Forum: Cisco op Orange ADSL Extra - Online Gebruikers Groep

Oeps! JavaScript ontbreekt!
Uw Web browser heeft JavaScript uitstaan of ondersteund geen JavaScript.
Om deze website optimaal te kunnen zien dient u JavaScript aan te zetten in uw Web browser en/of Firewall.
Of verander van Web browser die wel JavaScript ondersteund; Firefox, Safari, Opera, Chrome of Internet Explorer nieuwer dan versie 6.

Onderwerp bekijken

Online Gebruikers Groep - Experts helpen klanten » Andere (eigen) modem / routers » Eigen modem configuratie en problemen

Wat is er mogelijk met het modem en hoe doe je het? Hoe kom je in het configuratiescherm? Heeft deze router wireless? Waar vind je wat in de schermen? Kun je nog extra dingen instellen, bijv. via telnet? Zijn er problemen bekend met dit modem? en hoe los je ze op?

Pagina 3 van 3: 1 23

Cisco op Orange ADSL Extra
mcdronkz	#21 Geplaatst op 18 mei 2009, 14:13
Activiteit Berichten: 3 Lid sinds: 18 mei 2009	Quote TCP_IP schreef: Wil je best helpen maar ga geen hele config schrijven :P Wat heb je tot nu toe, of nog niks ? Als JanTbyte zijn config post kun je die opzich kopieren als die aangepast is, kan er dan evt. wel stukje config voor je WLAN schrijven. Ik begrijp dat je geen hele configuratie zou schrijven, ik moet zelf natuurlijk ook wat initiatief tonen. Ik had een configuratie die voor PPPoA bedoeld was, maar die werkt dus niet. Ik heb ook nog wel een configuratie van XS4ALL, die is bridged en ziet er als volgt uit: Code Download source ! version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname c877w ! boot-start-marker boot-end-marker ! logging buffered 4096 enable secret XXXXXXXXXXXXXXXXXXx ! aaa new-model aaa session-id common ! ! dot11 ssid Cisco877W vlan 1 authentication open authentication key-management wpa guest-mode wpa-psk ascii 0 09876543210987654321 ! no ip source-route no ip gratuitous-arps ip cef ! ! no ip bootp server no ip domain lookup ip domain name local ip inspect udp idle-time 1800 ip inspect dns-timeout 7 ip inspect tcp idle-time 14400 ip inspect name autosec_inspect ftp timeout 3600 ip inspect name autosec_inspect udp timeout 15 ip inspect name autosec_inspect tcp timeout 3600 ! ! bridge irb ! ! interface Null0 no ip unreachables ! interface ATM0 no ip address no atm ilmi-keepalive pvc 0/35 encapsulation aal5snap ! dsl operating-mode auto bridge-group 1 bridge-group 1 spanning-disabled ! interface FastEthernet0 spanning-tree portfast ! interface FastEthernet1 spanning-tree portfast ! interface FastEthernet2 spanning-tree portfast ! interface FastEthernet3 spanning-tree portfast ! interface Dot11Radio0 no ip address ! encryption vlan 1 mode ciphers aes-ccm ! ssid Cisco877W ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role root no cdp enable ! interface Dot11Radio0.1 encapsulation dot1Q 1 native bridge-group 5 bridge-group 5 subscriber-loop-control bridge-group 5 spanning-disabled bridge-group 5 block-unknown-source no bridge-group 5 source-learning no bridge-group 5 unicast-flooding ! interface Vlan1 no ip address bridge-group 5 bridge-group 5 spanning-disabled ! interface BVI1 description ### EXTERNAL ### mac-address 0020.af45.8d37 ip address dhcp ip nat outside ip access-group inet_inbound in ip inspect autosec_inspect in ip virtual-reassembly no ip redirects no ip unreachables no ip proxy-arp ! interface BVI5 description ### INTERNAL ### ip address 10.8.20.254 255.255.255.0 ip nat inside ip access-group lan_outbound in ip inspect autosec_inspect in ip virtual-reassembly no ip redirects no ip unreachables no ip proxy-arp ! ! no ip http server no ip http secure-server ! ! ip nat inside source list nat_allowed interface BVI1 overload ! ip nat inside source static tcp 10.8.20.10 21 interface BVI1 21 ip nat inside source static tcp 10.8.20.10 25 interface BVI1 25 ip nat inside source static tcp 10.8.20.10 80 interface BVI1 80 ip nat inside source static tcp 10.8.20.10 443 interface BVI1 443 ip nat inside source static tcp 10.8.20.10 3389 interface BVI1 3389 ! ip access-list extended inet_inbound permit icmp any any echo permit icmp any any echo-reply permit icmp any any traceroute permit icmp any any unreachable permit icmp any any ttl-exceeded permit icmp any any packet-too-big permit udp any eq bootps any eq bootpc log permit tcp any any eq ftp permit tcp any any eq smtp permit tcp any any eq www permit tcp any any eq 443 permit tcp any any eq 1521 permit tcp any any eq 3389 deny ip any any log ! ip access-list extended lan_outbound permit icmp any any echo permit icmp any any echo-reply permit icmp any any traceroute permit icmp any any unreachable permit icmp any any packet-too-big permit tcp any any eq www permit tcp any any eq telnet permit tcp any any eq 22 permit tcp any any eq ftp permit tcp any any eq smtp permit udp any any eq domain permit udp any any eq ntp permit tcp any any eq 443 permit tcp any any eq 3389 deny ip any any log ! ! ip access-list extended nat_allowed permit ip 10.8.20.0 0.0.0.255 any ! ! no cdp run ! control-plane ! bridge 1 protocol ieee bridge 1 route ip bridge 1 address 001d.a1b8.afb7 discard bridge 5 protocol ieee bridge 5 route ip ! banner login ^CC No unauthorized access to this device will be permitted All actions are logged ^C banner motd ^CC^C ! ! line con 0 password XXXXXXXXXXXXxXXX login stopbits 1 line aux 0 line vty 0 4 access-class 101 in exec-timeout 120 0 password XXXXXXXXXXXXXXXXX login length 0 ! scheduler max-task-time 5000 end Daar staan allerlei IP en MAC adressen in waarvan ik niet weet waarvoor ze bedoeld zijn. Als deze config teruggebracht kan worden tot een iets simpeler idee zodat ik een beetje begrijp waar ik mee bezig ben, zit ik al een heel eind in de goede richting. Volgens mij hoeft het niet zo moeilijk te zijn, WLAN, ADSL, paar interfaces en klaar. Of niet? Gewijzigd door mcdronkz op 18 mei 2009, 14:15




