Forum

Cisco 877 serisi po...
 
Bildirimler
Hepsini Temizle

Cisco 877 serisi port açma ve kapatma proplemi

4 Yazılar
2 Üyeler
0 Reactions
2,811 Görüntüleme
(@Anonim)
Gönderiler: 0
Konu başlatıcı
 

Merhabalar

cisco 877 serisi router kullanmaktayız ilk kurulum esnasında smtp pop3 ve 587 portları kapatılmış şuan açmak istiyoruz. fakat başarılı olamadık.

 cihazın çalışan konfigürasyonu aşagıdaki gibidir. yardımçı olursanız sevinirim.

 

MOBISIS#show run
MOBISIS#show running-config
Building configuration...

Current configuration : 5285 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MOBISIS
!
boot-start-marker
boot-end-marker
!
logging buffered 4096
enable secret 5 $1$ghOC$v.DH3GQ9gknN45csA2t4H1
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-2957864821
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2957864821
 revocation-check none
 rsakeypair TP-self-signed-2957864821
!
!
crypto pki certificate chain TP-self-signed-2957864821
 certificate self-signed 01
  3082024B 308201B4 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 32393537 38363438 3231301E 170D3032 30333031 31343030
  34345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39353738
  36343832 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100DC0D 21D344CC 20F2B1C1 F5CC7457 9B9B126C 0BE456B5 CAAD1912 B401C174
  6807489A 25E05F83 5247824F A69DAD09 7FBE5127 117D1064 581E50CB 447117EC
  1756A416 F141CF25 6ECF76CE E01A38A8 3311A2AD 7765CE0D 18BA58A7 A0661417
  196A9B07 FB561896 619B0035 83B5B1FD 4ACA7E46 98F84257 6F92678C 18DDAF80
  6E790203 010001A3 73307130 0F060355 1D130101 FF040530 030101FF 301E0603
  551D1104 17301582 134D4F42 49534953 2E6D6F62 69736973 2E636F6D 301F0603
  551D2304 18301680 1477DEF3 97F6184F DF6F3B2C 99039DFF E62435A0 E5301D06
  03551D0E 04160414 77DEF397 F6184FDF 6F3B2C99 039DFFE6 2435A0E5 300D0609
  2A864886 F70D0101 04050003 818100C6 9DFE5DD2 C4F7834C 2C11BAC6 A74A5736
  35D8F317 9DCE24A6 219BB333 F6FA717B 7D186508 F070F37D 74D80E82 42DDD907
  599B703A 7A2C123E 5F367929 6C7CF396 D11604EE 9D9DAD05 B4CC951C 5BA5F53D
  19FF580D A01B0548 12A77E8D 0727E630 87D5937B 68BB72F8 E16FD949 FC1FF761
  C1382C14 47DE19F3 E0289FD2 CECF34
        quit
dot11 syslog
ip cef
!
!
ip port-map user-protocol--1 port tcp 587
ip domain name mobisis.com
ip name-server 195.175.39.39
!
!
!
!
!
archive
 log config
  hidekeys
!
!
ip ssh version 2
!
!
!
interface ATM0
 no ip address
 ip access-group 100 in
 ip access-group 170 out
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface ATM0.1 point-to-point
 description $ES_WAN$
 pvc 8/35
  pppoe-client dial-pool-number 1
 !
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 description $FW_INSIDE$
 ip address 10.1.1.21 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
interface Dialer1
 description $FW_OUTSIDE$
 ip address negotiated
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer-group 1
 ppp authentication chap pap callin
 ppp chap hostname
 ppp chap password 0
 ppp pap sent-username password 0
 ppp ipcp dns request
!
interface Dialer0
 no ip address
 ip access-group 170 in
 ip access-group 170 out
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
!
no ip http server
ip http secure-server
ip nat inside source list 100 interface Dialer1 overload
ip nat inside source static tcp 10.1.1.3 25 interface Dialer1 25
ip nat inside source static tcp 10.1.1.3 110 interface Dialer1 110
ip nat inside source static tcp 10.1.1.3 587 interface Dialer1 587
ip nat inside source static tcp 10.1.1.3 80 interface Dialer1 80
ip nat inside source static tcp 10.1.1.3 3389 interface Dialer1 3389
!
ip access-list standard management
 permit 10.1.1.0 0.0.0.255
 permit 193.254.252.0 0.0.0.255
!
ip access-list extended test
 permit tcp any any
!
access-list 70 permit any
access-list 80 permit any
access-list 90 permit any
access-list 100 permit tcp host 10.1.1.3 any eq pop3
access-list 100 permit tcp host 10.1.1.3 any eq smtp
access-list 100 permit tcp host 10.1.1.3 any eq 587
access-list 100 permit tcp host 10.1.1.3 eq pop3 any
access-list 100 permit tcp host 10.1.1.3 eq smtp any
access-list 100 permit tcp host 10.1.1.3 eq 587 any
access-list 100 deny   tcp any any eq smtp
access-list 100 deny   tcp any any eq pop3
access-list 100 deny   tcp any any eq 587
access-list 100 deny   tcp any eq smtp any
access-list 100 deny   tcp any eq pop3 any
access-list 100 deny   tcp any eq 587 any
access-list 100 permit ip 10.1.1.0 0.0.0.255 any
access-list 100 permit tcp host 10.1.1.3 any eq 3389
access-list 100 permit tcp any eq pop3 any
access-list 100 permit tcp any eq smtp any
access-list 100 permit tcp any eq 587 any
access-list 100 permit tcp any host 10.1.1.21 eq pop3
access-list 100 permit tcp any host 10.1.1.21 eq smtp
access-list 100 permit tcp any host 10.1.1.21 eq 587
access-list 100 permit tcp any any
access-list 110 permit tcp any eq smtp any
access-list 110 permit tcp any eq pop3 any
access-list 110 permit tcp any eq pop3 any eq pop3
access-list 110 permit tcp any any
access-list 120 permit tcp any eq 587 any
access-list 170 permit tcp any any
access-list 170 permit tcp any eq 587 any
dialer-list 1 protocol ip permit
!
!
!
control-plane
!
!
line con 0
 no modem enable
line aux 0
line vty 0 4
 access-class management in
 password 1qazxsw2
 login
 transport input all
!
scheduler max-task-time 5000
end

