cisco_pix_private_internet_exchange
- pix.bcsir.gov.bd(config)# run runn
- Type help or '?' for a list of available commands.
- pix.bcsir.gov.bd(config)# sh runn
- : Saved
- :
- PIX Version 6.3(5)
- interface ethernet0 auto
- interface ethernet1 auto
- interface ethernet2 auto
- nameif ethernet0 outside security0
- nameif ethernet1 inside security100
- nameif ethernet2 DMZ security10
- enable password EcyKpRGHiDVBwWde encrypted
- passwd ld0z2qJHryqTORjb encrypted
- hostname pix.bcsir.gov.bd
- domain-name bcsir.gov.bd
- fixup protocol dns maximum-length 512
- fixup protocol ftp 21
- fixup protocol h323 h225 1720
- fixup protocol h323 ras 1718-1719
- fixup protocol http 80
- fixup protocol rsh 514
- fixup protocol rtsp 554
- fixup protocol sip 5060
- fixup protocol sip udp 5060
- fixup protocol skinny 2000
- fixup protocol smtp 25
- fixup protocol sqlnet 1521
- fixup protocol tftp 69
- names
- access-list acl_DMZ permit icmp any any echo-reply
- access-list acl_DMZ permit icmp any any
- access-list acl_DMZ permit ip any any
- access-list acl_out permit tcp any host 76.210.78.58 eq 3389
- access-list acl_out permit tcp any host 76.210.78.58 eq www
- access-list acl_out permit tcp any host 76.210.78.58 eq pop3
- access-list acl_out permit tcp any host 76.210.78.58 eq smtp
- access-list acl_out permit icmp any any
- access-list acl_out permit tcp any host 76.210.78.58 eq 8080
- access-list acl_out permit ip any any
- access-list acl_out permit icmp any any echo-reply
- pager lines 24
- logging on
- logging buffered warnings
- mtu outside 1500
- mtu inside 1500
- mtu DMZ 1500
- ip address outside 203.188.254.2 255.255.255.240
- ip address inside 10.10.99.1 255.255.255.248
- ip address DMZ 192.168.1.1 255.255.255.0
- ip audit info action alarm
- ip audit attack action alarm
- pdm history enable
- arp timeout 14400
- global (outside) 1 interface
- nat (inside) 1 10.10.0.0 255.255.0.0 0 0
- static (inside,outside) tcp 76.210.78.58 smtp 172.16.4.26 smtp netmask 255.255.255.255 0 0
- static (inside,outside) tcp 76.210.78.58 pop3 172.16.4.10 pop3 netmask 255.255.255.255 0 0
- static (inside,outside) tcp 76.210.78.58 3389 172.16.4.10 3389 netmask 255.255.255.255 0 0
- static (inside,outside) tcp 76.210.78.58 www 172.16.4.10 www netmask 255.255.255.255 0 0
- static (inside,outside) tcp 210.4.66.19 1023 10.10.99.2 telnet netmask 255.255.255.255 0 0
- static (inside,outside) tcp 210.4.66.19 8041 10.10.101.42 www netmask 255.255.255.255 0 0
- static (inside,outside) tcp 210.4.66.19 8043 10.10.101.43 www netmask 255.255.255.255 0 0
- static (inside,outside) tcp 210.4.66.19 8044 10.10.101.44 www netmask 255.255.255.255 0 0
- static (inside,outside) tcp 210.4.66.19 8045 10.10.101.45 www netmask 255.255.255.255 0 0
- static (inside,outside) tcp 210.4.66.19 8046 10.10.101.46 www netmask 255.255.255.255 0 0
- access-group acl_out in interface outside
- route outside 0.0.0.0 0.0.0.0 203.188.254.1 1
- route inside 10.10.12.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.13.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.14.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.15.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.16.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.17.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.18.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.19.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.20.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.21.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.22.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.23.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.24.0 255.255.255.0 10.10.99.3 1
- route inside 10.10.101.0 255.255.255.0 10.10.99.2 1
- route inside 172.16.0.0 255.255.255.0 172.16.4.1 1
- route inside 172.16.1.0 255.255.255.0 172.16.4.1 1
- route inside 172.16.2.0 255.255.255.0 172.16.4.1 1
- route inside 172.16.3.0 255.255.255.0 172.16.4.1 1
- timeout xlate 3:00:00
- timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
- timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
- timeout sip-disconnect 0:02:00 sip-invite 0:03:00
- timeout uauth 0:05:00 absolute
- aaa-server TACACS+ protocol tacacs+
- aaa-server TACACS+ max-failed-attempts 3
- aaa-server TACACS+ deadtime 10
- aaa-server RADIUS protocol radius
- aaa-server RADIUS max-failed-attempts 3
- aaa-server RADIUS deadtime 10
- aaa-server LOCAL protocol local
- aaa authentication ssh console LOCAL
- no snmp-server location
- no snmp-server contact
- snmp-server community public
- no snmp-server enable traps
- floodguard enable
- telnet 38.108.92.0 255.255.255.0 outside
- telnet 203.188.0.0 255.255.0.0 outside
- telnet 203.188.251.60 255.255.255.252 outside
- telnet 0.0.0.0 0.0.0.0 outside
- telnet 172.16.4.0 255.255.255.0 inside
- telnet 172.16.2.1 255.255.255.255 inside
- telnet 10.10.99.0 255.255.255.248 inside
- telnet timeout 5
- ssh 103.14.27.0 255.255.255.0 outside
- ssh 38.108.92.0 255.255.255.0 outside
- ssh timeout 5
- console timeout 0
- username bcsir password zQzbW6/dLAtNUwOe encrypted privilege 15
- username bcsirgov password zqzJKMBqEwvMjQIA encrypted privilege 15
- username eclipse password CAXZVpQ9ZjXxPLlX encrypted privilege 15
- terminal width 80
- banner exec ==== BCSIR.GOV.BD ====
- banner motd
- banner motd
- banner motd
- banner motd WARNING: Restricted and Authorized Access ONLY!
- banner motd If you are not authorized to access this system
- banner motd please exit immediately!
- banner motd All transactions are being logged for security purposes.
- banner motd
- banner motd
- banner motd
- Cryptochecksum:5aaf549e8bc84c2146506d44845f09fe
- : end
cisco_pix_private_internet_exchange.txt · Last modified: 2023/03/06 11:31 by 127.0.0.1