Codice: Seleziona tutto
------------------ show running-config ------------------
Building configuration...
Current configuration : 4788 bytes
!
! Last configuration change at 09:19:19 UTC Thu Jan 10 2019 by my_name
! NVRAM config last updated at 09:20:27 UTC Thu Jan 10 2019 by my_name
! NVRAM config last updated at 09:20:27 UTC Thu Jan 10 2019 by my_name
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname c877
!
boot-start-marker
boot-end-marker
!
!
logging buffered 4096 notifications
enable secret 5 <removed>
!
no aaa new-model
!
crypto pki token default removal timeout 0
!
!
dot11 syslog
ip source-route
!
!
!
!
!
ip cef
ip domain name my_domain
ip name-server 208.67.222.222
ip name-server 208.67.220.220
login block-for 360 attempts 6 within 90
login delay 5
login on-failure log every 5
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
username my_name privilege 0 secret 5 <removed>
!
!
ip tcp path-mtu-discovery age-timer 30
ip ssh version 2
!
!
!
!
!
!
!
interface ATM0
description Connessione ADSL Alice TIM
no ip address
ip mtu 1478
ip tcp adjust-mss 1430
logging event atm pvc state
carrier-delay 3
no atm ilmi-keepalive
dsl enable-training-log
dsl lom 200
no snmp trap link-status
hold-queue 224 in
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
no ip address
shutdown
!
interface FastEthernet1
description Connected to FRITZ!Box 4040
switchport access vlan 254
no ip address
!
interface FastEthernet2
description Connected to <removed>
switchport access vlan 20
no ip address
!
interface FastEthernet3
no ip address
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan20
description Connected to Server(s) - DMZ
ip address <removed> 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan254
description Connected to FRITZ!Box 4040
ip address <removed> 255.255.255.252
ip nat inside
ip virtual-reassembly in
!
interface Dialer0
description Connessione ADSL Alice TIM
ip address negotiated
ip access-group 100 in
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp header-compression
ip tcp compression-connections 127
dialer pool 1
ppp authentication chap callin
ppp pap sent-username aliceadsl password 7 <removed>
no cdp enable
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat translation timeout 2160
ip nat inside source list 10 interface Dialer0 overload
ip nat inside source static tcp <removed> 443 interface Dialer0 443
ip nat inside source static tcp <removed> 3690 interface Dialer0 3690
ip nat inside source static tcp <removed> 80 interface Dialer0 80
ip nat inside source static tcp <removed> 22 interface Dialer0 2222
ip route 0.0.0.0 0.0.0.0 Dialer0 3
ip route <removed> 255.255.255.0 192.168.254.2
!
!
logging <removed>
access-list 10 remark Private (RFC1918) networks
access-list 10 permit 10.0.0.0 0.255.255.255
access-list 10 permit 172.16.0.0 0.15.255.255
access-list 10 permit 192.168.0.0 0.0.255.255
access-list 22 remark ACL Remote login
access-list 22 permit any
access-list 23 remark ACL Local login & SNMP
access-list 23 permit 10.0.0.0 0.0.255.255
access-list 23 permit 172.16.0.0 0.15.255.255
access-list 100 remark Perimeter defense
access-list 100 permit igmp host 192.168.100.1 any log
access-list 100 deny ip host 0.0.0.0 any log
access-list 100 deny ip host 255.255.255.255 any log
access-list 100 deny ip 127.0.0.0 0.255.255.255 any log
access-list 100 deny ip 10.0.0.0 0.255.255.255 any log
access-list 100 deny ip 172.16.0.0 0.15.255.255 any log
access-list 100 deny ip 192.168.0.0 0.0.255.255 any log
access-list 100 deny ip 169.254.0.0 0.0.255.255 any log
access-list 100 permit ip 224.0.0.0 15.255.255.255 any log
access-list 100 permit icmp any any log
access-list 100 permit ip any any
!
!
!
!
snmp-server community <removed> RW 23
snmp-server community <removed> RO 23
snmp-server location <removed>
snmp-server contact <removed>
!
control-plane
!
banner login ^C
- UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED -
You must have explicit, authorized permission to access or configure this device.
Unauthorized attempts and actions to access or use this system may result in civil and/or criminal penalties.
All activities performed on this device are logged and monitored.
^C
banner motd ^C
You have entered $(hostname).$(domain) on line $(line) ($(line-desc))
^C
!
line con 0
no modem enable
line aux 0
line vty 0 1
location Cisco 877 LAN
access-class 23 in
exec-timeout 30 0
login local
transport input telnet
line vty 2 4
location Cisco 877 WAN
access-class 22 in
exec-timeout 30 0
login local
transport input ssh
!
ntp server <removed> prefer
ntp server 193.204.114.232
ntp server 193.204.114.233
end