Cisco Configuration

version 12.
2
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname FCGWHTKHLPB003C34001
!
boot-start-marker
boot-end-marker
!
logging count
no logging console
enable secret 5 $1$SWHa$LEkLm/2nbOvaqpdCVt5iU.
enable password 7 01010F080A5955
!
username ril password 7 01010F080A5955
no aaa new-model
clock timezone IST 5 30
system mtu routing 1998
udld aggressive
lldp run
ip subnet-zero
ip name-server 97.253.25.102
ip name-server 97.253.25.103
!
ip dhcp snooping vlan 65-66,102
ip dhcp snooping
ip arp inspection vlan 65-66
ip arp inspection log-buffer entries 10
ip arp inspection log-buffer logs 1 interval 86400
mvr vlan 999
mvr
mvr querytime 10
mvr mode dynamic
mvr group 225.1.1.1
mvr group 225.1.1.2
mvr group 225.1.1.3
mvr group 225.1.1.4
mvr group 225.1.1.5
mvr group 225.1.1.6
mvr group 225.1.1.7
mvr group 225.1.1.8
mvr group 225.1.1.9
mvr group 225.1.1.10
mvr group 225.1.1.100
mvr group 225.1.1.101
mvr group 225.1.1.102
mvr group 225.1.1.103
mvr group 225.1.1.104
mvr group 225.1.1.105
mvr group 225.1.1.106
mvr group 225.1.1.107
mvr group 225.1.1.108
mvr group 225.1.1.109
mvr group 225.1.1.110
mvr group 225.1.1.111
mvr group 225.1.1.112
mvr group 225.1.1.113
mvr group 225.1.1.114
mvr group 225.1.1.115
mvr group 225.1.1.116
mvr group 225.1.1.117
mvr group 225.1.1.118
mvr group 225.1.1.119
mvr group 225.1.1.120
mvr group 225.1.1.121
mvr group 225.1.1.122
mvr group 225.1.1.123
mvr group 225.1.1.124
mvr group 225.1.1.125
mvr group 225.1.1.126
mvr group 225.1.1.127
mvr group 225.1.1.128
mvr group 225.1.1.129
mvr group 225.1.1.130
mvr group 225.1.1.131
mvr group 225.1.1.132
mvr group 225.1.1.133
mvr group 225.1.1.134
mvr group 225.1.1.135
mvr group 225.1.1.136
mvr group 225.1.1.137
mvr group 225.1.1.138
mvr group 225.1.1.139
mvr group 225.1.1.140
mvr group 225.1.1.141
mvr group 225.1.1.142
mvr group 225.1.1.143
mvr group 225.1.1.144
mvr group 225.1.1.145
mvr group 225.1.1.146
mvr group 225.1.1.147
mvr group 225.1.1.148
mvr group 225.1.1.149
mvr group 225.1.1.150
mvr group 225.1.1.151
mvr group 225.1.1.152
mvr group 225.1.1.153
mvr group 225.1.1.154
mvr group 225.1.1.155
mvr group 225.1.1.156
mvr group 225.1.1.157
mvr group 225.1.1.158
mvr group 225.1.1.159
mvr group 225.1.1.160
mvr group 225.1.1.161
mvr group 225.1.1.162
mvr group 225.1.1.163
mvr group 225.1.1.164
mvr group 225.1.1.165
mvr group 225.1.1.166
mvr group 225.1.1.167
mvr group 225.1.1.168
mvr group 225.1.1.169
mvr group 225.1.1.170
mvr group 225.1.1.171
mvr group 225.1.1.172
mvr group 225.1.1.173
mvr group 225.1.1.174
mvr group 225.1.1.175
mvr group 225.1.1.176
mvr group 225.1.1.177
mvr group 225.1.1.178
mvr group 225.1.1.179
mvr group 225.1.1.180
mvr group 225.1.1.181
mvr group 225.1.1.182
mvr group 225.1.1.183
mvr group 225.1.1.184
mvr group 225.1.1.185
mvr group 225.1.1.186
mvr group 225.1.1.187
mvr group 225.1.1.188
mvr group 225.1.1.189
mvr group 225.1.1.190
mvr group 225.1.1.191
mvr group 225.1.1.192
mvr group 225.1.1.193
mvr group 225.1.1.194
mvr group 225.1.1.195
mvr group 225.1.1.196
mvr group 225.1.1.197
mvr group 225.1.1.198
mvr group 225.1.1.199
mvr group 225.1.1.200
mvr group 225.1.1.201
mvr group 225.1.1.202
mvr group 225.1.1.203
mvr group 225.1.1.204
mvr group 225.1.1.205
mvr group 225.1.1.206
mvr group 225.1.1.207
mvr group 225.1.1.208
mvr group 225.1.1.209
mvr group 225.1.1.210
mvr group 225.1.1.211
mvr group 225.1.1.212
mvr group 225.1.1.213
mvr group 225.1.1.214
mvr group 225.1.1.215
mvr group 225.1.1.216
mvr group 225.1.1.217
mvr group 225.1.1.218
mvr group 225.1.1.219
mvr group 225.1.1.220
mvr group 225.1.1.221
