>Тут телепатов целый форум - может конфиг покажите? прошу прощения, но мне казалось что вопрос мало касается конфига. но раз настаиваете
Current configuration : 4217 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname krasnoyarsk
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-----------
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-----------
revocation-check none
rsakeypair TP-self-signed-----------
!
!
crypto pki certificate chain TP-self-signed-----------
certificate self-signed 01
-------- -------- -------- -------- -------- -------- -------- --------
-------- -------- -------- -------- -------- -------- -------- --------
quit
dot11 syslog
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address ***.***.2.1
ip dhcp excluded-address ***.***.2.222
ip dhcp excluded-address ***.***.2.250
ip dhcp excluded-address ***.***.2.20
ip dhcp excluded-address ***.***.2.10
!
ip dhcp pool karsnoyarsk.local
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 192.168.0.2
netbios-name-server 192.168.0.2
lease 7
!
!
ip domain name svel.ru
ip name-server **.***.***.145
ip name-server **.***.***.126
!
!
!
username prazdnick privilege 15 secret 5 ******************************
!
!
archive
log config
hidekeys
!
!
!
!
!
interface Tunnel100
ip unnumbered Vlan1
tunnel source Vlan2
tunnel destination ***.***.253.180
tunnel mode ipip
!
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
switchport access vlan 2
!
interface Vlan1
description local.network
ip address ***.***.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Vlan2
description sovintel.internet
ip address **.***.139.201 255.255.255.252
ip nat outside
ip virtual-reassembly
!
ip default-gateway **.***.139.202
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 **.***.139.202
ip route ***.***.0.0 255.255.255.0 ***.***.253.180
ip route ***.***.0.0 255.255.255.0 Tunnel100
ip route ***.***.1.0 255.255.255.0 Tunnel100
ip route ***.***.3.0 255.255.255.0 Tunnel100
ip route ***.***.4.0 255.255.255.0 Tunnel100
ip route ***.***.8.0 255.255.255.0 Tunnel100
ip route ***.***.11.0 255.255.255.0 Tunnel100
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns view-list covintel
ip nat translation max-entries all-host 100
ip nat inside source list 22 interface Vlan2 overload
!
access-list 22 permit ***.***.2.222
access-list 23 permit any
no cdp run
!
!
!
control-plane
!
banner exec ^C Ok, Let's do some job ^C
banner login ^C Hi! I'm Krasnoyarsk router, please name yourself... ^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end