· 6 years ago · Feb 28, 2019, 08:32 PM
1!
2!
3!
4
5!
6upgrade fpd auto
7version 12.4
8service timestamps debug datetime msec
9service timestamps log datetime msec
10no service password-encryption
11!
12hostname RTR_CNTRL1
13!
14boot-start-marker
15boot-end-marker
16!
17logging message-counter syslog
18!
19no aaa new-model
20ip source-route
21no ip icmp rate-limit unreachable
22ip cef
23!
24!
25!
26!
27no ip domain lookup
28no ipv6 cef
29!
30multilink bundle-name authenticated
31!
32!
33!
34!
35!
36!
37!
38!
39!
40!
41!
42!
43!
44!
45!
46!
47archive
48 log config
49 hidekeys
50!
51!
52crypto isakmp policy 10
53 encr aes 256
54 authentication pre-share
55 group 5
56!
57crypto isakmp key secretkey address 20.0.0.1
58!
59!
60crypto ipsec transform-set CENTRAL-SEDE esp-aes 256 esp-sha-hmac
61!
62crypto map IPSEC-MAP 10 ipsec-isakmp
63 ! Incomplete
64 set peer 20.0.0.1
65 set security-association lifetime seconds 86400
66 set transform-set CENTRAL-SEDE
67 set pfs group5
68 match address 100
69!
70!
71!
72ip tcp synwait-time 5
73!
74!
75!
76!
77interface FastEthernet0/0
78 no ip address
79 shutdown
80 duplex half
81!
82interface GigabitEthernet1/0
83 no ip address
84 shutdown
85 negotiation auto
86!
87interface GigabitEthernet2/0
88 ip address 172.16.0.1 255.255.248.0
89 negotiation auto
90 standby 1 ip 172.16.0.3
91 standby 1 priority 200
92!
93interface Serial3/0
94 ip address 10.0.0.1 255.255.255.252
95 serial restart-delay 0
96 crypto map IPSEC-MAP
97!
98interface Serial3/1
99 no ip address
100 shutdown
101 serial restart-delay 0
102!
103interface Serial3/2
104 no ip address
105 shutdown
106 serial restart-delay 0
107!
108interface Serial3/3
109 no ip address
110 shutdown
111 serial restart-delay 0
112!
113interface FastEthernet4/0
114 no ip address
115 shutdown
116 duplex auto
117 speed auto
118!
119interface FastEthernet4/1
120 no ip address
121 shutdown
122 duplex auto
123 speed auto
124!
125ip forward-protocol nd
126ip route 0.0.0.0 0.0.0.0 10.0.0.2
127no ip http server
128no ip http secure-server
129!
130!
131!
132no cdp log mismatch duplex
133!
134!
135!
136!
137!
138!
139control-plane
140!
141!
142!
143!
144!
145!
146!
147gatekeeper
148 shutdown
149!
150!
151line con 0
152 exec-timeout 0 0
153 privilege level 15
154 logging synchronous
155 stopbits 1
156line aux 0
157 exec-timeout 0 0
158 privilege level 15
159 logging synchronous
160 stopbits 1
161line vty 0 4
162 login
163!
164end
165
166!
167!
168!
169
170!
171upgrade fpd auto
172version 12.4
173service timestamps debug datetime msec
174service timestamps log datetime msec
175no service password-encryption
176!
177hostname RTR_SD1
178!
179boot-start-marker
180boot-end-marker
181!
182logging message-counter syslog
183!
184no aaa new-model
185ip source-route
186no ip icmp rate-limit unreachable
187ip cef
188!
189!
190!
191!
192no ip domain lookup
193no ipv6 cef
194!
195multilink bundle-name authenticated
196!
197!
198!
199!
200!
201!
202!
203!
204!
205!
206!
207!
208!
209!
210!
211!
212archive
213 log config
214 hidekeys
215!
216!
217crypto isakmp policy 10
218 encr aes 256
219 authentication pre-share
220 group 5
221!
222crypto isakmp key secretkey address 10.0.0.1
223!
224!
225crypto ipsec transform-set CENTRAL-SEDE esp-aes 256 esp-sha-hmac
226!
227crypto map IPSEC-MAP 10 ipsec-isakmp
228 set peer 10.0.0.1
229 set security-association lifetime seconds 86400
230 set transform-set CENTRAL-SEDE
231 set pfs group5
232 match address 100
233!
234!
235!
236ip tcp synwait-time 5
237!
238!
239!
240!
241interface FastEthernet0/0
242 no ip address
243 shutdown
244 duplex half
245!
246interface GigabitEthernet1/0
247 no ip address
248 shutdown
249 negotiation auto
250!
251interface GigabitEthernet2/0
252 ip address 172.16.8.1 255.255.248.0
253 no negotiation auto
254 standby 1 ip 172.16.8.3
255 standby 1 priority 200
256 standby 1 name SEDE_HSRP
257!
258interface Serial3/0
259 ip address 20.0.0.1 255.255.255.252
260 crypto map IPSEC-MAP
261!
262interface Serial3/1
263 no ip address
264 shutdown
265 serial restart-delay 0
266!
267interface Serial3/2
268 no ip address
269 shutdown
270 serial restart-delay 0
271!
272interface Serial3/3
273 no ip address
274 shutdown
275 serial restart-delay 0
276!
277interface FastEthernet4/0
278 no ip address
279 shutdown
280 duplex auto
281 speed auto
282!
283interface FastEthernet4/1
284 no ip address
285 shutdown
286 duplex auto
287 speed auto
288!
289ip forward-protocol nd
290ip route 0.0.0.0 0.0.0.0 20.0.0.2
291no ip http server
292no ip http secure-server
293!
294!
295!
296access-list 100 permit ip 172.16.8.0 0.0.7.255 172.16.0.0 0.0.7.255
297no cdp log mismatch duplex
298!
299!
300!
301!
302!
303!
304control-plane
305!
306!
307!
308!
309!
310!
311!
312gatekeeper
313 shutdown
314!
315!
316line con 0
317 exec-timeout 0 0
318 privilege level 15
319 logging synchronous
320 stopbits 1
321line aux 0
322 exec-timeout 0 0
323 privilege level 15
324 logging synchronous
325 stopbits 1
326line vty 0 4
327 login
328!
329end