* DBBL-DC-9A-Branch#show running-config * Building configuration... * * Current configuration : 3439 bytes * ! * ! Last configuration change at 09:49:22 UTC Wed Oct 19 2016 by bdcom * ! * version 15.0 * service timestamps debug datetime msec * service timestamps log datetime msec * no service password-encryption * ! * hostname DBBL-DC-9A-Branch * ! * boot-start-marker * boot-end-marker * ! * enable secret 5 $1$O0Z0$8hpGgy8j0b/LtnjxMCvZO/ * ! * aaa new-model * ! * ! * ! * ! * ! * ! * ! * aaa session-id common * ! * ! * ! * ! * no ipv6 cef * ip source-route * ip cef * ! * ! * no ip mfib * ! * ! * ! * multilink bundle-name authenticated * ! * ! * ! * ! * license udi pid CISCO2921/K9 sn FGL152211P1 * ! * ! * username bdcom password 0 bdc0m,l.;/'#@! * ! * redundancy * ! * ! * ! * ! * crypto isakmp policy 1 * authentication pre-share * crypto isakmp key 6 123456789 address 10.255.3.142 * ! * ! * crypto ipsec transform-set dbbl esp-des esp-sha-hmac * ! * crypto map dbbl_dha 2 ipsec-isakmp * set peer 10.255.3.142 * set transform-set dbbl * match address Dhaka_Dakkhin * ! * ! * ! * ! * ! * interface Tunnel2 * description Dhanmondi-Br * ip address 172.20.1.37 255.255.255.252 * tunnel source 10.255.42.234 * tunnel mode ipip * tunnel destination 10.255.47.150 * ! * ! * interface Tunnel3 * description localoffice * ip address 172.20.1.21 255.255.255.252 * tunnel source 10.255.42.234 * tunnel destination 10.255.65.178 * ! * ! * interface GigabitEthernet0/0 * no ip address * shutdown * duplex auto * speed auto * ! * ! * interface GigabitEthernet0/1 * description WAN-BDCOM * ip address 10.255.42.234 255.255.255.252 * ip access-group incoming in * ip access-group outgoing out * no ip redirects * no ip unreachables * duplex auto * speed auto * crypto map dbbl_dha * ! * ! * interface GigabitEthernet0/2 * description LAN-peering * ip address 192.168.150.14 255.255.255.248 * ip access-group incoming in * ip access-group outgoing out * duplex auto * speed auto * ! * ! * ip forward-protocol nd * ! * no ip http server * no ip http secure-server * ! * ip route 0.0.0.0 0.0.0.0 10.255.42.233 name All * ip route 10.1.1.0 255.255.255.0 10.255.150.10 name DC-local * ip route 10.99.1.0 255.255.255.0 10.255.150.10 name DC-local * ip route 172.16.32.0 255.255.255.252 172.20.1.22 name localoffice * ip route 172.16.32.36 255.255.255.252 172.20.1.38 name Dhanmondi-Br * ! * ip access-list extended Dhaka_Dakkhin * permit ip 192.168.150.8 0.0.0.7 172.16.1.76 0.0.0.3 * ip access-list extended incoming * deny tcp any any eq 445 * deny udp any any eq 445 * deny udp any any eq 0 * deny udp any any range 135 netbios-ss * deny tcp any any range 135 139 * deny tcp any any eq 1433 * deny tcp any any eq 2745 * deny udp any any eq 4156 * deny udp any any eq 1978 * deny tcp any any eq 1978 * deny tcp any any eq 559 * deny udp any any eq 1434 * deny tcp any any eq 2535 * deny tcp any any eq 3127 * deny tcp any any eq 5554 * deny tcp any any eq 65506 * deny tcp any any eq 1080 * deny udp any any eq 10100 * deny icmp any any fragments * permit icmp any any echo * permit icmp any any echo-reply * permit icmp any any packet-too-big * permit icmp any any time-exceeded * deny icmp any any * permit ip any any * ip access-list extended outgoing * deny udp any any range 135 netbios-ss * deny tcp any any range 135 139 * deny udp any any eq 445 * deny tcp any any eq 445 * deny tcp any any eq 2002 * deny udp any any eq 2002 * deny udp any any eq 4156 * deny udp any any eq 1978 * deny tcp any any eq 1978 * deny tcp any any eq 1080 * deny udp any any eq 1434 * permit ip any any * ! * ! * ! * ! * ! * ! * ! * control-plane * ! * ! * ! * line con 0 * password bdc0m#@! * line aux 0 * line vty 0 4 * password bdc0m,l.;/'#@! * ! * scheduler allocate 20000 1000 * end