Skip to content

Instantly share code, notes, and snippets.

/gist:2930d4cb82e073f1e7cc Secret

Created November 28, 2014 06:04
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save anonymous/2930d4cb82e073f1e7cc to your computer and use it in GitHub Desktop.
Save anonymous/2930d4cb82e073f1e7cc to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
!
! Last configuration change at 21:48:58 UTC Wed Nov 26 2014 by xx
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname xx
!
boot-start-marker
boot system flash:c180x-adventerprisek9-mz.151-4.M8.bin
boot system flash:c180x-adventerprisek9-mz.151-4.M7.bin
boot-end-marker
!
!
logging buffered 4096
enable secret 5 xx
enable password xx
!
aaa new-model
!
!
aaa authentication login local_list local
aaa authorization network local_list local
!
!
!
!
!
aaa session-id common
!
clock timezone UTC 1 0
crypto pki token default removal timeout 0
!
!
dot11 syslog
no ip source-route
!
!
ip dhcp database flash:/dhcp_database
ip dhcp excluded-address 192.168.1.1 192.168.1.20
!
ip dhcp pool dhcp1
network 192.168.1.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.1.1
!
ip dhcp pool STATIC
import all
origin file flash:/static
default-router 192.168.1.1
dns-server 8.8.8.8 8.8.4.4
domain-name xx
!
!
!
ip cef
no ip domain lookup
ip domain name xx
ip host marinescu.dk 192.168.1.15
ip name-server 8.8.8.8
ip name-server 8.8.4.4
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1801-M/K9 sn FGL16522598
archive
path flash:myBackup
username xx privilege 15 secret 4 xx
username xx privilege 15 password 0 xx
!
!
ip ssh version 2
!
!
crypto isakmp policy 1
encr aes
authentication pre-share
group 2
!
crypto isakmp client configuration group ipsec_full_tunnel
key xx
dns 8.8.8.8 8.8.4.4
pool group1pool
save-password
!
crypto isakmp client configuration group ipsec_split_tunnel
key xx
dns 8.8.8.8 8.8.4.4
pool group2pool
acl split_acl
save-password
crypto isakmp profile vpn1-ra
match identity group ipsec_full_tunnel
client authentication list local_list
isakmp authorization list local_list
client configuration address respond
virtual-template 1
crypto isakmp profile vpn1-st
match identity group ipsec_split_tunnel
client authentication list local_list
isakmp authorization list local_list
client configuration address respond
virtual-template 2
!
!
crypto ipsec transform-set VTI-TS esp-aes esp-sha-hmac
crypto ipsec transform-set VTI-ST esp-aes esp-sha-hmac
!
crypto ipsec profile test-vti1
set transform-set VTI-TS
!
crypto ipsec profile test-vti2
set transform-set VTI-ST
!
!
!
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
load-interval 30
no atm auto-configuration
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
ip address dhcp
ip mtu 1492
ip nat enable
ip virtual-reassembly in
logging event subif-link-status
atm route-bridged ip
pvc 0/101
vbr-nrt 2044 2044
oam-pvc manage 1
encapsulation aal5snap
!
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface FastEthernet0
ip address 192.168.1.1 255.255.255.0
no ip redirects
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface FastEthernet4
no ip address
!
interface FastEthernet5
no ip address
!
interface FastEthernet6
no ip address
!
interface FastEthernet7
no ip address
!
interface FastEthernet8
no ip address
!
interface Virtual-Template1 type tunnel
ip unnumbered ATM0.1
ip nat enable
ip virtual-reassembly in
tunnel mode ipsec ipv4
tunnel protection ipsec profile test-vti1
!
interface Virtual-Template2 type tunnel
ip unnumbered ATM0.1
ip virtual-reassembly in
tunnel mode ipsec ipv4
tunnel protection ipsec profile test-vti2
!
interface Vlan1
no ip address
shutdown
!
ip local pool group1pool 192.168.5.1 192.168.5.4
ip local pool group2pool 192.168.6.1 192.168.6.4
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat source list NAT interface ATM0.1 overload
ip nat source static tcp 192.168.1.15 80 2.108.123.138 80 extendable
ip nat source static tcp 192.168.1.15 443 2.108.123.138 443 extendable
ip nat source static tcp 192.168.1.15 1723 2.108.123.138 1723 extendable
ip nat source static tcp 192.168.1.15 5000 2.108.123.138 5000 extendable
ip nat source static tcp 192.168.1.15 6690 2.108.123.138 6690 extendable
ip nat source static tcp 192.168.1.10 12345 2.108.123.138 12345 extendable
ip nat source static tcp 192.168.1.15 16881 2.108.123.138 16881 extendable
ip route 0.0.0.0 0.0.0.0 dhcp
!
ip access-list extended NAT
permit ip 192.168.1.0 0.0.0.255 any
permit ip 192.168.5.0 0.0.0.255 any
ip access-list extended SSH
permit ip host 80.62.116.126 any
permit ip host 83.151.148.180 any
permit ip 192.168.1.0 0.0.0.255 any
permit ip 192.168.5.0 0.0.0.255 any
permit ip 192.168.6.0 0.0.0.255 any
deny ip any any
ip access-list extended split_acl
deny ip 192.168.1.0 0.0.0.255 192.168.6.0 0.0.0.255
deny ip 192.168.6.0 0.0.0.255 192.168.1.0 0.0.0.255
permit ip 192.168.1.0 0.0.0.255 any
permit ip 192.168.6.0 0.0.0.255 any
!
logging 192.168.1.15
!
!
!
!
!
!
!
!
control-plane
!
!
alias exec sip show ip interface brief
alias exec shdsl show dsl inter atm0
!
line con 0
line aux 0
line vty 0 4
access-class SSH in
exec-timeout 0 0
password xx
transport input ssh
!
ntp server 10.20.26.11
ntp server europe.pool.ntp.org
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment