cisco 878 g.hdsl ku...
 
Bildirimler
Hepsini Temizle

cisco 878 g.hdsl kurulumu  

  RSS
 Anonim

Merhaba

Bir müşterimize ilk kez cisco 878 modearmım ile internete bağlayacağız. bunun için örnek konfigurasyon varmı. açıklamalrı ile birlikte

Alıntı
Gönderildi : 16/06/2011 13:17
Cem ÇEZİK
(@cemcezik)
Üye

controller DSL 0
 mode atm
 line-term cpe
 line-mode 2-wire line-zero
 dsl-mode shdsl symmetric annex B
 line-rate auto
!
!
interface Loopback1
 ip address x.x.x.x   x.x.x.x (Dış Ip Adresi ve Maskı)

interface ATM0
 no ip address
 no atm ilmi-keepalive
 pvc 8/35
  pppoe-client dial-pool-number 1

interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
 ip address x.x.x.x   x.x.x.x ip nat inside   (Lokal Ip Adresi ve Maskı)
 ip virtual-reassembly
 ip tcp adjust-mss 1452

interface Dialer0
 mtu 1492
 ip address negotiated
 ip mtu 1400
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp pap sent-username xxxxx@xxxxx password xxxxxx  (Internet sağlayıcı tarafından verilen kullanıcı adı şifre)

 ip route 0.0.0.0 0.0.0.0 Dialer0

ip nat inside source list 1 interface Loopback1 overload

access-list 7 permit 192.168.0.0 0.0.0.255     ya da      access-list 1 permit 10.0.3.0 0.0.0.255 (lokal networkün neyse ona göre)

 line vty 0 4
 password xxxxxx
 login
 transport input telnet ssh

CevapAlıntı
Gönderildi : 16/06/2011 13:47
 Anonim

Merhaba


bu yapıya karşı tarafta 192.168.12.0/24 yapıyla vpn nasıl yapabilirim


 

CevapAlıntı
Gönderildi : 16/06/2011 15:24
resul kürekçi
(@resulkurekci)
Üye

peki komutalarım sdm ile nasıl yapabılırım acaba internete baglamak icin

CevapAlıntı
Gönderildi : 02/07/2011 00:30
CozumPark
(@cozumpark)
Onursal Üye Yönetici

merhabalar

SDM üzerinden de yapılabiliyor diye hatırlıyorum en azından 877'ler oluyordu. 

yada SDM üzerinde txt'den import vardı diye hatırlıyorum. Yada konsoldan bağalnınca var olan bir konfigürasyonu direk içine atabilirsiniz copy paste yöntemi ile.

örnek bir konfigürasyon ;

Router#sh run            
Building configuration...                        

Current configuration : 3909 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
no aaa new-model
!
resource policy
!
ip subnet-zero
ip cef
no ip dhcp use vrf connected
!
ip dhcp pool clients
   import all
   network 192.168.1.0 255.255.255.0
   dns-server 192.168.1.253
   default-router 192.168.1.253
!
!
!
!
crypto pki trustpoint TP-self-signed-1845197098
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1845197098
 revocation-check none
 rsakeypair TP-self-signed-1845197098
!
!
crypto pki certificate chain TP-self-signed-1845197098
 certificate self-signed 01
  3082023F 308201A8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 31383435 31393730 3938301E 170D3037 30333032
33345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 38343531
  39373039 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100CE4C 23EC5348 7CAAEA4C C61A99CA 376C30A6 8FE9FC4D 96797FE5 5FD45CD3
  142EB791 7C36D170 B439676A 4DD9C5D7 2C753D1D E2D18369 E6733A0A A0883E59
  05967566 E06FF307 378A2BBB D0BEC18C 85E81523 451B5270 288946FE AA079441
  B588139E 2C3D5761 A6923F1C D1E105BD A9C0DA2F EDD62D19 800259C0 48176CDE
  86F30203 010001A3 67306530 0F060355 1D130101 FF040530 030101FF 30120603
  551D1104 0B300982 07526F75 7465722E 301F0603 551D2304 18301680 147F1859
  5CAFC69C 7C166483 A6931DDD 1249B363 08301D06 03551D0E 04160414 7F18595C
  AFC69C7C 166483A6 931DDD12 49B36308 300D0609 2A864886 F70D0101 04050003
  81810027 5062DDE0 44188867 F6026A6E 4382304C A9FB4185 10C98899 D9EC09CA
  26073D1E 572D3F53 8C591174 E201700A 98BCC691 C5843A91 5292D273 8324C88E
  C1FD8163 C244F5EC 6C5EA222 E1E81E14 7A92AFF9 F9CB0968 32FCABBE 2021EA94
  AB8048E1 AFFB6AF8 FD693CD3 5CE37386 66DE0604 AE4097E8 DD4605AE 2460089F 5BADE1

