我们正在尝试用新购买的 Cisco 路由器替换我们现有的路由器:
千兆以太网0/0:PPPoE 千兆以太网0/1:192.168.2.1
PPPoE 建立完善,我可以从内部 CLI ping 外部,但是客户端无法 ping 外部世界。如上所述,这是替换具有相同 IP(即 192.168.2.1)的现有路由器,因此,客户端在不使用 Cisco 路由器时都已设置并正常工作。
我的配置如下:
Current configuration : 2698 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r1
!
boot-start-marker
boot-end-marker
!
!
enable secret 4 <secret>
!
aaa new-model
!
aaa session-id common
!
dot11 syslog
ip source-route
!
ip cef
!
ip domain name test.com
no ipv6 cef
!
multilink bundle-name authenticated
!
voice-card 0
!
crypto pki token default removal timeout 0
!
license udi pid CISCO3825 sn FTX1039A0AA
username admin privilege 15 secret 4 <secret>
!
redundancy
!
interface GigabitEthernet0/0
no ip address
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
media-type rj45
pppoe enable group global
pppoe-client dial-pool-number 1
no cdp enable
!
interface GigabitEthernet0/1
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
media-type rj45
!
interface Dialer0
ip address negotiated
no ip redirects
no ip proxy-arp
ip mtu 1492
ip flow ingress
encapsulation ppp
ip route-cache policy
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username <username> password 0 <password>
ppp ipcp dns request accept
ppp ipcp route default
ppp ipcp address accept
no cdp enable
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat pool voip-rtp 192.168.2.5 192.168.2.5 netmask 255.255.255.0 type rotary
ip nat inside source list 1 interface GigabitEthernet0/1 overload
ip nat inside source static tcp 192.168.2.10 25 77.71.31.187 25 extendable
ip nat inside source static tcp 192.168.2.5 53 77.71.31.187 53 extendable
ip nat inside source static tcp 192.168.2.15 80 77.71.31.187 80 extendable
ip nat inside source static tcp 192.168.2.15 443 77.71.31.187 443 extendable
ip nat inside source static tcp 192.168.2.10 465 77.71.31.187 465 extendable
ip nat inside source static tcp 192.168.2.10 993 77.71.31.187 993 extendable
ip nat inside source static tcp 192.168.2.10 995 77.71.31.187 995 extendable
ip nat inside source static udp 192.168.2.5 5060 77.71.31.187 5060 extendable
ip nat inside source static udp 192.168.2.20 5080 77.71.31.187 5080 extendable
ip nat inside destination list 114 pool voip-rtp
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
ip route 64.230.11.5 255.255.255.255 GigabitEthernet0/0
!
access-list 1 permit 192.168.2.0 0.0.0.255
access-list 114 permit udp any any range 8000 65535
!
control-plane
!
mgcp profile default
!
line con 0
line aux 0
line vty 0 4
transport input ssh
!
scheduler allocate 20000 1000
end
我尝试过的事情:
静态设置 IP 路由: ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 ip route 64.230.11.5 255.255.255.255 GigabitEthernet0/0 虽然这可能不需要自动建立的 PPPoE 连接?
更新
IP NAT 传输输出
Pro Inside global Inside local Outside local Outside global
tcp 77.71.31.187:53 192.168.2.5:53 --- ---
udp 77.71.31.187:5060 192.168.2.5:5060 <voip supplier's ip>:5060 <voip supplier's ip>:5060
udp 77.71.31.187:5060 192.168.2.5:5060 <voip supplier's ip>:5060 <voip supplier's ip>:5060
udp 77.71.31.187:5060 192.168.2.5:5060 --- ---
tcp 77.71.31.187:25 192.168.2.10:25 217.160.226.122:25 217.160.226.122:25
tcp 77.71.31.187:25 192.168.2.10:25 --- ---
tcp 77.71.31.187:465 192.168.2.10:465 --- ---
tcp 77.71.31.187:993 192.168.2.10:993 --- ---
tcp 77.71.31.187:995 192.168.2.10:995 --- ---
tcp 77.71.31.187:80 192.168.2.15:80 66.249.74.2:33795 66.249.74.2:33795
tcp 77.71.31.187:80 192.168.2.15:80 66.249.74.2:50496 66.249.74.2:50496
tcp 77.71.31.187:80 192.168.2.15:80 --- ---
tcp 77.71.31.187:443 192.168.2.15:443 --- ---
udp 77.71.31.187:5080 192.168.2.20:5080 --- ---