Jump to content
Калькуляторы

Абоненты NAT не могут достучаться до сервера

Добрый день, коллеги. Обрисую вкратце ситуацию. Существует сеть, реализованная как vlan per user. Ядром является cisco, на ней крутятся белые IP. Так же поднят nat (но железка стоит у нашего провайдера и они ей рулят)..Согласен, что бред полный, но как то так. А теперь сама суть. К примеру выдаем мы абонентам Ip из сети 10.1.0.0/16, а в мир они выходят под 193.0.152.6. Мы провайдера нашего попросили изменить 193.0.152.6 на 193.0.154.6 и вот после этих манипуляций наши абоненты с серыми IP перестали пинговать какие либо сервера. Трасерт от абонента до сервака показывает, что запрос доходит до нашей циски и там останавливается, провайдер тоже говорит, что дело в ней, но мы конфигурацию не меняли, а эта проблема появилась именно после изменений на стороне провайдера.э подскажите, куда смотреть и что делать?

Share this post


Link to post
Share on other sites

сервер находится внутри нашей сети, только под белым IP. фактически это наш абонент, который занимается администрированием 1C и к нему стучатся его клиенты на сервер.

post-130330-046054300 1458905548_thumb.jpeg

Share this post


Link to post
Share on other sites

router#sh run

Building configuration...

 

Current configuration : 704644 bytes

!

! Last configuration change at 13:09:13 UTC Fri Mar 25 2016 by tele

!

upgrade fpd auto

version 12.2

service timestamps debug datetime localtime show-timezone

service timestamps log datetime msec localtime

service password-encryption

service counters max age 5

service unsupported-transceiver

!

hostname router

!

boot-start-marker

boot system bootdisk:s3223-advipservicesk9_wan-mz.122-33.SXI6.bin

boot-end-marker

!

***************

!

***************

aaa new-model

!

!

!

!

!

aaa session-id common

platform ipv4 pbr optimize tcam

clock timezone UTC 3

!

!

!

ip flow-cache timeout active 1

ip ftp username ***********

ip ftp password 7 ***********

ip ssh version 2

ip domain-name tele-k.local

vtp mode transparent

mls netflow interface

mls flow ip interface-destination-source

mls nde sender version 5

mls qos

mls rate-limit unicast cef receive 10000 100

mls cef error action reset

!

!

!

!

!

!

!

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

system flowcontrol bus auto

diagnostic bootup level minimal

no errdisable detect cause gbic-invalid

access-list 5 permit 10.0.0.2

access-list 5 permit 10.0.0.1

access-list 5 permit 193.0.152.4

access-list 24 permit 10.0.0.2

access-list 100 permit tcp any any eq www

access-list 100 permit tcp any any eq 443

!

redundancy

main-cpu

auto-sync running-config

mode sso

!

ip access-list extended base-firewall

deny udp any any eq 445

deny udp any any eq 4444

deny tcp any any eq 135

deny tcp any any eq 445

deny tcp any any eq 4444

deny tcp any any eq 139

deny udp any any eq 135

deny udp any any eq netbios-ss

deny udp any any eq netbios-ns

deny udp any any eq netbios-dgm

permit ip any any

ip access-list extended blocked

deny ip host 101.1.29.82 any

deny ip any host 101.1.29.82

deny ip host 103.240.151.25 any

deny ip any host 103.240.151.25

permit ip any any

!

vlan internal allocation policy ascending

vlan access-log ratelimit 2000

!

!

!

!

