cisco 877 & infostrada 7M
Inviato: lun 22 nov , 2010 7:29 pm
Salve a tutti, sarò l'ennesimo nabbo che rompe per una cavolata...
ho configurato con cisco CP v 1.3 (fornito con l' 877), perchè ne avevo bisogno in fretta, e non conoscendo i comandi della shell di IOS ho pensato di fare il furbo per ora, e in seguito migliorare la conf dalla console. ma funzionasse almeno.... vi posto la configurazione attuale. grazie in anticipo a tutti^^
cisco#term len 0
cisco#show run
Building configuration...
Current configuration : 5971 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname cisco
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5 $1$4.DX$OzZWcmq0R0XzlqnryBMZD0
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local
!
!
aaa session-id common
clock timezone Berlin 1
clock summer-time Berlin date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-3294707980
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3294707980
revocation-check none
rsakeypair TP-self-signed-3294707980
!
!
crypto pki certificate chain TP-self-signed-3294707980
certificate self-signed 01
3082023D 308201A6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33323934 37303739 3830301E 170D3032 30333031 30303037
31395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32393437
30373938 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
810098E4 5B6B600D 24579C3A 30EDFC2D 92545AFD C6AE2C07 4BB9B6DF 0E1CF918
5D9EA1DB DB24DC21 612E550D 684B024B 494BCC44 D4CEB26C A2EB5EBD 6EC4D56F
E4EC8C7C 0645FD99 BC5EE72B 196D25A2 802BC1AF CA2FA892 AAFF22A0 D337DED3
2B073419 8C09306F F8B254B4 B3D88004 98566E18 5DE7CF91 D643C0D0 F53F4DA7
15AD0203 010001A3 65306330 0F060355 1D130101 FF040530 030101FF 30100603
551D1104 09300782 05636973 636F301F 0603551D 23041830 168014B4 4D5D0437
F7F239DA D1A00246 206127F0 EF3BA430 1D060355 1D0E0416 0414B44D 5D0437F7
F239DAD1 A0024620 6127F0EF 3BA4300D 06092A86 4886F70D 01010405 00038181
000F79FA 2A53CF5A 71A5D132 3011ECBB 65FDB7CA 72EF1D73 53FE9E97 EA5F514E
1D315115 613A7B5D 5C5323EA B822A29B 57A1DCD0 7946C452 0227B33B F569EA5F
1B0EE3A7 1EE0531B DC24E8D8 E697B50B C6C1A9FD 17392556 AC9F9891 3820B593
6F216A84 9A8C1C71 3E9038BC E6F95DE2 85F44F05 73E90AB5 210D6984 93869800 24
quit
dot11 syslog
no ip source-route
ip cef
!
!
no ip dhcp use vrf connected
!
ip dhcp pool sdm-pool1
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
!
ip dhcp pool vortex
host 192.168.1.20 255.255.255.0
client-identifier 01e0.cb4e.c529.d0
client-name vortex
!
!
no ip bootp server
ip name-server 193.70.152.15
ip name-server 193.70.152.25
ip ddns update method sdm_ddns1
DDNS both
!
!
multilink bundle-name authenticated
!
!
username zarion privilege 15 secret 5 $1$7hj6$CrnGO/Lm/rzEHLdp/rGqx1
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface Null0
no ip unreachables
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode adsl2+
!
interface ATM0.2 point-to-point
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer1
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname benvenuto
ppp chap password 7 04541816063549
ppp pap sent-username benvenuto password 7 000B00160D4F0E
ppp multilink
!
ip forward-protocol nd
!
!
ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 3 interface Dialer1 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 deny any
access-list 3 remark CCP_ACL Category=2
access-list 3 permit 192.168.1.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
banner exec ^C
!
line con 0
login authentication local_authen
no modem enable
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line vty 0 4
authorization exec local_author
login authentication local_authen
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
ho configurato con cisco CP v 1.3 (fornito con l' 877), perchè ne avevo bisogno in fretta, e non conoscendo i comandi della shell di IOS ho pensato di fare il furbo per ora, e in seguito migliorare la conf dalla console. ma funzionasse almeno.... vi posto la configurazione attuale. grazie in anticipo a tutti^^
cisco#term len 0
cisco#show run
Building configuration...
Current configuration : 5971 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname cisco
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5 $1$4.DX$OzZWcmq0R0XzlqnryBMZD0
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local
!
!
aaa session-id common
clock timezone Berlin 1
clock summer-time Berlin date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-3294707980
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3294707980
revocation-check none
rsakeypair TP-self-signed-3294707980
!
!
crypto pki certificate chain TP-self-signed-3294707980
certificate self-signed 01
3082023D 308201A6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33323934 37303739 3830301E 170D3032 30333031 30303037
31395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32393437
30373938 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
810098E4 5B6B600D 24579C3A 30EDFC2D 92545AFD C6AE2C07 4BB9B6DF 0E1CF918
5D9EA1DB DB24DC21 612E550D 684B024B 494BCC44 D4CEB26C A2EB5EBD 6EC4D56F
E4EC8C7C 0645FD99 BC5EE72B 196D25A2 802BC1AF CA2FA892 AAFF22A0 D337DED3
2B073419 8C09306F F8B254B4 B3D88004 98566E18 5DE7CF91 D643C0D0 F53F4DA7
15AD0203 010001A3 65306330 0F060355 1D130101 FF040530 030101FF 30100603
551D1104 09300782 05636973 636F301F 0603551D 23041830 168014B4 4D5D0437
F7F239DA D1A00246 206127F0 EF3BA430 1D060355 1D0E0416 0414B44D 5D0437F7
F239DAD1 A0024620 6127F0EF 3BA4300D 06092A86 4886F70D 01010405 00038181
000F79FA 2A53CF5A 71A5D132 3011ECBB 65FDB7CA 72EF1D73 53FE9E97 EA5F514E
1D315115 613A7B5D 5C5323EA B822A29B 57A1DCD0 7946C452 0227B33B F569EA5F
1B0EE3A7 1EE0531B DC24E8D8 E697B50B C6C1A9FD 17392556 AC9F9891 3820B593
6F216A84 9A8C1C71 3E9038BC E6F95DE2 85F44F05 73E90AB5 210D6984 93869800 24
quit
dot11 syslog
no ip source-route
ip cef
!
!
no ip dhcp use vrf connected
!
ip dhcp pool sdm-pool1
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
!
ip dhcp pool vortex
host 192.168.1.20 255.255.255.0
client-identifier 01e0.cb4e.c529.d0
client-name vortex
!
!
no ip bootp server
ip name-server 193.70.152.15
ip name-server 193.70.152.25
ip ddns update method sdm_ddns1
DDNS both
!
!
multilink bundle-name authenticated
!
!
username zarion privilege 15 secret 5 $1$7hj6$CrnGO/Lm/rzEHLdp/rGqx1
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface Null0
no ip unreachables
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode adsl2+
!
interface ATM0.2 point-to-point
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer1
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname benvenuto
ppp chap password 7 04541816063549
ppp pap sent-username benvenuto password 7 000B00160D4F0E
ppp multilink
!
ip forward-protocol nd
!
!
ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 3 interface Dialer1 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 deny any
access-list 3 remark CCP_ACL Category=2
access-list 3 permit 192.168.1.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
banner exec ^C
!
line con 0
login authentication local_authen
no modem enable
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line vty 0 4
authorization exec local_author
login authentication local_authen
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end