??changed:
-
<pre>!
version 12.3
service nagle
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname rt-1
!
boot-start-marker
boot-end-marker
!
memory-size iomem 5
logging buffered 16384 debugging
no logging console
enable secret 5 $1$xxxxxxxxxxxxxxxxxxxxxxxxxxx
!
username foobar secret 5 $1$xxxxxxxxxxxxxxxxxxxxxxxxxxx
clock timezone CET 1
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
no aaa new-model
ip subnet-zero
no ip source-route
!
ip domain name 0x1b.ch
ip name-server 212.25.17.162
no ip bootp server
ip ftp username cisco
ip ftp password 7 xxxxxxxxxxxxxxxxxx
ip cef
ip flow-cache feature-accelerate
ip ids po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
isdn switch-type basic-net3
!
interface Tunnel2002
description 6to4 tunnel (RFC3068)
no ip address
no ip redirects
ipv6 address 2002:D419:11A1::1/128
tunnel source Ethernet0
tunnel mode ipv6ip 6to4
!
interface Ethernet0
description public LAN
ip address 212.25.17.161 255.255.255.240
ip verify unicast reverse-path
no ip redirects
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
no ip mroute-cache
ipv6 address 2001:8E0:1006::1/64
ipv6 address 2001:8E0:1006::/64 eui-64
ipv6 verify unicast reverse-path
no cdp enable
!
interface Ethernet2
description private LAN
ip address 172.16.0.1 255.255.0.0
ip verify unicast reverse-path
ip helper-address 212.25.17.162
no ip redirects
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
no ip mroute-cache
ipv6 address 2001:8E0:1006:1::1/64
ipv6 address 2001:8E0:1006:1::/64 eui-64
ipv6 verify unicast reverse-path
no cdp enable
!
interface BRI0
description ISDN interface
no ip address
encapsulation ppp
dialer pool-member 2
isdn switch-type basic-net3
isdn tei-negotiation first-call
isdn answer1 0123456789
isdn calling-number 0123456789
no cdp enable
!
interface ATM0
description ADSL interface
no ip address
atm vc-per-vp 64
no atm ilmi-keepalive
dsl operating-mode etsi
pvc 8/35
encapsulation aal5snap
protocol ppp dialer
dialer pool-member 1
!
!
interface FastEthernet1
no ip address
duplex auto
speed auto
!
interface FastEthernet2
no ip address
duplex auto
speed auto
!
interface FastEthernet3
no ip address
duplex auto
speed auto
!
interface FastEthernet4
no ip address
duplex auto
speed auto
!
interface Virtual-Template1
no ip address
!
interface Dialer1
description ADSL link to Dolphins (212.25.16.173 - 212.25.27.44)
bandwidth 600
ip address negotiated
ip access-group frominet in
no ip redirects
no ip proxy-arp
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
no ip mroute-cache
dialer pool 1
dialer-group 1
ipv6 address autoconfig
ipv6 traffic-filter frominet6 in
ipv6 virtual-reassembly
no cdp enable
ppp authentication chap callin
ppp chap hostname login@example.com
ppp chap password 7 xxxxxxxxxxxxxxxxxx
!
interface Dialer2
description ISDN link to Dolphins (212.25.29.216 - 212.25.28.83)
bandwidth 128
ip address negotiated
ip access-group frominet in
no ip redirects
no ip proxy-arp
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
no ip mroute-cache
load-interval 60
dialer pool 2
dialer string 0840840730
dialer hold-queue 25 timeout 30
dialer load-threshold 200 either
dialer watch-group 2
dialer-group 2
no cdp enable
ppp authentication chap callin
ppp chap hostname login
ppp chap password 7 xxxxxxxxxxxxxxxxxx
!
ip classless
ip route 0.0.0.0 0.0.0.0 212.25.27.44
ip route 0.0.0.0 0.0.0.0 Dialer2 80
!
no ip http server
no ip http secure-server
ip nat inside source route-map main interface Dialer1 overload
ip nat inside source route-map secondary interface Dialer2 overload
!
ip access-list standard management
remark Remote access to Router
permit 212.25.17.160 0.0.0.15
deny any
ip access-list standard private
remark Private IP ranges
permit 10.0.0.0 0.255.255.255
permit 172.0.0.0 0.240.255.255
permit 192.168.0.0 0.0.255.255
deny any
!
ip access-list extended frominet
remark Filter traffic from internet
deny ip host 255.255.255.255 any
deny ip 0.0.0.0 0.255.255.255 any
deny ip 10.0.0.0 0.255.255.255 any
deny ip 127.0.0.0 0.255.255.255 any
deny ip 169.254.0.0 0.0.255.255 any
deny ip 172.16.0.0 0.15.255.255 any
[134 more lines...]
|