Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- hub-cnt-01#sh run
- Building configuration...
- Current configuration : 3989 bytes
- !
- ! Last configuration change at 13:48:41 GMT Mon May 6 2019 by admin
- ! NVRAM config last updated at 13:58:38 GMT Mon May 6 2019 by admin
- !
- version 15.7
- service timestamps debug datetime localtime
- service timestamps log datetime localtime
- no service password-encryption
- !
- hostname hub-cnt-01
- !
- boot-start-marker
- boot-end-marker
- !
- !
- enable secret 5 UQO0
- !
- aa new-model
- !
- !
- aaa authentication login default local
- aaa authentication login local_access local
- aaa authorization exec default local
- !
- !
- !
- !
- !
- !
- aaa session-id common
- clock timezone GMT 10 0
- clock calendar-valid
- !
- !
- !
- !
- ip domain name corp.ххх.ru
- ip host hub-cnt-01 172.16.100.3
- ip cef
- login block-for 60 attempts 3 within 30
- login delay 5
- no ipv6 cef
- !
- !
- flow record nbar-appmon
- match ipv4 source address
- match ipv4 destination address
- match application name
- collect interface output
- collect counter bytes
- collect counter packets
- collect timestamp absolute first
- collect timestamp absolute last
- !
- !
- flow monitor application-mon
- cache timeout active 60
- record nbar-appmon
- !
- multilink bundle-name authenticated
- !
- !
- !
- password encryption aes
- !
- !
- license udi pid CISCO2911/K9 sn FHK1452F1Q6
- !
- !
- object-group service DENY_PORTS_IN
- tcp eq 22
- tcp eq www
- tcp eq telnet
- !
- object-group network local_cws_net
- !
- object-group network local_lan_subnets
- any
- !
- object-group network vpn_remote_subnets
- any
- !
- username admin secret 5 $1$
- !
- redundancy
- !
- !
- !
- zone security LAN
- zone security WAN
- zone security VPN
- zone security DMZ
- !
- !
- crypto isakmp policy 10
- encr aes 256
- hash md5
- authentication pre-share
- crypto isakmp key 6 HLVAYOcAAB address 0.0.0.0
- crypto isakmp keepalive 10 periodic
- !
- !
- crypto ipsec transform-set TRANS_SET esp-aes 256 esp-md5-hmac
- mode transport
- !
- crypto ipsec profile IPSEC_PROF
- set transform-set TRANS_SET
- !
- !
- !
- !
- interface Tunnel1
- description ***PRIMARY DMVPN CLOUD PODRYAD***
- bandwidth 10000
- ip address 10.10.1.1 255.255.255.0
- no ip redirects
- ip mtu 1472
- no ip next-hop-self eigrp 1
- no ip split-horizon eigrp 1
- ip nhrp authentication 67
- ip nhrp network-id 1
- ip nhrp redirect
- ip tcp adjust-mss 1360
- delay 1000
- tunnel source GigabitEthernet0/1
- tunnel mode gre multipoint
- tunnel key 1
- tunnel protection ipsec profile IPSEC_PROF
- !
- interface Embedded-Service-Engine0/0
- no ip address
- shutdown
- !
- interface GigabitEthernet0/0
- no ip address
- shutdown
- duplex auto
- speed auto
- !
- interface GigabitEthernet0/1
- ip address 31.хх.хх.204 255.255.255.248
- duplex auto
- speed auto
- !
- interface GigabitEthernet0/2
- no ip address
- shutdown
- duplex auto
- speed auto
- !
- interface BRI0/1/0
- no ip address
- encapsulation hdlc
- shutdown
- !
- interface FastEthernet0/0/0
- no ip address
- !
- interface FastEthernet0/0/1
- no ip address
- !
- interface FastEthernet0/0/2
- no ip address
- !
- interface FastEthernet0/0/3
- no ip address
- !
- interface Vlan1
- ip address 172.16.100.3 255.255.255.0
- !
- !
- !
- router eigrp 1
- network 10.10.1.0 0.0.0.255
- network 172.16.100.0 0.0.0.255
- !
- ip forward-protocol nd
- !
- no ip http server
- no ip http secure-server
- !
- ip route 0.0.0.0 0.0.0.0 31.хх.хх.201
- ip ssh logging events
- ip ssh version 2
- !
- ip access-list extended ACCESS_SSH
- permit ip host 172.16.100.127 any log
- ip access-list extended nat-list
- permit ip object-group local_lan_subnets any
- !
- ipv6 ioam timestamp
- !
- !
- !
- !
- !
- control-plane
- !
- !
- vstack
- !
- line con 0
- logging synchronous
- login authentication local_access
- line aux 0
- line 2
- no activation-character
- no exec
- transport preferred none
- transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
- stopbits 1
- line vty 0 4
- access-class ACCESS_SSH in
- privilege level 15
- logging synchronous
- login authentication local_access
- transport input ssh
- !
- scheduler allocate 20000 1000
- ntp update-calendar
- ntp server 91.206.16.3
- ntp server 89.109.251.23
- ntp server 88.212.196.95
- !
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement