API tools faq
paste
Advertisement
Guest User

Cisco 1811

a guest
Jan 30th, 2015
99
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.06 KB | None | 0 0
raw download clone embed print report
  1. version 12.4
  2. ...
  3. !
  4. ip dhcp pool WIFI
  5. network 192.168.2.0 255.255.255.0
  6. domain-name example.local
  7. default-router 192.168.2.1
  8. dns-server 192.168.0.151 8.8.8.8
  9. !
  10. ip dhcp pool LAN
  11. network 192.168.0.0 255.255.255.0
  12. bootfile pxelinux.0
  13. next-server 192.168.0.2
  14. domain-name example.local
  15. default-router 192.168.0.1
  16. dns-server 192.168.0.151 8.8.8.8
  17. option 66 ip 192.168.0.2
  18. option 150 ip 192.168.0.2
  19. lease infinite
  20. !
  21. ip dhcp pool ICS
  22. network 192.168.5.0 255.255.255.0
  23. bootfile pxelinux.0
  24. next-server 192.168.0.2
  25. domain-name example.local
  26. dns-server 192.168.0.151 8.8.8.8
  27. default-router 192.168.5.1
  28. option 66 ip 192.168.0.2
  29. option 150 ip 192.168.0.2
  30. lease infinite
  31. !
  32. ip name-server 192.168.0.151
  33. ip name-server 8.8.8.8
  34. !
  35. multilink bundle-name authenticated
  36. vpdn enable
  37. !
  38. vpdn-group vpnaccess
  39. ! Default PPTP VPDN group
  40. accept-dialin
  41. protocol pptp
  42. virtual-template 100
  43. l2tp tunnel receive-window 256
  44. !
  45. username ...
  46. !
  47. crypto isakmp policy 10
  48. encr 3des
  49. hash md5
  50. authentication pre-share
  51. group 2
  52. !
  53. crypto isakmp policy 15
  54. encr 3des
  55. authentication pre-share
  56. group 2
  57. crypto isakmp key blah-blah-blah address xxx.xxx.xxx.IPSEC1
  58. !
  59. crypto isakmp client configuration group NAS
  60. key blah-blah-blah
  61. dns 192.168.0.151 8.8.8.8
  62. domain example.local
  63. pool SDM_POOL_1
  64. acl 101
  65. netmask 255.255.255.0
  66. crypto isakmp profile ciscocp-ike-profile-1
  67. match identity group NAS
  68. client authentication list ciscocp_vpn_xauth_ml_1
  69. isakmp authorization list ciscocp_vpn_group_ml_1
  70. client configuration address respond
  71. virtual-template 1
  72. !
  73. crypto ipsec transform-set exampleset esp-3des esp-md5-hmac
  74. crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  75. !
  76. crypto ipsec profile CiscoCP_Profile1
  77. set transform-set ESP-3DES-SHA
  78. set isakmp-profile ciscocp-ike-profile-1
  79. !
  80. crypto map example 10 ipsec-isakmp
  81. set peer xxx.xxx.xxx.IPSEC1
  82. set security-association lifetime seconds 86400
  83. set transform-set exampleset
  84. match address EXAMPLEIPSEC
  85. !
  86. archive
  87. log config
  88. hidekeys
  89. !
  90. track 100 rtr 100 reachability
  91. delay down 10 up 20
  92. pseudowire-class top
  93. encapsulation l2tpv3
  94. protocol none
  95. ip local interface Vlan11
  96. !
  97. interface FastEthernet0
  98. description internet-outside-ISP1
  99. ip address xxx.xxx.xxx.ISP1 255.255.255.192
  100. ip nat outside
  101. ip virtual-reassembly
  102. duplex auto
  103. speed auto
  104. crypto map example
  105. !
  106. interface FastEthernet1
  107. description internet-outside-ISP2
  108. no ip dhcp client request dns-nameserver
  109. ip address dhcp
  110. ip nat outside
  111. ip virtual-reassembly
  112. duplex auto
  113. speed auto
  114. crypto map example
  115. !
  116. interface FastEthernet2
  117. description office-wire
  118. switchport access vlan 11
  119. !
  120. interface FastEthernet3
  121. description office-wifi-linksys
  122. switchport access vlan 12
  123. !
  124. interface FastEthernet4
  125. description office-ics-wifi
  126. switchport access vlan 12
  127. !
  128. interface FastEthernet5
  129. description office-ics-wire
  130. switchport access vlan 15
  131. !
  132. interface FastEthernet6
  133. !
  134. interface FastEthernet7
  135. !
  136. interface FastEthernet8
  137. !
  138. interface FastEthernet9
  139. !
  140. interface Virtual-PPP1
  141. no ip address
  142. !
  143. interface Virtual-Template1 type tunnel
  144. ip unnumbered FastEthernet0
  145. tunnel mode ipsec ipv4
  146. tunnel protection ipsec profile CiscoCP_Profile1
  147. !
  148. interface Virtual-Template100
  149. ip unnumbered FastEthernet0
  150. ip broadcast-address 192.168.0.255
  151. ip nat inside
  152. ip virtual-reassembly
  153. peer default ip address pool DIAL-IN
  154. ppp encrypt mppe auto required
  155. ppp bridge ip
  156. ppp authentication ms-chap ms-chap-v2
  157. !
  158. interface Vlan1
  159. no ip address
  160. !
  161. interface Vlan11
  162. description office-wire
  163. ip address 192.168.1.2 255.255.255.0 secondary
  164. ip address 192.168.0.1 255.255.255.0
  165. no ip redirects
  166. ip nat inside
  167. ip virtual-reassembly
  168. ip tcp adjust-mss 1412
  169. !
  170. interface Vlan12
  171. description office_wifi
  172. ip address 192.168.2.1 255.255.255.0
  173. ip access-group wifi-in in
  174. ip access-group wifi-out out
  175. no ip redirects
  176. ip nat inside
  177. ip virtual-reassembly
  178. !
  179. interface Vlan15
  180. description office-ics-wire
  181. ip address 192.168.5.1 255.255.255.0
  182. ip access-group office-ics-wire in
  183. ip access-group office-ics-wire-out out
  184. no ip redirects
  185. ip nat inside
  186. ip virtual-reassembly
  187. !
  188. interface Vlan111
  189. no ip address
  190. !
  191. interface Async1
  192. no ip address
  193. encapsulation slip
  194. !
  195. ip local policy route-map MYIP
  196. ip local pool DIAL-IN 192.168.0.200 192.168.0.220
  197. ip local pool SDM_POOL_1 192.168.10.10 192.168.10.20
  198. ip forward-protocol nd
  199. ip route 0.0.0.0 0.0.0.0 FastEthernet0 xxx.xxx.xxx.ISP1GW track 100
  200. ip route 8.8.4.4 255.255.255.255 xxx.xxx.xxx.ISP1GW
  201. ip route 0.0.0.0 0.0.0.0 FastEthernet1 dhcp 20
  202. !
  203. ip http server
  204. ip http authentication local
  205. no ip http secure-server
  206. ...
  207. ip nat inside source route-map WORLD-ISP1 interface FastEthernet0 overload
  208. ip nat inside source route-map WORLD-ISP2 interface FastEthernet1 overload
  209. !
  210. ip access-list standard WORLD-PPPOE
  211. ...
  212. !
  213. ip access-list extended MYIP
  214. ...
  215. ip access-list extended NATNET
  216. ...
  217. ip access-list extended EXAMPLEIPSEC
  218. ...
  219. ip access-list extended ISP2
  220. ...
  221. ip access-list extended console-in
  222. ...
  223. ip access-list extended internet-in
  224. ...
  225. ip access-list extended office-ics-wire
  226. ...
  227. ip access-list extended office-ics-wire-out
  228. ...
  229. ip access-list extended wifi-in
  230. ...
  231. ip access-list extended wifi-out
  232. ...
  233. !
  234. ip sla 100
  235. icmp-echo 8.8.4.4 source-interface FastEthernet0
  236. timeout 500
  237. frequency 3
  238. ip sla schedule 100 life forever start-time now
  239. logging host xxx.xxx.xxx.xxx transport udp port 5145
  240. ...
  241. access-list compiled
  242. dialer-list 1 protocol ip permit
  243. dialer-list 2 protocol ip permit
  244. arp 192.168.2.100 0018.39c5.ccea ARPA
  245. !
  246. route-map IPSEC permit 10
  247. match ip address EXAMPLEIPSEC
  248. set ip next-hop xxx.xxx.xxx.IPSEC1NEXTHOP
  249. !
  250. route-map WORLD-ISP1 permit 10
  251. match ip address NATNET
  252. match interface FastEthernet0
  253. !
  254. route-map WORLD-ISP2 permit 10
  255. match ip address NATNET
  256. match interface FastEthernet1
  257. !
  258. control-plane
  259. !
  260. line con 0
  261. line 1
  262. modem InOut
  263. stopbits 1
  264. speed 115200
  265. flowcontrol hardware
  266. line aux 0
  267. line vty 0 4
  268. access-class console-in in
  269. !
  270. ntp clock-period 17180263
  271. ntp update-calendar
  272. ntp server 62.149.0.30
  273. ntp server 193.34.155.4 prefer
  274. !
  275. webvpn gateway gateway_1
  276. ip address xxx.xxx.xxx.ISP1 port 5000
  277. ssl trustpoint Router_Certificate
  278. inservice
  279. !
  280. webvpn context Default_context
  281. ssl authenticate verify all
  282. !
  283. no inservice
  284. !
  285. webvpn context nas
  286. secondary-color white
  287. title-color #CCCC66
  288. text-color black
  289. ssl authenticate verify all
  290. !
  291. nbns-list "nbns_list_1"
  292. nbns-server 192.168.10.160 master
  293. !
  294. policy group policy_1
  295. nbns-list "nbns_list_1"
  296. functions file-access
  297. functions file-browse
  298. functions file-entry
  299. functions svc-enabled
  300. svc address-pool "SDM_POOL_1"
  301. svc default-domain "example.local"
  302. svc keep-client-installed
  303. svc split include 192.168.10.160 255.255.255.255
  304. svc dns-server primary 192.168.0.151
  305. svc dns-server secondary 8.8.8.8
  306. default-group-policy policy_1
  307. aaa authentication list sdm_vpn_xauth_ml_1
  308. gateway gateway_1 domain nas
  309. max-users 10
  310. inservice
  311. !
  312. end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!