Codice: Seleziona tutto
!
version 12.1
service nagle
no service pad
service tcp-keepalives-in
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CISCO
!
logging buffered 4096 debugging
enable secret (HASHED PASSWORD)
!
!
!
!
!
ip subnet-zero
no ip source-route
no ip finger
no ip domain-lookup
ip domain-name router.lugo.it
ip name-server x.x.x.x
ip name-server y.y.y.y
!
no ip bootp server
ip inspect name FW h323
ip inspect name FW smtp
ip inspect name FW tcp
ip inspect name FW udp
ip inspect name FW fragment maximum 256 timeout 1
ip inspect name FW tftp
ip inspect name FW ftp
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
!
!
interface Ethernet0
ip address a.b.c.d 255.255.255.0
ip access-group 111 out
ip nat inside
ip inspect FW in
no cdp enable
!
interface ATM0
no ip address
load-interval 30
no atm ilmi-keepalive
bundle-enable
dsl operating-mode auto
hold-queue 224 in
!
interface ATM0.1 point-to-point
bandwidth 640
ip address (STATIC IP) 255.255.255.252
ip nat outside
pvc 8/35
encapsulation aal5snap
!
!
ip nat inside source route-map web interface ATM0.1 overload
ip nat inside source static a.c.d.c s.s.s.s
ip classless
ip route 0.0.0.0 0.0.0.0 ATM0.1
ip route x.x.x.x 255.255.255.0 (OTHER ROUTER IN THE LAN)
ip route y.y.y.y 255.255.255.0 (OTHER ROUTER IN THE LAN)
ip http server
!
access-list 1 permit 192.168.100.0 0.0.0.255
access-list 2 permit any
access-list 111 permit icmp any any administratively-prohibited
access-list 111 permit icmp any any echo
access-list 111 permit icmp any any echo-reply
access-list 111 permit icmp any any packet-too-big
access-list 111 permit icmp any any time-exceeded
access-list 111 permit icmp any any traceroute
access-list 111 permit icmp any any unreachable
access-list 111 permit udp any any eq ntp
access-list 111 permit tcp any any eq 139
access-list 111 permit udp any any eq netbios-ns
access-list 111 permit udp any any eq netbios-dgm
access-list 111 permit tcp any any established
access-list 111 permit udp any eq domain any
no cdp run
route-map web permit 10
match ip address 1
match interface ATM0.1
!
snmp-server engineID local XXXXXXXXXXXXXXXXXXXXXX
snmp-server community public RO
!
line con 0
password XXXXXXXXXXXXXX
login
transport input none
stopbits 1
line vty 0 4
access-class 2 in
password XXXXXXXXXXXXXX
login
!
no scheduler max-task-time
end