MOBISIS#

 
Gönderildi : 19/10/2010 11:55

(@mustafakilic)
Gönderiler: 773
Prominent Member
 

Merhaba,

Anladığım kadarıyla Port Yönlendirme yapmaya çalışıyorsunuz. Eğer SDM kullanıyorsanız NAT tabından yapabilirsiniz. Cevabınız hayır ise aşağıdaki örnek satırlar işnize yarar diye düşünüyorm.

ip nat inside source static tcp 10.31.0.2 22 150.101.21.102 25 extendable
ip nat inside source static tcp 10.31.0.2 80 150.101.21.102 110 extendable
ip nat inside source static tcp 10.31.0.2 443 150.101.21.102 587 extendable

Ayrıca bu linkde işinize yarayabilir.

http://www.hakanuzuner.com/index.php/cisco-877-adsl-router-konfigurasyonu.html

 

 
Gönderildi : 20/10/2010 05:04

(@Anonim)
Gönderiler: 0
Konu başlatıcı
 

Merhaba Tam olarak yapmak istediğimiz aslında pop3 smtp ve 587 portunu dışarı açmak

 var olan sistemde exchange üzerinden mail alışverişi yapıyorduk ve bu portların kapalı olması engel olmuyordu fakat yeni bir hesap daha kullanıyor olacağız ve bu hesapda mail alış verişleri pop3 üzerinden gerçekleşiyor olacak.

 

cisco üzerinden portlar kapalı olduğu için mail alış verişi yapamıyoruz ama dışarda herhangi bir yerden internet bağlantışı kurduğumuzda mail alış verişi oluyor.

 

 
Gönderildi : 20/10/2010 12:32

(@mustafakilic)
Gönderiler: 773
Prominent Member
 

Yukarıda yazmış olduğum bilgiler faydalı oldu mu? Yoksa port yönlendirme işinizi görmüyormu.

 
Gönderildi : 21/10/2010 07:36

Paylaş: