08-01-2024 11:24 AM - modifié 18-01-2024 12:06 PM
Bonjour à tous,
Nous disposons d'un Routeur isr4221/k9 qui fonctionne correctement sous un accès LAN et internet Basique. Avec attribution d'adresses iP par DHCP aux postes clients. L'iOS installé est: 03.16.04b
Nous avons acquis des téléphones iP CP 8861 qui seront configurés sur ce routeur. l'une des exigences pour installer ses téléphones iP est d'avoir au minimun l'ios: 16.12.1
Nous avons upgrader le routeur vers la version 17.09.04a
Nous constatons que les postes clients ne reçoivent pas les adresses Lan en DHCP. Quand nous entrons les adresses IP en statique avec le DNS de l'ISP , les postes clients reçoivent internet et peuvent communiquer sur le LAN.
Nous avons downgrader de la version 17.09.04a à 16.12.1 mais le problème demeure toujours.
Voici la configuration en cours:
Building configuration...
Current configuration : 7230 bytes
!
! Last configuration change at 18:25:22 UTC Mon Jan 8 2024
!
version 17.9
service timestamps debug datetime msec
service timestamps log datetime msec
service call-home
platform qfp utilization monitor load 80
platform punt-keepalive disable-kernel-core
!
hostname Routeur_PhoneiP
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
no aaa new-model
!
!
!
!
!
!
!
no ip domain lookup
ip dhcp excluded-address 192.168.10.1 192.168.10.20
ip dhcp excluded-address 192.168.10.234 192.168.10.254
!
ip dhcp pool VOICELAN
network 192.168.10.0 255.255.255.0
default-router 192.168.10.15 255.255.255.0
dns-server 196.201.90.4 196.201.90.20 8.8.8.8 8.8.4.4
lease 0 2
!
!
!
login on-success log
!
!
!
!
!
!
!
subscriber templating
!
!
!
!
vtp version 1
!
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint TP-self-signed-1094462363
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1094462363
revocation-check none
rsakeypair TP-self-signed-1094462363
!
crypto pki trustpoint SLA-TrustPoint
enrollment pkcs12
revocation-check crl
!
!
crypto pki certificate chain TP-self-signed-1094462363
certificate self-signed 01
30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31303934 34363233 3633301E 170D3234 30313032 32313536
32345A17 0D333430 31303132 31353632 345A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30393434
36323336 33308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201
0A028201 0100CDD7 8B4F4685 4A86B649 A69EB86F 086E9278 A91BAD52 3721E393
9D868DB2 0583CDE6 BF81E9FE 7C080BC3 52348AB5 88CEC43F 94E7E1F3 A3E20146
EE9AD75C 23E8475B 739EBA2C F4CA06A3 1058A221 575E175B E2368A00 7C6E5898
C30C266E CFF3723A 6FFF171C 286D7F94 42569B26 F6F3A56E 186BD229 4FBF06BF
7AFBF7C7 AEBDE5B9 E2D9F17B DE26FB83 BED66809 BD020BB9 2FBD738F DA26EE6A
03528091 47FADF8E 05A9E6E2 DF02EB9B 83E0EB22 77553153 6821E4AC 3AAFA540
83ACFC40 FCABC978 7B1DAACE F9A4943A B054973B 4A07C669 2511BA73 23DFC876
40DE50A4 0172E428 97A51567 1ED5BE81 BCFD1851 8051F7AF B8F41D95 6009EE1F
F76013AC D3D50203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF
301F0603 551D2304 18301680 142468E0 8806C69C 21C73931 77CC9A31 26CDCEC1
66301D06 03551D0E 04160414 2468E088 06C69C21 C7393177 CC9A3126 CDCEC166
300D0609 2A864886 F70D0101 05050003 82010100 3A68CD4E 3B746257 133B88B5
81750E58 AE88D3D5 14110425 4C750493 77E1D55D 833A423A 28CEA293 8C50C54B
0519155C 20E3FFB0 C62F785C 55A3A24E 1F80C87F D6071B4B B9B54AE3 412D48E4
E0DF0DDE 9E128039 F2610224 9271410F A645866B F685D20E FD863A90 686CF05B
305F042F 4E007FF9 6084DD01 D3033071 EA7DE2EF F4A3B6C0 CB938420 0991C7EF
0EFA13A9 01C348E5 B4CE1536 E3B08CDF 72327F7B 864AE90E 7FCF33D9 6A07D9D6
45C6D7BB 98CA5FBC E327D589 AC364C2C EF71BAB4 F55403DF A019CFAE CB732BBB
78207A42 2F75AD6B D819BDE5 150AE613 E2363842 1DC3EBDB EC56C539 907EA308
52B1DEA3 FC9F14DE CDED4197 915F32E9 52792146
quit
crypto pki certificate chain SLA-TrustPoint
certificate ca 01
30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030
32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363
6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934
3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305
43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720
526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030
82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D
CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520
1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE
4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC
7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188
68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7
C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191
C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44
DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201
06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85
4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500
03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905
604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B
D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8
467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C
7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B
5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678
80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB
418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0
D697DF7F 28
quit
!
!
no license feature hseck9
license udi pid ISR4321/K9 sn FDO202919EM
memory free low-watermark processor 62972
!
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
redundancy
mode none
!
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0/0
description Interface Modem ISP
ip address 192.168.1.15 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
negotiation auto
!
interface GigabitEthernet0/0/1
description Interface users VOICELAN
ip address 192.168.10.15 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
negotiation auto
!
interface GigabitEthernet0/1/0
!
interface GigabitEthernet0/1/1
!
interface GigabitEthernet0/1/2
!
interface GigabitEthernet0/1/3
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!
interface Vlan1
no ip address
!
ip http server
ip http authentication local
ip http secure-server
ip forward-protocol nd
ip tftp source-interface GigabitEthernet0
ip nat inside source list 1 interface GigabitEthernet0/0/0 overload
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip ssh version 2
!
!
!
ip access-list standard 1
10 permit any
!
!
!
control-plane
!
banner motd ^C Bienvenue sur le Routeur_PhoneiP ^C
!
line con 0
stopbits 1
line aux 0
line vty 0 4
login local
transport input ssh
line vty 5 15
login local
transport input ssh
!
call-home
! If contact email address in call-home is configured as sch-smart-licensing@cisco.com
! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications.
contact-email-addr sch-smart-licensing@cisco.com
profile "CiscoTAC-1"
active
destination transport-method http
!
!
!
!
!
!
end
-Voici le résultat de la commande show ip dhcp pool:
#show ip dhcp pool VOICELAN
Pool VOICELAN :
Utilization mark (high/low) : 100 / 0
Subnet size (first/next) : 0 / 0
Total addresses : 254
Leased addresses : 9
Excluded addresses : 41
Pending event : none
1 subnet is currently in the pool :
Current index IP address range Leased/Excluded/Total
192.168.10.30 192.168.10.1 - 192.168.10.254 9 / 41 / 254
-Voici le résultat de la commande show arp:
#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.1.1 0 e8a1.f898.aa90 ARPA GigabitEthernet0/0/0
Internet 192.168.1.15 - 843d.c692.7ac0 ARPA GigabitEthernet0/0/0
Internet 192.168.10.12 2 507b.9d90.e77f ARPA GigabitEthernet0/0/1
Internet 192.168.10.15 - 843d.c692.7ac1 ARPA GigabitEthernet0/0/1
Internet 192.168.10.21 10 28d2.4498.0df5 ARPA GigabitEthernet0/0/1
Internet 192.168.10.22 0 0062.eccb.ba47 ARPA GigabitEthernet0/0/1
Internet 192.168.10.23 1 ac7e.8ab7.b68e ARPA GigabitEthernet0/0/1
Internet 192.168.10.24 3 ac7e.8ab7.afa7 ARPA GigabitEthernet0/0/1
Internet 192.168.10.25 1 5006.ab80.1dec ARPA GigabitEthernet0/0/1
Internet 192.168.10.26 0 5006.ab80.270d ARPA GigabitEthernet0/0/1
Internet 192.168.10.27 2 00af.1fc1.69c3 ARPA GigabitEthernet0/0/1
Internet 192.168.10.28 1 ac7e.8ab7.ca0e ARPA GigabitEthernet0/0/1
Internet 192.168.10.29 2 5006.ab80.0505 ARPA GigabitEthernet0/0/1
-Voici le résultat de la commande show ip dhcp binding
#show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type State Interface
Hardware address/
User name
192.168.10.21 0128.d244.980d.f5 Jan 08 2024 08:20 PM Automatic Active GigabitEthernet0/0/1
192.168.10.22 0063.6973.636f.2d30. Jan 08 2024 08:06 PM Automatic Active GigabitEthernet0/0/1
3036.322e.6563.6362.
2e62.6134.372d.566c.