TCP_IP	#22 Geplaatst op 18 mei 2009, 14:39
Activiteit Berichten: 2727 Lid sinds: 24 feb 2008	Hiermee krijg je in ieder geval je DSL aan de gang, incl DHCP en NAT. Vul het wel in dezelfde volgorde in. Werk je met VLANS trouwens, dus sub-interfaces en VLANS op je switch(es)? banner enzo lukt zelf wel ? Voor je WLAN moet ik even nakijken, weet ik zo niet meer. Quote service timestamps debug datetime msec service timestamps log datetime msec ! bridge irb ! ip subnet-zero ! DHCP Quote ip dhcp excluded-address ip dhcp pool network default-router dns-server ! interface ethernet0 no shut ip address NAT Quote ip nat inside no ip directed-broadcast ! interface atm0 no shut no ip address no ip directed-broadcast no atm ilmi-keepalive pvc 8/35 encapsulation aal5snap ! bridge-group 1 ! interface bvi1 mac-address ip address dhcp client-id ethernet0 Quote ip nat outside no ip directed-broadcast ! Quote ip nat inside source list 1 interface bvi1 overload Quote ip classless ip route 0.0.0.0 0.0.0.0 Quote ! bridge 1 protocol ieee bridge 1 route ip ! end Transmission Control Protocol over Internet Protocol Voor al je Windows en PC problemen kun je terecht op [url]www.xpvista.nl[/url


TCP_IP	#23 Geplaatst op 18 mei 2009, 14:55
Activiteit Berichten: 2727 Lid sinds: 24 feb 2008	Even gekopieerd: http://forums.whirlpool.net.au/forum-replies-archive.cfm/558270.html Quote interface Dot11Radio0 no ip address ! encryption mode ciphers tkip ! ssid putyourssidhere max-associations 10 authentication open authentication key-management wpa wpa-psk ascii 0 putyourkeyhere ! speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 channel 2452 station-role root no cdp enable bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Vlan1 no ip address bridge-group 1 ! interface BVI1 description --- LAN --- ip address 192.168.0.1 255.255.255.0 ip nat inside ip access-group 102 in ip virtual-reassembly ! Bovenstaande is niet allemaal even netjes, maar zou wel moeten werken. Je kunt voor jezelf nog even per interface description erbij zetten, nog een banner MOTD, nog wat access-lists maken, hostname instellen en counters op je interfaces zetten. Als je weet hoe of wat laat maar weten. Eindelijk wat Cisco was al ff geleden Transmission Control Protocol over Internet Protocol Voor al je Windows en PC problemen kun je terecht op [url]www.xpvista.nl[/url


