Nothing Special   »   [go: up one dir, main page]
Scribd
Upload
22 views5 pages

Mec Show Run

Uploaded by

sheraz salim

This document contains the configuration of a Cisco router with the hostname mecgol1921. It configures DHCP, NAT, VPN, routing, and other network services. Security is enabled with SSH access control lists, PKI certificates, and an NTP configuration ensures time synchronization across the network.

Copyright:

© All Rights Reserved
Download as TXT, PDF, TXT or read online from Scribd
Download as txt, pdf, or txt

Mec Show Run

Uploaded by

sheraz salim
22 views5 pages
This document contains the configuration of a Cisco router with the hostname mecgol1921. It configures DHCP, NAT, VPN, routing, and other network services. Security is enabled with SSH access control lists, PKI certificates, and an NTP configuration ensures time synchronization across the network.

Copyright

© © All Rights Reserved

Available Formats

TXT, PDF, TXT or read online from Scribd

Did you find this document useful?

Is this content inappropriate?

This document contains the configuration of a Cisco router with the hostname mecgol1921. It configures DHCP, NAT, VPN, routing, and other network services. Security is enabled with SSH access control lists, PKI certificates, and an NTP configuration ensures time synchronization across the network.

Copyright:

© All Rights Reserved
Download as TXT, PDF, TXT or read online from Scribd
Download as txt, pdf, or txt
22 views5 pages

Mec Show Run

Uploaded by

sheraz salim
This document contains the configuration of a Cisco router with the hostname mecgol1921. It configures DHCP, NAT, VPN, routing, and other network services. Security is enabled with SSH access control lists, PKI certificates, and an NTP configuration ensures time synchronization across the network.

Copyright:

© All Rights Reserved
Download as TXT, PDF, TXT or read online from Scribd
Download as txt, pdf, or txt
You are on page 1/ 5

mecgol1921#show run

Building configuration...