  quit
username cakmak privilege 15 secret 5 $1$IObq$Oc.tseLHXdyBmirBVnA.8/
!
!
controller DSL 0
 mode atm
line-term cpe
 line-mode 2-wire line-zero
 dsl-mode shdsl symmetric annex B
 line-rate auto
!
!
!
!
interface BRI0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 encapsulation hdlc
 ip route-cache flow
 shutdown
 no cdp enable
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
interface ATM0.1 point-to-point
 pvc 8/35
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
!
interface ATM0.2 point-to-point
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 ip address 192.168.1.253 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1412
!
interface Dialer0
 ip address negotiated
 ip mtu 1452
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap pap callin
 ppp chap hostname petrann@ttnet
 ppp chap password 0 123654
 ppp pap sent-username petrann@ttnet password 0 123654
!
interface Dialer1
 ip address negotiated
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 2
 dialer-group 2
 no cdp enable
 ppp authentication chap callin
 ppp chap hostname petrann@ttnet
 ppp chap password 0 123654
 ppp pap sent-username petrann@ttnet password 0 123654
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
ip nat inside source list 101 interface Dialer1 overload
!
logging trap debugging
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
no cdp run
!
control-plane
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
 login
!
scheduler max-task-time 5000
end

örnek konfigürasyon iki ;

ankara#sh run
Building configuration...

Current configuration : 2670 bytes
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ankara
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
username cisco privilege 15 secret 5 $1$I9OQ$jofdAKqfqg4dngANruCvd.
no aaa new-model
ip subnet-zero
ip cef
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool1
   import all
   network 10.10.10.0 255.255.255.0
   dns-server 212.156.2.70 212.156.4.6
   default-router 10.10.10.1
!
!
ip tcp synwait-time 10
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
ip name-server 212.156.4.1
ip name-server 212.156.2.70
ip name-server 212.156.4.6
ip ssh time-out 60
ip ssh authentication-retries 2
no ftp-server write-enable
!
!
!
!
controller DSL 0
 mode atm
 line-term cpe
 line-mode 2-wire line-zero
 dsl-mode shdsl symmetric annex B
 line-rate auto
!
!
!
!
interface BRI0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 shutdown
 no cdp enable
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
!
interface ATM0.2 point-to-point
 description WAN_BAGLANTI
 pvc 8/35
  encapsulation aal5mux ppp dialer
  dialer pool-member 2
 !
!
interface FastEthernet0
 no ip address
 no cdp enable
!
interface FastEthernet1
 no ip address
 no cdp enable
!
interface FastEthernet2
 no ip address
 no cdp enable
!
interface FastEthernet3
 no ip address
 no cdp enable
!        
interface Vlan1
 description IC_NETWORK
 ip address 10.10.10.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
!
interface Dialer1
 ip address negotiated
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 2
 dialer-group 2
 no cdp enable
 ppp authentication chap callin
 ppp chap hostname metanenerji@ttnet
 ppp chap password 0 123456
 ppp pap sent-username metanenerji@ttnet password 0 123456
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
ip nat inside source list 101 interface Dialer1 overload
!
logging trap debugging
access-list 101 permit ip 10.10.10.0 0.0.0.255 any
dialer-list 2 protocol ip permit
no cdp run
!
control-plane
!
!
line con 0
 login local
 no modem enable
 transport preferred all
 transport output all
line aux 0
 transport preferred all
 transport output all
line vty 0 4
 privilege level 15
 login local
 transport preferred all
 transport input telnet ssh
 transport output all
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end

ankara#

örnek konfigürasyon üç ;

ankara#sh run
Building configuration...

