access-list 101 deny udp any any eq netbios-ss
access-list 101 deny tcp any any eq 443
access-list 101 deny udp any any eq 443
access-list 101 deny tcp any any eq 445
access-list 101 deny udp any any eq 445
access-list 101 deny tcp any any eq 256 log
access-list 101 deny tcp any any eq 257 log
access-list 101 deny tcp any any eq 258 log
access-list 101 deny tcp any any eq 259 log
access-list 101 permit ip any any
access-list 700 permit 0013.e80e.ccf1 0000.0000.0000
dialer-list 1 protocol ip permit
no cdp run
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
no modem enable
transport output telnet
line aux 0
transport output telnet
line vty 0 4
privilege level 15
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
Το πρόβλημά μου είναι το εξής ενώ μπορώ κ συνδέομαι κανονικά επάνω στο router με κλήση μέσω XP, μπορώ να κάνω ping την ip του loopback int δεν μπορώ να δώ την ip του vlan καθώς επίσης και τους μέσα hosts. :(
Αυτό που νομίζω ότι φταίει είναι το NAT κάποιο ALC ή χρειάζετε προσθήκη κάποιου route επάνω στον cisco γιατί δεν μπορεί να δρομολογήσει σωστά τα subnets.
Οποιαδήποτε βοήθεια δεκτή....
Ευχαριστώ.
θα ήθελα μια μικρή βοήθεια σχετικά με την υλοποίηση ένος PPTP VPDN που προσπαθώ να κάνω κ δεν μου βγαίνει...
Αυτό είναι το config του Cisco.
Cisco857w#sh run
Building configuration...
Current configuration : 9632 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Cisco857w
!
boot-start-marker
boot-end-marker
!
logging buffered 4096
logging console critical
enable secret 5 $1$O9Kz$lfAR9clCYtBa.T1vJx5jY0
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication ppp vpn-group1 local
aaa authorization ipmobile default group rad_pmip
aaa authorization network default local if-authenticated
aaa accounting network acct_methods start-stop group rad_acct
!
!
aaa session-id common
clock timezone PCTime 2
clock summer-time PCTime date Mar 30 2003 3:00 Oct 26 2003 4:00
!
crypto pki trustpoint TP-self-signed-1381417750
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1381417750
revocation-check none
rsakeypair TP-self-signed-1381417750
!
!
crypto pki certificate chain TP-self-signed-1381417750
certificate self-signed 01
30820256 308201BF A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31333831 34313737 3530301E 170D3039 30333232 30333335
32315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33383134
31373735 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100F4FB D46B29B2 E6FFA86D F1087BE6 3A4BBF41 6064ACC4 AE9257BC 92C7AFD4
A02768F6 25A13875 43EEA83C 789991A9 AC5CE3E3 53925E6F 8D52A87A 23D0F521
7678D4F1 B0AE1FD8 525B84EA 396B6FD6 FD82C909 8A92D41A 8539A6FE 735536DB
6DE90B55 C3AA4F8F 97847509 283E60FF 5EECE65E F763CFAC B2656733 1EC6DD2B
56D90203 010001A3 7E307C30 0F060355 1D130101 FF040530 030101FF 30290603
551D1104 22302082 1E436973 636F3835 37772E74 61786961 72786F73 2E64796E
646E732E 6F726730 1F060355 1D230418 30168014 BC25FA81 B9874AD9 CF4DFAFC
65AEFBC4 B5934F9C 301D0603 551D0E04 160414BC 25FA81B9 874AD9CF 4DFAFC65
AEFBC4B5 934F9C30 0D06092A 864886F7 0D010104 05000381 8100BE5D EB642373
071FC07F 03CE9F45 D785881B 0C1C7CDE 3A1F423F 0704CB9B B4E79959 29A3E626
680B7F42 F78C2F91 79998EED D2EA1F63 923E8189 EC69756D 9BF5CBD1 B522321A
27F56F6F EA890F73 3CE0AF2B B0815367 48FEB70E 8675A634 DB349017 48FB7C35
9744E158 83D02182 26A9AD6A BD2741D5 9C34FE40 8BFE6EB7 9662
quit
!
dot11 ssid wirelesstax
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 xxxxxxxxxxxxxxxxxx
!
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.1.201 192.168.1.254
!
ip dhcp pool sdm-pool1
import all
network 192.168.1.0 255.255.255.0
dns-server 195.170.0.1 195.170.2.2
default-router 192.168.1.1
!
!
ip cef
ip inspect name DEFAULT100 cuseeme
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip bootp server
ip domain name taxiarxos.xxxxxxxxxxxx
ip name-server 195.170.0.1
ip name-server 195.170.2.2
ip ddns update method taxiarxos
HTTP
add http://xxxxxxxxxxxx@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
remove http://xxxxxxxxxx@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
interval maximum 28 0 0 0
!
!
vpdn enable
!
vpdn-group 1
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
l2tp tunnel receive-window 128
!
!
!
username xxxxxxx privilege 15 secret 5 xxxxxxxxxxxxxxxxxx
username vpn privilege 7 password 7 xxxxxxxxxxxxxxxxxxxx
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
bridge irb
!
!
interface Loopback0
ip address 192.168.2.1 255.255.255.0
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
no ip redirects
no ip unreachables
no ip proxy-arp
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Virtual-Template1
ip unnumbered Loopback0
peer default ip address pool vpdn
no keepalive
ppp authentication ms-chap ms-chap-v2
!
interface Dot11Radio0
no ip address
!
encryption mode ciphers tkip
!
ssid wireless
!
speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
channel 2462
station-role root
world-mode dot11d country GR both
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 input-address-list 700
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
no ip address
ip tcp adjust-mss 1452
bridge-group 1
!
interface Dialer0
ip ddns update hostname taxiarxos.xxxxxxxxxxx
ip ddns update taxiarxos
ip address negotiated
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip inspect DEFAULT100 out
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxxxxxxxxxxxxxx
ppp chap password 7 xxxxxxxxxxxxxxx
ppp pap sent-username xxxxxxxxxxxxx password 7 xxxxxxxxxxxx
hold-queue 224 out
!
interface BVI1
description $ES_LAN$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1412
!
ip local pool vpdn 192.168.2.100 192.168.2.101
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 192.168.2.0 255.255.255.0 Loopback0
!
no ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.1 1723 interface Dialer0 1723
!
logging trap debugging
access-list 1 remark INSIDE_IF=bvi1
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 101 permit icmp any any echo
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any source-quench
access-list 101 permit icmp any any packet-too-big
access-list 101 permit icmp any any time-exceeded
access-list 101 permit udp host 195.170.0.1 eq domain any gt 1023
access-list 101 permit udp host 195.170.2.2 eq domain any gt 1023
access-list 101 permit tcp host 63.208.196.96 any established
access-list 101 permit tcp any any eq 1723
access-list 101 permit udp any any eq 1701
access-list 101 permit gre any any
access-list 101 permit tcp any 192.168.1.0 0.0.0.255 gt 1023 established
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 1701
access-list 101 permit udp any any eq 1723
access-list 101 permit udp any any eq isakmp
access-list 101 permit tcp any any eq telnet
access-list 101 deny icmp any any
access-list 101 deny tcp any any eq ftp
access-list 101 deny tcp any any eq ftp-data
access-list 101 deny tcp any any eq telnet
access-list 101 deny tcp any any eq www
access-list 101 deny tcp any any eq smtp
access-list 101 deny tcp any any eq pop3
access-list 101 deny tcp any any eq 135
access-list 101 deny udp any any eq 135
access-list 101 deny tcp any any eq 136
access-list 101 deny udp any any eq 136
access-list 101 deny tcp any any eq 137
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny tcp any any eq 138
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny tcp any any eq 139
access-list 101 deny udp any any eq netbios-ss
access-list 101 deny tcp any any eq 443
access-list 101 deny udp any any eq 443
access-list 101 deny tcp any any eq 445
access-list 101 deny udp any any eq 445
access-list 101 deny tcp any any eq 256 log
access-list 101 deny tcp any any eq 257 log
access-list 101 deny tcp any any eq 258 log
access-list 101 deny tcp any any eq 259 log
access-list 101 permit ip any any
access-list 700 permit 0013.e80e.ccf1 0000.0000.0000
dialer-list 1 protocol ip permit
no cdp run
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
no modem enable
transport output telnet
line aux 0
transport output telnet
line vty 0 4
privilege level 15
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
Το πρόβλημά μου είναι το εξής ενώ μπορώ κ συνδέομαι κανονικά επάνω στο router με κλήση μέσω XP, μπορώ να κάνω ping την ip του loopback int δεν μπορώ να δώ την ip του vlan καθώς επίσης και τους μέσα hosts. :(
Αυτό που νομίζω ότι φταίει είναι το NAT κάποιο ALC ή χρειάζετε προσθήκη κάποιου route επάνω στον cisco γιατί δεν μπορεί να δρομολογήσει σωστά τα subnets.
Οποιαδήποτε βοήθεια δεκτή....
Ευχαριστώ.