Current configuration : 7053 bytes


!
! Last configuration change at 18:59:56 EDT Sun Jun 4 2023 by admin
! NVRAM config last updated at 19:05:00 EDT Sun Jun 4 2023 by admin
!
version 15.4
service timestamps debug datetime localtime year
service timestamps log datetime localtime year
service password-encryption
!
hostname mecgol1921
!
boot-start-marker
boot-end-marker
!
!
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
clock timezone EST -5 0
clock summer-time EDT recurring
!
!
!
!
!
!
!
!
!
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.7.200 192.168.7.254
ip dhcp excluded-address 192.168.7.1 192.168.7.15
ip dhcp excluded-address 192.168.99.1 192.168.99.10
!
ip dhcp pool LAN
network 192.168.7.0 255.255.255.0
dns-server 192.168.7.5
default-router 192.168.7.1
!
ip dhcp pool PUBLIC
network 192.168.99.0 255.255.255.0
dns-server 8.8.8.8 8.8.4.4
default-router 192.168.99.1
!
!
!
ip domain name mitchelleyecenter.com
ip name-server 8.8.8.8
ip cef
login block-for 60 attempts 5 within 60
login quiet-mode access-class SSH_MGMT
login on-failure log
login on-success log
no ipv6 cef
!
multilink bundle-name authenticated
!
vpdn enable
!
vpdn-group PPTP-GROUP
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
cts logging verbose
!
crypto pki trustpoint TP-self-signed-2471915420
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2471915420
revocation-check none
rsakeypair TP-self-signed-2471915420
!
!
crypto pki certificate chain TP-self-signed-2471915420
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32343731 39313534 3230301E 170D3135 31313131 32333033
35305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 34373139
31353432 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100EA84 EEF832D6 B15B5522 7123B924 256D8F3E 0437AD71 B7E5C0AA DB7ACA60
D25BF2FF 6F25DAA0 3000DC90 DC62C016 8D425212 3C7B485F 5FEA5F04 BA8CA34C
C9C83887 6629387E 01373790 15C329CB 68422931 C391C793 C63D97FB 7C70776D
32BB47AE 703C94DE 805BE59B 401EF927 28F9C584 42C9EFA0 D9D54264 ABE0947F
56830203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14C39D14 62D918DD D385E021 43109675 D663E337 43301D06
03551D0E 04160414 C39D1462 D918DDD3 85E02143 109675D6 63E33743 300D0609
2A864886 F70D0101 05050003 81810028 83777BF6 81D2EB7F 7C4FD837 59C159DB
32500292 ABD5FBFC 0DB1C9B7 8DFA5823 DEC52C22 677D40EA 079C6B35 1D96C354
17184E7E 9BFEA905 78B889E2 9FB8C381 56E56DC6 4CB491BC CE73E730 30DC98FF
E6EB7C7C 5EABEFD8 19A37A3E DFDF10BF 5BF6E5DA 6B939873 B6AE4DEF 3E3DC8FF
B0416868 CA918CF5 3B2D9040 BA959C
quit
license udi pid CISCO1921/K9 sn FGL1930232E
!
!
archive
path scp://mec:0kJxFwRxTNrN@collector.itss.us//opt/ios/mec/$h_
write-memory
time-period 1440
username admin privilege 15 secret 5 $1$UPjq$liLgiP2gEtnFB6GeunLw21
username itss password 7 144E43525B53727D747D64142055
username alex privilege 15 password 7 03275E4F5458735E5E
!
redundancy
!
!
!
!
!
ip ssh pubkey-chain
username tbarik
key-hash ssh-rsa 710158D3511AAB1F950E6DD55744B511 tbarik@itss.us
!
!
crypto isakmp policy 1
encr aes 256
hash sha256
authentication pre-share
group 5
lifetime 28800
!
crypto isakmp policy 10
encr 3des
hash sha512
authentication pre-share
group 2
crypto isakmp key it$$m1tch address 174.99.226.133
crypto isakmp key sm@rtScale25 address 3.220.201.239
!
!
crypto ipsec transform-set mitchset esp-3des esp-sha512-hmac
mode tunnel
crypto ipsec transform-set compulink esp-aes 256 esp-sha256-hmac
mode tunnel
!
!
!
crypto map CMAP 1 ipsec-isakmp
set peer 3.220.201.239
set transform-set compulink
match address 164
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description LAN
no ip address
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/0.1
description LAN
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.0 secondary
ip address 192.168.1.254 255.255.255.0 secondary
ip address 192.168.7.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.99
description PUBLIC
encapsulation dot1Q 99
ip address 192.168.99.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1
description TWC Primary
ip address 70.63.158.114 255.255.255.252
ip nat outside
ip virtual-reassembly in
duplex full
speed 1000
no cdp enable
crypto map CMAP
!
interface Virtual-Template1
ip unnumbered GigabitEthernet0/1
peer default ip address dhcp-pool LAN
ppp mtu adaptive
ppp encrypt mppe 128
ppp authentication ms-chap-v2
!
ip forward-protocol nd
!
ip http server
ip http access-class 1
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list 100 interface GigabitEthernet0/1 overload
ip nat inside source static tcp 192.168.7.249 8000 interface GigabitEtherne8000
ip nat inside source static tcp 192.168.7.249 8001 interface GigabitEtherne8001
ip nat inside source static tcp 192.168.7.249 8080 interface GigabitEtherne8080
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 70.63.158.113
!
ip access-list standard SSH-MGMT
permit 96.10.228.246
permit 174.99.226.132
ip access-list standard SSH_MGMT
permit 74.99.226.132
permit 174.99.162.210
permit 192.168.7.0 0.0.0.255
permit 192.168.8.0 0.0.0.255
!
!
!
!
access-list 1 permit 192.168.7.0 0.0.0.255
access-list 1 permit 192.169.7.0 0.0.0.255
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.99.0 0.0.0.255
access-list 100 deny ip 192.168.1.0 0.0.0.255 10.36.14.224 0.0.0.15
access-list 100 deny ip 192.168.1.0 0.0.0.255 192.168.8.0 0.0.0.255
access-list 100 deny ip 192.168.7.0 0.0.0.255 10.36.14.224 0.0.0.15
access-list 100 deny ip 192.168.7.0 0.0.0.255 192.168.8.0 0.0.0.255
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
access-list 100 permit ip 192.168.7.0 0.0.0.255 any
access-list 164 permit ip host 192.168.7.6 host 10.36.14.225
access-list 165 permit ip 192.168.7.0 0.0.0.255 192.168.8.0 0.0.0.255
access-list 165 permit ip 192.168.1.0 0.0.0.255 192.168.8.0 0.0.0.255
!
!
!
control-plane
!
!
banner login ^C
********* ITSS **********
For support email support@itss.us or call 919-330-0056
********* ITSS **********
^C
!
line con 0
line aux 0
line 2
access-class SSH_MGMT in
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class SSH_MGMT in
privilege level 15
transport input ssh
line vty 5 15
access-class SSH_MGMT in
privilege level 15
transport input ssh
!
scheduler allocate 20000 1000
ntp server 1.pool.ntp.org
ntp server 2.pool.ntp.org
ntp server 3.pool.ntp.org minpoll 9
ntp server 0.pool.ntp.org minpoll 10
!
end

mecgol1921#

You might also like