Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- =================================================== S W I T C H
- ena
- config t
- hostname S3
- banner motd # Warning!! Unauthorized Access in Prohibited!!! #
- line con 0
- pass cisco
- login
- line vty 0 4
- pass cisco
- login
- transport input telnet
- exit
- enable secret cisco
- service password-encryption
- int vlan 1
- ip add 178.3.224.129 255.255.255.128
- no shut
- ----------------------- Port Security
- int ra fa0/24
- switchport mode access
- switchport port-security
- switchport port-security max 1
- switchport port-security mac-address sticky
- switchport port-security violation shutdown
- exit
- int rang fa0/16-23, g0/1-2
- shutdown
- int fa0/1
- switchport mode access
- switchport port-security
- switchport port-security max 1
- switchport port-security mac-address 00D0.BA8B.1E83
- switchport port-security violation restrict
- exit
- int ra fa0/1-15
- switchport mode access
- switchport access vlan 10
- switchport voice vlan 160
- exit
- ----------------------- V L A N S
- vlan 10
- name HR
- vlan 20
- name Mktng
- vlan 30
- name Audit
- vlan 40
- name DirectorsTeam
- vlan 50
- name Sales
- vlan 60
- name TechSupport
- vlan 70
- name Utility
- vlan 80
- name CustomerService
- vlan 90
- name Production
- vlan 100
- name Research
- vlan 110
- name Legal
- vlan 120
- name Cashier
- vlan 130
- name CEO
- vlan 140
- name Assistant
- vlan 150
- name Director
- vlan 160
- name Voice
- int ra fa0/1-5
- switchport mode access
- switchport access vlan 130
- int ra fa0/6-10
- switchport mode access
- switchport access vlan 140
- int ra fa0/11-15
- switchport mode access
- switchport access vlan 150
- int ra fa0/1-15
- switchport voice vlan 160
- interface vlan 99
- ip add 178.3.224.128 255.255.255.128
- description management vlan
- int ra fa0/5-20
- switchport mode trunk
- switchport trunk native vlan 99
- show vlan brief
- int ra fa0/16-24
- switchport mode access
- switchport access vlan 10
- shutdown
- ---------------------- T r u n k i n g
- int se0/3/0
- switchport mode trunk
- int g0/1
- switchport mode trunk
- switchport trunk allowed vlan 1-160
- int g0/2
- switchport mode trunk
- switchport trunk allowed vlan 1-190
- do show interfaces trunk
- =================================================== R O U T E R
- ena
- config t
- hostname DLSU_Router
- banner motd # Warning!! Unauthorized Access in Prohibited!!! #
- line con 0
- pass cisco
- login
- line vty 0 4
- pass cisco
- login
- transport input telnet
- exit
- enable secret cisco
- service password-encryption
- int g0/0
- ip add 200.120.224.1 255.255.255.224
- no shut
- int g0/1
- ip add 200.120.224.33 255.255.255.240
- no shut
- int g0/2
- ip add 199.200.194.1 255.255.255.0
- no shut
- int se0/0/0
- ip add 198.3.225.2 255.255.255.128
- no shut
- int se0/0/1
- ip add 220.158.193.1 255.255.255.192
- no shut
- -------------------------- T r u n k i n g
- int fa0/0.10
- encapsulation dot1Q 10
- ip add 198.200.0.1 255.255.240.0
- no shut
- int fa0/0.20
- encapsulation dot1Q 20