JanTbyte	#24 Geplaatst op 19 mei 2009, 08:04
Activiteit Berichten: 2 Lid sinds: 17 mei 2009	Quote TCP_IP schreef: Wil je best helpen maar ga geen hele config schrijven Wat heb je tot nu toe, of nog niks ? Als JanTbyte zijn config post kun je die opzich kopieren als die aangepast is, kan er dan evt. wel stukje config voor je WLAN schrijven. Deze config werkt, kan hier mee internet op. WLAN werkt hier nog niet. software is c870-advipservicesk9-mz.124-9.t1.bin ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname router ! boot-start-marker boot-end-marker ! no logging buffered ! aaa new-model ! ! aaa authentication login default local aaa authentication ppp default local ! ! aaa session-id common ! crypto pki trustpoint TP-self-signed-1568042055 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1568042055 revocation-check none rsakeypair TP-self-signed-1568042055 ! ! crypto pki certificate chain TP-self-signed-1568042055 certificate self-signed 01 3082023E 308201A7 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 31353638 30343230 3535301E 170D3032 30333031 30303232 32335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 35363830 34323035 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 81009CA3 BADCB528 5A7E011D B0C5F27B 604EFB4B 515A086C C8144BCA D6AC636C 44A1CCD5 E498E951 21AEAC8E 609974BA 652F4703 590B215D A34A169E AAEC74C7 2CDD3532 5A1C8500 93DA500E D40E78A1 ACDA8018 839ABE7F 9A6B4286 118481FC 9C1EE760 7003956E C478CCB5 4A920C50 B7086A00 6EC2B539 15784EA2 02E3059A 7CC30203 010001A3 66306430 0F060355 1D130101 FF040530 030101FF 30110603 551D1104 0A300882 06726F75 74657230 1F060355 1D230418 30168014 C3351AA7 E9EE87B3 E1E13C33 1DBA1C72 14EEC5A4 301D0603 551D0E04 160414C3 351AA7E9 EE87B3E1 E13C331D BA1C7214 EEC5A430 0D06092A 864886F7 0D010104 05000381 81002280 8B5D316E 883D9C16 DA1E814E E22392B5 D65ADC3F 4F42ACC0 C3841BAD 762B295C 8209A872 BA1DBF6D B53E743B CCCBC34B 61059E74 BAEB02CF 3CA94AC7 C386A898 AFAA62B2 C0D2E764 72F6A44E 49AA7788 EE177FF4 94CCDE27 EAE28BCF 0304A20B 43178263 38F0221B 336996E3 F1C0368C EFDEB18F 6438F618 0CB3F2B7 EDCD quit dot11 syslog ip cef ! ! no ip dhcp use vrf connected ip dhcp excluded-address 10.10.10.1 ip dhcp excluded-address 10.10.9.1 10.10.9.99 ip dhcp excluded-address 10.10.9.200 10.10.9.254 ! ip dhcp pool sdm-pool import all network 10.10.9.0 255.255.255.0 default-router 10.10.9.1 dns-server 10.10.9.20 netbios-name-server 10.10.9.20 ! ! no ip domain lookup ip name-server 194.134.5.5 ip auth-proxy max-nodata-conns 3 ip admission max-nodata-conns 3 ! multilink bundle-name authenticated ! ! username 24Telecom privilege 15 secret 5 $1$ACPI$6HyqDvjOcDJAnJQEaKOA0. ! ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 crypto isakmp key 3853ak48 address 92.67.136.113 ! ! crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac ! crypto map SDM_CMAP_1 1 ipsec-isakmp description Tunnel to92.67.136.113 set peer 92.67.136.113 set transform-set ESP-3DES-SHA match address 100 ! archive log config hidekeys ! ! ! bridge irb ! ! interface Null0 no ip unreachables ! interface ATM0 no ip address no atm ilmi-keepalive pvc 8/35 encapsulation aal5snap ! dsl operating-mode auto bridge-group 1 ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Dot11Radio0 no ip address speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role root ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$ ip address 10.10.9.1 255.255.255.0 ip nat inside ip virtual-reassembly ! interface BVI1 mac-address 0015.56ea.4813 ip address dhcp no ip redirects no ip unreachables no ip proxy-arp ip nat outside ip virtual-reassembly crypto map SDM_CMAP_1 ! no ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 BVI1 ! ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 600 life 86400 requests 10000 ip nat inside source static tcp 10.10.9.20 25 interface BVI1 25 ip nat inside source route-map SDM_RMAP_1 interface BVI1 overload ! access-list 100 remark SDM_ACL Category=4 access-list 100 remark IPSec Rule access-list 100 permit ip 85.150.88.0 0.0.3.255 92.67.136.112 0.0.0.7 access-list 101 remark SDM_ACL Category=2 access-list 101 remark IPSec Rule access-list 101 deny ip 85.150.88.0 0.0.3.255 92.67.136.112 0.0.0.7 access-list 101 permit ip 10.10.9.0 0.0.0.255 any no cdp run ! ! ! route-map SDM_RMAP_1 permit 1 match ip address 101 ! ! control-plane ! bridge 1 protocol ieee bridge 1 route ip banner login ----------------------------------------------------------------------- Cisco Router and Security Device Manager (SDM) is installed on this device. This feature requires the one-time use of the username "cisco" with the password "cisco". The default username and password have a privilege level of 15. Please change these publicly known initial credentials using SDM or the IOS CLI. Here are the Cisco IOS commands. username privilege 15 secret 0 no username cisco Replace and with the username and password you want to use. For more information about SDM please follow the instructions in the QUICK START GUIDE for your router or go to http://www.cisco.com/go/sdm ----------------------------------------------------------------------- ! line con 0 no modem enable line aux 0 line vty 0 4 privilege level 15 transport input telnet ssh ! scheduler max-task-time 5000 end


