cRYSMAS
Junior Member | Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору gw2921#sh run Building configuration... Current configuration : 10772 bytes ! ! Last configuration change at 12:52:25 Ukraine Wed Sep 28 2016 by crysmas version 15.3 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname gw2921 ! boot-start-marker boot-end-marker ! ! enable secret 5 ************* ! aaa new-model ! ! aaa authentication login default local aaa authentication enable default enable aaa authentication ppp VPDN-AUTH local ! ! ! ! ! aaa session-id common ! ! ! ! ! ! ! ip domain lookup source-interface GigabitEthernet0/1.1570 ip domain name *.com ip host *.com *.*.*.41 ip name-server *.*.*.5 ip name-server *.*.*.9 ip name-server 8.8.8.8 ip inspect name Inter http timeout 3600 ip inspect name Inter https timeout 3600 ip inspect name Inter smtp timeout 3600 ip inspect name Inter udp timeout 3600 ip inspect name Inter tcp timeout 3600 ip inspect name Inter pop3 timeout 3600 ip inspect name Inter ftp timeout 3600 ip inspect name Inter dns timeout 3600 ip cef no ipv6 cef ! multilink bundle-name authenticated ! async-bootp dns-server 10.2.10.3 10.2.10.4 vpdn enable ! vpdn-group PPTP ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 1 session-limit 2 ! ! ! ! license udi pid CISCO2921/K9 sn * ! ! username Smurfik privilege 15 secret 5 *. username cRYSMAS privilege 15 secret 5 * username usvpn password 7 02575608 username usvpn aaa attribute list VPDN-AUTH ! redundancy ! ! ! ! ! ip ssh maxstartups 2 ip ssh version 2 ! ! ! ! ! ! ! ! ! interface Embedded-Service-Engine0/0 no ip address shutdown ! interface GigabitEthernet0/0 description Inside SW3560 bandwidth 10000 no ip address duplex auto speed auto ! interface GigabitEthernet0/0.9 encapsulation dot1Q 9 no cdp enable ! interface GigabitEthernet0/0.10 description Ins_SW3560_VL10 encapsulation dot1Q 10 ip address 10.2.10.2 255.255.255.0 ip access-group Ins_Inter in ip nat inside ip inspect Inter in ip virtual-reassembly in no cdp enable ! interface GigabitEthernet0/0.30 encapsulation dot1Q 30 no cdp enable ! interface GigabitEthernet0/0.40 encapsulation dot1Q 40 no cdp enable ! interface GigabitEthernet0/0.50 encapsulation dot1Q 50 no cdp enable ! interface GigabitEthernet0/0.60 encapsulation dot1Q 60 no cdp enable ! interface GigabitEthernet0/0.61 encapsulation dot1Q 61 no cdp enable ! interface GigabitEthernet0/0.70 encapsulation dot1Q 70 no cdp enable ! interface GigabitEthernet0/0.80 description Mala Viska encapsulation dot1Q 80 no cdp enable ! interface GigabitEthernet0/0.81 encapsulation dot1Q 81 no cdp enable ! interface GigabitEthernet0/0.82 encapsulation dot1Q 82 no cdp enable ! interface GigabitEthernet0/0.90 encapsulation dot1Q 90 no cdp enable ! interface GigabitEthernet0/0.100 no cdp enable ! interface GigabitEthernet0/0.192 description lan 3560 encapsulation dot1Q 192 ip address 192.168.1.28 255.255.248.0 no cdp enable ! interface GigabitEthernet0/0.1570 encapsulation dot1Q 1570 ip virtual-reassembly in no cdp enable ! interface GigabitEthernet0/1 bandwidth 10000 no ip address ip nat outside ip virtual-reassembly in no ip route-cache duplex auto speed auto ! interface GigabitEthernet0/1.30 encapsulation dot1Q 30 ip address 10.2.30.2 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.40 encapsulation dot1Q 40 ip address 10.2.40.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.50 encapsulation dot1Q 50 ip address 10.2.50.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.60 encapsulation dot1Q 60 ip address 10.2.60.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.61 encapsulation dot1Q 61 ip address 10.2.61.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.70 encapsulation dot1Q 70 ip address 10.2.70.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.80 encapsulation dot1Q 80 ip address 10.2.80.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.81 encapsulation dot1Q 81 ip address 10.2.81.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.82 encapsulation dot1Q 82 ip address 10.2.82.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.90 encapsulation dot1Q 90 ip address 10.2.90.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.91 encapsulation dot1Q 91 ip address 10.2.91.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.100 encapsulation dot1Q 100 ip address 10.2.100.1 255.255.255.0 ip nat inside ip virtual-reassembly in no ip route-cache no cdp enable ! interface GigabitEthernet0/1.110 encapsulation dot1Q 110 ip address 10.2.110.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.120 encapsulation dot1Q 120 ip address 10.2.120.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.121 encapsulation dot1Q 121 ip address 10.2.121.1 255.255.255.0 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.192 description ST encapsulation dot1Q 192 no ip route-cache no cdp enable ! interface GigabitEthernet0/1.1570 description Outside encapsulation dot1Q 1570 ip address *.*.*.162 255.255.255.252 ip access-group Outside in no ip proxy-arp ip nat outside ip virtual-reassembly in no ip route-cache no cdp enable ! interface GigabitEthernet0/2 no ip address ip virtual-reassembly in duplex auto speed auto ! interface GigabitEthernet0/2.10 description UAG.10 encapsulation dot1Q 3 native ip address 192.170.1.1 255.255.255.252 ip access-group Ins_Inter in ip nat inside ip inspect Inter in ip virtual-reassembly in no cdp enable ! interface Virtual-Template1 ip unnumbered GigabitEthernet0/1.1570 peer default ip address pool PPTP-POOL no keepalive ppp max-bad-auth 2 ppp mtu adaptive ppp encrypt mppe 128 required ppp authentication ms-chap-v2 VPDN-AUTH ! ! router eigrp 30 network 10.2.10.0 0.0.0.255 network 10.2.16.0 0.0.7.255 network 10.2.20.0 0.0.0.255 network 10.2.30.0 0.0.0.255 network 10.2.40.0 0.0.0.255 network 10.2.50.0 0.0.0.255 network 10.2.60.0 0.0.0.255 network 10.2.61.0 0.0.0.255 network 10.2.70.0 0.0.0.255 network 10.2.80.0 0.0.0.255 network 10.2.81.0 0.0.0.255 network 10.2.82.0 0.0.0.255 network 10.2.90.0 0.0.0.255 network 10.2.91.0 0.0.0.255 network 10.2.100.0 0.0.0.255 network 10.2.110.0 0.0.0.255 network 10.2.120.0 0.0.0.255 network 10.2.121.0 0.0.0.255 network 10.10.1.0 0.0.0.255 network *.*.*.0 0.0.0.3 network 192.168.0.0 0.0.7.255 network 192.168.9.0 0.0.0.3 network 192.170.1.0 0.0.0.3 ! router ospf 28 network 10.2.10.0 0.0.0.255 area 0 network 10.2.20.0 0.0.0.255 area 0 network 10.2.30.0 0.0.0.255 area 0 network 10.2.40.0 0.0.0.255 area 0 network 10.2.50.0 0.0.0.255 area 0 network 10.2.60.0 0.0.0.255 area 0 network 10.2.70.0 0.0.0.255 area 0 network 10.2.80.0 0.0.0.255 area 0 network 10.2.90.0 0.0.0.255 area 0 network 10.2.100.0 0.0.0.255 area 0 network 10.2.110.0 0.0.0.255 area 0 network 10.2.120.0 0.0.0.255 area 0 network 192.168.0.0 0.0.7.255 area 0 ! router bgp 30 bgp log-neighbor-changes ! ip local pool PPTP-POOL 192.170.10.10 192.170.10.100 ip default-gateway *.*.*.161 ip forward-protocol nd ! no ip http server no ip http secure-server ! ip dns server ip nat inside source list 1 interface GigabitEthernet0/1.1570 overload ip nat inside source list 1570 interface GigabitEthernet0/1.1570 overload ip nat inside source list NAT interface GigabitEthernet0/1.1570 overload ip nat inside source static tcp 10.2.10.100 80 *.*.*.162 80 extendable ip nat inside source static tcp 10.2.10.31 778 80 *.*.*.162 778 extendable ip nat inside source static tcp 192.170.1.2 4090 80 *.*.*.162 4090 extendable ip nat inside source static udp 192.170.1.2 4090 80 *.*.*.162 4090 extendable ip default-network 10.2.10.0 ip route 0.0.0.0 0.0.0.0 *.*.*.162 ip route 192.168.12.0 255.255.255.0 192.168.1.27 ip route 192.168.25.0 255.255.255.0 192.168.1.254 ! ip access-list extended Ins_SW3560_VL10 permit tcp 10.2.10.0 0.0.0.255 any permit udp 10.2.10.0 0.0.0.255 any permit icmp 10.2.10.0 0.0.0.255 any permit tcp host *.*.*.162 host 192.168.5.37 eq www permit udp host *.*.*.162 host 192.168.5.37 eq 80 permit tcp host *.*.*.162 host 192.170.1.2 eq 1723 ip access-list extended Outside permit icmp any host *.*.*.162 unreachable permit icmp any host *.*.*.162 echo permit icmp any host *.*.*.162 echo-reply permit icmp any host *.*.*.162 packet-too-big permit icmp any host *.*.*.162 time-exceeded permit icmp any host *.*.*.162 traceroute permit icmp any host *.*.*.162 administratively-prohibited permit tcp any host *.*.*.162 eq www permit tcp any host *.*.*.162 eq 778 permit tcp any host *.*.*.162 eq 4090 permit udp any host *.*.*.162 eq 4090 permit tcp any host *.*.*.162 eq 1723 deny ip any any log ! no cdp run ! ! snmp-server community * RO snmp-server host 192.168.5.30 * tftp-server flash:cpconfig-2921-04122014.cfg access-list 1 permit 10.2.16.0 0.0.0.255 access-list 1570 permit 10.2.0.0 0.0.31.255 access-list 1570 permit 192.170.1.0 0.0.0.3 access-list 1570 permit 10.2.16.0 0.0.7.255 access-list 111 remark NTP SERVER ! ! ! control-plane ! ! ! line con 0 password 7 * line aux 0 line 2 no activation-character no exec transport preferred none transport output pad telnet rlogin lapb-ta mop udptn v120 ssh stopbits 1 line vty 0 4 password 7 * transport input all line vty 5 1114 password 7 * transport input all ! scheduler allocate 20000 1000 ! end | Всего записей: 137 | Зарегистр. 18-03-2011 | Отправлено: 13:33 28-09-2016 | Исправлено: cRYSMAS, 13:34 28-09-2016 |
|