API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 7th, 2012
82
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.89 KB | None | 0 0
raw download clone embed print report
  1.  
  2. Building configuration...
  3.  
  4. Current configuration : 20296 bytes
  5. !
  6. ! Last configuration change at 11:31:04 PCTime Thu Jun 7 2012 by admin
  7. version 15.1
  8. no service pad
  9. service tcp-keepalives-in
  10. service tcp-keepalives-out
  11. service timestamps debug datetime msec localtime show-timezone
  12. service timestamps log datetime msec localtime show-timezone
  13. service password-encryption
  14. service sequence-numbers
  15. !
  16. hostname PEL-VAN-GATE-01
  17. !
  18. boot-start-marker
  19. boot-end-marker
  20. !
  21. !
  22. security authentication failure rate 3 log
  23. security passwords min-length 6
  24. logging buffered 51200
  25. logging console critical
  26. enable secret 5 $1$oNd1$1X6LCr02kKRKet8oh8Phj/
  27. !
  28. aaa new-model
  29. !
  30. !
  31. aaa authentication login default local
  32. aaa authentication login ciscocp_vpn_xauth_ml_1 local
  33. aaa authentication login ciscocp_vpn_xauth_ml_2 local
  34. aaa authentication login ciscocp_vpn_xauth_ml_3 local
  35. aaa authorization exec default local
  36. aaa authorization network ciscocp_vpn_group_ml_1 local
  37. aaa authorization network ciscocp_vpn_group_ml_2 local
  38. aaa authorization network ciscocp_vpn_group_ml_3 local
  39. !
  40. !
  41. !
  42. !
  43. !
  44. aaa session-id common
  45. !
  46. clock timezone PCTime -8 0
  47. clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
  48. !
  49. no ipv6 cef
  50. no ip source-route
  51. ip cef
  52. !
  53. !
  54. !
  55. ip dhcp excluded-address 10.0.10.1 10.0.10.49
  56. !
  57. ip dhcp pool ccp-pool1
  58. network 10.0.10.0 255.255.255.0
  59. domain-name pelesys.local
  60. dns-server 204.244.3.129 204.244.3.130
  61. default-router 10.0.10.1
  62. lease 90
  63. !
  64. !
  65. no ip bootp server
  66. ip domain name pelesys.local
  67. ip name-server 204.244.3.129
  68. ip name-server 204.244.3.130
  69. !
  70. multilink bundle-name authenticated
  71. !
  72. !
  73. crypto pki token default removal timeout 0
  74. !
  75. crypto pki trustpoint TP-self-signed-993646292
  76. enrollment selfsigned
  77. subject-name cn=IOS-Self-Signed-Certificate-993646292
  78. revocation-check none
  79. rsakeypair TP-self-signed-993646292
  80. !
  81. !
  82. crypto pki certificate chain TP-self-signed-993646292
  83. certificate self-signed 01
  84. 30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  85. 30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
  86. 69666963 6174652D 39393336 34363239 32301E17 0D313230 33313232 30313734
  87. 385A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
  88. 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3939 33363436
  89. 32393230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  90. B7EBB61E BFBF756A C00B14F8 4B181126 C3F09EF7 D105FB0C 8B2EB552 3BBDE386
  91. 3B97155E F768C5F9 24A9BEAC 4589D2D7 FC39E1CD E01F62AA 1A44BD42 39AD881B
  92. BCD97C72 B85279E9 83D62B5B D1F1E529 A2BB9D0C 3DD3B161 7AB70736 24AD7975
  93. 6A91E0A1 3A997E2C 94D828BD 90E8506A 0EDA5DB5 EEE3C6DA 77422BB5 45428135
  94. 02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D
  95. 23041830 168014FE 3118D330 01BEC62C 7EC74E00 87045766 318A9630 1D060355
  96. 1D0E0416 0414FE31 18D33001 BEC62C7E C74E0087 04576631 8A96300D 06092A86
  97. 4886F70D 01010505 00038181 004B2C4B 92BB83C7 68B03380 F0A5A6DB 0D994601
  98. 93F0071A DBC49E6F 80889BAB FFFA837C 9F16271D BE91B5C5 59706878 6BC83FE2
  99. F44B3851 C651F757 3C89F5A7 1B0A0059 9F39A074 A8150C30 AF11CCB7 9F44AEA6
  100. 180CB309 A47495F3 7EF3FF74 D743C794 5554146D FE7A53D6 03D827F0 809FE712
  101. 9B514D97 5BC4E0AE A27FDC4F DC
  102. quit
  103. license udi pid CISCO2911/K9 sn FGL161110JA
  104. !
  105. !
  106. username mkennedy privilege 15 view root secret 5 $1$jyJI$g6zupZVDX8vKT/E64yO4m.
  107. username admin privilege 15 secret 5 $1$d.qV$fZLHcDkgDX/2NL5vTI3AW0
  108. username mzheng privilege 15 secret 5 $1$q4T5$iLxmf9njTSGmzo8/bxHVn/
  109. username creynolds privilege 15 secret 5 $1$QB.M$WHf01B8ksAYupONS1oVow0
  110. !
  111. redundancy
  112. !
  113. !
  114. !
  115. !
  116. ip tcp synwait-time 10
  117. ip ssh time-out 60
  118. ip ssh authentication-retries 2
  119. !
  120. class-map type inspect match-all sdm-cls-VPNOutsideToInside-1
  121. match access-group 105
  122. class-map type inspect match-all sdm-cls-VPNOutsideToInside-3
  123. match access-group 110
  124. class-map type inspect match-all sdm-cls-VPNOutsideToInside-2
  125. match access-group 108
  126. class-map type inspect match-all sdm-cls-VPNOutsideToInside-5
  127. match access-group 114
  128. class-map type inspect match-all sdm-cls-VPNOutsideToInside-4
  129. match access-group 111
  130. class-map type inspect match-all sdm-cls-VPNOutsideToInside-7
  131. match access-group 102
  132. class-map type inspect match-all sdm-cls-VPNOutsideToInside-6
  133. match access-group 115
  134. class-map type inspect match-all sdm-cls-VPNOutsideToInside-9
  135. match access-group 124
  136. class-map type inspect match-all sdm-cls-VPNOutsideToInside-8
  137. match access-group 122
  138. class-map type inspect match-all SDM_GRE
  139. match access-group name SDM_GRE
  140. class-map type inspect match-any CCP_PPTP
  141. match class-map SDM_GRE
  142. class-map type inspect match-any SDM_AH
  143. match access-group name SDM_AH
  144. class-map type inspect match-any ccp-skinny-inspect
  145. match protocol skinny
  146. class-map type inspect match-any SDM_ESP
  147. match access-group name SDM_ESP
  148. class-map type inspect match-any SDM_VPN_TRAFFIC
  149. match protocol isakmp
  150. match protocol ipsec-msft
  151. match class-map SDM_AH
  152. match class-map SDM_ESP
  153. class-map type inspect match-all SDM_VPN_PT
  154. match access-group 104
  155. match class-map SDM_VPN_TRAFFIC
  156. class-map type inspect match-any ccp-cls-insp-traffic
  157. match protocol dns
  158. match protocol ftp
  159. match protocol https
  160. match protocol icmp
  161. match protocol imap
  162. match protocol pop3
  163. match protocol netshow
  164. match protocol shell
  165. match protocol realmedia
  166. match protocol rtsp
  167. match protocol smtp
  168. match protocol sql-net
  169. match protocol streamworks
  170. match protocol tftp
  171. match protocol vdolive
  172. match protocol tcp
  173. match protocol udp
  174. class-map type inspect match-all ccp-insp-traffic
  175. match class-map ccp-cls-insp-traffic
  176. class-map type inspect match-any SDM_IP
  177. match access-group name SDM_IP
  178. class-map type inspect match-any SDM_EASY_VPN_SERVER_TRAFFIC
  179. match protocol isakmp
  180. match protocol ipsec-msft
  181. match class-map SDM_AH
  182. match class-map SDM_ESP
  183. class-map type inspect match-all SDM_EASY_VPN_SERVER_PT
  184. match class-map SDM_EASY_VPN_SERVER_TRAFFIC
  185. class-map type inspect match-all SDM_VPN_PT0
  186. match access-group 109
  187. match class-map SDM_VPN_TRAFFIC
  188. class-map type inspect match-any ccp-h323nxg-inspect
  189. match protocol h323-nxg
  190. class-map type inspect match-all sdm-cls-VPNOutsideToInside-10
  191. match access-group 126
  192. class-map type inspect match-all sdm-cls-VPNOutsideToInside-11
  193. match access-group 129
  194. class-map type inspect match-any ccp-cls-icmp-access
  195. match protocol icmp
  196. match protocol tcp
  197. match protocol udp
  198. class-map type inspect match-all sdm-cls-VPNOutsideToInside-12
  199. match access-group 132
  200. class-map type inspect match-any ccp-h225ras-inspect
  201. match protocol h225ras
  202. class-map type inspect match-any ccp-h323annexe-inspect
  203. match protocol h323-annexe
  204. class-map type inspect match-any SDM_EASY_VPN_CTCP_SERVER_PT
  205. match access-group 116
  206. match access-group 117
  207. match access-group 118
  208. match access-group 119
  209. match access-group 120
  210. match access-group 121
  211. match access-group 127
  212. match access-group 128
  213. match access-group 130
  214. match access-group 131
  215. class-map type inspect match-any ccp-h323-inspect
  216. match protocol h323
  217. class-map type inspect match-all ccp-invalid-src
  218. match access-group 100
  219. class-map type inspect match-all ccp-icmp-access
  220. match class-map ccp-cls-icmp-access
  221. class-map type inspect match-any ccp-sip-inspect
  222. match protocol sip
  223. class-map type inspect match-all ccp-protocol-http
  224. match protocol http
  225. !
  226. !
  227. policy-map type inspect ccp-permit-icmpreply
  228. class type inspect ccp-icmp-access
  229. pass
  230. class class-default
  231. pass
  232. policy-map type inspect ccp-inspect
  233. class type inspect ccp-invalid-src
  234. pass
  235. class type inspect ccp-protocol-http
  236. inspect
  237. class type inspect ccp-insp-traffic
  238. inspect
  239. class type inspect ccp-sip-inspect
  240. inspect
  241. class type inspect ccp-h323-inspect
  242. inspect
  243. class type inspect ccp-h323annexe-inspect
  244. inspect
  245. class type inspect ccp-h225ras-inspect
  246. inspect
  247. class type inspect ccp-h323nxg-inspect
  248. inspect
  249. class type inspect ccp-skinny-inspect
  250. inspect
  251. policy-map type inspect ccp-permit
  252. class type inspect SDM_VPN_PT
  253. pass
  254. class type inspect SDM_EASY_VPN_CTCP_SERVER_PT
  255. inspect
  256. class class-default
  257. pass
  258. policy-map type inspect ccp-pol-outToIn
  259. class type inspect CCP_PPTP
  260. pass
  261. class type inspect sdm-cls-VPNOutsideToInside-1
  262. inspect
  263. class type inspect sdm-cls-VPNOutsideToInside-2
  264. inspect
  265. class type inspect sdm-cls-VPNOutsideToInside-3
  266. pass
  267. class type inspect sdm-cls-VPNOutsideToInside-4
  268. pass
  269. class type inspect sdm-cls-VPNOutsideToInside-5
  270. inspect
  271. class type inspect sdm-cls-VPNOutsideToInside-6
  272. inspect
  273. class type inspect sdm-cls-VPNOutsideToInside-7
  274. pass
  275. class type inspect sdm-cls-VPNOutsideToInside-8
  276. pass
  277. class type inspect sdm-cls-VPNOutsideToInside-9
  278. pass
  279. class type inspect sdm-cls-VPNOutsideToInside-10
  280. pass
  281. class type inspect sdm-cls-VPNOutsideToInside-11
  282. pass
  283. class type inspect sdm-cls-VPNOutsideToInside-12
  284. pass
  285. class class-default
  286. pass
  287. policy-map type inspect sdm-permit-ip
  288. class type inspect SDM_IP
  289. pass
  290. class type inspect sdm-cls-VPNOutsideToInside-5
  291. pass
  292. class type inspect sdm-cls-VPNOutsideToInside-6
  293. pass
  294. class type inspect sdm-cls-VPNOutsideToInside-9
  295. pass
  296. class type inspect sdm-cls-VPNOutsideToInside-10
  297. pass
  298. class type inspect sdm-cls-VPNOutsideToInside-11
  299. pass
  300. class type inspect sdm-cls-VPNOutsideToInside-12
  301. pass
  302. class class-default
  303. drop log
  304. !
