API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 4th, 2017
111
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 6.53 KB | None | 0 0
raw download clone embed print report
  1. Current configuration : 10725 bytes
  2. !
  3. ! No configuration change since last restart
  4. !
  5. version 12.4
  6. no service pad
  7. service timestamps debug uptime
  8. service timestamps log datetime msec
  9. service password-encryption
  10. !
  11. !
  12. boot-start-marker
  13. boot-end-marker
  14. !
  15. logging message-counter syslog
  16. logging userinfo
  17. logging buffered 4096
  18. !
  19. aaa new-model
  20. !
  21. !
  22. aaa authentication password-prompt Password:
  23. aaa authentication username-prompt Username:
  24. aaa authentication login default local group tacacs+ enable
  25. aaa accounting send stop-record authentication failure
  26. aaa accounting exec default start-stop broadcast group tacacs+
  27. aaa accounting commands 3 default start-stop broadcast group tacacs+
  28. aaa accounting network default start-stop group tacacs+
  29. aaa accounting system default start-stop broadcast group tacacs+
  30. !
  31. !
  32. aaa session-id common
  33. clock timezone GMT 0
  34. !
  35. !
  36. dot11 syslog
  37. no ip source-route
  38. !
  39. !
  40. !
  41. !
  42. !
  43. ip cef
  44. ip domain name ********
  45. ip name-server ********
  46. ip dhcp-server ********
  47. ip dhcp-server ********
  48. ip dhcp-server ********
  49. l2tp-class l2tpclass2
  50. !
  51. !
  52. ipv6 unicast-routing
  53. no ipv6 source-route
  54. ipv6 cef
  55. ipv6 dhcp pool ipv6-1
  56.  dns-server ******
  57.  dns-server ******
  58.  dns-server ******
  59.  domain-name ******
  60.  sntp address xxxx:xxxx:xxxx::x
  61.  information refresh infinite
  62. !
  63. multilink bundle-name authenticated
  64. !
  65. xconnect logging pseudowire status
  66. !
  67. !
  68. !
  69. no spanning-tree vlan 3
  70. vtp mode transparent
  71. !
  72. crypto logging session
  73. !
  74. crypto isakmp policy 1
  75.  encr 3des
  76.  authentication pre-share
  77. crypto isakmp key ******* address ******
  78. crypto isakmp invalid-spi-recovery
  79. !
  80. !
  81. crypto ipsec transform-set ****** esp-3des esp-md5-hmac
  82. !
  83. crypto ipsec profile SEC
  84.  set transform-set ******
  85. !
  86. !
  87. crypto map STATIC-MAP 1 ipsec-isakmp
  88.  set peer *******
  89.  set transform-set *****
  90.  match address 175
  91. !
  92. archive
  93.  log config
  94.   hidekeys
  95. !
  96. !
  97. vlan 2
  98.  name HOME
  99. !
  100. vlan 3
  101.  name FREEBOX
  102. !
  103. ip ssh authentication-retries 2
  104. ip ssh version 2
  105. !
  106. class-map match-any voice-signalling
  107.  match access-group name VOIP-SIGNALLING
  108. class-map match-any voice
  109.  match access-group name VOIP
  110. !
  111. !
  112. policy-map voice-out
  113.  class voice
  114.    police cir 350000
  115.      conform-action set-dscp-transmit ef
  116.      exceed-action drop
  117.      violate-action drop
  118.     priority 350
  119.  class voice-signalling
  120.     bandwidth 24
  121.      random-detect dscp-based
  122.      random-detect dscp 26 92 147 10
  123.      random-detect dscp 28 28 74 5
  124.      random-detect dscp 30 28 74 5
  125.    police cir 24000 bc 24000 be 1200
  126.      conform-action set-dscp-transmit af31
  127.      exceed-action set-dscp-transmit af32
  128.      violate-action set-dscp-transmit af33
  129.  class class-default
  130.     bandwidth 12
  131.      random-detect
  132.      random-detect precedence 0 9 25 5
  133.      random-detect precedence 1 9 25 5
  134.      random-detect precedence 2 9 25 5
  135.      random-detect precedence 3 9 25 5
  136.      random-detect precedence 4 9 25 5
  137.      random-detect precedence 5 9 25 5
  138.      random-detect precedence 6 31 50 10
  139.      random-detect precedence 7 9 25 5
  140. !
  141. !
  142. !
  143. !
  144. !
  145. interface Loopback0
  146.  ip address 192.168.0.1 255.255.255.255
  147. !
  148. interface Loopback1
  149.  ip address 10.0.0.1 255.255.255.255
  150. !
  151. interface Tunnel500
  152.  ip address 10.100.100.2 255.255.255.252
  153.  ip virtual-reassembly
  154.  ip tcp adjust-mss 900
  155.  ipv6 address xxxx:xxxx:D15C::2/120
  156.  ipv6 enable
  157.  ipv6 traffic-filter PACKET_FILTER in
  158.  ipv6 mtu 1280
  159.  ipv6 virtual-reassembly
  160.  cdp enable
  161.  tunnel source Vlan3
  162.  tunnel destination *****
  163. !
  164. interface ATM0
  165.  no ip address
  166.  load-interval 30
  167.  shutdown
  168.  no atm ilmi-keepalive
  169.  pvc 8/35
  170.   encapsulation aal5mux ppp dialer
  171.   dialer pool-member 40
  172.  !
  173.  dsl operating-mode auto
  174. !
  175. interface FastEthernet0
  176.  switchport access vlan 3
  177. !
  178. interface FastEthernet1
  179.  switchport access vlan 2
  180. !
  181. interface FastEthernet2
  182.  switchport access vlan 2
  183. !
  184. interface FastEthernet3
  185.  switchport access vlan 3
  186.  shutdown
  187.  no cdp enable
  188. !
  189. !
  190. interface Vlan3
  191.  description freebox
  192.  ip dhcp client client-id Vlan3
  193.  ip address dhcp
  194.  no ip proxy-arp
  195.  ip flow ingress
  196.  ip nat outside
  197.  ip virtual-reassembly
  198.  ip tcp adjust-mss 900
  199.  ipv6 address xxxx:xxxx:xxxx:xxxx::C:15C0/64
  200.  ipv6 address autoconfig
  201.  ipv6 enable
  202.  ipv6 traffic-filter PACKET_FILTER in
  203.  ipv6 nd ra suppress
  204.  crypto map STATIC-MAP
  205. !
  206. interface Vlan2
  207.  description private LAN - require VPN to gateway
  208.  ip address 10.101.1.1 255.255.255.0
  209.  ip helper-address ******
  210.  ip mtu 1400
  211.  ip flow ingress
  212.  ip nat inside
  213.  ip virtual-reassembly
  214.  ip tcp adjust-mss 900
  215.  ipv6 address xxxx:xxxx:xxxx:A::1/64
  216.  ipv6 mtu 1280
  217.  ipv6 nd other-config-flag
  218.  ipv6 dhcp server ipv6-1
  219.  ipv6 virtual-reassembly
  220. !
  221. interface Vlan801
  222.  no ip address
  223. !
  224. interface Dialer40
  225.  description BACKUP-ADSL-IN-CASE-OF-FREE-FAIL
  226.  ip address negotiated
  227.  ip nat outside
  228.  ip virtual-reassembly
  229.  encapsulation ppp
  230.  ip tcp adjust-mss 900
  231.  shutdown
  232.  dialer pool 40
  233.  no cdp enable
  234.  ppp chap hostname **********
  235.  ppp chap password 7 **********
  236. !
  237. ip forward-protocol nd
  238. ip route 0.0.0.0 0.0.0.0 ****** 100 name FREEBOX
  239. ip route ****** 255.255.255.255 ****** name IPSEC_TUNNEL_BINDING
  240. ip route ****** 255.255.255.240 10.100.100.1 200  name INTERNAL
  241. no ip http server
  242. no ip http secure-server
  243. !
  244. ip flow-export source Vlan2
  245. ip flow-export version 9
  246. ip flow-export destination ********
  247. !
  248. ip nat inside source list 140 interface Vlan3 overload
  249. !
  250. ip access-list extended FILTER
  251.  permit tcp any any established
  252.  permit icmp any any
  253. !
  254. ip sla responder
  255. ip sla 1
  256.  icmp-echo ****** source-interface Vlan3
  257.  timeout 3000
  258.  threshold 2000
  259.  owner VPN
  260.  frequency 30
  261. ip sla schedule 1 life forever start-time now
  262. logging trap debugging
  263. logging facility local0
  264. logging **************
  265. access-list 140 deny   ip 10.101.1.0 0.0.0.255 **********
  266. access-list 140 deny   ip 10.111.111.0 0.0.0.255 ************
  267. access-list 140 permit ip 10.101.1.0 0.0.0.255 any
  268. access-list 175 permit gre host ****** host ********
  269. access-list 180 permit ip any any
  270. access-list 198 permit ip any any
  271. dialer-list 40 protocol ip permit
  272. dialer-list 90 protocol ip permit
  273. ipv6 route ::/0 xxxx:xxxx:xxxx::1
  274. ipv6 route ::/0 xxxx:xxxx:xxxx::1 250
  275. ipv6 local policy route-map PUBLIC_V6_VIA_FREE
  276. ipv6 router nemo
  277.  distance 10
  278. !
  279. !
  280. !
  281. ipv6 prefix-list LOCAL seq 5 permit xxxx:xxxx:xxxx:A::/64
  282. !
  283. !        
  284. !
  285. route-map SMTP-TO-WAN-ALWAYS permit 10
  286.  match ip address 199
  287. !
  288. route-map PUBLIC_V6_VIA_FREE permit 10
  289.  match ipv6 address FREE_V6_SPACE
  290.  set ipv6 next-hop xxxx:xxxx:xxxx:xxxx::1
  291. !
  292. tacacs-server host x.x.x.x
  293. !
  294. !
  295. !
  296. control-plane
  297. !
  298. !
  299. scheduler max-task-time 5000
  300. ntp server 10.111.111.1 prefer source Tunnel500
  301. end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!