Re: [cisco-ttl] nat sorunu

From: serhat aslan <serhataslan22_at_....>
Date: Fri, 8 Feb 2008 07:13:05 -0800 (PST)


Merhaba,

nat-outside -> 192.168.1.x ve 10.10.6.y'li bir network nat-inside ise -> 192.168.4.x li bir network

source list ise icerdeki nat-inside'daki hostlari gosteren liste ise 192.168.1.x li networku tanimlamis.

  Bu yuzden source-list ile nat-inside eslestirilmesinin uyumlu olmasi gerekiyor.  

2. Bu biraz genel bir konu, cunku gercek IP kullandiginizda bir tane NAT tablosundan gecme basamagini direk olarak indiriyorsunuz. Bu belki isinize yarar belkide problem olabilir.

kolay gelsin,
Serhat Aslan

Umut Aydinlik <uaydinli_at_gmail.com> wrote: Arkadaslar nat yaparken kafam karıştı iki farklı internet bağlantım var ikisinin arasında track yapmak istiyorum. Asagidaki kofigrasyonu kullandım ama lokaldeki bilgisayarlarım internete çıkamıyor.
1. sorum :
Bu konfigrasyonla bilgisayarlarım nasıl inernete çıkar.

!

version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption
service sequence-numbers
!

hostname Mahmut
!

boot-start-marker
boot-end-marker
!

security authentication failure rate 3 log security passwords min-length 6
logging buffered 51200 debugging
enable secret
!

aaa new-model
!
!

aaa authentication login default local
aaa authorization exec default local
!

aaa session-id common
clock timezone GMT+2 2
clock summer-time GMT+2 date Mar 26 2007 2:00 Oct 29 2007 2:00 no ip source-route
!
!
!
!

ip cef
ip name-server 4.2.2.2
ip name-server 4.2.2.1
no ip bootp server
ip sla monitor 1
 type echo protocol ipIcmpEcho 4.2.2.2 source-interface FastEthernet0  timeout 2000
 frequency 5
ip sla monitor schedule 1 life forever start-time now ip sla monitor 2
 type echo protocol ipIcmpEcho 4.2.2.2 source-interface Ethernet1  timeout 2000
 frequency 5
ip sla monitor schedule 2 life forever start-time now
!

username privilege 15 secret
!
!

ip tcp synwait-time 10
ip ftp username
ip ftp password
!

track 1 rtr 1 reachability
!

track 2 rtr 2 reachability
!
!

interface Loopback0
 no ip address
!

interface Ethernet0
 ip address 192.168.4.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
 half-duplex
!

interface Ethernet1
 ip address 192.168.1.44 255.255.255.240  ip nat outside
 ip virtual-reassembly
 ip route-cache flow
 half-duplex
!

interface FastEthernet0
 ip address 10.10.6.162 255.255.255.240
 ip nat outside
 ip virtual-reassembly
 ip route-cache flow
 speed auto
!

ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet0 20 name Line1 track 1 ip route 0.0.0.0 0.0.0.0 Ethernet1 30 name Line2 track 2 ip http server
ip http access-class 99
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000 ip flow-top-talkers
 top 10
 sort-by bytes
!

ip nat inside source list 2 interface FastEthernet0 overload ip nat inside source list 2 interface Ethernet 0 overload
!

access-list 1 remark UZAK
access-list 1 permit 88.45.45.12 255.255.255.255
access-list 1 deny   any log
access-list 2 remark NAT
access-list 2 permit ip any 192.168.1.0 0.0.0.255
snmp-server community mahmut RO 99
no cdp run
!

control-plane
!

banner login ^CCCC

yardımlarınız için teşekkürler.

Umut...

[Non-text portions of this message have been removed]

--
Cisco Teknik Tartisma Listesi (Cisco-ttl)

Bu listede onerilen degisikliklerin uygulanmasindaki tum sorumluluk 
kullaniciya aittir. Liste yoneticileri, oneride bulunan liste uyeleri ya da 
bu uyelerin calistigi kuruluslar herhangi bir sekilde sorumlu tutulamazlar. 
Yahoo! Groups Links





       
---------------------------------
Be a better friend, newshound, and know-it-all with Yahoo! Mobile.  Try it now.

[Non-text portions of this message have been removed]
Received on Fri Feb 08 2008 - 16:13:09 CET

This archive was generated by hypermail 2.2.0 : Fri Feb 08 2008 - 16:13:10 CET