- ip add 198.200.16.1 255.255.240.0
- no shut
- int fa0/0.30
- encapsulation dot1Q 30
- ip add 198.200.32.1 255.255.240.0
- no shut
- int fa0/0.40
- encapsulation dot1Q 40
- ip add 198.200.48.1 255.255.240.0
- no shut
- int fa0/0.50
- encapsulation dot1Q 50
- ip add 198.200.64.1 255.255.240.0
- no shut
- int fa0/0.60
- encapsulation dot1Q 60
- ip add 198.200.80.1 255.255.240.0
- no shut
- int fa0/0.70
- encapsulation dot1Q 70
- ip add 198.200.96.1 255.255.240.0
- no shut
- int fa0/0.80
- encapsulation dot1Q 80
- ip add 198.200.112.1 255.255.240.0
- no shut
- int fa0/0.90
- encapsulation dot1Q 90
- ip add 198.200.128.1 255.255.240.0
- no shut
- int fa0/0.100
- encapsulation dot1Q 100
- ip add 198.200.144.1 255.255.240.0
- no shut
- int fa0/0.110
- encapsulation dot1Q 110
- ip add 198.200.160.1 255.255.240.0
- no shut
- int fa0/0.120
- encapsulation dot1Q 120
- ip add 198.200.176.1 255.255.240.0
- no shut
- int fa0/0.130
- encapsulation dot1Q 130
- ip add 198.200.192.1 255.255.240.0
- no shut
- int fa0/0.140
- encapsulation dot1Q 140
- ip add 198.200.208.1 255.255.240.0
- no shut
- int fa0/0.150
- encapsulation dot1Q 150
- ip add 198.200.224.1 255.255.240.0
- no shut
- int fa0/0.160
- encapsulation dot1Q 160
- ip add 198.200.240.1 255.255.240.0
- no shut
- int fa0/0.170
- encapsulation dot1Q 170
- ip add 192.15.140.1 255.255.252.0
- no shut
- int fa0/0.180
- encapsulation dot1Q 180
- ip add 192.15.144.1 255.255.252.0
- no shut
- int fa0/0.190
- encapsulation dot1Q 190
- ip add 192.15.148.1 255.255.252.0
- no shut
- ------------------------- IP helper address
- int g0/0
- ip helper-address 10.95.7.6
- ip helper-address 10.10.10.1 unicast
- ------------------------- L o o p b a c k
- int loopback0
- ip add 10.0.0.1 255.0.0.0
- no shut
- --------------------------- S t a t i c r o u t i n g
- dest network subnet mask exit int
- ip route 192.168.10.0 255.255.255.0 10.0.0.1
- --------------------------- R I P V 2
- router rip
- version 2
- no auto-sum
- network 192.168.10.0 255.255.255.0
- --------------------------- E I G R P
- router eigrp 1
- no auto-sum
- network 192.15.128.0 0.0.3.255
- network 192.15.132.0 0.0.3.255
- show ip eigrp neighbors
- +++++++++++++ Redistribution
- router eigrp 1
- redistribute ospf 10 metric 10000 10 255 1 1500
- exit
- +++++++++++++ Redistribute static
- router eigrp 1
- redistribute static metric 10000 100 255 1 1500
- network
- --------------------------- O S P F
- router ospf 1
- network 198.200.0.0 0.0.15.255 area 0
- network 198.200.16.0 0.0.15.255 area 0
- network 198.200.32.0 0.0.15.255 area 0
- network 198.200.48.0 0.0.15.255 area 0
- network 198.200.64.0 0.0.15.255 area 0
- network 198.200.80.0 0.0.15.255 area 0
- network 198.200.96.0 0.0.15.255 area 0
- network 198.200.112.0 0.0.15.255 area 0
- network 198.200.128.0 0.0.15.255 area 0
- network 198.200.144.0 0.0.15.255 area 0
- network 198.200.160.0 0.0.15.255 area 0
- network 198.200.176.0 0.0.15.255 area 0
- network 198.200.192.0 0.0.15.255 area 0
- network 198.200.208.0 0.0.15.255 area 0
- network 198.200.224.0 0.0.15.255 area 0
- network 198.200.240.0 0.0.15.255 area 0
- network 199.200.200.0 0.0.15.255 area 0
- network 192.15.128.0 0.0.3.255 area 0
- +++++++++++++ Redistribution
- router ospf 1
- redistribute eigrp 100 subnets
- exit
- ------------------------ R o u t e r D H C P
- ip dhcp excluded-address 198.200.0.1 198.200.0.9
- ip dhcp pool F1LAN1
- network 198.200.0.0 255.255.240.0
- default-router 198.200.0.1
- dns-server 198.201.0.2
- domain-name www.HR.com
- ip dhcp excluded-address 198.200.16.1 198.200.16.9
- ip dhcp pool F1LAN2
- network 198.200.16.0 255.255.240.0
- default-router 198.200.16.1
- dns-server 198.201.0.2
- domain-name www.Mktng.com
- ip dhcp excluded-address 198.200.32.1 198.200.32.9
- ip dhcp pool F1LAN3
- network 198.200.32.0 255.255.240.0
- default-router 198.200.32.1
- dns-server 198.201.0.2
- domain-name www.Audit.com
- ip dhcp excluded-address 198.200.48.1 198.200.48.9
- ip dhcp pool F1LAN4
- network 198.200.48.0 255.255.240.0
- default-router 198.200.48.1
- dns-server 198.201.0.2
- domain-name www.DirectorsTeam.com
- ip dhcp excluded-address 198.200.64.1 198.200.64.9
- ip dhcp pool F1LAN5
- network 198.200.64.0 255.255.240.0
- default-router 198.200.64.1
- dns-server 198.201.0.2
- domain-name www.Sales.com
- ip dhcp excluded-address 198.200.80.1 198.200.80.9
- ip dhcp pool F1LAN6
- network 198.200.80.0 255.255.240.0
- default-router 198.200.80.1
- dns-server 198.201.0.2
- domain-name www.TechSupport.com
- ip dhcp excluded-address 198.200.96.1 198.200.96.9
- ip dhcp pool F2LAN7
- network 198.200.96.0 255.255.240.0
- default-router 198.200.96.1
- dns-server 198.201.0.2
- domain-name www.Utility.com
- ip dhcp excluded-address 198.200.112.1 198.200.112.9
- ip dhcp pool F2LAN8
- network 198.200.112.0 255.255.240.0
- default-router 198.200.112.1
- dns-server 198.201.0.2
- domain-name www.CustomerService.com
- ip dhcp excluded-address 198.200.128.1 198.200.128.9
- ip dhcp pool F2LAN9
- network 198.200.128.0 255.255.240.0
- default-router 198.200.128.1
- dns-server 198.201.0.2
- domain-name www.Production.com
- ip dhcp excluded-address 198.200.144.1 198.200.144.9
- ip dhcp pool F3LAN10
- network 198.200.144.0 255.255.240.0
- default-router 198.200.144.1
- dns-server 198.201.0.2
- domain-name www.ResearchDept.com
- ip dhcp excluded-address 198.200.160.1 198.200.160.9
- ip dhcp pool F3LAN11
- network 198.200.160.0 255.255.240.0
- default-router 198.200.160.1
- dns-server 198.201.0.2
- domain-name www.LegalDept.com
- ip dhcp excluded-address 198.200.176.1 198.200.176.9
- ip dhcp pool F3LAN12
- network 198.200.176.0 255.255.240.0
- default-router 198.200.176.1
- dns-server 198.201.0.2
- domain-name www.CashierDept.com
- ip dhcp excluded-address 198.200.192.1 198.200.192.9
- ip dhcp pool F4LAN13
- network 198.200.192.0 255.255.240.0
- default-router 198.200.192.1
- dns-server 198.201.0.2
- domain-name www.CEO.com
- ip dhcp excluded-address 198.200.208.1 198.200.208.9
- ip dhcp pool F4LAN14
- network 198.200.208.0 255.255.240.0
- default-router 198.200.208.1
- dns-server 198.201.0.2
- domain-name www.Assistant.com
- ip dhcp excluded-address 198.200.224.1 198.200.224.9
- ip dhcp pool F4LAN15
- network 198.200.224.0 255.255.240.0
- default-router 198.200.224.1
- dns-server 198.201.0.2
- domain-name www.Director.com
- ip dhcp pool VOICE
- network 198.200.240.0 255.255.240.0
- default-router 198.200.240.1
- option 150 ip 198.200.240.1
- ip dhcp excluded-address 192.15.140.1 192.15.140.9
- ip dhcp pool BR1LAN1
- network 192.15.140.0 255.255.252.0
- default-router 192.15.140.1
- dns-server 198.201.0.2
- domain-name www.FrontDesk.com
- ip dhcp excluded-address 192.15.144.1 192.15.144.9
- ip dhcp pool BR1LAN2
- network 192.15.144.0 255.255.252.0
- default-router 192.15.144.1
- dns-server 198.201.0.2
- domain-name www.IT.com
- ip dhcp excluded-address 192.15.148.1 192.15.148.9
- ip dhcp pool BR1LAN3
- network 192.15.148.0 255.255.252.0
- default-router 192.15.148.1
- dns-server 198.201.0.2
- domain-name www.Manager.com
- ================================TELEPHONY SERVICE
- telephony-service
- max-dn 30
- max-ephones 30
- ip source-address 198.200.240.1 port 2000
- ephone-dn 1
- number 1010
- ephone-dn 2
- number 1020
- ephone-dn 3
- number 1030
- ephone-dn 4
- number 1040
- ephone-dn 5
- number 1050
- ephone-dn 6
- number 1060
- ephone-dn 7
- number 1070
- ephone-dn 8
- number 1080
- ephone-dn 9
- number 1090
- ephone-dn 10
- number 1100
- ephone-dn 11
- number 1110
- ephone-dn 12
- number 1120
- ephone-dn 13
- number 1130
- ephone-dn 14
- number 1140
- ephone-dn 15
- number 1150
- ephone-dn 16
- number 1160
- ephone-dn 17
- number 1170
- ephone-dn 18
- number 1180
- ephone-dn 19
- number 1190
- ephone-dn 20
- number 1200
- ephone-dn 21
- number 1210
- ephone-dn 22
- number 1220
- ephone-dn 23
- number 1230
- ephone-dn 24
- number 1240
- ephone-dn 25
- number 1250
- ephone-dn 26
- number 1260
- ephone-dn 27
- number 1270
- ephone-dn 28
- number 1280
- ephone-dn 29
- number 1290
- ephone-dn 30
- number 1300
- =============================telephony type number
- ephone 1
- type 7960
- button 1:1
- ephone 2
- type 7960
- button 1:2
- ephone 3
- type 7960
- button 1:3
- ephone 4
- type 7960
- button 1:4
- ephone 5
- type 7960
- button 1:5
- ephone 6
- type 7960
- button 1:6
- ephone 7
- type 7960
- button 1:7
- ephone 8
- type 7960
- button 1:8
- ephone 9
- type 7960
- button 1:9
- ephone 10
- type 7960
- button 1:10
- ephone 11
- type 7960
- button 1:11
- ephone 12
- type 7960
- button 1:12
- ephone 13
- type 7960
- button 1:13
- ephone 14
- type 7960
- button 1:14
- ephone 15
- type 7960
- button 1:15
- ephone 16
- type 7960
- button 1:16
- ephone 17
- type 7960
- button 1:17
- ephone 18
- type 7960
- button 1:18
- ephone 19
- type 7960
- button 1:19
- ephone 20
- type 7960
- button 1:20
- ephone 21
- type 7960
- button 1:21
- ephone 22
- type 7960
- button 1:22
- ephone 23
- type 7960
- button 1:23
- ephone 24
- type 7960
- button 1:24
- ephone 25
- type 7960
- button 1:25
- ephone 26
- type 7960
- button 1:26
- ephone 27
- type 7960
- button 1:27
- ephone 28
- type 7960