mvr group 225.1.1.222
mvr group 225.1.1.223
mvr group 225.1.1.224
mvr group 225.1.1.225
mvr group 225.1.1.226
mvr group 225.1.1.227
mvr group 225.1.1.228
mvr group 225.1.1.229
mvr group 225.1.1.230
mvr group 225.1.1.231
mvr group 225.1.1.232
mvr group 225.1.1.233
mvr group 225.1.1.234
mvr group 225.1.1.235
mvr group 225.1.1.236
mvr group 225.1.1.237
mvr group 225.1.1.238
mvr group 225.1.1.239
mvr group 225.1.1.240
mvr group 225.1.1.241
mvr group 225.1.1.242
mvr group 225.1.1.243
mvr group 225.1.1.244
mvr group 225.1.1.245
mvr group 225.1.1.246
mvr group 225.1.1.247
mvr group 225.1.1.248
mvr group 225.1.1.249
mvr group 225.1.1.250
mvr group 225.1.1.251
mvr group 225.1.1.252
mvr group 225.1.1.253
mvr group 225.1.1.254
mvr group 225.1.2.1
mvr group 225.1.2.2
mvr group 225.1.2.3
mvr group 225.1.2.4
mvr group 225.1.2.5
mvr group 225.1.2.6
mvr group 225.1.2.7
mvr group 225.1.2.8
mvr group 225.1.2.9
mvr group 225.1.2.100
mvr group 225.1.2.101
mvr group 225.1.2.102
mvr group 225.1.2.103
mvr group 225.1.2.104
mvr group 225.1.2.105
mvr group 225.1.2.106
mvr group 225.1.2.107
mvr group 225.1.2.108
mvr group 225.1.2.109
mvr group 225.1.2.110
mvr group 225.1.2.111
mvr group 225.1.2.112
mvr group 225.1.2.113
mvr group 225.1.2.114
mvr group 225.1.2.115
mvr group 225.1.2.116
mvr group 225.1.2.117
mvr group 225.1.2.118
mvr group 225.1.2.119
mvr group 225.1.2.120
mvr group 225.1.2.121
mvr group 225.1.2.122
mvr group 225.1.2.123
mvr group 225.1.2.124
mvr group 225.1.2.125
mvr group 225.1.2.126
mvr group 225.1.2.127
mvr group 225.1.2.128
mvr group 225.1.2.129
mvr group 225.1.2.130
mvr group 225.1.2.131
mvr group 225.1.2.132
mvr group 225.1.2.133
mvr group 225.1.2.134
mvr group 225.1.2.135
mvr group 225.1.2.136
mvr group 225.1.2.137
mvr group 225.1.2.138
mvr group 225.1.2.139
mvr group 225.1.2.140
mvr group 225.1.2.141
mvr group 225.1.2.142
mvr group 225.1.2.143
mvr group 225.1.2.144
mvr group 225.1.2.145
mvr group 225.1.2.146
mvr group 225.1.2.147
mvr group 225.1.2.148
mvr group 225.1.2.149
mvr group 225.1.2.150
mvr group 225.1.2.151
mvr group 225.1.2.152
mvr group 225.1.2.153
mvr group 225.1.2.154
mvr group 225.1.2.155
mvr group 225.1.2.156
mvr group 225.1.2.157
mvr group 225.1.2.158
mvr group 225.1.2.159
mvr group 225.1.2.160
mvr group 225.1.2.161
mvr group 225.1.2.162
mvr group 225.1.2.163
mvr group 225.1.2.164
mvr group 225.1.2.165
mvr group 225.1.2.166
mvr group 225.1.2.167
mvr group 225.1.2.168
mvr group 225.1.2.169
mvr group 225.1.2.170
mvr group 225.1.2.171
mvr group 225.1.2.172
mvr group 225.1.2.173
mvr group 225.1.2.174
mvr group 225.1.2.175
mvr group 225.1.2.176
mvr group 225.1.2.177
mvr group 225.1.2.178
mvr group 225.1.2.179
mvr group 225.1.2.180
mvr group 225.1.2.181
mvr group 225.1.2.182
mvr group 225.1.2.183
mvr group 225.1.2.184
mvr group 225.1.2.185
mvr group 225.1.2.186
mvr group 225.1.2.187
mvr group 225.1.2.188
mvr group 225.1.2.189
mvr group 225.1.2.190
mvr group 225.1.2.191
mvr group 225.1.2.192
mvr group 225.1.2.193
mvr group 225.1.2.194
mvr group 225.1.2.195
mvr group 225.1.2.196
mvr group 225.1.2.197
mvr group 225.1.2.198
mvr group 225.1.2.199
mvr group 225.1.2.200
mvr group 225.1.2.201
mvr group 225.1.2.202
mvr group 225.1.2.203
mvr group 225.1.2.204
mvr group 225.1.2.205
mvr group 225.1.2.206
mvr group 225.1.2.207
mvr group 225.1.2.208
mvr group 225.1.2.209
mvr group 225.1.2.210
mvr group 225.1.2.211
mvr group 225.1.2.212
mvr group 225.1.2.213
mvr group 225.1.2.214
mvr group 225.1.2.215
mvr group 225.1.2.216
mvr group 225.1.2.217
mvr group 225.1.2.218
mvr group 225.1.2.219
mvr group 225.1.2.220
mvr group 225.1.2.221