  305. zone security out-zone
  306. zone security in-zone
  307. zone security ezvpn-zone
  308. zone-pair security ccp-zp-self-out source self destination out-zone
  309. service-policy type inspect ccp-permit-icmpreply
  310. zone-pair security ccp-zp-in-out source in-zone destination out-zone
  311. service-policy type inspect ccp-inspect
  312. zone-pair security ccp-zp-out-self source out-zone destination self
  313. service-policy type inspect ccp-permit
  314. zone-pair security ccp-zp-out-zone-To-in-zone source out-zone destination in-zone
  315. service-policy type inspect ccp-pol-outToIn
  316. zone-pair security sdm-zp-in-ezvpn1 source in-zone destination ezvpn-zone
  317. service-policy type inspect sdm-permit-ip
  318. zone-pair security sdm-zp-ezvpn-in1 source ezvpn-zone destination in-zone
  319. service-policy type inspect sdm-permit-ip
  320. zone-pair security sdm-zp-out-ezpn1 source out-zone destination ezvpn-zone
  321. service-policy type inspect sdm-permit-ip
  322. zone-pair security sdm-zp-ezvpn-out1 source ezvpn-zone destination out-zone
  323. service-policy type inspect sdm-permit-ip
  324. zone-pair security sdm-zp-ezvpn-in2 source ezvpn-zone destination ezvpn-zone
  325. service-policy type inspect sdm-permit-ip
  326. !
  327. crypto logging ezvpn
  328. crypto ctcp port 10000
  329. !
  330. crypto isakmp policy 1
  331. encr 3des
  332. authentication pre-share
  333. group 2
  334. crypto isakmp key **REDACTED** address 66.119.163.2
  335. !
  336. crypto isakmp client configuration group Pelesys
  337. key **REDACTED**
  338. pool SDM_POOL_1
  339. acl 101
  340. save-password
  341. max-users 5
  342. max-logins 1
  343. netmask 255.255.255.0
  344. banner ^CPelesys Learning Systems Hosting Network.
  345.  
  346. For Authorized use only by the Systems and Network Administration team. Any unlawful use will be prosecuted by law. ^C
  347. crypto isakmp profile ciscocp-ike-profile-1
  348. match identity group Pelesys
  349. client authentication list ciscocp_vpn_xauth_ml_1
  350. isakmp authorization list ciscocp_vpn_group_ml_1
  351. client configuration address initiate
  352. client configuration address respond
  353. virtual-template 1
  354. !
  355. !
  356. crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  357. crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
  358. !
  359. crypto ipsec profile CiscoCP_Profile1
  360. set transform-set ESP-3DES-SHA
  361. set isakmp-profile ciscocp-ike-profile-1
  362. !
  363. !
  364. crypto map SDM_CMAP_1 1 ipsec-isakmp
  365. description Tunnel to66.119.163.2
  366. set peer 66.119.163.2
  367. set transform-set ESP-3DES-SHA1
  368. match address 103
  369. crypto map SDM_CMAP_1 2 ipsec-isakmp
  370. description Tunnel to66.119.163.2
  371. set peer 66.119.163.2
  372. set transform-set ESP-3DES-SHA
  373. match address 123
  374. !
  375. crypto map SDM_CMAP_2 1 ipsec-isakmp
  376. description Tunnel to66.119.163.2
  377. set peer 66.119.163.2
  378. set transform-set ESP-3DES-SHA1
  379. match address 125
  380. !
  381. !
  382. !
  383. !
  384. !
  385. interface Null0
  386. no ip unreachables
  387. !
