alexkhr
03-10-06, 21:44
Έχω το cisco 877w-g-e-k9 router. Όταν ανοιγω το azureus μου βγάζει πρόβλημα ΝΑΤ...παρ'όλα αυτα κατεβάζω κανονικα αλλά το εικονίδιο είναι κιτρινισμένο.
Το configuration είναι το εξής:
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Router
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 *********
!
no aaa new-model
!
resource policy
!
clock timezone PCTime 2
clock summer-time PCTime date Mar 30 2003 3:00 Oct 26 2003 4:00
ip subnet-zero
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1
!
ip dhcp pool sdm-pool1
import all
network 192.168.0.0 255.255.255.248
default-router 192.168.0.1
dns-server 62.169.194.17 62.169.194.18
!
!
ip inspect name DEFAULT100 cuseeme
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 netshow
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
ip tcp synwait-time 10
no ip bootp server
ip name-server 62.169.194.17
ip name-server 62.169.194.18
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
crypto pki trustpoint TP-self-signed-3933684619
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3933684619
revocation-check none
rsakeypair TP-self-signed-3933684619
!
!
crypto pki certificate chain TP-self-signed-3933684619
certificate self-signed 01
3082023F 308201A8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33393333 36383436 3139301E 170D3032 30333031 30303038
33335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 39333336
38343631 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
81009A18 5801F89A EAC5983C 144EBA12 ED05E957 63E61426 9C38BD87 CC19702E
FB8DCF63 403C8005 F08AC76A B0B596D4 7FC911AA 0F1F11D9 FE45CFA9 D4AD83F5
85DFA39A C957550D 09C7EC4C E01AF2E2 212950A5 CD4900C2 9A6EEF3E B6A18DC8
5ADDB2A1 4082E727 36F3C46E 244B7CE2 CE6E941A 4C0DBD5C 8993C579 392B3078
4BC30203 010001A3 67306530 0F060355 1D130101 FF040530 030101FF 30120603
551D1104 0B300982 07526F75 7465722E 301F0603 551D2304 18301680 14AD74AC
D3A0E550 694B607D A9FA3AB3 FE2DA8A8 DE301D06 03551D0E 04160414 AD74ACD3
A0E55069 4B607DA9 FA3AB3FE 2DA8A8DE 300D0609 2A864886 F70D0101 04050003
8181006F 831FEB49 B6075880 C6369034 354E7F4D 8906BB0F 96DE18C2 46DC82C8
D3562ED5 ABD805B9 48E07F2A 2315FB19 5D4E48BA 09BB5B3D AABA411E 3EAABBA0
75E34B64 D550E6B1 A0D27897 84656588 260CC466 5E684713 A25E0422 DA9D6748
EE28C25D D7623FAD 4BAA59EC E61CF6B8 CDFB2386 E7B1CA60 280232F7 307CCB43 0CE3D5
quit
username ********* privilege 15 secret 5 *********
!
!
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
no ip redirects
no ip unreachables
no ip proxy-arp
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
station-role root
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.0.1 255.255.255.248
ip access-group 100 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip inspect DEFAULT100 out
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname *********
ppp chap password 7 *********
ppp pap sent-username ********* password 7 *********
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.0.0 0.0.0.7
access-list 100 remark auto generated by Cisco SDM Express firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by Cisco SDM Express firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 deny ip 192.168.0.0 0.0.0.7 any
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip any any
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
Τι πρέπει να κάνω?
Το configuration είναι το εξής:
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Router
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 *********
!
no aaa new-model
!
resource policy
!
clock timezone PCTime 2
clock summer-time PCTime date Mar 30 2003 3:00 Oct 26 2003 4:00
ip subnet-zero
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1
!
ip dhcp pool sdm-pool1
import all
network 192.168.0.0 255.255.255.248
default-router 192.168.0.1
dns-server 62.169.194.17 62.169.194.18
!
!
ip inspect name DEFAULT100 cuseeme
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 netshow
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
ip tcp synwait-time 10
no ip bootp server
ip name-server 62.169.194.17
ip name-server 62.169.194.18
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
crypto pki trustpoint TP-self-signed-3933684619
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3933684619
revocation-check none
rsakeypair TP-self-signed-3933684619
!
!
crypto pki certificate chain TP-self-signed-3933684619
certificate self-signed 01
3082023F 308201A8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33393333 36383436 3139301E 170D3032 30333031 30303038
33335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 39333336
38343631 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
81009A18 5801F89A EAC5983C 144EBA12 ED05E957 63E61426 9C38BD87 CC19702E
FB8DCF63 403C8005 F08AC76A B0B596D4 7FC911AA 0F1F11D9 FE45CFA9 D4AD83F5
85DFA39A C957550D 09C7EC4C E01AF2E2 212950A5 CD4900C2 9A6EEF3E B6A18DC8
5ADDB2A1 4082E727 36F3C46E 244B7CE2 CE6E941A 4C0DBD5C 8993C579 392B3078
4BC30203 010001A3 67306530 0F060355 1D130101 FF040530 030101FF 30120603
551D1104 0B300982 07526F75 7465722E 301F0603 551D2304 18301680 14AD74AC
D3A0E550 694B607D A9FA3AB3 FE2DA8A8 DE301D06 03551D0E 04160414 AD74ACD3
A0E55069 4B607DA9 FA3AB3FE 2DA8A8DE 300D0609 2A864886 F70D0101 04050003
8181006F 831FEB49 B6075880 C6369034 354E7F4D 8906BB0F 96DE18C2 46DC82C8
D3562ED5 ABD805B9 48E07F2A 2315FB19 5D4E48BA 09BB5B3D AABA411E 3EAABBA0
75E34B64 D550E6B1 A0D27897 84656588 260CC466 5E684713 A25E0422 DA9D6748
EE28C25D D7623FAD 4BAA59EC E61CF6B8 CDFB2386 E7B1CA60 280232F7 307CCB43 0CE3D5
quit
username ********* privilege 15 secret 5 *********
!
!
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
no ip redirects
no ip unreachables
no ip proxy-arp
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
station-role root
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.0.1 255.255.255.248
ip access-group 100 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip inspect DEFAULT100 out
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname *********
ppp chap password 7 *********
ppp pap sent-username ********* password 7 *********
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.0.0 0.0.0.7
access-list 100 remark auto generated by Cisco SDM Express firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by Cisco SDM Express firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 deny ip 192.168.0.0 0.0.0.7 any
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip any any
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
Τι πρέπει να κάνω?