mvr group 225.1.2.222
mvr group 225.1.2.223
mvr group 225.1.2.224
mvr group 225.1.2.225
mvr group 225.1.2.226
mvr group 225.1.2.227
mvr group 225.1.2.228
mvr group 225.1.2.229
mvr group 225.1.2.230
mvr group 225.1.2.231
mvr group 225.1.2.232
mvr group 225.1.2.233
mvr group 225.1.2.234
mvr group 225.1.2.235
mvr group 225.1.2.236
mvr group 225.1.2.237
mvr group 225.1.2.238
mvr group 225.1.2.239
mvr group 225.1.2.240
mvr group 225.1.2.241
mvr group 225.1.2.242
mvr group 225.1.2.243
mvr group 225.1.2.244
mvr group 225.1.2.245
mvr group 225.1.2.246
mvr group 225.1.2.247
mvr group 225.1.2.251
mvr group 225.1.2.252
mvr group 225.1.2.253
mvr group 225.1.2.254
!
!
!
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause link-flap
errdisable recovery cause gbic-invalid
errdisable recovery cause psecure-violation
!
spanning-tree mode mst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
spanning-tree mst configuration
name reliance
revision 1
instance 1 vlan 1100-1149, 1500-1549
instance 2 vlan 1150-1199, 1550-1599
instance 3 vlan 1200-1249, 1600-1649
instance 4 vlan 1250-1299, 1650-1699
instance 5 vlan 1300-1349, 1700-1749
instance 6 vlan 1350-1399, 1750-1799
instance 7 vlan 1400-1449, 1800-1849
instance 8 vlan 1450-1499, 1850-1899
instance 9 vlan 999
instance 10 vlan 101-102, 127-130, 3100-4000
instance 11 vlan 2-100, 103-126, 131-998, 1000-1005, 1024-1099
!
!
!
!
!
vlan access-map Block_PRIVATE_IP 10
action drop
match ip address PRIVATE_IP
vlan access-map Block_PRIVATE_IP 20
action forward
match ip address ALL-IP
!
vlan filter Block_PRIVATE_IP vlan-list 102
vlan internal allocation policy ascending
vlan dot1q tag native
!
vlan 64
name TAL
!
vlan 65
name Wimax
!
vlan 66
name RESIDENTIAL-MEN
!
vlan 101
!
vlan 102
name BRAS_IPADSL
!
vlan 127-130
!
vlan 999
name mvr
!
class-map match-all VOIP
match access-group name VOIP
class-map match-any Gold
match cos 4 6 7
class-map match-any Platinum
match cos 5
class-map match-any Silver
match cos 2 3
class-map match-all BIA
match access-group name BIA
!
!
policy-map out-qos
class Platinum
priority
class Gold
bandwidth remaining percent 33
queue-limit 272
queue-limit cos 4 272
class Silver
queue-limit 272
class class-default
policy-map RESIDENTIAL
class VOIP
set cos 5
set ip dscp ef
class class-default
set cos 0
set ip dscp default
!
!
!
interface FastEthernet0/1
description RESIDENTIAL
switchport access vlan 66
switchport port-security maximum 5
switchport port-security
switchport port-security aging time 1
switchport port-security violation restrict
switchport port-security aging type inactivity
ip access-group 190 in
mvr type receiver
mvr immediate
no snmp trap link-status
storm-control broadcast level 1.00
storm-control multicast level 1.00
storm-control action trap
service-policy input RESIDENTIAL
ip verify source
ip dhcp snooping limit rate 100
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
description To daisy Chain Switch Customesr
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
mvr type receiver
mvr immediate
ip verify source
!
interface GigabitEthernet0/1
description < Description as link discription >
port-type nni
switchport trunk allowed vlan 64-66,101-102,127-130,999
switchport mode trunk
ip arp inspection trust
load-interval 30
mvr type source
mvr immediate
service-policy output out-qos
ip dhcp snooping trust
!
interface GigabitEthernet0/2
description < Description as link discription >
port-type nni
switchport trunk allowed vlan 64-66,101-102,127-130,999
switchport mode trunk
ip arp inspection trust
load-interval 30
mvr type source
mvr immediate