!

interface Loopback1

ip address 10.0.0.1 255.0.0.0

no ip redirects

!

interface Loopback2

ip address 193.0.152.1 255.255.252.0

!

interface Port-channel1

description Krasnodar-Uplink

no ip address

!

interface Port-channel1.13

encapsulation dot1Q 13

ip unnumbered Loopback2

!

interface Port-channel1.14

encapsulation dot1Q 14

ip unnumbered Loopback1

ip flow ingress

!

interface Port-channel1.235

!

interface Port-channel2

no ip address

!

interface Port-channel2.2

encapsulation dot1Q 2

ip unnumbered Loopback1

!

interface Port-channel2.3

encapsulation dot1Q 3

ip unnumbered Loopback2

no ip redirects

no ip unreachables

!

interface Port-channel2.4

encapsulation dot1Q 4

ip unnumbered Loopback1

ip access-group base-firewall in

no ip redirects

no ip unreachables

ip policy route-map servernat

!

interface Port-channel2.5

encapsulation dot1Q 5

ip unnumbered Loopback1

ip access-group base-firewall in

no ip redirects

no ip unreachables

no ip proxy-arp

ip policy route-map servernat

!

interface Port-channel2.6

encapsulation dot1Q 6

ip unnumbered Loopback1

ip access-group base-firewall in

no ip redirects

no ip unreachables

no ip proxy-arp

ip policy route-map servernat

!

interface Port-channel2.7

encapsulation dot1Q 7

ip unnumbered Loopback1

ip access-group base-firewall in

no ip redirects

no ip unreachables

no ip proxy-arp

ip policy route-map servernat

!

interface Port-channel2.8

encapsulation dot1Q 8

ip unnumbered Loopback1

ip access-group base-firewall in

no ip redirects

no ip unreachables

no ip proxy-arp

ip policy route-map servernat

!

interface Port-channel2.9

encapsulation dot1Q 9

ip unnumbered Loopback2

no ip redirects

no ip unreachables

!

interface Port-channel2.10

encapsulation dot1Q 10

ip unnumbered Loopback2

no ip redirects

no ip unreachables

!

interface Port-channel2.11

encapsulation dot1Q 11

ip unnumbered Loopback2

no ip redirects

no ip unreachables

!

interface Port-channel2.12

encapsulation dot1Q 12

ip unnumbered Loopback2

no ip redirects

no ip unreachables

 

---------------

interface Port-channel2.4087

encapsulation dot1Q 4087

ip unnumbered GigabitEthernet2/7

no ip redirects

no ip unreachables

!

interface Port-channel2.4089

encapsulation dot1Q 4089

ip unnumbered Loopback1

ip access-group base-firewall in

no ip redirects

no ip unreachables

no ip proxy-arp

ip policy route-map servernat

!

interface Port-channel2.4091

encapsulation dot1Q 4091

ip unnumbered Loopback2

no ip redirects

no ip unreachables

!

interface Port-channel2.4092

encapsulation dot1Q 4092

ip unnumbered Loopback2

no ip redirects

no ip unreachables

!

interface GigabitEthernet2/1

no ip address

!

interface GigabitEthernet2/1.21

encapsulation dot1Q 21 native

ip unnumbered Loopback2

!

interface GigabitEthernet2/2

no ip address

!

interface GigabitEthernet2/3

ip address 80.72.234.34 255.255.255.252

ip access-group blocked in

ip access-group blocked out

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

shutdown

!

interface GigabitEthernet2/4

no ip address

channel-protocol lacp

channel-group 1 mode active

!

interface GigabitEthernet2/5

no ip address

channel-protocol lacp

channel-group 1 mode active

!

interface GigabitEthernet2/6

no ip address

channel-protocol lacp

channel-group 2 mode active

!

interface GigabitEthernet2/7

no ip address

channel-protocol lacp

channel-group 2 mode active

!

interface GigabitEthernet2/8

no ip address

!

interface GigabitEthernet2/9

ip address 192.168.0.1 255.255.255.0

!

interface Vlan1

no ip address

shutdown

!

ip classless

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 193.0.152.5

ip route 10.0.0.2 255.255.255.255 Port-channel1.14

ip route 10.0.0.3 255.255.255.255 Port-channel2.4

ip route 10.1.4.190 255.255.255.255 Port-channel2.243

ip route 10.1.5.30 255.255.255.255 Port-channel2.252

ip route 10.1.5.50 255.255.255.255 Port-channel2.254

ip route 10.1.5.140 255.255.255.255 Port-channel2.263

ip route 10.1.5.240 255.255.255.255 Port-channel2.273

ip route 10.1.6.90 255.255.255.255 Port-channel2.384

ip route 10.1.6.100 255.255.255.255 Port-channel2.385

ip route 10.1.6.110 255.255.255.255 Port-channel2.386

ip route 10.1.6.120 255.255.255.255 Port-channel2.387

ip route 10.1.6.180 255.255.255.255 Port-channel2.4089

ip route 10.1.7.60 255.255.255.255 Port-channel2.104

ip route 10.1.7.70 255.255.255.255 Port-channel2.108

ip route 10.1.7.140 255.255.255.255 Port-channel2.1099

ip route 10.1.8.40 255.255.255.255 Port-channel2.4080

 

--------------------

 

ip route 83.69.71.0 255.255.255.0 Null0

ip route 193.0.152.0 255.255.252.0 Null0

ip route 193.0.152.2 255.255.255.255 Port-channel2.4077

ip route 193.0.152.3 255.255.255.255 Port-channel2.4084

ip route 193.0.152.4 255.255.255.255 GigabitEthernet2/1.21

ip route 193.0.152.5 255.255.255.255 Port-channel1.13

ip route 193.0.152.11 255.255.255.255 Port-channel2.11

ip route 193.0.152.13 255.255.255.255 Port-channel2.2226

ip route 193.0.152.15 255.255.255.255 Port-channel2.2242

ip route 193.0.152.16 255.255.255.255 Port-channel2.299

ip route 193.0.152.16 255.255.255.255 Port-channel2.4030

ip route 193.0.152.17 255.255.255.255 Port-channel2.3513

ip route 193.0.152.18 255.255.255.255 Port-channel2.3271

ip route 193.0.152.19 255.255.255.255 Port-channel2.3220

ip route 193.0.152.20 255.255.255.255 Port-channel2.3077

ip route 193.0.152.22 255.255.255.255 Port-channel2.3246

ip route 193.0.152.23 255.255.255.255 Port-channel2.3434

ip route 193.0.152.24 255.255.255.255 Port-channel2.3213

ip route 193.0.152.25 255.255.255.255 Port-channel2.258

ip route 193.0.152.26 255.255.255.255 Port-channel2.2230

ip route 193.0.152.27 255.255.255.255 Port-channel2.3214

ip route 193.0.152.28 255.255.255.255 Port-channel2.129

ip route 193.0.152.29 255.255.255.255 Port-channel2.3016

ip route 193.0.152.30 255.255.255.255 Port-channel2.349

ip route 193.0.152.31 255.255.255.255 Port-channel2.332

ip route 193.0.152.32 255.255.255.255 Port-channel2.1951

ip route 193.0.152.33 255.255.255.255 Port-channel2.3200

ip route 193.0.152.34 255.255.255.255 Port-channel2.171

ip route 193.0.152.35 255.255.255.255 Port-channel2.2228

ip route 193.0.152.36 255.255.255.255 Port-channel2.3021

ip route 193.0.152.37 255.255.255.255 Port-channel2.80

ip route 193.0.152.38 255.255.255.255 Port-channel2.3545

ip route 193.0.152.39 255.255.255.255 Port-channel2.1373

ip route 193.0.152.40 255.255.255.255 Port-channel2.3825

ip route 193.0.152.41 255.255.255.255 Port-channel2.3230

ip route 193.0.152.42 255.255.255.255 Port-channel2.3277

ip route 193.0.152.43 255.255.255.255 Port-channel2.3275

ip route 193.0.152.44 255.255.255.255 Port-channel2.3276

ip route 193.0.152.45 255.255.255.255 Port-channel2.3350

ip route 193.0.152.46 255.255.255.255 Port-channel2.1865

ip route 193.0.152.47 255.255.255.255 Port-channel2.1225

ip route 193.0.152.48 255.255.255.255 Port-channel2.758

ip route 193.0.152.49 255.255.255.255 Port-channel2.3826

ip route 193.0.152.50 255.255.255.255 Port-channel2.1570

ip route 193.0.152.51 255.255.255.255 Port-channel2.1360

ip route 193.0.152.52 255.255.255.255 Port-channel2.327

ip route 193.0.152.53 255.255.255.255 Port-channel2.294

ip route 193.0.152.54 255.255.255.255 Port-channel2.255

ip route 193.0.152.55 255.255.255.255 Port-channel2.102

ip route 193.0.152.56 255.255.255.255 Port-channel2.2235

ip route 193.0.152.57 255.255.255.255 Port-channel2.2965

ip route 193.0.152.58 255.255.255.255 Port-channel2.3035

ip route 193.0.152.59 255.255.255.255 Port-channel2.230

ip route 193.0.152.60 255.255.255.255 Port-channel2.3587

ip route 193.0.152.61 255.255.255.255 Port-channel2.2233

ip route 193.0.152.62 255.255.255.255 Port-channel2.943

ip route 193.0.152.64 255.255.255.255 Port-channel2.295

ip route 193.0.152.65 255.255.255.255 Port-channel2.301

ip route 193.0.152.66 255.255.255.255 Port-channel2.231

ip route 193.0.152.67 255.255.255.255 Port-channel2.3552

ip route 193.0.152.68 255.255.255.255 Port-channel2.1950

ip route 193.0.152.69 255.255.255.255 Port-channel2.265

ip route 193.0.152.70 255.255.255.255 Port-channel2.3557

ip route 193.0.152.71 255.255.255.255 Port-channel2.196

ip route 193.0.152.71 255.255.255.255 Port-channel2.3950

ip route 193.0.152.72 255.255.255.255 Port-channel2.274

ip route 193.0.152.73 255.255.255.255 Port-channel2.306

ip route 193.0.152.74 255.255.255.255 Port-channel2.3337

ip route 193.0.152.75 255.255.255.255 Port-channel2.1317

ip route 193.0.152.76 255.255.255.255 Port-channel2.3080

ip route 193.0.152.77 255.255.255.255 Port-channel2.3509

ip route 193.0.152.78 255.255.255.255 Port-channel2.3943

ip route 193.0.152.79 255.255.255.255 Port-channel2.3377

ip route 193.0.152.80 255.255.255.255 Port-channel2.3256

ip route 193.0.152.81 255.255.255.255 Port-channel2.120

ip route 193.0.152.82 255.255.255.255 Port-channel2.247

ip route 193.0.152.83 255.255.255.255 Port-channel2.256

ip route 193.0.152.84 255.255.255.255 Port-channel2.3969

ip route 193.0.152.85 255.255.255.255 Port-channel2.1352

ip route 193.0.152.86 255.255.255.255 Port-channel2.2534

ip route 193.0.152.88 255.255.255.255 Port-channel2.3216

ip route 193.0.152.89 255.255.255.255 Port-channel2.3217

ip route 193.0.152.90 255.255.255.255 Port-channel2.12

ip route 193.0.152.91 255.255.255.255 Port-channel2.3437

ip route 193.0.152.92 255.255.255.255 Port-channel2.119

ip route 193.0.152.95 255.255.255.255 Port-channel2.164

ip route 193.0.152.96 255.255.255.255 Port-channel2.3992

ip route 193.0.152.97 255.255.255.255 Port-channel2.1300

ip route 193.0.152.98 255.255.255.255 Port-channel2.111

ip route 193.0.152.99 255.255.255.255 Port-channel2.270

ip route 193.0.152.100 255.255.255.255 Port-channel2.1596

ip route 193.0.152.102 255.255.255.255 Port-channel2.866

ip route 193.0.152.103 255.255.255.255 Port-channel2.1420

ip route 193.0.152.104 255.255.255.255 Port-channel2.158

ip route 193.0.152.105 255.255.255.255 Port-channel2.1215

ip route 193.0.152.106 255.255.255.255 Port-channel2.240

ip route 193.0.152.107 255.255.255.255 Port-channel2.262

ip route 193.0.152.108 255.255.255.255 Port-channel2.70

ip route 193.0.152.109 255.255.255.255 Port-channel2.1345

ip route 193.0.152.110 255.255.255.255 Port-channel2.3222

ip route 193.0.152.111 255.255.255.255 Port-channel2.1487

ip route 193.0.152.112 255.255.255.255 Port-channel2.2232

ip route 193.0.152.113 255.255.255.255 Port-channel2.250

ip route 193.0.152.114 255.255.255.255 Port-channel2.674

ip route 193.0.152.115 255.255.255.255 Port-channel2.3507

ip route 193.0.152.116 255.255.255.255 Port-channel2.83

ip route 193.0.152.117 255.255.255.255 Port-channel2.4091

ip route 193.0.152.118 255.255.255.255 Port-channel2.1983

ip route 193.0.152.119 255.255.255.255 Port-channel2.3440

ip route 193.0.152.120 255.255.255.255 Port-channel2.88

ip route 193.0.152.121 255.255.255.255 Port-channel2.92

ip route 193.0.152.122 255.255.255.255 Port-channel2.2065

ip route 193.0.152.123 255.255.255.255 Port-channel2.2930

ip route 193.0.152.124 255.255.255.255 Port-channel2.3432

ip route 193.0.152.125 255.255.255.255 Port-channel2.96

ip route 193.0.152.126 255.255.255.255 Port-channel2.149

ip route 193.0.152.127 255.255.255.255 Port-channel2.473

ip route 193.0.152.128 255.255.255.255 Port-channel2.4086

ip route 193.0.152.129 255.255.255.255 Port-channel2.3503

ip route 193.0.152.135 255.255.255.255 Port-channel2.126

ip route 193.0.152.136 255.255.255.255 Port-channel2.3257

ip route 193.0.152.137 255.255.255.255 Port-channel2.1465

ip route 193.0.152.138 255.255.255.255 Port-channel2.246

ip route 193.0.152.139 255.255.255.255 Port-channel2.148

ip route 193.0.152.140 255.255.255.255 Port-channel2.251

ip route 193.0.152.141 255.255.255.255 Port-channel2.649

ip route 193.0.152.142 255.255.255.255 Port-channel2.2139

ip route 193.0.152.144 255.255.255.255 Port-channel2.3223

ip route 193.0.152.145 255.255.255.255 Port-channel2.30

ip route 193.0.152.146 255.255.255.255 Port-channel2.4055

ip route 193.0.152.147 255.255.255.255 Port-channel2.26

ip route 193.0.152.148 255.255.255.255 Port-channel2.25

ip route 193.0.152.149 255.255.255.255 Port-channel2.823

ip route 193.0.152.150 255.255.255.255 Port-channel2.1347

ip route 193.0.152.152 255.255.255.255 Port-channel2.4048

ip route 193.0.152.153 255.255.255.255 Port-channel2.4049

ip route 193.0.152.154 255.255.255.255 Port-channel2.4092

ip route 193.0.152.155 255.255.255.255 Port-channel2.173

ip route 193.0.152.156 255.255.255.255 Port-channel2.170

ip route 193.0.152.157 255.255.255.255 Port-channel2.117

