Pagina 1 di 1

Config "pronta" Alice TIM su c877 (ip dinamico)

Inviato: gio 10 gen , 2019 10:45 am
da carini
Visto che ho speso qualche ora per rimettere in pista un router recuperato dalla cantina ... magari serve a qualcuno

Codice: Seleziona tutto

------------------ show running-config ------------------


Building configuration...

Current configuration : 4788 bytes
!
! Last configuration change at 09:19:19 UTC Thu Jan 10 2019 by my_name
! NVRAM config last updated at 09:20:27 UTC Thu Jan 10 2019 by my_name
! NVRAM config last updated at 09:20:27 UTC Thu Jan 10 2019 by my_name
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname c877
!
boot-start-marker
boot-end-marker
!
!
logging buffered 4096 notifications
enable secret 5 <removed>
!
no aaa new-model
!
crypto pki token default removal timeout 0
!
!
dot11 syslog
ip source-route
!
!
!
!
!
ip cef
ip domain name my_domain
ip name-server 208.67.222.222
ip name-server 208.67.220.220
login block-for 360 attempts 6 within 90
login delay 5
login on-failure log every 5
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
username my_name privilege 0 secret 5 <removed>
!
!
ip tcp path-mtu-discovery age-timer 30
ip ssh version 2
!
! 
!
!         
!
!
!
interface ATM0
 description Connessione ADSL Alice TIM
 no ip address
 ip mtu 1478
 ip tcp adjust-mss 1430
 logging event atm pvc state
 carrier-delay 3
 no atm ilmi-keepalive
 dsl enable-training-log 
 dsl lom 200
 no snmp trap link-status
 hold-queue 224 in
 pvc 8/35 
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
!
interface FastEthernet0
 no ip address
 shutdown
!
interface FastEthernet1
 description Connected to FRITZ!Box 4040
 switchport access vlan 254
 no ip address
!
interface FastEthernet2
 description Connected to <removed>
 switchport access vlan 20
 no ip address
!
interface FastEthernet3
 no ip address
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan20
 description Connected to Server(s) - DMZ
 ip address <removed> 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface Vlan254
 description Connected to FRITZ!Box 4040
 ip address <removed> 255.255.255.252
 ip nat inside
 ip virtual-reassembly in
!         
interface Dialer0
 description Connessione ADSL Alice TIM
 ip address negotiated
 ip access-group 100 in
 ip nat outside
 ip virtual-reassembly in
 encapsulation ppp
 ip tcp header-compression
 ip tcp compression-connections 127
 dialer pool 1
 ppp authentication chap callin
 ppp pap sent-username aliceadsl password 7 <removed>
 no cdp enable
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat translation timeout 2160
ip nat inside source list 10 interface Dialer0 overload
ip nat inside source static tcp <removed> 443 interface Dialer0 443
ip nat inside source static tcp <removed> 3690 interface Dialer0 3690
ip nat inside source static tcp <removed> 80 interface Dialer0 80
ip nat inside source static tcp <removed> 22 interface Dialer0 2222
ip route 0.0.0.0 0.0.0.0 Dialer0 3
ip route <removed> 255.255.255.0 192.168.254.2
!
!
logging <removed>
access-list 10 remark Private (RFC1918) networks
access-list 10 permit 10.0.0.0 0.255.255.255
access-list 10 permit 172.16.0.0 0.15.255.255
access-list 10 permit 192.168.0.0 0.0.255.255
access-list 22 remark ACL Remote login
access-list 22 permit any
access-list 23 remark ACL Local login & SNMP
access-list 23 permit 10.0.0.0 0.0.255.255
access-list 23 permit 172.16.0.0 0.15.255.255
access-list 100 remark Perimeter defense
access-list 100 permit igmp host 192.168.100.1 any log
access-list 100 deny   ip host 0.0.0.0 any log
access-list 100 deny   ip host 255.255.255.255 any log
access-list 100 deny   ip 127.0.0.0 0.255.255.255 any log
access-list 100 deny   ip 10.0.0.0 0.255.255.255 any log
access-list 100 deny   ip 172.16.0.0 0.15.255.255 any log
access-list 100 deny   ip 192.168.0.0 0.0.255.255 any log
access-list 100 deny   ip 169.254.0.0 0.0.255.255 any log
access-list 100 permit ip 224.0.0.0 15.255.255.255 any log
access-list 100 permit icmp any any log
access-list 100 permit ip any any
!
!
!         
!
snmp-server community <removed> RW 23
snmp-server community <removed> RO 23
snmp-server location <removed>
snmp-server contact <removed>
!
control-plane
!
banner login ^C
    - UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED -

  You must have explicit, authorized permission to access or configure this device.
  Unauthorized attempts and actions to access or use this system may result in civil and/or criminal penalties.

  All activities performed on this device are logged and monitored.

^C
banner motd ^C
  You have entered $(hostname).$(domain) on line $(line) ($(line-desc))

^C
!
line con 0
 no modem enable
line aux 0
line vty 0 1
 location Cisco 877 LAN
 access-class 23 in
 exec-timeout 30 0
 login local
 transport input telnet
line vty 2 4
 location Cisco 877 WAN
 access-class 22 in
 exec-timeout 30 0
 login local
 transport input ssh
!
ntp server <removed> prefer
ntp server 193.204.114.232
ntp server 193.204.114.233
end