Current configuration : 2670 bytes
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ankara
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
username cisco privilege 15 secret 5 $1$I9OQ$jofdAKqfqg4dngANruCvd.
no aaa new-model
ip subnet-zero
ip cef
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool1
   import all
   network 10.10.10.0 255.255.255.0
   dns-server 212.156.2.70 212.156.4.6
   default-router 10.10.10.1
!
!
ip tcp synwait-time 10
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
ip name-server 212.156.4.1
ip name-server 212.156.2.70
ip name-server 212.156.4.6
ip ssh time-out 60
ip ssh authentication-retries 2
no ftp-server write-enable
!
!
!
!
controller DSL 0
 mode atm
 line-term cpe
 line-mode 2-wire line-zero
 dsl-mode shdsl symmetric annex B
 line-rate auto
!
!
!
!
interface BRI0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 shutdown
 no cdp enable
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
!
interface ATM0.2 point-to-point
 description WAN_BAGLANTI
 pvc 8/35
  encapsulation aal5mux ppp dialer
  dialer pool-member 2
 !
!
interface FastEthernet0
 no ip address
 no cdp enable
!
interface FastEthernet1
 no ip address
 no cdp enable
!
interface FastEthernet2
 no ip address
 no cdp enable
!
interface FastEthernet3
 no ip address
 no cdp enable
!        
interface Vlan1
 description IC_NETWORK
 ip address 10.10.10.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
!
interface Dialer1
 ip address negotiated
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 2
 dialer-group 2
 no cdp enable
 ppp authentication chap callin
 ppp chap hostname USERNAME
 ppp chap password 0 123456
 ppp pap sent-username USERNAME password SIFRE
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
ip nat inside source list 101 interface Dialer1 overload
!
logging trap debugging
access-list 101 permit ip 10.10.10.0 0.0.0.255 any
dialer-list 2 protocol ip permit
no cdp run
!
control-plane
!
!
line con 0
 login local
 no modem enable
 transport preferred all
 transport output all
line aux 0
 transport preferred all
 transport output all
line vty 0 4
 privilege level 15
 login local
 transport preferred all
 transport input telnet ssh
 transport output all
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end

ankara#

kolay gelsin

CevapAlıntı
Gönderildi : 05/07/2011 01:01
resul kürekçi
(@resulkurekci)
Üye

iyi Günler hocam ben g shdsl
kurulumu yaptım cisco 878 serisi var bunu sıfırdan kurdum ve SDM yi de
aktıve ettim webden baglanıyorum yeni baglantı deyip g shdsl diyorum
ayaları yapmaya calısıyorum fakat cd ve ppp ısığı yanıyor test ettigimde

hata

bu hatayı alıyorum g shdsl ısıgı ara ara yanıp sönüyor

CevapAlıntı
Gönderildi : 06/07/2011 12:50
ozgur.tahsin
(@ozgur.tahsin)
Üye

command line uzerinden asagidaki komutu calistirip post a eklemeniz mumkun mu ? username ve passwordu silmek kaydi ile tabi 🙂


sh run


 

CevapAlıntı
Gönderildi : 06/07/2011 18:59
resul kürekçi
(@resulkurekci)
Üye

iyi Gunler beim elımdeki conf bu şekil ve ghdsl ışığı yanıp sonuyor giremiyorum nete yardımcı olurmusunuz acaba
resul#sh run
Building configuration...


