День добрый люди, помогите с проблемой имеем cisco 2811,
два интерфейса
192.168.0.213 - локальный
192.168.2.128 - к провайдеруК локальному подключен компьютер, шлюз 192.168.0.213.
Если на компьютере ставим dns 195.98.32.193 (dns провайдера) интернет есть,
если 192.168.0.213 интернета нет.
пинг с компьютера на внешние ip идут.
Где включить форвардинг?
811#
811#sh run
Building configuration...
Current configuration : 4160 bytes
!
! Last configuration change at 15:39:14 PCTime Tue May 29 2007 by ffk
! NVRAM config last updated at 15:13:25 PCTime Tue May 29 2007 by ffk
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname 811
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5 *******************
!
no aaa new-model
!
resource policy
!
clock timezone PCTime 3
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
ip subnet-zero
no ip source-route
ip tcp synwait-time 10
!
!
ip cef
ip dhcp excluded-address 192.168.0.226 192.168.2.254
!
!
no ip bootp server
ip name-server 195.98.32.193
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
crypto pki trustpoint TP-self-signed-1410100074
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1410100074
revocation-check none
rsakeypair TP-self-signed-1410100074
!
!
crypto pki certificate chain TP-self-signed-1410100074
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30C9B2D7 9F74818A 8C2F910C 6DEBF53E 69D8A762 3B901244 920CA9A5 D7C82559
7C09F0A4 50EF2C59 90A10E03 8B611F32 0D98F0B8 4ACFCB7B A4249E02 5C02D1B3
62430203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
301F0603 551D2304 18301680 1447108D D2D9F67B 92684D32 FBB76FF1 F06DA892
8F301D06 03551D0E 04160414 47108DD2 D9F67B92 684D32FB B76FF1F0 6DA8928F
300D0609 2A864886 F70D0101 04050003 8181003A E4428707 707F5FC8 5DD948FC
10EA0014 87120C8D 215D9863 BC89E3CF C086C799 77CE0DEB DB7EE43A 4AE99699
711F6DD6 4667C5F4 F34AFEB6 A1B1379C A9572847 78C8E26A 5493734F CA0AE018
CACD9696 DB72CA11 2C2EB2F6 62061ADF 348017
quit
username ffk privilege 15 secret 5 $1$gXNX$jME535bSF0jDBQS4x/B9t/
!
!
!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0/0$$ES_LAN$$FW_INSIDE$
ip address 192.168.0.213 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
description $ES_WAN$$FW_OUTSIDE$
ip address 192.168.2.128 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet0/1 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.0.0 0.0.0.255
no cdp run
!
!
!
control-plane
!
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
transport output telnet
line