[操作疑難] Cisco Router 4331 基本設定

本帖最後由 horsefree 於 2019-1-7 17:46 編輯

公司買咗個Cisco Router 4331,老細叫我去做設定。 呢個係上一個POST
https://www.hkepc.com/forum/view ... p;extra=&page=1
先多謝咁多位師兄既意見

已參考咗師兄的設定及再Google完,最終係都上係唔到網

以下是節錄show running 出來的資料。

ip name-server 202.130.xx.xx 202.130.xx.xx        (ISP DNS1,2)
ip dhcp excluded-address 192.168.0.1 192.168.0.100

ip dhcp pool pool1
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 202.130.xx.xx 202.130.xx.xx        (ISP DNS1,2)

interface GigabitEthernet0/0/0
ip address 203.174.xx.xx 255.255.255.252        (Wan IP)
ip nat outside
negotiation auto

interface GigabitEthernet0/0/1
ip address 192.168.0.1 255.255.255.0
ip nat inside
negotiation auto

ip default-gateway 203.174.xx.xx        (ISP Gateway)
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip tftp source-interface GigabitEthernet0
ip route 0.0.0.0 0.0.0.0 203.174.xx.xx        (ISP Gateway)

access-list 1 permit 192.168.0.0 0.0.0.255

~END~
********************************************************************
** ip subnet-zero 及 access-list 1 permit 192.168.0.0 0.0.0.255 係我試完唔得,最後先打入去的cmd,唔知有無打多咗。

DHCP 無問題,PC出到我set入去既嘢,但網絡圖示仍然出現感嘆號,上唔到網。
求高手師兄指出問題所在,謝謝~!!

ip nat inside source list 1 GigabitEthernet0/0/1 overload

TOP

而家仲買router做internet gateway仲慘過用tplink, 真係諗唔倒何必咁呢,樓上話買隻forti 60既安全又快捷

via HKEPC Reader for Android

TOP

而家仲買router做internet gateway仲慘過用tplink, 真係諗唔倒何必咁呢,樓上話買隻forti 60既安全又快捷

...
a2940u2w 發表於 2019-1-7 22:39



    DD
買隻60E又平

TOP

原本仲未set 好,   何必呢   既然舞唔掂就學樓上咁講換forti 又好 juniper 又好
幾分鐘就做完上到網既野 你宜家一個月時間都做唔到
你都係想上到網啫  咪同老闆講呢隻野唔識用, 一係換左佢, 一係搵專業人士做

TOP

老實講,如果係自學,有興趣ge,我諗大家都好樂意幫忙。
但你咁樣,真係幫唔落手,雖然都無咁ge能力幫。

via HKEPC IR Pro 3.4.0 - Android(2.3.4)

TOP

我都唔明
1.老細點解要買4331, throughput又唔係高,佢有特別function要用?
2.老細唔知你唔識?知都仲買,咁同明玩你有咩分別?

TOP

The command in #2 should works..
u are missing the PAT setup.
https://hkitblog.com/%E7%AC%AC%E ... %E6%95%99%E5%AD%B8/

TOP

本帖最後由 131213 於 2019-1-8 12:23 編輯

ping 唔ping到? 可能係nat問題

有感嘆號唔等於上唔到網。

PC 有冇set做ipv4 auto dhcp?

interface GigabitEthernet0/0/0
ip address 203.174.xx.xx 255.255.255.252        (Wan IP)
ip nat outside
negotiation auto
no shutdown

interface GigabitEthernet0/0/1
ip address 192.168.0.1 255.255.255.0
ip nat inside
negotiation auto
no shutdown

換forti啦..成個network好唔安全...

TOP

access-list 1 permit 192.168.0.0 0.0.0.255
access-list 101 deny icmp any any echo
access-list 101 permit ip any any

ip access-group 101 in

ip nat inside source list 1 interface Giga 0/0/1 overload
ip route 0.0.0.0 0.0.0.0 Giga 0/0/1


無哂嘅?................ 不如你搵出面D人幫手SET...唔好拎公司黎玩...

TOP