API tools faq
paste
Advertisement
Guest User

Running-config

a guest
Sep 28th, 2011
360
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.83 KB | None | 0 0
raw download clone embed print report
  1. Current configuration : 7797 bytes
  2. !
  3. version 12.4
  4. no service pad
  5. service tcp-keepalives-in
  6. service tcp-keepalives-out
  7. service timestamps debug datetime msec localtime show-timezone
  8. service timestamps log datetime localtime
  9. service password-encryption
  10. service sequence-numbers
  11. !
  12. hostname SAE
  13. !
  14. boot-start-marker
  15. boot system flash:c850-advsecurityk9-mz.124-15.T9.bin
  16. boot-end-marker
  17. !
  18. logging buffered 512000
  19. logging console critical
  20. enable secret 5 <removed>
  21. !
  22. no aaa new-model
  23. clock timezone EST -4
  24. !
  25. crypto pki trustpoint TP-self-signed-1161593293
  26. enrollment selfsigned
  27. subject-name cn=IOS-Self-Signed-Certificate-1161593293
  28. revocation-check none
  29. rsakeypair TP-self-signed-1161593293
  30. !
  31. !
  32. crypto pki certificate chain TP-self-signed-1161593293
  33. certificate self-signed 01
  34. 30820251 308201BA A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  35. 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  36. 69666963 6174652D 31313631 35393332 3933301E 170D3032 30333031 30303335
  37. 32315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  38. 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 31363135
  39. 39333239 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  40. 81009F12 2EB21D3D 200AD212 F5BC5422 530BEB7D 4D5788B3 C935EB69 F849D0A5
  41. 52D6EC2C 34F25BA4 B9371E40 39418CBB 62EC8960 6F30A70B C3C8CF34 B488DB4A
  42. CB2A4412 7FCF84C5 9C7B749A D3F7DC8F 7447E79B 7F468237 D1A67485 BC7E923C
  43. 965DF38D 1DB1CCF0 4C7BD5D3 64E98EEF C8D7831D B494BD6E 1D205728 F6FF5EF2
  44. 411F0203 010001A3 79307730 0F060355 1D130101 FF040530 030101FF 30240603
  45. 551D1104 1D301B82 19534145 4E594570 73696C6F 6E2E6E79 6361702E 72722E63
  46. 6F6D301F 0603551D 23041830 16801480 F68657E1 A04B4FDA CCA5320F CB940CC4
  47. C1B8E130 1D060355 1D0E0416 041480F6 8657E1A0 4B4FDACC A5320FCB 940CC4C1
  48. B8E1300D 06092A86 4886F70D 01010405 00038181 004108C7 A86F3E68 6B34BBA9
  49. 51FA4E54 2E8D5700 884E8E9D A95B0F4E 0C0EBB79 5FC3B48E D38D7752 5F6637DE
  50. ACA5B62F F764A7A8 78F2E3B0 9A20CA9F 0268EE59 AC6C65E1 DCEE3EA8 929D0AA1
  51. CF16E01B E6C7695E B1E21C4E 8F066ADF 9F1FBB4B F40FE77C F24779AB 51EAF930
  52. 30622F6D 113727EA 71F5D2C0 9B468800 8D2BB8B9 D5
  53. quit
  54. dot11 syslog
  55. no ip source-route
  56. no ip dhcp use vrf connected
  57. ip dhcp excluded-address 192.168.1.1 192.168.1.9
  58. !
  59. ip dhcp pool sdm-pool1
  60. import all
  61. network 192.168.1.0 255.255.255.0
  62. default-router 192.168.1.1
  63. lease 0 12
  64. !
  65. !
  66. ip cef
  67. no ip bootp server
  68. ip domain name nycap.rr.com
  69. ip name-server 64.209.89.250
  70. !
  71. !
  72. !
  73. username SAE privilege 15 secret 5 <removed>
  74. username csteifel privilege 15 password 7 <removed>
  75. !
  76. !
  77. archive
  78. log config
  79. hidekeys
  80. !
  81. !
  82. ip tcp synwait-time 10
  83. ip ssh time-out 60
  84. ip ssh authentication-retries 2
  85. !
  86. !
  87. !
  88. interface FastEthernet0
  89. load-interval 30
  90. !
  91. interface FastEthernet1
  92. load-interval 30
  93. !
  94. interface FastEthernet2
  95. load-interval 30
  96. !
  97. interface FastEthernet3
  98. load-interval 30
  99. !
  100. interface FastEthernet4
  101. description $FW_OUTSIDE$$ETH-WAN$$ES_WAN$
  102. ip address dhcp client-id FastEthernet4 hostname nycap.rr.com
  103. ip access-group 106 in
  104. ip access-group 105 out
  105. no ip redirects
  106. no ip unreachables
  107. no ip proxy-arp
  108. ip nat outside
  109. ip virtual-reassembly
  110. load-interval 30
  111. duplex auto
  112. speed auto
  113. fair-queue
  114. !
  115. interface Vlan1
  116. description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
  117. ip address 192.168.1.1 255.255.255.0
  118. no ip redirects
  119. no ip unreachables
  120. no ip proxy-arp
  121. ip flow ingress
  122. ip flow egress
  123. ip nat inside
  124. ip virtual-reassembly
  125. ip tcp adjust-mss 1452
  126. load-interval 30
  127. fair-queue
  128. !
