思科路由器 877w 本地子网路由

思科路由器 877w 本地子网路由

我有一个名为 MSONA(一体化小型企业解决方案)的设备上运行的本地网络 192.168.2.1-254,我们的互联网网关思科路由器位于 192.168.0.253。如果我想让路由器将其运行配置备份到 192.168.2.125 上的 tftp 服务器,它无法访问它。

我对 Cisco 命令非常陌生,所以我不知道应该怎么做才能启用此功能。我猜我需要添加某种路由,以便 Cisco 路由器可以到达此子网,请帮忙。

我的运行配置:

AamalNet#show run
Building configuration...

Current configuration : 8553 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime
service password-encryption
!
hostname AamalNet
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret level 2 5 <removed>/
enable secret level 5 5 <removed>/
enable secret 5 <removed>/
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authentication login sdm_vpn_xauth_ml_2 local
aaa authorization exec default local 
aaa authorization network sdm_vpn_group_ml_1 local 
!
!
aaa session-id common
clock timezone KSA 3
!
crypto pki trustpoint TP-self-signed-2939284004
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2939284004
revocation-check none
rsakeypair TP-self-signed-2939284004
!
!
crypto pki certificate chain TP-self-signed-2939284004
certificate self-signed 01
<removed>
quit
dot11 syslog
!
dot11 ssid 1stdecor Cisco Router
vlan 5
authentication open 
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 <removed>
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 10.10.11.1
ip dhcp excluded-address 192.168.0.0 192.168.0.99
ip dhcp excluded-address 192.168.0.201 192.168.0.254
!
ip dhcp pool lan
import all
network 192.168.0.0 255.255.255.0
default-router 192.168.0.253 
dns-server 212.93.192.4 212.93.192.5 
lease 0 2
!
ip dhcp pool wireless
import all
network 10.10.11.0 255.255.255.0
default-router 10.10.11.1 
dns-server 212.93.192.4 212.93.192.5 
lease 0 2
!
!
no ip domain lookup
ip domain name aamal.net.sa
ip name-server 212.93.192.4
ip name-server 212.93.192.5
!
!
!
username <removed> privilege 15 password 7 <removed>
! 
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp client configuration group aamalnet
key aamalnet
dns 212.93.192.4 212.93.192.5
  include-local-lan
  dhcp server 10.10.10.1
  max-users 10
  netmask 255.255.255.0
 crypto isakmp profile sdm-ike-profile-1
    match identity group aamalnet
    client authentication list sdm_vpn_xauth_ml_2
    isakmp authorization list sdm_vpn_group_ml_1
    client configuration address respond
    virtual-template 1
 !
 !
 crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
 !
 crypto ipsec profile SDM_Profile1
  set security-association idle-time 60
  set transform-set ESP-3DES-SHA 
  set isakmp-profile sdm-ike-profile-1
 !
 !
 archive
  log config
   hidekeys
 !
 !
 !
 bridge irb
 !
 !
 interface ATM0
  no ip address
  no atm ilmi-keepalive
  dsl operating-mode auto 
 !
 interface ATM0.1 point-to-point
  pvc 0/35 
   pppoe-client dial-pool-number 1
  !
 !
 interface FastEthernet0
 !
 interface FastEthernet1
 !
 interface FastEthernet2
 !
 interface FastEthernet3
 !
 interface Virtual-Template1 type tunnel
  ip unnumbered Dialer0
  tunnel mode ipsec ipv4
  tunnel protection ipsec profile SDM_Profile1
 !
 interface Dot11Radio0
  no ip address
  !
  encryption vlan 5 mode ciphers tkip 
  !
  broadcast-key vlan 5 change 30
  !
  !
  ssid 1stdecor Cisco Router
  !
  speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
  station-role root
 !
 interface Dot11Radio0.5
  encapsulation dot1Q 5 native
  no cdp enable
 !
 interface Vlan1
  description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
  no ip address
  ip nat inside
  ip virtual-reassembly
  ip tcp adjust-mss 1452
  bridge-group 1
 !
 interface Dialer0
  ip address negotiated
  ip mtu 1452
  ip nat outside
  ip virtual-reassembly
  encapsulation ppp
  dialer pool 1
  dialer-group 1
  no cdp enable
  ppp authentication chap callin
  ppp chap hostname <removed>
  ppp chap password 7 <removed>
 !
 interface BVI1
  ip address <removed> 255.255.255.248 secondary
  ip address 192.168.0.253 255.255.255.0
  ip nat inside
  ip virtual-reassembly
 !
 ip forward-protocol nd
 ip route 0.0.0.0 0.0.0.0 Dialer0
 !
 ip http server
 ip http access-class 23
 ip http authentication local
 ip http secure-server
 ip http timeout-policy idle 60 life 86400 requests 10000
 ip nat inside source list 1 interface Dialer0 overload
 ip nat inside source static 192.168.0.90 <removed>
 ip nat inside source static 192.168.0.91 <removed>
 ip nat inside source static 192.168.0.92 <removed>
 ip nat inside source static 192.168.0.93 <removed>
 ip nat inside source static 192.168.0.94 <removed>
 !
 access-list 1 remark SDM_ACL Category=2
 access-list 1 permit 192.168.0.0 0.0.0.255
 access-list 1 permit 10.10.11.0 0.0.0.255
 access-list 23 permit 212.93.196.0 0.0.0.255
 access-list 23 permit 212.93.192.0 0.0.0.255
 access-list 23 permit 212.93.193.0 0.0.0.255
 access-list 23 permit 10.10.10.0 0.0.0.255
 access-list 23 permit 192.168.0.0 0.0.0.255
 dialer-list 1 protocol ip permit
 snmp-server community private RW
 snmp-server community public RO
 no cdp run
 !
 !
 !
 control-plane
 !
 bridge 1 protocol ieee
 bridge 1 route ip
 banner exec ^CC
 % Password expiration warning. 
 privilege interface level 5 encapsulation
 privilege interface level 5 description
 privilege interface level 5 no encapsulation
 privilege interface level 5 no description
 privilege interface level 5 no
 privilege configure level 5 ip route
 privilege configure level 5 interface
 privilege configure level 5 controller
 privilege configure level 5 ip
 privilege exec level 5 copy running-config tftp
 privilege exec level 5 copy running-config
 privilege exec level 5 copy
 privilege exec level 5 write memory
 privilege exec level 5 write
 privilege exec level 5 configure terminal
 privilege exec level 5 configure
 privilege exec level 5 show processes cpu
 privilege exec level 5 show processes
 privilege exec level 2 show running-config
 privilege exec level 5 show configuration
 privilege exec level 2 show
 privilege exec level 5 clear counters
 privilege exec level 5 clear
 !
 line con 0
 privilege level 15
 no modem enable
 line aux 0
 line vty 0 4
 access-class 23 in
 privilege level 15
 transport input telnet ssh
 !
 scheduler max-task-time 5000
 end

答案1

它应该像这样简单:

ip route 192.168.2.0 255.255.255.0 <IP_of_MSONA>

请注意,这必须是路由器可以访问的 MSONA 盒的 IP,位于 192.186.0.0/24 网络内。这应该在 192.168.0.253 路由器上完成。

相关内容