ip route 193.0.152.158 255.255.255.255 Port-channel2.168

ip route 193.0.152.159 255.255.255.255 Port-channel2.3593

ip route 193.0.152.160 255.255.255.255 Port-channel2.4060

ip route 193.0.152.161 255.255.255.255 Port-channel2.283

ip route 193.0.152.162 255.255.255.255 Port-channel2.289

ip route 193.0.152.163 255.255.255.255 Port-channel2.947

ip route 193.0.152.164 255.255.255.255 Port-channel2.3219

ip route 193.0.152.165 255.255.255.255 Port-channel2.1248

ip route 193.0.152.166 255.255.255.255 Port-channel2.116

ip route 193.0.152.167 255.255.255.255 Port-channel2.278

ip route 193.0.152.168 255.255.255.255 Port-channel2.3594

ip route 193.0.152.169 255.255.255.255 Port-channel2.2940

ip route 193.0.152.170 255.255.255.255 Port-channel2.290

ip route 193.0.152.171 255.255.255.255 Port-channel2.253

ip route 193.0.152.172 255.255.255.255 Port-channel2.292

ip route 193.0.152.173 255.255.255.255 Port-channel2.4085

ip route 193.0.152.175 255.255.255.255 Port-channel2.1523

ip route 193.0.152.176 255.255.255.255 Port-channel2.799

ip route 193.0.152.177 255.255.255.255 Port-channel2.3989

ip route 193.0.152.178 255.255.255.255 Port-channel2.924

ip route 193.0.152.179 255.255.255.255 Port-channel2.172

ip route 193.0.152.180 255.255.255.255 Port-channel2.388

ip route 193.0.152.181 255.255.255.255 Port-channel2.22

ip route 193.0.152.182 255.255.255.255 Port-channel2.3521

ip route 193.0.152.183 255.255.255.255 Port-channel2.3255

ip route 193.0.154.224 255.255.255.255 Port-channel2.4081

ip route 193.0.154.231 255.255.255.255 Port-channel2.4071

ip route 193.0.155.0 255.255.255.192 193.0.152.21

!

ip as-path access-list 1 permit _6451[2-9]_

ip as-path access-list 1 permit _645[2-9][0-9]_

ip as-path access-list 1 permit _64[6-9][0-9][0-9]_

ip as-path access-list 1 permit _65[0-9][0-9][0-9]_

ip flow-export source Loopback2

ip flow-export version 5

ip flow-export destination 193.0.152.4 7223

!

ip http server

no ip http secure-server

ip pim bidir-enable

!

!

ip prefix-list bogons description bogus nets

ip prefix-list bogons seq 15 permit 0.0.0.0/8 le 32

ip prefix-list bogons seq 20 permit 127.0.0.0/8 le 32

ip prefix-list bogons seq 25 permit 192.0.2.0/24 le 32

ip prefix-list bogons seq 30 permit 10.0.0.0/8 le 32

ip prefix-list bogons seq 35 permit 172.16.0.0/12 le 32

ip prefix-list bogons seq 40 permit 192.168.0.0/16 le 32

ip prefix-list bogons seq 45 permit 169.254.0.0/16 le 32

ip prefix-list bogons seq 50 permit 192.42.172.0/24 le 32

ip prefix-list bogons seq 55 permit 198.18.0.0/15 le 32

ip prefix-list bogons seq 60 permit 192.88.99.0/24 le 32

ip prefix-list bogons seq 65 permit 224.0.0.0/4 le 32

ip prefix-list bogons seq 70 permit 240.0.0.0/4 le 32

!

ip prefix-list own-prefixes seq 5 permit 193.0.152.0/22

ip prefix-list own-prefixes seq 6 permit 83.69.71.0/24

!

route-map servernat2 permit 10

set ip default next-hop 10.0.0.2

!

route-map servernat permit 10

set ip next-hop 10.0.0.2

set ip default next-hop 10.0.0.2

!

