Zakupiłem ostatnio używany router Cisco 837 ADSL (nie wiem czy to dobry pomysł .. no ale) , skonfigurowałem go zgodnie z jednym ze znalezionych w necie przykładów (mój konfig zamieszczam poniżej). I tutaj moje pytanie, w jaki sposób mogę zablokować dostęp do routera z zewnątrz?
Kod: Zaznacz cały
NEO#show startup-config
Using 1767 out of 131072 bytes
!
version 12.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
!
hostname NEO
!
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
enable password 7 xxxxxxxxxxxx
!
username user password 7 xxxxxxxxxxxx
username user1 password 7 xxxxxxxxxxxx
ip subnet-zero
no ip source-route
ip tcp path-mtu-discovery
no ip domain lookup
ip dhcp excluded-address 192.168.2.1
!
ip dhcp pool CLIENT
import all
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 194.204.159.1 194.204.152.34
lease 0 2
!
ip urlfilter alert
ip audit notify log
ip audit po max-events 100
!
!
!
!
!
!
interface Ethernet0
description Polaczenie dla sieci LAN
ip address 192.168.2.1 255.255.255.0
ip nat inside
no cdp enable
hold-queue 100 out
!
interface ATM0
description Polaczenie ADSL do ISP
no ip address
no atm ilmi-keepalive
pvc 0/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
dsl power-cutback 30
hold-queue 224 in
!
interface Dialer0
description Interfejs dzwoniacy
ip address negotiated
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
ppp chap hostname neo_log@neostrada.pl
ppp chap password 7 xxxxxxxxxxxxx
!
ip nat inside source list 100 interface Dialer0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
ip http server
no ip http secure-server
!
!
access-list 100 permit ip 192.168.2.0 0.0.0.255 any
access-list 100 deny ip any any
no cdp run
!
line con 0
exec-timeout 5 0
login local
no modem enable
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 5 0
login local
!
scheduler max-task-time 5000
end