TCP_IP	#25 Geplaatst op 19 mei 2009, 10:08
Activiteit Berichten: 2727 Lid sinds: 24 feb 2008	Probeer dit eens of dit werkt: Quote interface Dot11Radio0 no ip address no ip redirects no ip unreachables no ip proxy-arp ip route-cache flow ssid vlan 1 authentication open guest-mode authentication key-management wpa wpa-psk ascii speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role root no cdp enable interface Dot11Radio0.1 encapsulation dot1Q 1 native no cdp enable bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding interface Vlan1 description vlanEen ip address A.B.C.D E.F.G.H no ip redirects no ip unreachables no ip proxy-arp ip nat inside ip virtual-reassembly ip route-cache flow Anders deze die ik vond op het internet: http://forums.whirlpool.net.au/forum-replies-archive.cfm/1077978.html Quote Building configuration... Current configuration : 6891 bytes ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname router ! boot-start-marker boot-end-marker ! logging buffered 51200 warnings ! no aaa new-model ! dot11 syslog ! dot11 ssid ************ authentication open authentication key-management wpa guest-mode wpa-psk ascii 0 ************* ! ip cef ! ! ip auth-proxy max-nodata-conns 3 ip admission max-nodata-conns 3 ip domain lookup source-interface Dialer0 ip domain name ******* ip name-server xxx.xxx.xxx.xxx ! ! ! username ******** privilege 15 secret ********** ! ! archive log config hidekeys ! ! ! bridge irb ! ! interface ATM0 no ip address no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0.1 point-to-point description $ES_WAN$ pvc 8/35 pppoe-client dial-pool-number 1 ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Dot11Radio0 no ip address ! encryption mode ciphers tkip ! ssid *************** ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$ no ip address ip tcp adjust-mss 1412 bridge-group 1 bridge-group 1 spanning-disabled ! interface Dialer0 ip address negotiated ip mtu 1452 ip nat outside ip virtual-reassembly encapsulation ppp dialer pool 1 dialer-group 1 no cdp enable ppp authentication chap pap callin ppp chap hostname ******************** ppp chap password ************ ppp pap sent-username ********* password **************** ! interface BVI1 ip address 192.168.0.1 255.255.255.0 ip nat inside ip virtual-reassembly ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 Dialer0 ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source list 1 interface Dialer0 overload ip nat inside source static tcp extendable Example Your WAN IP is say 203.21.20.20 (westnet DNS IP) and you want to RDP in to a local ip 192.168.0.11 on the external Port 33891 it would be as follows. ip nat inside source static tcp 192.168.0.11 3389 203.21.20.20 33891 extendable ! Access List to Allow Internal LAN Internet access access-list 1 remark INSIDE_IF=Vlan1 access-list 1 remark SDM_ACL Category=2 access-list 1 permit 192.168.0.0 0.0.0.255 dialer-list 1 protocol ip permit no cdp run ! ! control-plane ! bridge 1 route ip ! line con 0 logging synchronous no modem enable line aux 0 line vty 0 4 privilege level 15 logging synchronous notify transport input telnet ssh ! scheduler max-task-time 5000 ! end Transmission Control Protocol over Internet Protocol Voor al je Windows en PC problemen kun je terecht op [url]www.xpvista.nl[/url


mcdronkz	#26 Geplaatst op 11 juni 2009, 17:05
Activiteit Berichten: 3 Lid sinds: 18 mei 2009	Ik heb nu de volgende configuratie: Code Download source no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug uptime service timestamps log uptime service password-encryption service sequence-numbers ! hostname router ! logging buffered 10240 debugging logging console critical enable secret dorpsstraat53 ! username admin secret XXXXXXXXXXX ! ip subnet-zero no ip source-route ip domain-name lan ip dhcp excluded-address 192.168.1.1 192.168.1.99 ip dhcp excluded-address 192.168.1.254 ! ip dhcp pool dhcppool import all network 192.168.1.0 255.255.255.0 default-router 192.168.1.254 update arp exit ! ip tcp selective-ack ip tcp timestamp no ip bootp server no ip domain lookup ip inspect name firewall tcp ip inspect name firewall udp ip inspect name firewall cuseeme ip inspect name firewall h323 ip inspect name firewall rcmd ip inspect name firewall realaudio ip inspect name firewall streamworks ip inspect name firewall vdolive ip inspect name firewall sqlnet ip inspect name firewall tftp ip inspect name firewall ftp ip inspect name firewall icmp ip inspect name firewall sip ip inspect name firewall esmtp max-data 52428800 ip inspect name firewall fragment maximum 256 timeout 1 ip inspect name firewall netshow ip inspect name firewall rtsp ip inspect name firewall pptp ip inspect name firewall rtsp ip inspect name firewall skinny file verify auto ! ! bridge irb ! ! interface Dot11Radio0 no ip address ! encryption mode ciphers tkip ! ssid cisco877w authentication open authentication key-management wpa guest-mode wpa-psk ascii XXXXXXXXXXXXX ! speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 no cdp enable bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Vlan1 no ip address bridge-group 1 bridge-group 1 spanning-disabled ! interface bvi1 ip address 192.168.1.254 255.255.255.0 ip access-group 102 in ip nat inside no ip directed-broadcast exit ! interface ATM0 no ip address no atm ilmi-keepalive pvc 8/35 encapsulation aal5snap ! dsl operating-mode auto bridge-group 1 bridge-group 1 spanning-disabled ! no ip http server ! ! line vty 0 4 access-class 2 in login local exit ! access-list 1 remark The local LAN. access-list 1 permit 192.168.1.0 0.0.0.255 ! access-list 2 remark Where management can be done from. access-list 2 permit 192.168.1.0 0.0.0.255 access-list 2 permit host ... ! access-list 101 remark Traffic allowed to enter the router from the Internet access-list 101 deny ip 0.0.0.0 0.255.255.255 any access-list 101 deny ip 10.0.0.0 0.255.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 deny ip 169.254.0.0 0.0.255.255 any access-list 101 deny ip 172.16.0.0 0.15.255.255 any access-list 101 deny ip 192.0.2.0 0.0.0.255 any access-list 101 deny ip 192.168.0.0 0.0.255.255 any access-list 101 deny ip 198.18.0.0 0.1.255.255 any access-list 101 deny ip 224.0.0.0 0.15.255.255 any access-list 101 deny ip any host 255.255.255.255 access-list 101 permit tcp any any eq 1723 access-list 101 permit gre any any access-list 101 permit tcp any any eq 22 access-list 101 permit tcp any any eq 23 access-list 101 deny icmp any any echo access-list 101 deny ip any any log ! access-list 102 remark Traffic allowed to enter the router from the Ethernet access-list 102 permit ip any host 192.168.1.254 access-list 102 deny ip any host 192.168.1.255 access-list 102 deny udp any any eq tftp log access-list 102 deny ip any 0.0.0.0 0.255.255.255 log access-list 102 deny ip any 10.0.0.0 0.255.255.255 log access-list 102 deny ip any 127.0.0.0 0.255.255.255 log access-list 102 deny ip any 169.254.0.0 0.0.255.255 log access-list 102 deny ip any 172.16.0.0 0.15.255.255 log access-list 102 deny ip any 192.0.2.0 0.0.0.255 log access-list 102 deny ip any 192.168.0.0 0.0.255.255 log access-list 102 deny ip any 198.18.0.0 0.1.255.255 log access-list 102 deny udp any any eq 135 log access-list 102 deny tcp any any eq 135 log access-list 102 deny udp any any eq 137 log access-list 102 deny udp any any eq 138 log access-list 102 deny tcp any any eq 445 log access-list 102 permit ip 192.168.1.0 0.0.0.255 any access-list 102 permit ip any host 255.255.255.255 access-list 102 deny ip any any log ! bridge 1 route ip dialer-list 1 protocol ip permit ! interface FastEthernet0 no shutdown exit interface FastEthernet1 no shutdown exit interface FastEthernet2 no shutdown exit interface FastEthernet3 no shutdown exit interface vlan1 no shutdown exit interface ATM0 no shutdown exit interface Dot11Radio0 no shutdown exit interface bvi1 no shutdown exit crypto key generate rsa general-keys modulus 2048 Ik krijg hiermee echter geen verbinding tot het internet. WLAN werkt wel. Wat gaat hier fout? Hoe kan ik dingen testen? Ziet iemand hier meteen al wat er niet klopt?


