Router on a stick a dostęp do Internetu

Pytania dt. certyfikacji CCNA i CCDA
ODPOWIEDZ
Wiadomość
Autor
FunnyMan
fresh
fresh
Posty: 2
Rejestracja: 01 paź 2014, 22:45

Router on a stick a dostęp do Internetu

#1

#1 Post autor: FunnyMan »

Hej

Próbuję skonfigurować router-on-a-stick dla 2 VLANów z DHCP i dostępem do internetu. Wszystko działa, oprócz tego ostatniego. Google nie wiele pomaga, może Wy pomożecie? :)

Konfiguracja routera:

Kod: Zaznacz cały

Current configuration : 1864 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname C1841
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
enable secret 5 $1$SNRN$baPyi2nb/AV6YqNREpm4z0
!
aaa new-model
!
!
!
!
aaa session-id common
dot11 syslog
ip source-route
!
!
ip dhcp excluded-address 192.168.10.1
ip dhcp excluded-address 192.168.20.1
!
ip dhcp pool PULA1
   network 192.168.10.0 255.255.255.0
   dns-server 8.8.8.8
   domain-name dom.local
   default-router 192.168.10.1
!
ip dhcp pool PULA2
   network 192.168.20.0 255.255.255.0
   dns-server 8.8.8.8
   default-router 192.168.20.1
   domain-name guest.local
!
!
ip cef
ip domain name dom.local
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
username admin secret 5 $1$DgvN$J5wKVjMSRxMRdzfFhXB1R1
archive
 log config
  hidekeys
!
!
!
!
!
ip ssh version 2
!
!
!
interface FastEthernet0/0
 ip address 192.168.1.200 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/1.1
 encapsulation dot1Q 1 native
 ip address 192.168.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
interface FastEthernet0/1.10
 encapsulation dot1Q 10
 ip address 192.168.20.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
interface Serial0/0/0
 no ip address
 shutdown
 no fair-queue
 clock rate 2000000
!
interface Serial0/1/0
 no ip address
 shutdown
 clock rate 2000000
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.1.1
no ip http server
no ip http secure-server
!
!
ip nat inside source list 120 interface FastEthernet0/0 overload
!
access-list 120 permit ip 192.168.0.0 0.0.255.255 any
!
!
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
 transport input ssh
 transport output ssh
!
scheduler allocate 20000 1000
end
I konfiguracja switcha:

Kod: Zaznacz cały

C3560#sh run
Building configuration...

Current configuration : 4384 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname C3560
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
system mtu routing 1500
vtp domain DBM_INC
vtp mode transparent
ip subnet-zero
!
!
!
!         
crypto pki trustpoint TP-self-signed-185004672
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-185004672
 revocation-check none
 rsakeypair TP-self-signed-185004672
!
!
crypto pki certificate chain TP-self-signed-185004672
 certificate self-signed 01
  3082023D 308201A6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 31383530 30343637 32301E17 0D393330 33303130 30303035 
  305A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F 
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3138 35303034 
  36373230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 
  AEAE43AE 44EFCAA4 8E2F415B 6359EE63 400E48F3 5EF749FB FC44A586 8A97348D 
  2B379F38 4BF18AF3 A4B9E914 0FB6529B 8B1FBF3B 8A8CAA7C 6CC164B4 1A086084 
  D04FBA6B 52D36156 16E33D21 3056A137 057E226B CFCE9A85 0CBF4274 D5CC3C78 
  E39FA604 C07067BA 68A6EEE7 CAFC6C32 719D9478 ED847B4F 912C96B1 A7192F6B 
  02030100 01A36730 65300F06 03551D13 0101FF04 05300301 01FF3012 0603551D 
  11040B30 09820753 77697463 682E301F 0603551D 23041830 16801433 9095364C 
  78D68D10 2A286A35 E69275DB C20D5D30 1D060355 1D0E0416 04143390 95364C78 
  D68D102A 286A35E6 9275DBC2 0D5D300D 06092A86 4886F70D 01010405 00038181 
  004AE9AD B826F13F 5E336063 C95A2068 4E236C37 C659A579 72E2C40C 9404B57F 
  2D6A76C5 B40E97C7 4FA9EDA2 09586F48 5C90EEC0 D6A7A9C0 9C001ACE A8D45D9E 
  75168A2B A571B7AE 42DF0B40 F1A13A0E C6E9A857 FA53B976 A8829ABB C56B9327 
  4B04F614 700D9CEF 712B3B22 8B2D90D9 FE906C61 32072C75 4F4BA393 9C2FF6E8 25
  quit
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 10
 name Goscie
!
vlan 11 
!
!
!
!         
interface FastEthernet0/1
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/2
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/3
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport access vlan 11
 switchport mode access
 spanning-tree portfast
!         
interface FastEthernet0/12
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport mode access
 ip dhcp client lease 1 0 0
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree portfast
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 ip address 192.168.10.150 255.255.255.0
!
interface Vlan10
 ip address 192.168.20.150 255.255.255.0
!
ip default-gateway 192.168.1.200
ip classless
ip http server
ip http secure-server
!         
!
!
control-plane
!
!
line con 0
line vty 0 4
 login
line vty 5 15
 login
!
end
Z poziomu 192.168.1.200 bez problemu pinguję 8.8.8.8. Z PC podłączonego do portów 10 i 14 idą do poziomu routera 192.168.1.200 - dalej nic. Za nim jest jeszcze jeden routerek 192.168.1.1 i dzięki niemu jest dostęp do Internetu. Gdzie jest błąd? Podejrzewam, że skopałem coś w NAT, ale nie mam pomysłu co :D
Na górę
Awatar użytkownika
domin
wannabe
wannabe
Posty: 847
Rejestracja: 15 lip 2005, 20:04
Lokalizacja: Kraków
Kontakt:
Skontaktuj się z domin

#2

#2 Post autor: domin »

Brakuje ci

Kod: Zaznacz cały

ip nat outside
na interfejsie WAN rutera
.ılı..ılı.
Na górę
FunnyMan
fresh
fresh
Posty: 2
Rejestracja: 01 paź 2014, 22:45

#3

#3 Post autor: FunnyMan »

Hehe :D Przez pomyłkę z rozpędu zrobiłem default interface fa 0/0 i potem zapomniałem outside'a dać - dzięki!
Na górę
ODPOWIEDZ

Wróć do „Poziom Associate”