  388. interface Embedded-Service-Engine0/0
  389. no ip address
  390. no ip redirects
  391. no ip unreachables
  392. no ip proxy-arp
  393. ip flow ingress
  394. !
  395. interface GigabitEthernet0/0
  396. description $ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$$ETH-WAN$$FW_INSIDE$
  397. ip address 10.10.10.1 255.255.255.248
  398. no ip redirects
  399. no ip unreachables
  400. no ip proxy-arp
  401. ip flow ingress
  402. ip nat inside
  403. ip virtual-reassembly in
  404. zone-member security in-zone
  405. duplex auto
  406. speed auto
  407. no mop enabled
  408. !
  409. interface GigabitEthernet0/1
  410. description $ES_WAN$$FW_OUTSIDE$$ETH-WAN$
  411. ip address 204.244.50.254 255.255.255.0
  412. ip mask-reply
  413. no ip redirects
  414. no ip proxy-arp
  415. ip flow ingress
  416. ip nat outside
  417. ip virtual-reassembly in
  418. ip verify unicast reverse-path
  419. zone-member security out-zone
  420. duplex auto
  421. speed auto
  422. no mop enabled
  423. crypto map SDM_CMAP_2
  424. !
  425. interface GigabitEthernet0/2
  426. description $ES_LAN$$FW_INSIDE$$ETH-LAN$
  427. ip address 10.0.10.1 255.255.255.0
  428. no ip redirects
  429. no ip unreachables
  430. no ip proxy-arp
  431. ip flow ingress
  432. ip nat inside
  433. ip virtual-reassembly in
  434. zone-member security in-zone
  435. duplex auto
  436. speed auto
  437. no mop enabled
  438. !
  439. interface Virtual-Template1 type tunnel
  440. ip unnumbered GigabitEthernet0/1
  441. zone-member security ezvpn-zone
  442. tunnel mode ipsec ipv4
  443. tunnel protection ipsec profile CiscoCP_Profile1
  444. !
  445. ip local pool SDM_POOL_1 10.0.10.200 10.0.10.250
  446. ip forward-protocol nd
  447. !
  448. ip http server
  449. ip http access-class 2
  450. ip http authentication local
  451. ip http secure-server
  452. ip http timeout-policy idle 60 life 86400 requests 10000
  453. !
  454. ip dns server
  455. ip nat inside source route-map SDM_RMAP_1 interface GigabitEthernet0/1 overload
  456. ip nat inside source route-map SDM_RMAP_2 interface GigabitEthernet0/1 overload
  457. ip route 0.0.0.0 0.0.0.0 204.244.50.193 permanent
  458. !
  459. ip access-list extended ICMP
  460. remark ICMP
  461. remark CCP_ACL Category=1
  462. permit icmp any any
  463. ip access-list extended SDM_AH
  464. remark CCP_ACL Category=1
  465. permit ahp any any
  466. ip access-list extended SDM_ESP
  467. remark CCP_ACL Category=1
  468. permit esp any any
  469. ip access-list extended SDM_GRE
  470. remark CCP_ACL Category=1
  471. permit gre any any
  472. ip access-list extended SDM_IP
  473. remark CCP_ACL Category=1
  474. permit ip any any
  475. !
