Untitled


Current configuration : 11915 bytes
!
! Last configuration change at 13:39:52 CST Thu Mar 10 2016 by pamiller3
! NVRAM config last updated at 13:39:53 CST Thu Mar 10 2016 by pamiller3
! NVRAM config last updated at 13:39:53 CST Thu Mar 10 2016 by pamiller3
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 2811-CME
!
boot-start-marker
boot-end-marker
!
!
logging buffered 4096 informational
logging monitor emergencies
enable secret 5 $1$wYWY$32bxwvvyIBK9tvvF2mdSg0
!
aaa new-model
!
!
aaa authentication login sslvpn local
!
!
!
!
!
aaa session-id common
!
clock timezone CST -6 0
clock summer-time CDT recurring last Sun Mar 2:00 last Sun Oct 2:00
!
no dot11 igmp snooping-helper
no dot11 syslog
!
dot11 ssid MillerNET
 vlan 30
 authentication open
 authentication key-management wpa
 guest-mode
 wpa-psk ascii 7 06121D204F4558405D4F
!
ip source-route
!
!
ip cef
!
ip dhcp excluded-address 192.168.3.1 192.168.3.99
ip dhcp excluded-address 192.168.2.33 192.168.2.255
ip dhcp excluded-address 192.168.2.20 192.168.2.255
ip dhcp excluded-address 192.168.3.131 192.168.3.254
ip dhcp excluded-address 192.168.4.1
ip dhcp excluded-address 192.168.5.1
!
ip dhcp pool LAN-MillerNET
 network 192.168.3.0 255.255.255.0
 default-router 192.168.3.1
 option 150 ip 192.168.3.25
 domain-name millernet.us
 dns-server 192.168.3.200 8.8.8.8 4.2.2.1
 lease 7
!
ip dhcp pool STATIC-XBOX-MILLER
 host 192.168.3.60 255.255.255.0
 client-identifier 0100.25ae.fa87.07
!
ip dhcp pool LAN-DMZ
 network 192.168.2.0 255.255.255.0
 default-router 192.168.2.1
 dns-server 4.2.2.1 4.2.2.2
 domain-name millernet.us
!
ip dhcp pool WLAN-MillerNET
 network 192.168.4.0 255.255.255.0
 default-router 192.168.4.1
 domain-name millernet.us
 dns-server 192.168.3.200 8.8.8.8 4.2.2.1
 lease 7
!
ip dhcp pool PhoneLAN
 network 192.168.5.0 255.255.255.0
 default-router 192.168.5.1
 dns-server 192.168.3.1 8.8.8.8 4.2.2.1
 domain-name millernet.us
!
ip dhcp pool STATIC-UBIQUITI
 host 192.168.3.3 255.255.255.0
 client-identifier 0100.156d.c1c7.0f
!
!
ip domain name millernet.us
ip name-server 8.8.8.8
ip name-server 4.2.2.1
ip name-server 192.168.3.200
ip ddns update method no-ip
 HTTP
  add <OMITTED>
 interval maximum 0 0 5 0
 interval minimum 0 0 5 0
!
no ip igmp snooping
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
vpdn enable
!
vpdn-group 1
!
!
!
!
!
!
!
!
voice-card 0
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint SSL-VPN-TP
 enrollment selfsigned
 serial-number
 subject-name CN=millernet-vpn
 revocation-check crl
 rsakeypair my-rsa-keys
!
!
crypto pki certificate chain SSL-VPN-TP
 certificate self-signed 06
  <OMITTED>
        quit
!
!
license udi pid CISCO2811 sn FTX1115A1GG
archive
 path tftp://192.168.3.201/
 write-memory
 time-period 1440
username pamiller3 privilege 15 secret 5 $1$Pc/.$y6kJb0xpe.77ciRHZTJ8A.
username nalong password 7 14141B180F0B7B7977
!
redundancy
!
!
ip ssh rsa keypair-name SSHKeys
ip ssh version 2
!
!
!
bridge irb
!
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
 description ### UPLINK TO INET (USES DIALER1) ###
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 duplex auto
 speed auto
 pppoe enable group global
 pppoe-client dial-pool-number 1
 no cdp enable
!
interface FastEthernet0/1
 description ### TO 3750 ###
 no ip address
 ip nat inside
 ip virtual-reassembly in
 no ip route-cache
 duplex auto
 speed auto
!
interface FastEthernet0/1.20
 description ### DMZ ###
 encapsulation dot1Q 20
 ip address 192.168.2.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 no ip route-cache
!
interface FastEthernet0/1.30
 description ### ANDY VLAN ###
 encapsulation dot1Q 30
 ip helper-address 192.168.3.1
 ip nat inside
 ip virtual-reassembly in
 no ip route-cache
 bridge-group 1
!
interface FastEthernet0/1.50
 description ### PHONE VLAN ###
 encapsulation dot1Q 50
 ip helper-address 192.168.5.1
 ip nat inside
 ip virtual-reassembly in
 no ip route-cache
!
interface FastEthernet0/1.200
 description ### SERVER VLAN ###
 encapsulation dot1Q 200
 ip address 192.168.200.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 no ip route-cache
!
interface Serial0/0/0
 description ### TO LAB ###
 ip address 192.168.50.1 255.255.255.252
 ip nat inside
 ip virtual-reassembly in
 clock rate 8000000
!
interface Dot11Radio0/2/0
 no ip address
 ip nat inside
 no ip virtual-reassembly in
 !
 encryption vlan 30 mode ciphers aes-ccm
 !
 ssid MillerNET
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 channel 2412
 station-role root access-point
!
