API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 7th, 2015
251
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.61 KB | None | 0 0
raw download clone embed print report
  1. ip-10-11-27-119#sho conf
  2. Using 2575 out of 33554432 bytes
  3. !
  4. ! Last configuration change at 23:32:48 UTC Tue Jul 7 2015 by ec2-user
  5. !
  6. version 15.5
  7. service timestamps debug datetime msec
  8. service timestamps log datetime msec
  9. no platform punt-keepalive disable-kernel-core
  10. platform console virtual
  11. !
  12. hostname ip-10-11-27-119
  13. !
  14. boot-start-marker
  15. boot-end-marker
  16. !
  17. !
  18. !
  19. no aaa new-model
  20. subscriber templating
  21. !
  22. multilink bundle-name authenticated
  23. !
  24. !
  25. crypto pki trustpoint TP-self-signed-3206891870
  26. enrollment selfsigned
  27. subject-name cn=IOS-Self-Signed-Certificate-3206891870
  28. revocation-check none
  29. rsakeypair TP-self-signed-3206891870
  30. !
  31. !
  32. crypto pki certificate chain TP-self-signed-3206891870
  33. certificate self-signed 01 nvram:IOS-Self-Sig#1.cer
  34. license udi pid CSR1000V sn 9MOG03EMB3Q
  35. spanning-tree extend system-id
  36. !
  37. username ec2-user privilege 15 secret 5 $1$7TWv$VIbeAC1UrzPLeISEG8IMq.
  38. !
  39. redundancy
  40. !
  41. crypto ikev2 proposal ikev2proposal
  42. encryption aes-cbc-256
  43. integrity sha1
  44. group 2
  45. !
  46. crypto ikev2 policy ikev2policy
  47. match fvrf any
  48. proposal ikev2proposal
  49.  
  50. crypto ikev2 keyring keys
  51. peer strongswan
  52. address 54.187.159.46
  53. pre-shared-key local test
  54. pre-shared-key remote test
  55. !
  56. !
  57. !
  58. crypto ikev2 profile ikev2profile
  59. match identity remote address 54.187.159.46 255.255.255.255
  60. authentication remote pre-share
  61. authentication local pre-share
  62. keyring local keys
  63. !
  64. !
  65. !
  66. !
  67. ip ssh rsa keypair-name ssh-key
  68. ip ssh version 2
  69. ip ssh pubkey-chain
  70. username ec2-user
  71. key-hash ssh-rsa CCE3C94BF98C95D3376584DB3FF35FBB cisco-test
  72. crypto isakmp policy 10
  73. authentication pre-share
  74. group 2
  75. !
  76. !
  77. crypto ipsec transform-set TS esp-aes esp-sha-hmac
  78. mode tunnel
  79. !
  80. !
  81. !
  82. crypto map cmap 10 ipsec-isakmp
  83. set peer 54.187.159.46
  84. set transform-set TS
  85. set ikev2-profile ikev2profile
  86. match address cryptoacl
  87.  
  88. interface GigabitEthernet1
  89. ip address dhcp
  90. ip nat outside
  91. negotiation auto
  92. crypto map cmap
  93. !
  94. interface GigabitEthernet2
  95. ip address 10.11.28.119 255.255.255.0
  96. ip nat inside
  97. negotiation auto
  98. !
  99. !
  100. virtual-service csr_mgmt
  101. ip shared host-interface GigabitEthernet1
  102. activate
  103. !
  104. ip nat inside source list NATList interface GigabitEthernet1 overload
  105. ip forward-protocol nd
  106. no ip http server
  107. ip http secure-server
  108. !
  109. ip access-list extended NATList
  110. deny ip 10.11.28.0 0.0.0.255 10.11.27.0 0.0.0.240 log
  111. permit ip 10.11.28.0 0.0.0.192 any log
  112. ip access-list extended cryptoacl
  113. permit ip host 10.11.28.119 host 10.11.27.5
  114. !
  115. logging trap debugging
  116. !
  117. !
  118. !
  119. control-plane
  120. !
  121. !
  122. line con 0
  123. stopbits 1
  124. line vty 0 4
  125. login local
  126. transport input ssh
  127.  
  128. end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!