思科ISR4331换宽带运营商怎么修改配置？

jodychina

Current configuration : 4466 bytes
!
! No configuration change since last restart
!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no platform punt-keepalive disable-kernel-core
platform hardware throughput level 300000
!
hostname ISR4331
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!         
enable secret 5 $1$8.Il$FHAuo9sxXgDx9Wg6reEbb/
!         
aaa new-model
!         
!         
aaa authentication login default local-case line
aaa authentication login NO-Console none
aaa authentication login Ez***_Authen_Local local-case
aaa authentication enable default enable
aaa authorization network Ez***_Author_Local local
!         
         
aaa session-id common
clock timezone GMT 8 0
         
ip name-server 223.5.5.5
!         
        
subscriber templating
!         
multilink bundle-name authenticated
!         
        
license udi pid ISR4331/K9 sn FDO22260V0V
license boot level securityk9
!         
spanning-tree extend system-id
!         
!         
redundancy
mode none
!         
      
vlan internal allocation policy ascending
!               
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2  
!         
crypto isakmp client configuration group Ez***_IKE_Client_Config_Group
pool Ez***_Pool
acl Ez***_Local_Site_Network
netmask 255.255.255.0
crypto isakmp profile Ez***_IKE_Profile
   match identity group Ez***_IKE_Client_Config_Group
   client authentication list Ez***_Authen_Local
   isakmp authorization list Ez***_Author_Local
   client configuration address respond
   virtual-template 10
!                 
crypto ipsec transform-set Ez***_IPsec_Trans esp-3des esp-sha-hmac
mode tunnel
!         
crypto ipsec profile Ez***_IPsec_Profile
set transform-set Ez***_IPsec_Trans
set isakmp-profile Ez***_IKE_Profile
!         
     
interface GigabitEthernet0/0/0
ip address 59.44.140.135 255.255.255.224
ip nat outside
ip access-group Deny_Telnet in
negotiation auto
no cdp enable
!         
interface GigabitEthernet0/0/1
ip address 10.1.1.1 255.255.255.0
ip nat inside
negotiation auto
!         
interface GigabitEthernet0/0/2
no ip address
shutdown
negotiation auto
!         
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!         
interface Virtual-Template10 type tunnel
ip unnumbered GigabitEthernet0/0/0
tunnel mode ipsec ipv4
tunnel protection ipsec profile Ez***_IPsec_Profile
!         
interface Vlan1
no ip address
shutdown
!         
ip local pool Ez***_Pool 172.31.10.1 172.31.10.254
ip nat inside source list 1 interface GigabitEthernet0/0/0 overload
ip forward-protocol nd
no ip http server
ip http authentication local
no ip http secure-server
ip tftp source-interface GigabitEthernet0
ip route 0.0.0.0 0.0.0.0 59.44.140.133
ip route 10.1.1.0 255.255.255.0 10.1.1.2
ip route 192.168.10.0 255.255.255.0 10.1.1.2
ip route 192.168.11.0 255.255.255.0 10.1.1.2
ip route 192.168.12.0 255.255.255.0 10.1.1.2
ip route 192.168.13.0 255.255.255.0 10.1.1.2
ip route 192.168.14.0 255.255.255.0 10.1.1.2
ip route 192.168.15.0 255.255.255.0 10.1.1.2
ip ssh version 2
!         
!         
ip access-list standard Site_Network
permit 192.168.10.0 0.0.0.255
permit 192.168.11.0 0.0.0.255
permit 192.168.12.0 0.0.0.255
permit 192.168.13.0 0.0.0.255
permit 192.168.14.0 0.0.0.255
permit 192.168.15.0 0.0.0.255
permit 10.1.1.0 0.0.0.255
!         
ip access-list extended Deny_Telnet
deny   tcp any host 59.44.140.135 eq telnet
permit ip any any
ip access-list extended Ez***_Local_Site_Network
permit ip 192.168.0.0 0.0.255.255 any
permit ip 10.1.0.0 0.0.255.255 any
!         
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 1 permit 192.168.11.0 0.0.0.255
access-list 1 permit 192.168.12.0 0.0.0.255
access-list 1 permit 192.168.13.0 0.0.0.255
access-list 1 permit 192.168.14.0 0.0.0.255
access-list 1 permit 192.168.15.0 0.0.0.255
access-list 1 permit 10.1.1.0 0.0.0.255
!         
      
control-plane
!         
      
line con 0
logging synchronous
login authentication NO-Console
stopbits 1
line aux 0
stopbits 1
line vty 0 4
logging synchronous
transport input all
!         
ntp source GigabitEthernet0/0/0
ntp server 120.27.94.97



公司换了宽带网络运营商，以上为路由器现有的配置文件，实在不明白怎么改，小白一个求大神帮助。
，运营商给提供的新的地址网关：59.44.144.97 ip：59.44.144.107 掩码：255.255.255.244 DNS：118.118.118.1
希望能有大神把修改的命令帮我写一下，最好按步帮我写一下，因为实在的不懂，怕搞错，还有就是是不是上网的话只要改外网的接口就行，不会影响内网的配置？望好人一生平安。

Jalen

看起來就是修改
ip name-server 223.5.5.5 改成給你的新DNS
interface GigabitEthernet0/0/0 改成你的新IP
ip route 0.0.0.0 0.0.0.0 59.44.140.133 這行改成你的新網關
ip access-list extended Deny_Telnet
deny   tcp any host 59.44.140.135 eq telnet 一樣改成你的新IP

不過大哥你這密碼都爆露拉

jodychina

~~~~~~~~~~~

nbvnbv0022

en
conf tno ip name-server 223.5.5.5
ip name-server 118.118.118.1
interface GigabitEthernet0/0/0
no ip address 59.44.140.135 255.255.255.224
ip address 59.44.144.107 255.255.255.224

no ip route 0.0.0.0 0.0.0.0 59.44.140.133
ip route 0.0.0.0 0.0.0.0 59.44.144.97

ip access-list extended Deny_Telnet
no deny   tcp any host 59.44.140.135 eq telnet
deny   tcp any host 59.44.144.107 eq telnet
end
wr

nbvnbv0022

另，你的VPN clint要改server IP。