interface Dot11Radio0/2/0.40
 description ### SSID MillerNET ###
 encapsulation dot1Q 30
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Service-Engine1/0
 ip unnumbered FastEthernet0/1.30
 shutdown
!
interface Virtual-Template7
 ip unnumbered Dialer1
!
interface Dialer1
 description ### VIRT INT TO INET ###
 ip ddns update hostname pamiller3.no-ip.org
 ip ddns update no-ip
 ip address negotiated
 ip flow ingress
 ip nat outside
 ip virtual-reassembly in
 encapsulation ppp
 ip tcp adjust-mss 1400
 dialer pool 1
 dialer-group 1
 ppp authentication chap pap callin
 ppp chap hostname <OMITTED>
 ppp chap password 7 101E5C4B5C4F4A1B0D0920
 ppp timeout idle 180
!
interface BVI1
 ip address 192.168.3.1 255.255.255.0
 ip nat inside
 no ip virtual-reassembly in
!
!
router eigrp 1
 network 1.0.0.0
 network 192.168.2.0
 network 192.168.3.0
 network 192.168.4.0
!
router ospf 1
 router-id 0.0.0.1
 network 192.168.50.0 0.0.0.255 area 0
!
ip local pool webvpn-pool 192.168.100.1 192.168.100.254
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source list 2 interface Dialer1 overload
ip nat inside source static tcp 192.168.3.1 22 interface Dialer1 22
ip nat inside source static tcp 192.168.2.200 80 interface Dialer1 80
ip nat inside source static tcp 192.168.3.210 6500 interface Dialer1 21
ip nat inside source static tcp 192.168.3.210 20000 interface Dialer1 20000
ip nat inside source static tcp 192.168.3.210 20001 interface Dialer1 20001
ip nat inside source static tcp 192.168.3.210 20002 interface Dialer1 20002
ip nat inside source static tcp 192.168.3.210 20003 interface Dialer1 20003
ip nat inside source static tcp 192.168.3.210 20004 interface Dialer1 20004
ip nat inside source static tcp 192.168.3.210 20005 interface Dialer1 20005
ip nat inside source static tcp 192.168.3.210 3389 interface Dialer1 3389
ip nat inside source static tcp 192.168.200.2 902 interface Dialer1 902
ip nat inside source static tcp 192.168.3.250 25565 interface Dialer1 25565
ip nat inside source static tcp 192.168.3.200 80 interface Dialer1 9999
ip nat inside source static tcp 192.168.3.251 10000 interface Dialer1 8888
ip nat inside source static tcp 192.168.2.200 21 interface Dialer1 6500
ip nat inside source static tcp 192.168.2.200 22 interface Dialer1 6501
ip nat inside source static tcp 192.168.3.250 25566 interface Dialer1 25566
ip nat inside source static tcp 192.168.3.205 32400 interface Dialer1 32400
ip nat inside source static tcp 192.168.3.201 8080 interface Dialer1 8080
ip route 0.0.0.0 0.0.0.0 Dialer1
!
logging history debugging
logging trap debugging
logging 192.168.3.250
access-list 2 remark ***NAT***
access-list 2 permit 192.168.2.0 0.0.0.255
access-list 2 permit 192.168.3.0 0.0.0.255
access-list 2 permit 192.168.10.0 0.0.0.255
access-list 2 permit 192.168.125.0 0.0.0.255
access-list 2 permit 192.168.6.0 0.0.0.255
access-list 2000 permit ip host 192.168.3.1 host 192.168.3.200
dialer-list 1 protocol ip permit
!
!
!
!
snmp-server community MillerNET RO
snmp-server community Cacti RO
snmp-server location Network Rack
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
voice-port 0/1/0
!
voice-port 0/1/1
!
voice-port 0/1/2
!
voice-port 0/1/3
!
voice-port 0/3/0
!
voice-port 0/3/1
!
!
!
mgcp profile default
!
!
!
!
!
alias exec s show ip interface brief
banner login ^CWARNING ENTERING PRIVATE NETWORK SPACE
####### ENTERING MILLERNET ###########
######### EXIT NOW PLEASE ############
^C
!
line con 0
 password 7 143431051C5573737C
 logging synchronous
line aux 0
 password 7 02050D480809
 transport input telnet
line 66
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
line vty 0 4
 exec-timeout 1440 0
 privilege level 15
 logging synchronous
 transport input ssh
!
scheduler allocate 20000 1000
ntp master
!
webvpn gateway VPN-Gateway
 ip interface Dialer1 port 443
 ssl encryption rc4-md5
 ssl trustpoint SSL-VPN-TP
 inservice
 !
webvpn install svc flash:/webvpn/anyconnect-win-3.1.03103-k9.pkg sequence 1
 !
webvpn context WebVPN
 title "MillerNET WebVPN"
 ssl authenticate verify all
 !
 url-list "rewrite"
 !
 acl "ssl-acl"
   permit ip 192.168.100.0 255.255.255.0 192.168.100.0 255.255.255.0
 !
 login-message "MillerNET Secure WebVPN"
 !
 policy group webvpnpolicy
   functions svc-enabled
   filter tunnel ssl-acl
   svc address-pool "webvpn-pool" netmask 255.255.255.0
   svc rekey method new-tunnel
   svc split include 192.168.2.0 255.255.255.0
   svc split include 192.168.3.0 255.255.255.0
   svc split include 192.168.4.0 255.255.255.0
   svc split include 192.168.200.0 255.255.255.0
   svc dns-server primary 192.168.3.200
 default-group-policy webvpnpolicy
 aaa authentication list sslvpn
 gateway VPN-Gateway
 max-users 10
 inservice
!
end