· 5 years ago · Mar 29, 2020, 08:20 PM
1Current configuration : 14472 bytes
2!
3! Last configuration change at 18:21:59 UTC Sun Mar 29 2020 by <name redacted>
4! NVRAM config last updated at 23:15:12 UTC Tue Mar 17 2020 by <name redacted>
5!
6version 15.7
7service timestamps debug datetime msec
8service timestamps log datetime msec
9service password-encryption
10!
11hostname Router
12!
13boot-start-marker
14boot system flash0:c3900-universalk9-mz.SPA.157-3.M3.bin
15boot-end-marker
16!
17!
18logging buffered 51200 warnings
19enable password 7 <PASSWORD REDACTED>
20!
21aaa new-model
22!
23!
24aaa authentication login default group tacacs+ local enable
25aaa authentication enable default enable
26aaa authorization exec default group tacacs+ local if-authenticated
27aaa authorization commands 1 default group tacacs+ local if-authenticated
28aaa authorization commands 7 default local
29aaa authorization commands 15 default group tacacs+ local if-authenticated
30aaa accounting send stop-record authentication failure
31aaa accounting exec default start-stop group tacacs+
32aaa accounting commands 1 default start-stop group tacacs+
33aaa accounting commands 15 default start-stop group tacacs+
34aaa accounting network default start-stop group tacacs+
35aaa accounting connection default start-stop group tacacs+
36aaa accounting system default start-stop group tacacs+
37!
38!
39!
40!
41!
42!
43aaa session-id common
44!
45!
46crypto pki trustpoint TP-self-signed-1899486086
47 enrollment selfsigned
48 subject-name cn=IOS-Self-Signed-Certificate-1899486086
49 revocation-check none
50 rsakeypair TP-self-signed-1899486086
51!
52!
53crypto pki certificate chain TP-self-signed-1899486086
54 certificate self-signed 01
55 <KEY REDACTED>
56 quit
57!
58!
59!
60!
61!
62!
63!
64!
65!
66!
67!
68!
69!
70!
71!
72
73
74!
75!
76!
77!
78no ip domain lookup
79ip domain name yourdomain.com
80ip multicast-routing
81ip cef
82no ipv6 cef
83!
84!
85multilink bundle-name authenticated
86!
87!
88!
89!
90!
91!
92voice-card 0
93!
94!
95!
96!
97!
98!
99!
100!
101vxml logging-tag
102license udi pid C3900-SPE100/K9 sn FOC164450P4
103hw-module sm 1
104!
105!
106!
107username <name redacted> privilege 15 secret 5 <password redacted>
108!
109redundancy
110!
111!
112!
113!
114!
115!
116!
117!
118!
119!
120!
121!
122!
123!
124!
125interface Loopback0
126 ip address 192.168.1.192 255.255.255.255
127 no ip redirects
128 no ip unreachables
129 no ip proxy-arp
130 ip mtu 1374
131 ip pim sparse-mode
132 no ip route-cache
133 ip ospf 1 area 0
134!
135interface Tunnel55
136 ip address 6.78.4.230 255.255.255.252
137 shutdown
138 tunnel source GigabitEthernet0/1.55
139 tunnel destination 6.78.4.226
140!
141interface Embedded-Service-Engine0/0
142 no ip address
143 shutdown
144!
145interface GigabitEthernet0/0
146 description UNUSED PORT
147 no ip address
148 shutdown
149 duplex auto
150 speed auto
151!
152interface GigabitEthernet0/1
153 description connection to 5548
154 no ip address
155 media-type sfp
156!
157interface GigabitEthernet0/1.5
158 description Test VLAN for VRRP (VLAN 5)
159 encapsulation dot1Q 5
160 ip address 6.78.2.225 255.255.255.252
161 ip pim sparse-mode
162 ip ospf authentication message-digest
163 ip ospf message-digest-key 1 md5 7 <KEY REDACTED>
164 ip ospf 1 area 0
165!
166interface GigabitEthernet0/1.9
167 description vlan 9 <unused>
168 encapsulation dot1Q 9
169 ip address 180.180.180.161 255.255.255.224
170 shutdown
171!