- button 1:28
- ephone 29
- type 7960
- button 1:29
- ephone 30
- type 7960
- button 1:30
- ========================================================= S S H
- ip domain-name com
- crypto key generate rsa
- 1024
- username administrator password cisco
- line vty 0 4
- login local
- transport input ssh
- no password cisco
- exit
- ip ssh version 2
- line vty 0 4
- transport input ssh
- ======================================================ACCESS LISTS
- access-list 11 deny host 12.198.224.26
- access-list 11 permit any
- int g0/0
- ip access-group 11 out / out
- 0.0.0.0 0.0.0.0 - specific
- 0.0.0.0 255.255.255.255 - any
- ++++++++++++++++++++++++++++ STANDARD
- ip access-list standard one
- 10 deny 198.3.226.10 0.0.0.0
- permit any
- exit
- int se0/0/0
- ip access-group one out
- ++++++++++++++++++++++++++++ EXTENDED
- access-list 101 deny tcp host 209.191.88.3 156.220.213.0 0.0.0.31
- access-list 101 deny tcp host 209.191.88.3 156.220.213.32 0.0.0.31
- access-list 101 permit ip any any
- int g0/0
- ip access-group 101 out
- access-list 102 deny ip 156.220.213.0 0.0.0.31 host 198.112.160.3
- access-list 102 deny ip 156.220.213.32 0.0.0.31 host 198.112.160.3
- access-list 102 deny ip 199.178.11.0 0.0.0.127 host 198.112.160.3
- access-list 102 deny ip 156.220.213.0 0.0.0.31 host 124.215.18.3
- access-list 102 deny ip 156.220.213.32 0.0.0.31 host 124.215.18.3
- access-list 102 deny ip 199.178.11.0 0.0.0.127 host 124.215.18.3
- access-list 102 permit ip any any
- int se0/1/0
- ip access-group 102 in
- int se0/0/1
- ip access-group 102 in
- int g0/0
- ip access-group 102 out
- +++++++++++++++++++++++++ FTP (DENY EXTENDED)
- access-list 101 deny tcp 156.220.213.0 0.0.0.31 host 209.191.88.3 eq ftp
- access-list 101 deny tcp 156.220.213.32 0.0.0.31 host 209.191.88.3 eq ftp
- access-list 101 deny tcp 156.220.213.0 0.0.0.31 host 199.178.11.3 eq ftp
- access-list 101 deny tcp 156.220.213.32 0.0.0.31 host 199.178.11.3 eq ftp
- access-list 101 permit ip any any
- int g0/0
- ip access-group 101 in
- int g0/1
- ip access-group 101 in
- show ip access-list
- ++++++++++++++++++++++++ WWW (DENY EXTENDED)
- access-list 105 deny tcp 199.178.11.0 0.0.0.127 host 209.191.88.3 eq www
- access-list 105 deny tcp 199.178.11.0 0.0.0.127 host 220.11.179.3 eq www
- access-list 105 deny tcp 199.178.11.0 0.0.0.127 host 198.112.160.3 eq www
- access-list 105 deny tcp 199.178.11.0 0.0.0.127 host 124.215.18.3 eq www
- access-list 105 deny tcp 199.178.11.0 0.0.0.127 host 156.220.213.34 eq www
- access-list 105 permit ip any any
- int g0/0
- ip access-group 105 in
- ++++++++++++++++++++++ SMTP (DENY EXTENDED)
- access-list 103 deny tcp 199.178.11.0 0.0.0.127 host 138.220.16.3 eq smtp
- access-list 103 permit ip any any
- int g0/0
- ip access-group 103 in
- int g0/1
- ip access-group 102 in
- +++++++++++++++++++++++++++++ FILTERING VTY TRAFFIC (STANDARD)
- access-list 10 deny 198.3.226.10 0.0.0.255
- access-list 10 permit any
- line vty 0 4
- access-class 10 in
- +++++++++++++++++++++++++++++ FILTERING VTY TRAFFIC (EXTENDED)