  476. logging trap debugging
  477. access-list 1 remark INSIDE_IF=GigabitEthernet0/2
  478. access-list 1 remark CCP_ACL Category=2
  479. access-list 1 permit 10.0.10.0 0.0.0.255
  480. access-list 2 remark HTTP Access-class list
  481. access-list 2 remark CCP_ACL Category=1
  482. access-list 2 permit 10.0.10.0 0.0.0.255
  483. access-list 2 permit 10.10.10.0 0.0.0.7
  484. access-list 2 deny any
  485. access-list 3 remark CCP_ACL Category=2
  486. access-list 3 permit 10.0.10.0 0.0.0.255
  487. access-list 100 remark CCP_ACL Category=129
  488. access-list 100 permit ip host 255.255.255.255 any
  489. access-list 100 permit ip 127.0.0.0 0.255.255.255 any
  490. access-list 100 permit ip 204.244.50.192 0.0.0.63 any
  491. access-list 101 remark CCP_ACL Category=4
  492. access-list 101 permit ip 10.0.10.0 0.0.0.255 any
  493. access-list 102 remark CCP_ACL Category=0
  494. access-list 102 permit ip 10.0.10.0 0.0.0.255 10.10.10.0 0.0.0.7
  495. access-list 102 permit ip 192.168.1.0 0.0.0.255 10.0.10.0 0.0.0.255
  496. access-list 103 remark CCP_ACL Category=4
  497. access-list 103 remark IPSec Rule
  498. access-list 103 permit ip 10.10.10.0 0.0.0.7 10.0.10.0 0.0.0.255
  499. access-list 103 remark IPSec Rule
  500. access-list 103 permit ip 10.0.10.0 0.0.0.255 192.168.1.0 0.0.0.255
  501. access-list 104 remark CCP_ACL Category=128
  502. access-list 104 permit ip host 66.119.163.2 any
  503. access-list 104 permit ip any any
  504. access-list 105 remark CCP_ACL Category=0
  505. access-list 105 permit ip 10.0.10.0 0.0.0.255 10.10.10.0 0.0.0.7
  506. access-list 105 permit ip 10.0.10.0 0.0.0.255 10.0.10.0 0.0.0.255
  507. access-list 106 remark CCP_ACL Category=2
  508. access-list 106 remark IPSec Rule
  509. access-list 106 deny ip 10.0.10.0 0.0.0.255 192.168.1.0 0.0.0.255
  510. access-list 106 permit ip 10.0.10.0 0.0.0.255 any
  511. access-list 107 remark CCP_ACL Category=2
  512. access-list 107 remark IPSec Rule
  513. access-list 107 deny ip 10.0.10.0 0.0.0.255 192.168.1.0 0.0.0.255
  514. access-list 107 permit ip 10.0.10.0 0.0.0.255 any
  515. access-list 108 remark CCP_ACL Category=0
  516. access-list 108 permit ip 10.0.10.0 0.0.0.255 10.10.10.0 0.0.0.7
  517. access-list 108 permit ip 192.168.1.0 0.0.0.255 10.0.10.0 0.0.0.255
  518. access-list 109 remark CCP_ACL Category=128
  519. access-list 109 permit ip host 66.119.163.2 any
  520. access-list 110 remark CCP_ACL Category=0
  521. access-list 110 permit ip 10.0.10.0 0.0.0.255 10.10.10.0 0.0.0.7
  522. access-list 110 permit ip 192.168.1.0 0.0.0.255 10.0.10.0 0.0.0.255
  523. access-list 111 remark CCP_ACL Category=0
  524. access-list 111 permit ip 10.0.10.0 0.0.0.255 10.10.10.0 0.0.0.7
  525. access-list 111 permit ip 192.168.1.0 0.0.0.255 10.0.10.0 0.0.0.255
  526. access-list 112 remark CCP_ACL Category=1
  527. access-list 112 permit tcp any any eq 10000
  528. access-list 113 remark CCP_ACL Category=1
  529. access-list 113 permit tcp any any eq 10000
  530. access-list 114 remark CCP_ACL Category=0
  531. access-list 114 permit ip 10.0.10.0 0.0.0.255 10.10.10.0 0.0.0.7
  532. access-list 114 permit ip 192.168.1.0 0.0.0.255 10.0.10.0 0.0.0.255
  533. access-list 115 remark CCP_ACL Category=0
  534. access-list 115 permit ip 10.0.10.0 0.0.0.255 10.10.10.0 0.0.0.7
  535. access-list 115 permit ip 192.168.1.0 0.0.0.255 10.0.10.0 0.0.0.255
  536. access-list 116 remark CCP_ACL Category=1
  537. access-list 116 permit tcp any any eq 10000 log
  538. access-list 117 remark CCP_ACL Category=1
  539. access-list 117 permit tcp any any eq 10000
  540. access-list 118 remark CCP_ACL Category=1
  541. access-list 118 permit tcp any any eq 10000
  542. access-list 119 remark CCP_ACL Category=1