  129. no ip forward-protocol nd
  130. ip route 192.168.1.1 255.255.255.255 Null0
  131. ip route 216.18.237.18 255.255.255.255 Null0
  132. ip flow-top-talkers
  133. top 20
  134. sort-by bytes
  135. !
  136. no ip http server
  137. ip http authentication local
  138. ip http secure-server
  139. ip http timeout-policy idle 60 life 86400 requests 10000
  140. ip nat translation tcp-timeout 3600
  141. ip nat inside source list 1 interface FastEthernet4 overload
  142. ip nat inside source static tcp 192.168.1.150 55000 interface FastEthernet4 55000
  143. ip nat inside source static tcp 192.168.1.222 6110 interface FastEthernet4 6110
  144. ip nat inside source static udp 192.168.1.222 6110 interface FastEthernet4 6110
  145. ip nat inside source static tcp 192.168.1.222 6113 interface FastEthernet4 6113
  146. ip nat inside source static udp 192.168.1.222 6113 interface FastEthernet4 6113
  147. ip nat inside source static tcp 192.168.1.254 445 interface FastEthernet4 445
  148. !
  149. logging trap debugging
  150. access-list 1 remark INSIDE_IF=Vlan1
  151. access-list 1 remark SDM_ACL Category=2
  152. access-list 1 permit 192.168.1.0 0.0.0.255
  153. access-list 100 remark auto generated by Cisco SDM Express firewall configuration
  154. access-list 100 remark SDM_ACL Category=1
  155. access-list 100 deny ip host 255.255.255.255 any
  156. access-list 100 deny ip 127.0.0.0 0.255.255.255 any
  157. access-list 100 permit ip any any
  158. access-list 101 permit udp any any eq isakmp
  159. access-list 101 permit udp any any eq non500-isakmp
  160. access-list 101 permit udp any eq isakmp any
  161. access-list 101 permit udp any eq non500-isakmp any
  162. access-list 101 permit ahp any any
  163. access-list 101 permit esp any any
  164. access-list 101 permit gre any any
  165. access-list 101 permit udp any any eq domain
  166. access-list 101 permit udp any eq domain any
  167. access-list 101 permit tcp any any eq domain
  168. access-list 101 permit tcp any eq domain any
  169. access-list 101 permit tcp any any established
  170. access-list 101 permit udp any eq bootps any eq bootpc
  171. access-list 101 permit icmp any any echo-reply
  172. access-list 101 permit icmp any any time-exceeded
  173. access-list 101 permit icmp any any unreachable
  174. access-list 101 permit ip any any
  175. access-list 101 permit tcp any host 192.168.1.254 eq 445
  176. access-list 101 permit tcp any any eq 445
  177. access-list 102 remark Livepermit
  178. access-list 102 remark SDM_ACL Category=1
  179. access-list 102 deny ip host 192.168.1.251 host 192.168.1.251 log
  180. access-list 102 deny tcp host 192.168.1.251 host 192.168.1.251 log
  181. access-list 102 deny udp host 192.168.1.251 host 192.168.1.251 log
  182. access-list 102 deny udp host 192.168.1.31 host 192.168.1.31
  183. access-list 102 deny ip host 192.168.1.49 host 192.168.1.49
  184. access-list 102 deny ip host 192.168.1.42 host 192.168.1.42
  185. access-list 102 deny tcp host 192.168.1.42 eq www host 192.168.1.42 eq www log
  186. access-list 102 permit udp any any eq 88
  187. access-list 102 permit udp any any eq 3074
  188. access-list 102 permit tcp any any eq 3074
  189. access-list 102 permit ip any any
  190. access-list 103 remark blocks
  191. access-list 103 remark SDM_ACL Category=1
  192. access-list 103 deny tcp any range 11000 26999 any range 11000 26999
  193. access-list 103 deny udp any range 11000 26999 any range 11000 26999
  194. access-list 103 deny tcp any range 28000 65534 any range 28000 65534
  195. access-list 103 deny udp any range 28000 65534 any range 28000 65534
  196. access-list 103 deny ip any host 192.168.1.252
  197. access-list 103 permit tcp any any
  198. access-list 103 permit udp any any
  199. access-list 103 permit icmp any any
  200. access-list 103 permit ip any any
  201. access-list 105 permit ip any any
  202. access-list 105 permit tcp any any established
  203. access-list 105 permit udp any any
  204. access-list 106 permit tcp any any established
  205. access-list 106 permit udp any any
  206. access-list 106 permit tcp any any eq 445
  207. access-list 106 permit tcp any any eq ftp
  208. access-list 106 permit tcp any any eq 22
  209. access-list 106 permit tcp any any eq telnet
  210. snmp-server community SAE RO
  211. no cdp run
  212. !
  213. control-plane
  214. !
  215. banner login ^CAuthorized access only!
  216. Disconnect IMMEDIATELY if you are not an authorized user!^C
  217. !
  218. line con 0
  219. login local
  220. no modem enable
  221. transport output telnet
  222. line aux 0
  223. login local
  224. transport output telnet
  225. line vty 0 4
  226. exec-timeout 60 0
  227. privilege level 15
  228. password 7 <removed>
  229. login
  230. length 0
  231. transport input telnet ssh
  232. !
  233. scheduler max-task-time 5000
  234. scheduler allocate 4000 1000
  235. scheduler interval 500
  236. end
  237.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!