service-policy output out-qos
ip dhcp snooping trust
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan127
description Management Vlan
ip address 97.33.78.31 255.255.255.0
no ip route-cache
!
ip http server
!
ip access-list extended ALL-IP
permit ip any any
ip access-list extended BIA
permit ip any any
ip access-list extended PRIVATE_IP
permit ip 192.168.0.0 0.0.0.255 any
ip access-list extended VOIP
permit ip 10.0.0.0 0.31.255.255 any
permit ip 10.64.0.0 0.31.255.255 any
permit ip 10.128.0.0 0.31.255.255 any
permit ip 10.192.0.0 0.31.255.255 any
ip radius source-interface Vlan127
logging trap debugging
logging source-interface Vlan127
access-list 190 remark DENY MS Loop-Holes and P2P Ports
access-list 190 deny tcp any any eq 135
access-list 190 deny udp any any eq 135
access-list 190 deny udp any any eq netbios-ns
access-list 190 deny udp any any eq netbios-dgm
access-list 190 deny udp any any eq netbios-ss
access-list 190 remark DENY MS SQL Scans
access-list 190 deny udp any any eq 1434
access-list 190 remark PERMIT everything else
access-list 190 permit udp any host 10.248.12.29 eq tftp
access-list 190 permit udp any host 10.29.3.31 eq tftp
access-list 190 permit ip any any
access-list 190 remark END
snmp-server user M0Wr1Te M0Wr1Te v1
snmp-server user M0Wr1Te M0Wr1Te v2c
snmp-server community M0rE@d RO
snmp-server community M0Wr1Te RW
snmp-server user M0Wr1Te M0Wr1Te v1
snmp-server user M0Wr1Te M0Wr1Te v2c
snmp-server trap-source Vlan127
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps fru-ctrl
snmp-server enable traps entity
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps config
snmp-server enable traps rtr
snmp-server enable traps bridge newroot topologychange
snmp-server enable traps stpx root-inconsistency loop-inconsistency
snmp-server enable traps syslog
!
control-plane
!
banner exec ^C
|-----------------------------------------------------------------|
| This system is for the use of authorized users only. |
| Individuals using this system without authority, or in |
| excess of their authority, are subject to having all of their |
| activities on this system monitored and recorded by system |
| personnel. |
| |
| In the course of monitoring individuals improperly using this |
| system, or in the course of system maintenance, the activities |
| of authorized users may also be monitored. |
| |
| Anyone using this system expressly consents to such monitoring |
| and is advised that if such monitoring reveals possible |
| evidence of criminal activity, system personnel may provide the |
| evidence of such monitoring to law enforcement officials. |
|-----------------------------------------------------------------|
^C
privilege exec level 7 ping
privilege exec level 7 traceroute
privilege exec level 7 show configuration
privilege exec level 7 show mac-address-table
privilege exec level 1 show
privilege exec level 9 debug serial interface
privilege exec level 9 debug ip routing
privilege exec level 9 debug ip ospf adj
privilege exec level 9 debug ip ospf packet
privilege exec level 9 debug ip ospf events
privilege exec level 9 no debug all
privilege exec level 9 clear arp-cache
privilege exec level 9 terminal monitor
privilege exec level 9 terminal no monitor
!
line con 0
line vty 0 4
exec-timeout 5 0
password 7 05190F03701E1D
login
line vty 5 15
login
!
ntp clock-period 36028819
ntp source Vlan127
ntp server 97.209.5.2
end

Cisco Configuration

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Cisco Configuration

Încărcat de

Drepturi de autor:

Formate disponibile

version 12.

S-ar putea să vă placă și