snmp-server engineID local 800000090300588D09BEC6C0

snmp-server community public RO 5

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps chassis

snmp-server enable traps module

snmp-server enable traps transceiver all

snmp-server enable traps ds1

snmp-server enable traps call-home message-send-fail server-fail

snmp-server enable traps eigrp

snmp-server enable traps casa

snmp-server enable traps tty

snmp-server enable traps ospf state-change

snmp-server enable traps ospf errors

snmp-server enable traps ospf retransmit

snmp-server enable traps ospf lsa

snmp-server enable traps ospf cisco-specific state-change nssa-trans-change

snmp-server enable traps ospf cisco-specific state-change shamlink interface-old

snmp-server enable traps ospf cisco-specific state-change shamlink neighbor

snmp-server enable traps ospf cisco-specific errors

snmp-server enable traps ospf cisco-specific retransmit

snmp-server enable traps ospf cisco-specific lsa

snmp-server enable traps atm subif

snmp-server enable traps bgp

snmp-server enable traps bulkstat collection transfer

snmp-server enable traps config-copy

snmp-server enable traps config

snmp-server enable traps config-ctid

snmp-server enable traps dhcp-snooping bindings

snmp-server enable traps event-manager

snmp-server enable traps frame-relay

snmp-server enable traps frame-relay subif

snmp-server enable traps hsrp

snmp-server enable traps ipmulticast

snmp-server enable traps MAC-Notification change move threshold

snmp-server enable traps msdp

snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message

snmp-server enable traps rf

snmp-server enable traps rtr

snmp-server enable traps slb real virtual csrp

snmp-server enable traps bridge newroot topologychange

snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency

snmp-server enable traps syslog

snmp-server enable traps mvpn

snmp-server enable traps isakmp policy add

snmp-server enable traps isakmp policy delete

snmp-server enable traps isakmp tunnel start

snmp-server enable traps isakmp tunnel stop

snmp-server enable traps ipsec cryptomap add

snmp-server enable traps ipsec cryptomap delete

snmp-server enable traps ipsec cryptomap attach

snmp-server enable traps ipsec cryptomap detach

snmp-server enable traps ipsec tunnel start

snmp-server enable traps ipsec tunnel stop

snmp-server enable traps ipsec too-many-sas

snmp-server enable traps mpls traffic-eng

snmp-server enable traps mpls fast-reroute protected

snmp-server enable traps mpls rfc ldp

snmp-server enable traps mpls ldp

snmp-server enable traps pw vc

snmp-server enable traps rep

snmp-server enable traps auth-framework sec-violation

snmp-server enable traps memory bufferpeak

snmp-server enable traps flex-links status

snmp-server enable traps csg agent quota-server database

snmp-server enable traps sonet

snmp-server enable traps dial

snmp-server enable traps dot1x auth-fail-vlan guest-vlan no-auth-fail-vlan no-guest-vlan

snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config

snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up

snmp-server enable traps energywise

snmp-server enable traps fru-ctrl ps-output-change status

snmp-server enable traps entity

snmp-server enable traps l2tc threshold sys-threshold

snmp-server enable traps module-auto-shutdown sys-action auto-shutdown

snmp-server enable traps cpu threshold

snmp-server enable traps rsvp

snmp-server enable traps srp

snmp-server enable traps udld link-fail-rpt

snmp-server enable traps udld status-change

snmp-server enable traps vtp

snmp-server enable traps vlancreate

snmp-server enable traps vlandelete

snmp-server enable traps flash insertion removal

snmp-server enable traps c6kxbar flowctrl-bus intbus-crcexcd intbus-crcrcvrd swbus tm-swbus

snmp-server enable traps entity-diag boot-up-fail hm-test-recover hm-thresh-reached scheduled-test-fail

snmp-server enable traps envmon fan shutdown supply temperature status

snmp-server enable traps port-security

snmp-server enable traps alarms informational

snmp-server enable traps vlan-mac-limit

snmp-server enable traps mpls vpn

snmp-server enable traps errdisable

snmp-server enable traps voice poor-qov

!

!

control-plane

!

!

dial-peer cor custom

!

!

!

!

line con 0

line vty 0 4

access-class 23 in

exec-timeout 60 0

privilege level 15

password 7 01425457

logging synchronous

transport input ssh

line vty 5 15

access-class 24 in

password 7 01425457

transport input telnet

!

ntp clock-period 17179923

ntp server 80.93.56.210

!

end

Edited by Rijiy

Share this post


Link to post
Share on other sites

ip route 193.0.152.2 255.255.255.255 Port-channel2.4077

next-hop желательно указывать IP-адресом.

При указании имени интерфейса можно на большие грабли напороться.

Share this post


Link to post
Share on other sites

делаю traceroute из мира, до проблемного сервера. Все останавливается на нашей cisco. Еще заметил такую вещь, если подключаюсь серым Ip к cisco, то через короткий промежуток времени рвёт сессию.

Share this post


Link to post
Share on other sites

ip route 193.0.152.2 255.255.255.255 Port-channel2.4077

next-hop желательно указывать IP-адресом.

При указании имени интерфейса можно на большие грабли напороться.

 

От так

ip route 193.0.152.2 255.255.255.255 Port-channel2.4077 193.0.152.2 name "Client blah-blah"

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.