народ, простите что отвлекаю, просто проблемы возникли, небольшие, вопрос такой, есть cisco 1841, работает где то на севере, к ней подсоединен catalyst 2960, внутренняя сеть нормально работает, настраивал не я, тут понадобилось на нее повешать звонилку и чтобы все пользователи смогли ходить в инет (инет на adsl), вроде настроил, но что то не работает:
начальный конфиг:version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router_86.52
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 $1$wW7P$EDNO/AZuJajMSvDdpz3tO1
!
no aaa new-model
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.86.52.1
!
ip dhcp pool voip
network 10.86.52.0 255.255.255.224
dns-server 10.99.1.2
default-router 10.86.52.1
option 176 ascii MCIPADD=1.1.1.1
option 242 ascii MCIPADD=1.1.1.1
option 66 ascii MCIPADD=10.99.2.10
!
!
multilink bundle-name authenticated
!
!
!
username cisco password 0 cisco
archive
log config
hidekeys
!
!
class-map match-all voip
match dscp cs4
class-map match-all RTP
match cos 4
!
!
policy-map OutboundPolicy
class RTP
set dscp cs4
policy-map outqueue
class voip
priority percent 65
!
!
!
!!
interface FastEthernet0/0
description to ISP
no ip address
ip access-group 10 in
duplex auto
speed auto
!
interface FastEthernet0/1
description trunk to LAN
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.100
description NATIVE
encapsulation dot1Q 1 native
ip address 10.86.52.73 255.255.255.248
!
!
interface FastEthernet0/1.102
description VOICE
encapsulation dot1Q 102
ip address 10.86.52.1 255.255.255.224
ip access-group 2 in
ip access-group 2 out
service-policy input OutboundPolicy
!
interface FastEthernet0/1.103
description VKS
encapsulation dot1Q 103
ip address 10.86.52.49 255.255.255.240
ip access-group 3 in
ip access-group 3 out
!
interface FastEthernet0/1.104
description VEDMSTV
encapsulation dot1Q 104
ip address 10.86.52.41 255.255.255.248
ip access-group 4 in
ip access-group 4 out
!
interface FastEthernet0/1.105
description SECURE_ZONE
encapsulation dot1Q 105
ip address 10.86.52.65 255.255.255.248
ip access-group 5 in
ip access-group 5 out
interface FastEthernet0/1.106
description PUBLIC_ZONE
encapsulation dot1Q 106
ip address 10.86.52.33 255.255.255.248
ip access-group 6 in
ip access-group 6 out
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.186.52.5
!
!
ip http server
ip http access-class 1
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 102 interface Dialer0 overload
!
access-list 1 permit 10.99.2.0 0.0.0.255
access-list 1 deny any log
access-list 2 permit 0.0.0.0 log
access-list 2 permit 10.0.0.0 0.255.255.31
access-list 2 permit 10.0.0.128 0.255.255.127
access-list 2 deny any log
access-list 3 permit 10.0.0.48 0.255.255.15
access-list 3 deny any
access-list 4 permit 10.0.0.40 0.255.255.7
access-list 4 deny any
access-list 5 permit 10.0.0.64 0.255.255.7
access-list 5 deny any
access-list 6 permit 10.0.0.32 0.255.255.7
access-list 6 deny any
access-list 10 deny 0.0.0.0
access-list 10 permit any
access-list 102 permit ip 172.16.0.0 0.0.0.255 any
access-list 102 permit ip any any
access-list 110 permit ip any any
!
!
control-plane
!
!line con 0
password cisco
login local
line aux 0
script dialer DialOut
modem InOut
modem autoconfigure type usr_sportster
transport input all
stopbits 1
speed 57600
flowcontrol hardware
line vty 0 4
access-class 1 in
privilege level 15
password cisco
login local
transport input telnet
line vty 5 15
access-class 1 in
privilege level 15
login local
transport input telnet
!
!
scheduler allocate 20000 1000
end
после доработки и вешанья звонилки и ната
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router_86.52
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 $1$wW7P$EDNO/AZuJajMSvDdpz3tO1
!
no aaa new-model
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.86.52.1
!
!
ip dhcp pool voip
network 10.86.52.0 255.255.255.224
dns-server 10.99.1.2
default-router 10.86.52.1
option 176 ascii MCIPADD=1.1.1.1
option 242 ascii MCIPADD=1.1.1.1
option 66 ascii MCIPADD=10.99.2.10
!
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group 1
request-dialin
protocol pppoe
!
!
!
username cisco password 0 cisco
archive
log config
hidekeys
!
!
!
class-map match-all voip
match dscp cs4
class-map match-all RTP
match cos 4
!
!
policy-map OutboundPolicy
class RTP
set dscp cs4
policy-map outqueue
class voip
priority percent 65
!
!
!
!
interface FastEthernet0/0
description to ISP
no ip address
ip access-group 10 in
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
no cdp enable
hold-queue 32 in
!
interface FastEthernet0/1
description trunk to LAN
no ip address
ip tcp adjust-mss 1452
duplex auto
speed auto
!
!!
interface FastEthernet0/1.100
description NATIVE
encapsulation dot1Q 1 native
ip address 10.86.52.73 255.255.255.248
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/1.102
description VOICE
encapsulation dot1Q 102
ip address 10.86.52.1 255.255.255.224
ip access-group 2 in
ip access-group 2 out
ip nat inside
ip virtual-reassembly
service-policy input OutboundPolicy
!
interface FastEthernet0/1.103
description VKS
encapsulation dot1Q 103
ip address 10.86.52.49 255.255.255.240
ip access-group 3 in
ip access-group 3 out
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/1.104
description VEDMSTV
encapsulation dot1Q 104
ip address 10.86.52.41 255.255.255.248
ip access-group 4 in
ip access-group 4 out
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/1.105
description SECURE_ZONE
encapsulation dot1Q 105
ip address 10.86.52.65 255.255.255.248
ip access-group 5 in
ip access-group 5 out
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/1.106
description PUBLIC_ZONE
encapsulation dot1Q 106
ip address 10.86.52.33 255.255.255.248
ip access-group 6 in
ip access-group 6 out
ip nat inside
ip virtual-reassembly
!
interface Dialer0
ip address negotiated
ip access-group 110 in
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp chap hostname login
ppp chap password parol'
ppp ipcp dns request
!
ip http server
ip http access-class 1
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 102 interface Dialer0 overload
!
access-list 1 permit any
access-list 2 permit 0.0.0.0 log
access-list 2 permit 10.0.0.0 0.255.255.31
access-list 2 permit 10.0.0.128 0.255.255.127
access-list 2 deny any log
access-list 3 permit 10.0.0.48 0.255.255.15
access-list 3 deny any
access-list 4 permit 10.0.0.40 0.255.255.7
access-list 4 deny any
access-list 5 permit 10.0.0.64 0.255.255.7
access-list 5 deny any
access-list 6 permit 10.0.0.32 0.255.255.7
access-list 6 deny any
access-list 10 deny 0.0.0.0
access-list 10 permit any
access-list 102 permit ip 172.16.0.0 0.0.0.255 any
access-list 102 permit ip any any
access-list 110 permit ip any any
!
!
control-plane
!
!line con 0
password cisco
login local
line aux 0
script dialer DialOut
modem InOut
modem autoconfigure type usr_sportster
transport input all
stopbits 1
speed 2400
flowcontrol hardware
line vty 0 4
access-class 1 in
privilege level 15
password cisco
login local
transport input telnet
line vty 5 15
access-class 1 in
privilege level 15
login local
transport input telnet
!
scheduler allocate 20000 1000
end
FastEthernet0/0 is up, line protocol is up
Hardware is Gt96k FE, address is 0026.cb29.94a0 (bia 0026.cb29.94a0)
Description: to ISP
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:22, output 00:00:04, output hang never
Last clearing of "show interface" counters never
Input queue: 0/32/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
43 packets input, 2590 bytes
Received 7 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
41 packets output, 2540 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
интерфейс внешний даже ip не получает, помогите кто может..
Вариант для распечатки
Маршрутизаторы CISCO и др. оборудование. (Маршрутизация)
(ok) on 17-Мрт-10, 11:21 
