cancelar
Mostrando los resultados de 
Buscar en lugar de 
Quiere decir: 
Avisos
¡Bienvenido a la nueva Comunidad de Soporte de Cisco! Nos encantaría conocer su opinión
New Member

Configurar Cisco 887 detrás de router fibra ONO

Buenas tardes a todos,

Llevo 2 dias intentando configurar un Cisco 887 detrás de un router de fibra de Ono y no hay manera. El caso es que Vodafone Ono (Empresas), nos ha colocado su router en modo bridge y nosotros, hemos configurado un puerto FE como WAN asociado a la VLAN10.

Pongo la configuración que hemos usado a ver si alguién me puede echar una mano:

!
! Last configuration change at 11:16:55 ESPANA Thu Dec 17 2015
version 15.2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
clock timezone ESPANA 1 0
clock summer-time ESPANA recurring last Sun Mar 2:00 last Sun Oct 3:00
!
!
no ip source-route
ip auth-proxy max-login-attempts 5
ip admission max-login-attempts 5
!
!
!
ip dhcp excluded-address 10.12.9.1 10.12.9.199
ip dhcp excluded-address 10.12.9.250 10.12.9.254
!
ip dhcp pool POOLDHCP
network 10.12.9.0 255.255.255.0
default-router 10.12.9.251
dns-server 62.81.29.254 62.81.16.213
lease 0 1
!
!
no ip bootp server
no ip domain lookup
ip cef
ip name-server 62.81.29.254
ip name-server 62.81.16.213
no ipv6 cef
!
!
multilink bundle-name authenticated
chat-script gsm "" "AT!SCACT=1,1" TIMEOUT 60 "OK"
license udi pid C887VAG+7-K9 sn FCZ1705C1FS
!
!
controller VDSL 0
!
controller Cellular 0
!
!
crypto isakmp policy 10
encr aes
authentication pre-share
group 2
lifetime 3600
crypto isakmp key <key> address x.x.x.x 
!
crypto map xxxxx 10 ipsec-isakmp
set peer x.x.x.x
match address acl_vpn
!
interface Ethernet0
no ip address
shutdown
!
interface ATM0
no ip address
shutdown
!
interface FastEthernet0
description CONNECTED TO WAN
switchport access vlan 10
no ip address
spanning-tree portfast
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface Vlan1
ip address 10.12.9.251 255.255.255.0
no ip redirects
no ip proxy-arp
ip nat inside
no ip virtual-reassembly in
ip policy route-map clear-df
load-interval 30
no autostate
arp timeout 86400
!
interface Vlan10
description CONNECTED TO WAN
ip address dhcp
ip nat outside
ip virtual-reassembly in
crypto map xxxx
!
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source static tcp 10.12.9.100 83 interface Vlan10 83
ip nat inside source static tcp 10.12.9.100 10000 interface Vlan10 10000
ip nat inside source static tcp 10.12.9.91 81 interface Vlan10 81
ip nat inside source static tcp 10.12.9.91 6036 interface Vlan10 6036
ip nat inside source route-map MAP-LINEA-PPAL interface Vlan10 overload
ip route 0.0.0.0 0.0.0.0 81.184.3.33
!
ip access-list extended acl_lan_wan
deny ip 10.12.9.0 0.0.0.255 10.1.0.0 0.0.255.255
permit ip 10.12.9.0 0.0.0.255 any
ip access-list extended acl_vpn
permit ip 10.12.9.0 0.0.0.255 10.1.0.0 0.0.255.255
!
!
route-map MAP-LINEA-PPAL permit 10
match ip address acl_lan_wan
match interface Vlan10
!

Lógicamente, tampoco me funciona la IPSec...gracias anticipadas!

1 RESPUESTA
New Member

hola, puedes regalar la

hola, puedes regalar la salida del comando *sh vlan-sw* en el router?

147
Visitas
0
ÚTIL
1
Respuestas