172interface GigabitEthernet0/1.10
173 encapsulation dot1Q 10
174 ip address 192.168.1.1 255.255.255.128
175 ip pim sparse-mode
176 ip nat inside
177 ip virtual-reassembly in
178!
179interface GigabitEthernet0/1.14
180 description Test VLAN interface for VRRP
181 encapsulation dot1Q 14
182 ip address 6.78.1.225 255.255.255.252
183 ip pim sparse-mode
184 shutdown
185!
186interface GigabitEthernet0/1.55
187 description Test VLAN for VRRP to CSR 1000v
188 encapsulation dot1Q 55
189 ip address 6.78.4.225 255.255.255.252
190 ip pim sparse-mode
191 ip ospf authentication message-digest
192 ip ospf message-digest-key 1 md5 7 <KEY REDACTED>
193 ip ospf 1 area 0
194 shutdown
195!
196interface GigabitEthernet0/1.200
197 description Connection to PFSense VM
198 encapsulation dot1Q 200
199 ip address 10.10.10.1 255.255.255.252
200 ip nat inside
201 ip virtual-reassembly in
202!
203interface GigabitEthernet0/2
204 description Connection to the Internet
205 mac-address 0005.eb00.2ba0
206 ip address aaa.bbb.ccc.158 255.255.255.252
207 ip nat outside
208 ip virtual-reassembly in
209 duplex auto
210 speed auto
211!
212interface GigabitEthernet0/0/0
213 no ip address
214 media-type sfp
215!
216interface GigabitEthernet0/0/0.305
217 description VLAN 5 Uplink for vNIA4
218 encapsulation dot1Q 305
219 ip address 5.67.1.225 255.255.255.252
220 ip pim sparse-mode
221 ip ospf authentication message-digest
222 ip ospf message-digest-key 1 md5 7 <KEY REDACTED>
223 ip ospf 1 area 0.0.0.1
224!
225interface GigabitEthernet0/0/0.310
226 description VLAN 10 for New Lab
227 encapsulation dot1Q 310
228 ip address 5.67.1.1 255.255.255.128
229!
230interface GigabitEthernet0/0/0.340
231 description Overlay Transport (TEP)
232 encapsulation dot1Q 340
233 ip address 5.67.40.1 255.255.255.128
234!
235interface GigabitEthernet0/0/0.360
236 description VLAN Uplink for Edge T0
237 encapsulation dot1Q 360
238 ip address 5.67.60.1 255.255.255.128
239!
240interface GigabitEthernet0/0/0.370
241 description VLAN Uplink for Edge T0
242 encapsulation dot1Q 370
243 ip address 5.67.70.1 255.255.255.128
244!
245interface SM1/0
246 no ip address
247 shutdown
248 !Application: Restarted at Wed Jul 24 21:34:04 2019
249!
250interface SM1/1
251 description Internal switch interface connected to Service Module
252 no ip address
253!
254interface Vlan1
255 no ip address
256!
257!
258router ospf 1
259 router-id 6.78.1.225
260 network 5.67.1.0 0.0.0.127 area 0
261 network 5.67.40.0 0.0.0.127 area 0
262 network 5.67.60.0 0.0.0.127 area 0
263 network 5.67.70.0 0.0.0.127 area 0
264 network 6.78.1.224 0.0.0.3 area 0
265 network 192.168.1.0 0.0.0.127 area 0
266 network 192.168.3.224 0.0.0.3 area 0
267 network 192.168.12.0 0.0.0.255 area 0
268!
269router rip
270 network 192.168.1.0
271!
272ip forward-protocol nd
273!
274no ip http server
275no ip http secure-server
276!
277ip pim bsr-candidate Loopback0 24 197
278ip pim rp-candidate Loopback0 group-list 2
279ip nat inside source list 4 interface GigabitEthernet0/2 overload
280ip nat inside source static udp 10.10.10.2 1194 interface GigabitEthernet0/2 1194
281ip nat inside source static udp 10.10.10.2 22 interface GigabitEthernet0/2 22
282ip route 0.0.0.0 0.0.0.0 aaa.bbb.ccc.157
283ip route 10.0.8.0 255.255.255.248 192.168.1.15
284ip ssh version 2
285!
286ipv6 ioam timestamp
287!
288nls resp-timeout 1
289cpd cr-id 1
290!
291snmp-server group network-admin v3 priv
292!
293access-list 2 permit 224.9.10.59
294access-list 2 permit 224.9.10.58
295access-list 2 permit 224.191.107.0 0.0.0.255
296access-list 2 permit 224.194.21.0 0.0.0.255
297access-list 2 permit 224.193.21.0 0.0.0.255
298access-list 2 permit 224.193.25.0 0.0.0.255
299access-list 2 permit 224.191.108.0 0.0.0.255
300access-list 2 permit 224.191.109.0 0.0.0.255
301access-list 2 permit 224.191.110.0 0.0.0.255
302access-list 2 permit 224.199.0.0 0.0.255.255
303access-list 2 permit 224.192.11.0 0.0.0.255
304access-list 2 permit 224.193.24.0 0.0.0.255
305access-list 2 permit 224.190.14.0 0.0.0.255
306access-list 2 permit 224.1.2.0 0.0.0.255
307access-list 2 permit 224.192.14.0 0.0.0.255
308access-list 2 permit 224.192.15.0 0.0.0.255
309access-list 2 permit 224.192.16.0 0.0.0.255
310access-list 2 permit 224.192.17.0 0.0.0.255
311access-list 2 permit 224.192.18.0 0.0.0.255
312access-list 2 permit 224.192.13.0 0.0.0.255
313access-list 2 permit 224.190.12.0 0.0.0.255
314access-list 2 permit 239.0.55.0 0.0.0.255
315access-list 3 permit 224.191.20.0 0.0.0.255
316access-list 3 permit 224.192.20.0 0.0.0.255
317access-list 4 permit 192.168.1.111
318access-list 4 permit 10.10.10.2
319access-list 4 permit 192.168.1.121
320access-list 4 permit 192.168.1.120
321access-list 4 permit 192.168.1.123
322access-list 4 permit 192.168.1.122
323access-list 4 permit 192.168.1.125
324access-list 4 permit 192.168.1.124
325access-list 4 permit 192.168.1.126
326access-list 4 permit 192.168.1.79
327access-list 4 permit 192.168.1.78
328access-list 4 permit 192.168.1.64
329access-list 4 permit 192.168.1.68
330access-list 4 permit 192.168.1.92
331access-list 4 permit 192.168.1.80
332access-list 4 permit 192.168.1.57
333access-list 4 permit 192.168.1.59
334access-list 4 permit 192.168.1.58
335access-list 4 permit 192.168.1.61
336access-list 4 permit 192.168.1.60
337access-list 4 permit 192.168.1.63
338access-list 4 permit 192.168.1.62
339access-list 4 permit 192.168.1.2
340access-list 4 deny any
341!
342!
343!
344control-plane
345!
346!
347!
348!
349!
350!
351mgcp behavior rsip-range tgcp-only
352mgcp behavior comedia-role none
353mgcp behavior comedia-check-media-src disable
354mgcp behavior comedia-sdp-force disable
355!
356mgcp profile default
357!
358!
359!
360!
361!
362!
363!
364gatekeeper
365 shutdown
366!
367!
368 vstack
369alias exec c conf t
370alias exec w copy system:running-config nvram:startup-config
371alias exec sii sho ip int brief
372!
373banner exec ^C
374<BANNER REDACTED>
375^C
376banner login ^C
377<BANNER REDACTED>
378^C
379!
380line con 0
381line aux 0
382line 2
383 no activation-character
384 no exec
385 transport preferred none
386 transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
387 stopbits 1
388line 67
389 no activation-character
390 no exec
391 transport preferred none
392 transport input ssh
393 transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
394 stopbits 1
395line vty 0 4
396 access-class 1 in
397 privilege level 15
398 transport input ssh
399line vty 5 15
400 access-class 1 in
401 privilege level 15
402 transport input ssh
403!
404scheduler allocate 20000 1000
405ntp authentication-key 1 md5 <KEY REDACTED> 7
406ntp authenticate
407ntp trusted-key 1
408ntp source Loopback0
409ntp master 5
410ntp update-calendar
411!
412!
413end