TCP_IP	#27 Geplaatst op 11 juni 2009, 17:51
Activiteit Berichten: 2727 Lid sinds: 24 feb 2008	Eens kijken... Je mist een stukje voor DHCP, er is geen vast IP op je ATM0 ingesteld en DHCP staat niet aan dus je krijgt geen IP van Online. BVI1 daar moet meer komen te staan en is de uitgaande interface, dus daar iig ip nat outside. Je hebt nog geen NAT pool aangemaakt. Je access-list is wel erg uitgebreid, is dat wel allemaal nodig? Als ik jou was zou ik het in iets kleinere stapjes doen, per interface dus. Begin eerst met je ATM0 en 1 Fe interface. Stel je ATM0 in dat je in ieder geval verbinding krijgt met Online en een IP adres uitgereikt krijgt, configureer dan 1 Fastethernet poort en configureer NAT en daarna DHCP. Vervolgens de andere Fe poorten en als laatste draadloos. Transmission Control Protocol over Internet Protocol Voor al je Windows en PC problemen kun je terecht op [url]www.xpvista.nl[/url


degroot	#28 Geplaatst op 29 juli 2009, 15:30
Activiteit Berichten: 1 Lid sinds: 29 jul 2009	Ik ben al een tijdje bezig om mijn Cisco 877 op mijn Online(4mbit) abonnement aan de gang te krijgen. Eerst had ik een redelijke config , alleen toen viel mijn verbinding na ongeveer 1 minuut weer weg. Ik kon in de eerste minuut netjes pingen , maar daarna hield het op. Zien jullie wat ik mis?? Code Download source CCurrent configuration : 2965 bytes ! version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname degroot ! boot-start-marker boot-end-marker ! security authentication failure rate 3 log security passwords min-length 6 logging buffered 51200 logging console critical enable secret 5 $1$GTf2$03vWEXRrBiwGP/vTePP7x. enable password 7 15010A02092B3F21276360 ! no aaa new-model clock timezone PCTime 1 clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00 no ip source-route no ip routing no ip cef ! ! no ip dhcp use vrf connected ! ip dhcp pool sdm-pool1 import all network 10.0.0.0 255.255.255.0 dns-server 194.134.5.55 194.134.5.5 default-router 10.0.0.129 ! ! ip tcp synwait-time 10 no ip bootp server ip domain name degroot.local ip name-server 194.134.5.55 ip name-server 194.134.5.5 ip ssh time-out 60 ip ssh authentication-retries 2 ! multilink bundle-name authenticated ! crypto pki trustpoint TP-self-signed-3530484955 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3530484955 revocation-check none rsakeypair TP-self-signed-3530484955 ! ! ! ! vtp mode transparent ! ! vlan 2 name hr ! vlan 10 ! ! bridge irb ! ! ! interface ATM0 no ip address no ip redirects no ip unreachables no ip proxy-arp ip nat outside ip virtual-reassembly no ip route-cache no atm ilmi-keepalive pvc 8/35 encapsulation aal5snap ! dsl operating-mode auto bridge-group 1 hold-queue 224 in ! interface FastEthernet0 shutdown ! interface FastEthernet1 ! interface FastEthernet2 shutdown ! interface FastEthernet3 shutdown ! interface Vlan1 ip address 10.0.0.129 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip nat inside ip virtual-reassembly no ip route-cache ip tcp adjust-mss 1452 ! interface BVI1 description $FW_OUTSIDE$ mac-address 001f.9f4c.2bd4 ip address dhcp ip access-group 111 in no ip redirects no ip unreachables no ip proxy-arp ip nat outside ip virtual-reassembly ! no ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 BVI1 ! ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source list 102 interface BVI1 overload ip nat inside source list nat_allowed interface BVI1 overload ! ip access-list extended nat_allowed permit ip any any ! logging trap debugging access-list 1 remark INSIDE_IF=Vlan1 access-list 1 remark SDM_ACL Category=2 access-list 1 permit 10.0.0.0 0.0.0.255 access-list 1 remark INSIDE_IF=Vlan1 access-list 1 remark SDM_ACL Category=2 access-list 102 permit ip any host 10.0.0.129 ! ! ! ! control-plane ! bridge 1 protocol ieee bridge 1 route ip ! line con 0 no modem enable line aux 0 line vty 0 4 password 7 051807012C4D5A0C165542 login ! scheduler max-task-time 5000 end Gewijzigd door degroot op 29 juli 2009, 15:54


Plasmabolter	#29 Geplaatst op 25 oktober 2009, 19:42
Activiteit Berichten: 1 Lid sinds: 25 okt 2009	Beste Forumleden, Alle mensen in dit topic hebben me uitstekend geholpen de cisco 877 aan de gang te krijgen, maar na een maand met die router te hebben gespeeld merk ik dat alle configs nodeloos ingewikkeld zijn die hier staan. Tevens kwam ik erachter dat er heel veel sites waren waarvan ik niet, of maar half kon downloaden, aanpassingen in MTU en mss-adjust en accesslisten en firmware upgrades wilden allemaal niet helpen. Heb besloten om helemaal opnieuw te beginnen met de config. Ik heb uiteindelijk middels SDM de hele router kunnen configuren inclusief gebrigde LAN en Wlan interfaces, het enige wat ik via command line moest doen waren - mac-adress toevoegen - atm route-bridged ip toevoegen. Acceslisten en Firewall regels, zijn allemaal via SDM toegevoegd. ip flow ingress is een feature van 12.4-24, dus die kan je eventueel weglaten. Crypto zooi, maakt router zelf aan na commando ip http secure-server, dus die ook overslaan Wlan interface staat shut in deze config. Bedankt mensen. Hier is mijn config, in al zijn simpelheid: Current configuration : 6238 bytes ! version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname 877W ! boot-start-marker boot-end-marker ! logging message-counter syslog logging buffered 51200 logging console critical enable secret 5 $1$utK2$hLtJlHNM92vt2C4D1Hpgz/ ! no aaa new-model clock timezone PCTime 1 clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00 ! crypto pki trustpoint TP-self-signed-2152708695 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-2152708695 revocation-check none rsakeypair TP-self-signed-2152708695 ! ! crypto pki certificate chain TP-self-signed-2152708695 certificate self-signed 01 3082023D 308201A6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 32313532 37303836 3935301E 170D3039 31303139 31393436 31315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 31353237 30383639 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100B4A0 63E56456 D4F295E7 1EFE3528 5E9BC065 0456E11F 8B60CDF9 74FBD5C4 8F6B1438 70DA544C D6A059E8 D27AF879 D9A1E420 07D681A1 C15466EC EE0B4CD1 B51B0DD7 6B9F735D F6304AA6 8FE7E539 B77BF6D1 C6B0D4A3 EF5D07C8 0DCA1B17 3C4AB084 6C4D1456 A96745C3 C2379D18 6EAC5DE6 637FAF7B 39C2341B 7382ABEC 456F0203 010001A3 65306330 0F060355 1D130101 FF040530 030101FF 30100603 551D1104 09300782 05383737 572E301F 0603551D 23041830 16801426 6693437D 5F1399CD 91126308 1AB9C027 18338530 1D060355 1D0E0416 04142666 93437D5F 1399CD91 1263081A B9C02718 3385300D 06092A86 4886F70D 01010405 00038181 00B05751 813A53FB FD865617 54DAD924 3A9A033C 322D0EB0 D18399B4 E0EDD44F FD05EFF9 927EA1F2 16B701E7 46AEE3C1 AB8F9D2D 678E6932 E10AC632 C5811C4E C7339434 0C70BBC6 1BBBEAC8 F9D444FF DAC8BF7B C3F0E571 C6A79AA5 D12AD152 E3EF4B52 F66F8C92 6B948A96 2B2F467A C0D30A88 B4511AE1 9E963320 FFFFFFFF 48 quit dot11 syslog ! dot11 ssid 877Wifi max-associations 2 authentication open wpa-psk ascii 7 15060E1E0D242C3E273C3C ! no ip source-route no ip dhcp use vrf connected ip dhcp excluded-address 192.168.0.1 ! ip dhcp pool sdm-pool1 network 192.168.0.0 255.255.255.0 dns-server 194.134.5.55 194.134.5.5 default-router 192.168.0.1 ! ! ip cef ip inspect name SDM_LOW cuseeme ip inspect name SDM_LOW dns ip inspect name SDM_LOW ftp ip inspect name SDM_LOW h323 ip inspect name SDM_LOW https ip inspect name SDM_LOW icmp ip inspect name SDM_LOW imap ip inspect name SDM_LOW pop3 ip inspect name SDM_LOW netshow ip inspect name SDM_LOW rcmd ip inspect name SDM_LOW realaudio ip inspect name SDM_LOW rtsp ip inspect name SDM_LOW esmtp ip inspect name SDM_LOW sqlnet ip inspect name