Guest User

Corp router

a guest
Feb 18th, 2015
867
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. !
  2. version 15.1
  3. service timestamps log datetime msec
  4. no service timestamps debug datetime msec
  5. service password-encryption
  6. security passwords min-length 10
  7. !
  8. hostname CORP
  9. !
  10. !
  11. !
  12. enable secret 5 $1$mERr$UBS6AqpcFjkupAnmSUCGG.
  13. !
  14. !
  15. !
  16. !
  17. !
  18. aaa new-model
  19. !
  20. aaa authentication login default group radius local
  21. !
  22. !
  23. !
  24. !
  25. !
  26. no ip cef
  27. no ipv6 cef
  28. !
  29. !
  30. !
  31. username CORPADMIN password 7 0802455D0A1606141C0A1F
  32. username Internet password 7 0822435C19540C19060E1E0A2F3F
  33. username SSHAccess secret 5 $1$mERr$3mVxZHExBNJRy65mTbcvz.
  34. !
  35. !
  36. license udi pid CISCO1941/K9 sn FTX1524UKRC
  37. license boot module c1900 technology-package securityk9
  38. !
  39. !
  40. !
  41. crypto isakmp policy 10
  42. encr aes 256
  43. authentication pre-share
  44. group 2
  45. !
  46. crypto isakmp key Vpnpass101 address 198.133.219.2
  47. !
  48. !
  49. !
  50. crypto ipsec transform-set VPN-SET esp-3des esp-sha-hmac
  51. !
  52. crypto map VPN-MAP 10 ipsec-isakmp
  53. set peer 198.133.219.2
  54. set transform-set VPN-SET
  55. match address 120
  56. !
  57. !
  58. !
  59. !
  60. ip ssh version 2
  61. ip ssh authentication-retries 2
  62. ip ssh time-out 90
  63. no ip domain-lookup
  64. ip domain-name theccnas.com
  65. !
  66. !
  67. spanning-tree mode pvst
  68. !
  69. ip ips config location flash:ipsdir/ retries 1
  70. ip ips name corpips
  71. ip ips signature-category
  72. category all
  73. retired true
  74. category ios_ips basic
  75. retired false
  76. !
  77. !
  78. !
  79. !
  80. !
  81. interface GigabitEthernet0/0
  82. ip address 209.165.200.254 255.255.255.240
  83. ip ips corpips out
  84. duplex auto
  85. speed auto
  86. !
  87. interface GigabitEthernet0/1
  88. no ip address
  89. duplex auto
  90. speed auto
  91. shutdown
  92. !
  93. interface Serial0/0/0
  94. ip address 209.165.200.226 255.255.255.252
  95. encapsulation ppp
  96. ppp authentication chap
  97. ip access-group INCORP in
  98. no cdp enable
  99. clock rate 2000000
  100. crypto map VPN-MAP
  101. !
  102. interface Serial0/0/1
  103. no ip address
  104. clock rate 2000000
  105. shutdown
  106. !
  107. interface Vlan1
  108. no ip address
  109. shutdown
  110. !
  111. ip classless
  112. ip route 0.0.0.0 0.0.0.0 Serial0/0/0
  113. ip route 209.165.200.240 255.255.255.240 GigabitEthernet0/0
  114. !
  115. ip flow-export version 9
  116. !
  117. !
  118. access-list 12 permit host 192.168.1.4
  119. access-list 12 permit host 198.133.219.35
  120. ip access-list extended INCORP
  121. permit tcp any host 209.165.200.241 eq www
  122. permit tcp any host 209.165.200.242 eq domain
  123. permit udp any host 209.165.200.242 eq domain
  124. permit tcp host 198.133.219.35 host 209.165.200.226 eq 22
  125. permit ip host 198.133.219.2 host 209.165.200.226
  126. permit ip 198.133.219.32 0.0.0.31 209.165.200.240 0.0.0.15
  127. permit icmp any any echo-reply
  128. permit icmp any any host-unreachable
  129. permit tcp any 209.165.200.240 0.0.0.15 established
  130. access-list 120 permit ip 209.165.200.240 0.0.0.15 198.133.219.32 0.0.0.31
  131. !
  132. !
  133. radius-server host 209.165.200.252 auth-port 1645 key corpradius
  134. !
  135. !
  136. !
  137. logging 209.165.200.252
  138. line con 0
  139. exec-timeout 20 0
  140. logging synchronous
  141. login authentication default
  142. !
  143. line aux 0
  144. !
  145. line vty 0 4
  146. access-class 12 in
  147. exec-timeout 20 0
  148. login authentication default
  149. transport input ssh
  150. line vty 5 15
  151. access-class 12 in
  152. exec-timeout 20 0
  153. login authentication default
  154. transport input ssh
  155. !
  156. !
  157. ntp server 209.165.200.252 key 0
  158. ntp update-calendar
  159. !
  160. end
RAW Paste Data