- access-list 103 deny ip host 198.3.226.10 host 198.3.226.1
- access-list 103 permit ip any any
- line vty 0 4
- access-class 103 in
- access-list 103 deny ip host 198.3.224.10 host 198.3.224.1
- access-list 103 permit ip any any
- line vty 0 4
- access-class 103 in
- +++++++++++++++++++++++++++ FTP
- access-list 101 deny tcp 192.168.10.32 0.0.0.255 any eq www
- cmd> dir
- cmd > ftp 192.168.10.1 or usc.edu.ph
- put
- get
- ===================================================== I P V 6
- ipv6 unicast-routing
- ipv6 router rip Petri
- int g0/0
- ipv6 add
- ipv6 rip Petri enable
- int g0/1
- ipv6 add 2001:DB8:ACAD:AAAA::1/64
- ipv6 rip Group4 enable
- ipv6 dhcp server Lan6
- ipv6 nd other-config-flag
- no shut
- +++++++++++++ Router D H C P
- ipv6 dhcp pool Lan6
- address prefix 2001:DB8:ACAD:AAA9::/64
- exit
- ipv6 dhcp pool Lan7
- address prefix 2001:DB8:ACAD:AAAA::/64
- exit
- ++++++++++++ R I P V 2
- int g0/0
- ipv6 rip Group4 enable
- ipv6 enable
- ipv6 router rip Group4
- redistribute eigrp 100 metric 1
- ++++++++++++ EIGRP
- int g0/0
- ipv6 eigrp 1
- ipv6 enable
- ipv6 router eigrp 100
- eigrp router-id 3.3.3.3
- no shut
- redistribute rip Group4 metric 1544 100 255 1 100
- ++++++++++++++++++++++++++ L O O P B A C K
- int lo0
- ipv6 ospf 1 area 0
- int g0/0
- int lo0
- ipv6 ospf 1 area 0
- int lo0
- ipv6 eigrp 1
- ipv6 rip Group4 enable
- no shut
- ex
- PC1
- ipv6 add 2001:DB8:ACAD:4002::2/64
- PC2
- ipv6 add 2001:DB8:ACAD:4002::3/64
- ========================= O S P F
- ipv6 router ospf 1
- redistribute eigrp 1 include-connected metric 3
- ===========================ISP
- 198.200.0.0 255.255.240.0
- se0/3/0 192.15.128.0/22 255.255.252.0
- se0/3/0 192.15.132.0/22 255.255.252.0
- se0/3/0 192.15.136.0/22 255.255.252.0
- ====kuwang
- ospf sa tanan networks
- ===main branch rtr
- dial-peer voice 10 voip
- destination-pattern 10..
- session-target ipv4:192.15.136.2
- === branch 1 rtr
- dial-peer voice 10 voip
- destination-pattern 20..
- session-target ipv4:192.15.128.1
- ==============branch 1
- vlan 170
- name FrontDesk
- vlan 180
- name IT
- vlan 190
- name Manager
- int ra fa0/2-3
- switchport mode access
- switchport access vlan 170
- int ra fa0/4-5
- switchport mode access
- switchport access vlan 180
- int ra fa0/6-7
- switchport mode access
- switchport access vlan 190
- telephony-service
- max-dn 30
- max-ephones 30
- ip source-address 198.200.240.1 port 2000
- ephone-dn 1
- number 1310
- ephone-dn 2
- number 1320
- ephone-dn 3
- number 1330
- ephone-dn 4
- number 130
- ephone-dn 5
- number 1350
- ephone-dn 6
- number 1360
- =========
- ephone 1
- type 7960
- button 1:1
- ephone 2
- type 7960
- button 1:2
- ephone 3
- type 7960
- button 1:3
- ephone 4
- type 7960
- button 1:4
- ephone 5
- type 7960
- button 1:5
- ephone 6
- type 7960
- button 1:6
- ==============
- router ospf 1
- network 192.15.152.0 0.0.3.255 area 0
- network 192.15.140.0 0.0.3.255 area 0
- network 192.15.144.0 0.0.3.255 area 0
- network 192.15.148.0 0.0.3.255 area 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement