DBBL-DC-9A-Branch#show running-config
Building configuration…
Current configuration : 3439 bytes
!
! Last configuration change at 09:49:22 UTC Wed Oct 19 2016 by bdcom
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname DBBL-DC-9A-Branch
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$O0Z0$8hpGgy8j0b/LtnjxMCvZO/
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
!
!
!
!
no ipv6 cef
ip source-route
ip cef
!
!
no ip mfib
!
!
!
multilink bundle-name authenticated
!
!
!
!
license udi pid CISCO2921/K9 sn FGL152211P1
!
!
username bdcom password 0 bdc0m,l.;/'#@!
!
redundancy
!
!
!
!
crypto isakmp policy 1
authentication pre-share
crypto isakmp key 6 123456789 address 10.255.3.142
!
!
crypto ipsec transform-set dbbl esp-des esp-sha-hmac
!
crypto map dbbl_dha 2 ipsec-isakmp
set peer 10.255.3.142
set transform-set dbbl
match address Dhaka_Dakkhin
!
!
!
!
!
interface Tunnel2
description Dhanmondi-Br
ip address 172.20.1.37 255.255.255.252
tunnel source 10.255.42.234
tunnel mode ipip
tunnel destination 10.255.47.150
!
!
interface Tunnel3
description localoffice
ip address 172.20.1.21 255.255.255.252
tunnel source 10.255.42.234
tunnel destination 10.255.65.178
!
!
interface GigabitEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
!
interface GigabitEthernet0/1
description WAN-BDCOM
ip address 10.255.42.234 255.255.255.252
ip access-group incoming in
ip access-group outgoing out
no ip redirects
no ip unreachables
duplex auto
speed auto
crypto map dbbl_dha
!
!
interface GigabitEthernet0/2
-
ip address 192.168.150.14 255.255.255.248
ip access-group incoming in
ip access-group outgoing out
duplex auto
speed auto
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.255.42.233 name All
ip route 10.1.1.0 255.255.255.0 10.255.150.10 name DC-local
ip route 10.99.1.0 255.255.255.0 10.255.150.10 name DC-local
ip route 172.16.32.0 255.255.255.252 172.20.1.22 name localoffice
ip route 172.16.32.36 255.255.255.252 172.20.1.38 name Dhanmondi-Br
!
ip access-list extended Dhaka_Dakkhin
permit ip 192.168.150.8 0.0.0.7 172.16.1.76 0.0.0.3
ip access-list extended incoming
deny tcp any any eq 445
deny udp any any eq 445
deny udp any any eq 0
deny udp any any range 135 netbios-ss
deny tcp any any range 135 139
deny tcp any any eq 1433
deny tcp any any eq 2745
deny udp any any eq 4156
deny udp any any eq 1978
deny tcp any any eq 1978
deny tcp any any eq 559
deny udp any any eq 1434
deny tcp any any eq 2535
deny tcp any any eq 3127
deny tcp any any eq 5554
deny tcp any any eq 65506
deny tcp any any eq 1080
deny udp any any eq 10100
deny icmp any any fragments
permit icmp any any echo
permit icmp any any echo-reply
permit icmp any any packet-too-big
permit icmp any any time-exceeded
deny icmp any any
permit ip any any
ip access-list extended outgoing
deny udp any any range 135 netbios-ss
deny tcp any any range 135 139
deny udp any any eq 445
deny tcp any any eq 445
deny tcp any any eq 2002
deny udp any any eq 2002
deny udp any any eq 4156
deny udp any any eq 1978
deny tcp any any eq 1978
deny tcp any any eq 1080
deny udp any any eq 1434
permit ip any any
!
!
!
!
!
!
!
control-plane
!
!
!
line con 0
password bdc0m#@!
line aux 0
line vty 0 4
password bdc0m,l.;/'#@!
!
scheduler allocate 20000 1000
end