---

Er der nogen der vil hjælpe mig med denne opsætning.

Jeg kan hverken komme ind eller ud.

!This is the running config of the router: 192.168.100.1
!----------------------------------------------------------------------------

!version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Router
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5
!
username torben privilege 15
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
no ip source-route
ip cef
!
!
ip tcp synwait-time 10
ip dhcp excluded-address 192.168.1001 192.168.100.9
ip dhcp excluded-address 192.168.100200 192.168.100.254
!
ip dhcp pool sdm-pool1
import all
network 192.168.100.0 255.255.255.0
dns-server 62.61.130.1 62.61.131.1
default-router 192.168.100.1
lease 30
!
!
no ip bootp server
ip domain name torbenogjette.local
ip name-server 62.61.130.1
ip name-server 62.61.131.1
no ftp-server write-enable
!
!
!
class-map match-any SDMScave-FastEthernet0/1
match protocol napster
match protocol fasttrack
match protocol gnutella
class-map match-any SDMTrans-FastEthernet0/1
match protocol citrix
match protocol finger
match protocol notes
match protocol novadigm
match protocol pcanywhere
match protocol secure-telnet
match protocol sqlnet
match protocol sqlserver
match protocol ssh
match protocol telnet
match protocol xwindows
class-map match-any SDMVoice-FastEthernet0/1
match protocol rtp audio
class-map match-any SDMSVideo-FastEthernet0/1
match protocol cuseeme
match protocol netshow
match protocol rtsp
match protocol streamwork
match protocol vdolive
class-map match-any SDMIVideo-FastEthernet0/1
match protocol rtp video
class-map match-any SDMManage-FastEthernet0/1
match protocol dhcp
match protocol dns
match protocol imap
match protocol kerberos
match protocol ldap
match protocol secure-imap
match protocol secure-ldap
match protocol snmp
match protocol socks
match protocol syslog
class-map match-any SDMRout-FastEthernet0/1
match protocol bgp
match protocol egp
match protocol eigrp
match protocol ospf
match protocol rip
match protocol rsvp
class-map match-any SDMSignal-FastEthernet0/1
match protocol h323
match protocol rtcp
class-map match-any SDMBulk-FastEthernet0/1
match protocol exchange
match protocol ftp
match protocol irc
match protocol nntp
match protocol pop3
match protocol printer
match protocol secure-ftp
match protocol secure-irc
match protocol secure-nntp
match protocol secure-pop3
match protocol smtp
match protocol tftp
!
!
policy-map SDM-Pol-FastEthernet0/1
class SDMSignal-FastEthernet0/1
bandwidth remaining percent 40
set dscp cs3
class SDMVoice-FastEthernet0/1
priority percent 70
set dscp ef
class SDMRout-FastEthernet0/1
bandwidth remaining percent 3
set dscp cs6
class SDMTrans-FastEthernet0/1
bandwidth remaining percent 33
set dscp af21
class SDMManage-FastEthernet0/1
bandwidth remaining percent 3
set dscp cs2
class SDMBulk-FastEthernet0/1
priority percent 5
set dscp 2
!
!
!
interface Null0
no ip unreachables
!
interface FastEthernet0/0
description $ETH-LAN$$INTF-INFO-FE 0$$FW_INSIDE$
ip address 192.168.100.1 255.255.255.0
ip access-group sdm_fastethernet0/0_in in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip route-cache flow
duplex auto
speed auto
no cdp enable
no mop enabled
!
interface FastEthernet0/1
description $ETH-WAN$$FW_OUTSIDE$
mac-address 00c0.f06d.7d15
ip address dhcp client-id FastEthernet0/1
ip access-group SMTP in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip nat outside
service-policy output SDM-Pol-FastEthernet0/1
ip route-cache flow
duplex auto
speed auto
no cdp enable
no mop enabled
!
interface FastEthernet0/3/0
no ip address
no cdp enable
!
interface FastEthernet0/3/1
switchport trunk native vlan 2
switchport mode trunk
no ip address
no cdp enable
!
interface FastEthernet0/3/2
switchport trunk native vlan 2
switchport mode trunk
no ip address
no cdp enable
!
interface FastEthernet0/3/3
switchport trunk native vlan 2
switchport mode trunk
no ip address
no cdp enable
!
interface Vlan1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
!
interface Vlan2
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
!
ip classless
ip default-network 192.168.100.0
ip http server
ip http access-class 2
ip http authentication local
ip nat outside source static 62.61.140.22 192.168.100.1
!
ip access-list extended SMTP
remark SMTP
remark SDM_ACL Category=3
remark SMTP
permit tcp any eq smtp 192.168100.0 0.0.0.255 eq smtp
ip access-list extended sdm_fastethernet0/0_in
remark SDM_ACL Category=1
permit ip any any
!
logging trap debugging
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.100.0 00.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark SDM_ACL Category=1
access-list 2 permit 192.168.100.0 00.0.255
access-list 2 deny any
access-list 100 remark VTY Access-class list
access-list 100 remark SDM_ACL Category=1
access-list 100 permit ip 192.168.100.0 0.0.0.255 any
access-list 100 deny ip any any
no cdp run
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
access-class 100 in
privilege level 15
login local
transport input telnet
line vty 5 15
access-class 100 in
privilege level 15
login local
transport input telnet
!
scheduler allocate 20000 1000
end

---

torben@torbenogjette.net enriched usenet with:

Først og fremmest bør du slå HTML fra i din newsreader. Det er ikke pænt at
se på og spild af båndbredde

> Er der nogen der vil hjælpe mig med denne opsætning.

Prøv at spørge i news:dk.edb.netvaerk
Det er den rigtige gruppe for spørgsmål om routere.

> ip classless
> ip default-network 192.168.100.0
> ip http server
> ip http access-class 2
> ip http authentication local
> ip nat outside source static 62.61.140.22 192.168.100.1
> !
> ip access-list extended SMTP
> remark SMTP
> remark SDM_ACL Category=3
> remark SMTP
> permit tcp any eq smtp 192.168100.0 0.0.0.255 eq smtp

Der mangler et punktum i ovenstående linie

> ip access-list extended sdm_fastethernet0/0_in
> remark SDM_ACL Category=1
> permit ip any any
> !
> logging trap debugging
> access-list 1 remark INSIDE_IF=FastEthernet0/0
> access-list 1 remark SDM_ACL Category=2
> access-list 1 permit 192.168.100.0 00.0.255

Samme her

> access-list 2 remark HTTP Access-class list
> access-list 2 remark SDM_ACL Category=1
> access-list 2 permit 192.168.100.0 00.0.255

Og her

> access-list 2 deny any
> access-list 100 remark VTY Access-class list
> access-list 100 remark SDM_ACL Category=1
> access-list 100 permit ip 192.168.100.0 0.0.0.255 any
> access-list 100 deny ip any any
> no cdp run

Prøv at deaktive dine acccesslists og derefter aktivere dem en efter en.

--
Lars Kyndi Laursen, representatum nixi
Quidquid latine dictum sit altum viditur

Now playing: D.A.D. - Grow Or Pay