PDA

View Full Version : cấu hình dialer profile một router quay số nhiều site



admin
26-01-2005, 08:52 PM
CENTRAL ROUTER:

version 12.1
no parser cache
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname central
!
username remote password 0 remote

!--- Username and shared secret password for the router (remote)
!--- (used for CHAP authentication).
!--- Shared secret password must be the same on both sides.

!
isdn switch-type basic-net3
!
!
interface Ethernet0
ip address 10.1.0.1 255.255.255.0
ip nat inside

! --- Ethernet 0 is an inside NAT interface.
! --- All traffic from this network will be translated.

no cdp enable
!
interface BRI0

! --- If you have additional BRIs, copy this BRI 0 configuration to the other BRIs.

no ip address
encapsulation ppp
dialer pool-member 1

!--- Assign BRI0 as member of dialer pool 1.
!--- Dialer pool 1 is specified in interface Dialer 1.

dialer pool-member 2

!--- Assign BRI0 as member of dialer pool 2.
!--- Dialer pool 2 is specified in interface Dialer 2.

isdn switch-type basic-net3

! --- This depends on the country.

no cdp enable
ppp authentication chap pap callin

! --- Permit one-way CHAP and PAP authentication.
! --- Configure authentication on both the physical and dialer interface.

!
interface Dialer1

! --- Create a dialer interface for every device you need to connect to.

description CONNECTION TO INTERNET
ip address negotiated

! --- IP address obtained from ISP. If the ISP permits a static address,
! --- configure that instead.

ip nat outside

! --- The Outside NAT interface. Since this interface only has one IP address,
! --- all traffic from inside network will be Port Address Translated (PAT).

encapsulation ppp
dialer pool 1

! --- Dialer profile 1. Remember that interface BRI 0 is a member of this profile.

dialer remote-name ISP
dialer idle-timeout 180
dialer string 6122

! --- Number used to dial the ISP.

dialer-group 1

! --- Apply interesting traffic definition from dialer-list 1.

no cdp enable
ppp authentication chap pap callin
ppp chap hostname XXXXX

! --- XXXXX is the username the ISP expects in order to authenticate this router.
! --- For more information, refer to the document on ppp chap hostname.

ppp chap password YYYYY

! --- YYYYY is the password the ISP expects in order to authenticate this router.

ppp pap sent-username XXXXX password YYYYY

! --- PAP username and password.
! --- This is only needed if the ISP does not support CHAP.

!
interface Dialer2
description CONNECTION TO REMOTE OFFICE
ip address 192.168.17.2 255.255.255.252

! --- IP address for the connection to the remote office.
! --- The remote office BRI interface is in the same subnet.

ip nat inside

! --- Dialer 2 is an inside NAT interface.
! --- With this configuration, traffic from remote office is translated
! --- before being sent to the ISP.

encapsulation ppp
dialer pool 2

! --- Dialer profile 2. Remember that interface BRI 0 is a member of this profile.

dialer remote-name remote

! --- Specifies remote router name (remote).
! --- This name must match that used by the remote router to authenticate itself.
! --- Remember that we configured the router username and password earlier.

dialer idle-timeout 180
dialer string 6121
! --- Number used to dial the remote office router.
dialer-group 1

! --- Apply interesting traffic definition from dialer-list 1.

no cdp enable
ppp authentication chap callin
!
ip nat inside source list 101 interface Dialer1 overload

! --- Establishes dynamic source translation (with PAT) for addresses which are
! --- identified by the access list 101.

no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1

! --- Default route. Such traffic will use dialer 1 to the ISP.

ip route 10.2.0.0 255.255.255.0 Dialer2

! --- Route to remote router network. Traffic for 10.2.0.0/24 will use Dialer2.

!
access-list 101 permit ip 10.1.0.0 0.0.0.255 any
access-list 101 permit ip 10.2.0.0 0.0.0.255 any
access-list 101 permit ip 192.168.17.0 0.0.0.3 any

! --- Defines an access list permitting those addresses that are to be translated.
! --- Note that the Ethernet 0 network, the remote router network and the
! --- BRI network (between this router and the remote) will be translated.

dialer-list 1 protocol ip permit

! --- Interesting traffic definition.
! --- This definition is applied to both connections.
! --- If you need to define different interesting traffic for each connection,
! --- create 2 dialer-lists and apply one to each dialer profile with dialer-group.

no cdp run
!
line con 0
exec-timeout 3 0
line vty 0 4
exec-timeout 3 0
!
!
end

version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname remote
!
username central password 0 remote

!--- Username and shared secret password for the router (central)
!--- (used for CHAP authentication).
!--- Shared secret must be the same on both sides.

!
isdn switch-type basic-net3
!
interface Ethernet0
ip address 10.2.0.1 255.255.255.0

! --- Remember that this network is included in the NAT statements on central.

no cdp enable
!
interface BRI0
no ip address
encapsulation ppp
dialer pool-member 1

!--- Assign BRI0 as member of dialer pool 1.
!--- Dialer pool 1 is specified in interface Dialer 1.

isdn switch-type basic-net3
no cdp enable
ppp authentication chap
!
interface Dialer1
ip address 192.168.17.1 255.255.255.252
encapsulation ppp
dialer pool 1

! --- Dialer profile 1. Remember that interface BRI 0 is a member of this profile.

dialer remote-name central

! --- Specifies other router name (central).
! --- This name must match that used by the remote router to authenticate itself.
! --- Remember that we configured the router username and password earlier.

dialer string 6131

! --- Number used to dial the central router.

dialer-group 1

! --- Apply interesting traffic definition from dialer-list 1.

pulse-time 0
no cdp enable
ppp authentication chap callin
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1

! --- Default route. Such traffic will use dialer 1 to the central router.

no ip http server
!
dialer-list 1 protocol ip permit

! --- All IP traffic is interesting.

!
line con 0
exec-timeout 3 0
line aux 0
line vty 0 4
exec-timeout 3 0
!
end