SDM_LOW streamworks ip inspect name SDM_LOW tftp ip inspect name SDM_LOW tcp ip inspect name SDM_LOW udp ip inspect name SDM_LOW vdolive no ip bootp server ip name-server 194.134.5.55 ip name-server 194.134.5.5 ! ! ! ! username admin privilege 15 secret 5 $1$LfTH$QH0ttqaNPpM0H5tVLpB77. ! ! ! archive log config hidekeys ! ! ip tcp synwait-time 10 ! bridge irb ! ! interface ATM0 mac-address XXXX.XXXX.XXXX no ip address no ip redirects no ip unreachables no ip proxy-arp ip flow ingress no atm ilmi-keepalive ! interface ATM0.1 point-to-point description $FW_OUTSIDE$ ip address dhcp ip access-group 101 in ip mtu 1480 ip flow ingress ip inspect SDM_LOW out ip nat outside ip virtual-reassembly atm route-bridged ip pvc 8/35 encapsulation aal5snap ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Dot11Radio0 no ip address shutdown ! encryption mode wep mandatory ! ssid 877Wifi ! speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 station-role root world-mode dot11d country NL indoor bridge-group 1 bridge-group 1 spanning-disabled ! interface Vlan1 no ip address bridge-group 1 ! interface BVI1 description $ES_LAN$$FW_INSIDE$ ip address 192.168.0.1 255.255.255.0 ip access-group 100 in no ip redirects no ip unreachables no ip proxy-arp ip flow ingress ip nat inside ip virtual-reassembly ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 ATM0.1 ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ! ip nat inside source list 1 interface ATM0.1 overload ! logging trap debugging access-list 1 remark INSIDE_IF=BVI1 access-list 1 remark SDM_ACL Category=2 access-list 1 permit 192.168.0.0 0.0.0.255 access-list 100 remark auto generated by SDM firewall configuration access-list 100 remark SDM_ACL Category=1 access-list 100 deny ip host 255.255.255.255 any access-list 100 deny ip 127.0.0.0 0.255.255.255 any access-list 100 permit ip any any access-list 101 remark auto generated by SDM firewall configuration access-list 101 remark SDM_ACL Category=1 access-list 101 permit udp host 194.134.5.5 eq domain any access-list 101 permit udp host 194.134.5.55 eq domain any access-list 101 deny ip 192.168.0.0 0.0.0.255 any access-list 101 permit udp any eq bootps any eq bootpc access-list 101 permit icmp any any echo-reply access-list 101 permit icmp any any time-exceeded access-list 101 permit icmp any any unreachable access-list 101 deny ip 10.0.0.0 0.255.255.255 any access-list 101 deny ip 172.16.0.0 0.15.255.255 any access-list 101 deny ip 192.168.0.0 0.0.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 deny ip host 255.255.255.255 any access-list 101 deny ip any any log no cdp run ! ! ! ! control-plane ! bridge 1 protocol ieee bridge 1 route ip ! line con 0 no modem enable line aux 0 line vty 0 4 privilege level 15 login local transport input telnet ssh ! scheduler max-task-time 5000 scheduler allocate 4000 1000 scheduler interval 500 end -----------------------------------------------


Deze website gebruikt Awin affiliate links en Google advertenties, om deze service voor iedereen gratis te houden.

Pagina 3 van 3: 1 23

Spring naar forum:

Gebruik BBcode of HTML om naar; 'Cisco op Orange ADSL Extra', te verwijzen!

BBcode:
HTML:

Vergelijkbare onderwerpen

Onderwerp	Forum		Laatste bericht
Gratis af te halen: ADSL/VoIP modem Huawei HG655d (met root access)	Vraag & Aanbod van tweedehands apparatuur	: 1	19 dec 2018
wijziging \adsl Extra 20MB/S naar ADSL internet 30MB/S	Algemeen	: 5	25 aug 2017
IPTV stream Cisco 887VA	Eigen modem configuratie en problemen	: 12	13 apr 2017
Zyxel modem adsl lampje brandt niet	Algemeen	: 10	02 feb 2017
ADSL/VDSL instellingen	Frequently Asked Questions	: 5	31 dec 2016

Advertentie