  543. access-list 119 permit tcp any any eq 10000
  544. access-list 120 remark CCP_ACL Category=1
  545. access-list 120 permit tcp any any eq 10000
  546. access-list 121 remark CCP_ACL Category=1
  547. access-list 121 permit tcp any any eq 10000
  548. access-list 122 remark CCP_ACL Category=0
  549. access-list 122 permit ip 10.0.10.0 0.0.0.255 10.10.10.0 0.0.0.7
  550. access-list 122 permit ip 192.168.1.0 0.0.0.255 10.0.10.0 0.0.0.255
  551. access-list 123 remark CCP_ACL Category=4
  552. access-list 123 remark IPSec Rule
  553. access-list 123 permit ip 10.0.10.0 0.0.0.255 192.168.1.0 0.0.0.255
  554. access-list 124 remark CCP_ACL Category=0
  555. access-list 124 permit ip 192.168.1.0 0.0.0.255 10.0.10.0 0.0.0.255
  556. access-list 124 permit ip 10.0.10.0 0.0.0.255 10.10.10.0 0.0.0.7
  557. access-list 125 remark CCP_ACL Category=4
  558. access-list 125 remark IPSec Rule
  559. access-list 125 permit ip 10.0.10.0 0.0.0.255 192.168.1.0 0.0.0.255
  560. access-list 126 remark CCP_ACL Category=0
  561. access-list 126 permit ip 192.168.1.0 0.0.0.255 10.0.10.0 0.0.0.255
  562. access-list 127 remark CCP_ACL Category=1
  563. access-list 127 permit tcp any any eq 10000
  564. access-list 128 remark CCP_ACL Category=1
  565. access-list 128 permit tcp any any eq 10000
  566. access-list 129 remark CCP_ACL Category=0
  567. access-list 129 permit ip 192.168.1.0 0.0.0.255 10.0.10.0 0.0.0.255
  568. access-list 129 permit ip 10.0.10.0 0.0.0.255 192.168.1.0 0.0.0.255
  569. access-list 130 remark CCP_ACL Category=1
  570. access-list 130 permit tcp any any eq 10000
  571. access-list 131 remark CCP_ACL Category=1
  572. access-list 131 permit tcp any any eq 10000
  573. access-list 132 remark CCP_ACL Category=0
  574. access-list 132 permit ip 192.168.1.0 0.0.0.255 10.0.10.0 0.0.0.255
  575. !
  576. no cdp run
  577. !
  578. !
  579. !
  580. route-map SDM_RMAP_1 permit 1
  581. match ip address 106
  582. !
  583. route-map SDM_RMAP_2 permit 1
  584. match ip address 107
  585. !
  586. !
  587. snmp-server community public RO
  588. !
  589. !
  590. !
  591. control-plane
  592. !
  593. !
  594. banner exec ^C
  595. % Password expiration warning.
  596. -----------------------------------------------------------------------
  597.  
  598. Cisco Configuration Professional (Cisco CP) is installed on this device
  599. and it provides the default username "cisco" for one-time use. If you have
  600. already used the username "cisco" to login to the router and your IOS image
  601. supports the "one-time" user option, then this username has already expired.
  602. You will not be able to login to the router with this username after you exit
  603. this session.
  604.  
  605. It is strongly suggested that you create a new username with a privilege level
  606. of 15 using the following command.
  607.  
  608. username <myuser> privilege 15 secret 0 <mypassword>
  609.  
  610. Replace <myuser> and <mypassword> with the username and password you want to
  611. use.
  612.  
  613. -----------------------------------------------------------------------
  614. ^C
  615. banner login ^CFree Punch and Pie after the meeting.
  616. ^C
  617. !
  618. line con 0
  619. transport output telnet
  620. line aux 0
  621. transport output telnet
  622. line 2
  623. no activation-character
  624. no exec
  625. transport preferred none
  626. transport input all
  627. transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
  628. stopbits 1
  629. line vty 0 4
  630. transport input telnet ssh
  631. line vty 5 15
  632. transport input telnet ssh
  633. !
  634. scheduler allocate 20000 1000
  635. end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!