31
192.168.10.23 01ac.7e8a.b7b6.8e Jan 08 2024 08:07 PM Automatic Active GigabitEthernet0/0/1
192.168.10.24 01ac.7e8a.b7af.a7 Jan 08 2024 08:07 PM Automatic Active GigabitEthernet0/0/1
192.168.10.25 0150.06ab.801d.ec Jan 08 2024 08:07 PM Automatic Active GigabitEthernet0/0/1
192.168.10.26 0150.06ab.8027.0d Jan 08 2024 08:07 PM Automatic Active GigabitEthernet0/0/1
192.168.10.27 0100.af1f.c169.c3 Jan 08 2024 08:07 PM Automatic Active GigabitEthernet0/0/1
192.168.10.28 01ac.7e8a.b7ca.0e Jan 08 2024 08:07 PM Automatic Active GigabitEthernet0/0/1
192.168.10.29 0150.06ab.8005.05 Jan 08 2024 08:07 PM Automatic Active GigabitEthernet0/0/1
Résolu ! Accéder à la solution.
le 07-02-2024 08:12 AM
Bonjour @cipeur
Dans ma config dhcp je ne mets de masque après l'adresse ip de gw:
ip dhcp excluded-address 172.16.10.1 172.16.10.3
ip dhcp pool LAN-POOL-1
network 172.16.10.0 255.255.255.0
default-router 172.16.10.1
domain-name labo-acl.com
exit
La version sur laquelle j'ai installé dhcp: routeur 4331
R3#
R3#sh version
Cisco IOS XE Software, Version 03.16.05.S - Extended Support Release
Cisco IOS Software, ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version Version 15.5 (3)S5, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2017 by Cisco Systems, Inc.
Compiled Thu 19-Jan-17 11:24 by mcpre
Cisco IOS-XE software, Copyright (c) 2005-2017 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON
Router uptime is 29 seconds
Uptime for this control processor is 29 seconds
System returned to ROM by power-on
System image file is "bootflash:/isr4300-universalk9.03.16.05.S.155-3.S5-ext.SPA.bin"
Last reload reason: PowerOn
le 08-02-2024 11:43 PM
@Said73 a raison, votre deuxième 255.255.255.0
(default-router 192.168.10.15 255.255.255.0) veut dire que c'est un deuxième routeur possible (voir le IOS command guide).
De plus si le Voice vlan est pour des IP PHones Cisco, il manque probablement option 150 avec l'adresse du serveur TFTP. -Ex: "option 150 ip 192.168.1.2" -
le 07-02-2024 08:12 AM
Bonjour @cipeur
Dans ma config dhcp je ne mets de masque après l'adresse ip de gw:
ip dhcp excluded-address 172.16.10.1 172.16.10.3
ip dhcp pool LAN-POOL-1
network 172.16.10.0 255.255.255.0
default-router 172.16.10.1
domain-name labo-acl.com
exit
La version sur laquelle j'ai installé dhcp: routeur 4331
R3#
R3#sh version
Cisco IOS XE Software, Version 03.16.05.S - Extended Support Release
Cisco IOS Software, ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version Version 15.5 (3)S5, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2017 by Cisco Systems, Inc.
Compiled Thu 19-Jan-17 11:24 by mcpre
Cisco IOS-XE software, Copyright (c) 2005-2017 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON
Router uptime is 29 seconds
Uptime for this control processor is 29 seconds
System returned to ROM by power-on
System image file is "bootflash:/isr4300-universalk9.03.16.05.S.155-3.S5-ext.SPA.bin"
Last reload reason: PowerOn
le 08-02-2024 11:43 PM
@Said73 a raison, votre deuxième 255.255.255.0
(default-router 192.168.10.15 255.255.255.0) veut dire que c'est un deuxième routeur possible (voir le IOS command guide).
De plus si le Voice vlan est pour des IP PHones Cisco, il manque probablement option 150 avec l'adresse du serveur TFTP. -Ex: "option 150 ip 192.168.1.2" -
le 09-02-2024 11:13 AM
Bonsoir @Said73, @cybersecurite2023
Merci pour les explications, votre solution a fonctionné, j'ai remplacé:
default-router 192.168.10.15 255.255.255.0
par
default-router 192.168.10.15
et le routeur attribue les adresses IP par DHCP.
Découvrez et enregistrez vos notes préférées. Revenez pour trouver les réponses d'experts, des guides étape par étape, des sujets récents et bien plus encore.
Êtes-vous nouveau ici? Commencez par ces conseils. Comment utiliser la communauté Guide pour les nouveaux membres
Parcourez les liens directs de la Communauté et profitez de contenus personnalisés en français