Current configuration : 5586 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname resul
!
boot-start-marker
boot-end-marker
!
logging buffered 52000
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
aaa session-id common
!
crypto pki trustpoint TP-self-signed-677840920
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-677840920
 revocation-check none
 rsakeypair TP-self-signed-677840920
!
!
crypto pki certificate chain TP-self-signed-677840920
 certificate self-signed 01
  3082023B 308201A4 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 36373738 34303932 30301E17 0D303230 33303130 31343930
  345A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3637 37383430
  39323030 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  E4A7E62B BA616517 315B3319 FE5C8982 1D442220 9BF6AAB2 642A7DD1 80878B50
  082969F3 2220C0A9 3E16CAF8 38A0826E 32E70AD1 17312013 9F9F3C2B D2BB7C1C
  561633B3 D5D3CD50 31C2F82A D6C0FBE4 A5ED4273 486A2D0F D8E3E4A3 07509C35
  E2B3C509 52C6996B 3CF8B337 9C558E33 632AB322 991C8C15 4CE48E49 DA9D4A8B
  02030100 01A36530 63300F06 03551D13 0101FF04 05300301 01FF3010 0603551D
  11040930 07820566 61796461 301F0603 551D2304 18301680 140B73C8 178E06F4
  1B60AFBD EF074B57 666DB7C8 BF301D06 03551D0E 04160414 0B73C817 8E06F41B
  60AFBDEF 074B5766 6DB7C8BF 300D0609 2A864886 F70D0101 04050003 81810011
  7D01E4B1 F965ACC1 1052A63D E06B565A 03849515 4F6F0C07 74F2DE10 9047875E
  3EAA18ED CDA50358 0579659A C5C41C6B 6ECE6D1B 3A1F93A6 A1FFA52F 1E915643
  497AD768 B7F2E4D3 76C9F6F2 2C299FFB D310636D 10FB1817 AEBB588A B607130D
  EB3F4156 B3EA6AFD 54D57AF1 2D41221D 205F34EC F99FF4D4 51D912AF 88B095
        quit
!
!
ip cef
!
!
!
!
ip name-server 195.175.39.40
ip ddns update method sdm_ddns1
 DDNS both
!
!
multilink bundle-name authenticated
!
!
username resul privilege 15 password 0 resul
archive
 log config
  hidekeys
!
!
controller DSL 0
 mode atm
 line-term cpe
 line-mode 2-wire line-zero
 line-rate auto
!
!
class-map type inspect match-any sdm-cls-insp-traffic
 match protocol cuseeme
 match protocol dns
 match protocol ftp
 match protocol h323
 match protocol https
 match protocol icmp
 match protocol imap
 match protocol pop3
 match protocol netshow
 match protocol shell
 match protocol realmedia
 match protocol rtsp
 match protocol smtp extended
 match protocol sql-net
 match protocol streamworks
 match protocol tftp
 match protocol vdolive
 match protocol tcp
 match protocol udp
class-map type inspect match-all sdm-insp-traffic
 match class-map sdm-cls-insp-traffic
class-map type inspect match-any SDM-Voice-permit
 match protocol h323
 match protocol skinny
 match protocol sip
class-map type inspect match-any sdm-cls-icmp-access
 match protocol icmp
 match protocol tcp
 match protocol udp
class-map type inspect match-all sdm-invalid-src
 match access-group 100
class-map type inspect match-all sdm-icmp-access
 match class-map sdm-cls-icmp-access
class-map type inspect match-all sdm-protocol-http
 match protocol http
!
!
policy-map type inspect sdm-permit-icmpreply
 class type inspect sdm-icmp-access
  inspect
 class class-default
  pass
policy-map type inspect sdm-inspect
 class type inspect sdm-invalid-src
  drop log
 class type inspect sdm-insp-traffic
  inspect
 class type inspect sdm-protocol-http
  inspect
 class type inspect SDM-Voice-permit
  inspect
 class class-default
  pass
policy-map type inspect sdm-permit
 class class-default
!
zone security out-zone
zone security in-zone
zone-pair security sdm-zp-self-out source self destination out-zone
 service-policy type inspect sdm-permit-icmpreply
zone-pair security sdm-zp-out-self source out-zone destination self
 service-policy type inspect sdm-permit
zone-pair security sdm-zp-in-out source in-zone destination out-zone
 service-policy type inspect sdm-inspect
!
!
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
 no snmp trap link-status
 pvc 8/35
  pppoe-client dial-pool-number 1
 !
!
interface ATM0.3 point-to-point
 shutdown
 no snmp trap link-status
!
interface FastEthernet0
 switchport mode trunk
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 description $FW_OUTSIDE$
 ip address 10.0.0.1 255.0.0.0
 ip nat inside
 ip virtual-reassembly
 zone-member security out-zone
 ip tcp adjust-mss 1412
!
interface Dialer0
 description $FW_INSIDE$
 ip address negotiated
 ip mtu 1452
 ip nat outside
 ip virtual-reassembly
 zone-member security in-zone
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap callin
 ppp chap hostname 2125406005@ttnet
 ppp chap password 0 5406005
 ppp pap sent-username 2125406005@ttnet password 0 5406005
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http authentication local
ip http secure-server
!
access-list 100 remark SDM_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip 10.0.0.0 0.255.255.255 any
dialer-list 1 protocol ip permit
!
!
!
!
control-plane
!
!
line con 0
 no modem enable
line aux 0
line vty 0 4
 privilege level 15
 transport input telnet ssh
!
scheduler max-task-time 5000


!
webvpn cef
end
resul#

CevapAlıntı
Gönderildi : 14/09/2011 18:31
Paylaş: