dbbl_vpn_rtr
- DBBL-DC-9A-Branch#show running-config
- Building configuration…
- Current configuration : 3439 bytes
- !
- ! Last configuration change at 09:49:22 UTC Wed Oct 19 2016 by bdcom
- !
- version 15.0
- service timestamps debug datetime msec
- service timestamps log datetime msec
- no service password-encryption
- !
- hostname DBBL-DC-9A-Branch
- !
- boot-start-marker
- boot-end-marker
- !
- enable secret 5 $1$O0Z0$8hpGgy8j0b/LtnjxMCvZO/
- !
- aaa new-model
- !
- !
- !
- !
- !
- !
- !
- aaa session-id common
- !
- !
- !
- !
- no ipv6 cef
- ip source-route
- ip cef
- !
- !
- no ip mfib
- !
- !
- !
- multilink bundle-name authenticated
- !
- !
- !
- !
- license udi pid CISCO2921/K9 sn FGL152211P1
- !
- !
- username bdcom password 0 bdc0m,l.;/'#@!
- !
- redundancy
- !
- !
- !
- !
- crypto isakmp policy 1
- authentication pre-share
- crypto isakmp key 6 123456789 address 10.255.3.142
- !
- !
- crypto ipsec transform-set dbbl esp-des esp-sha-hmac
- !
- crypto map dbbl_dha 2 ipsec-isakmp
- set peer 10.255.3.142
- set transform-set dbbl
- match address Dhaka_Dakkhin
- !
- !
- !
- !
- !
- interface Tunnel2
- description Dhanmondi-Br
- ip address 172.20.1.37 255.255.255.252
- tunnel source 10.255.42.234
- tunnel mode ipip
- tunnel destination 10.255.47.150
- !
- !
- interface Tunnel3
- description localoffice
- ip address 172.20.1.21 255.255.255.252
- tunnel source 10.255.42.234
- tunnel destination 10.255.65.178
- !
- !
- interface GigabitEthernet0/0
- no ip address
- shutdown
- duplex auto
- speed auto
- !
- !
- interface GigabitEthernet0/1
- description WAN-BDCOM
- ip address 10.255.42.234 255.255.255.252
- ip access-group incoming in
- ip access-group outgoing out
- no ip redirects
- no ip unreachables
- duplex auto
- speed auto
- crypto map dbbl_dha
- !
- !
- interface GigabitEthernet0/2
- description LAN-peering
- ip address 192.168.150.14 255.255.255.248
- ip access-group incoming in
- ip access-group outgoing out
- duplex auto
- speed auto
- !
- !
- ip forward-protocol nd
- !
- no ip http server
- no ip http secure-server
- !
- ip route 0.0.0.0 0.0.0.0 10.255.42.233 name All
- ip route 10.1.1.0 255.255.255.0 10.255.150.10 name DC-local
- ip route 10.99.1.0 255.255.255.0 10.255.150.10 name DC-local
- ip route 172.16.32.0 255.255.255.252 172.20.1.22 name localoffice
- ip route 172.16.32.36 255.255.255.252 172.20.1.38 name Dhanmondi-Br
- !
- ip access-list extended Dhaka_Dakkhin
- permit ip 192.168.150.8 0.0.0.7 172.16.1.76 0.0.0.3
- ip access-list extended incoming
- deny tcp any any eq 445
- deny udp any any eq 445
- deny udp any any eq 0
- deny udp any any range 135 netbios-ss
- deny tcp any any range 135 139
- deny tcp any any eq 1433
- deny tcp any any eq 2745
- deny udp any any eq 4156
- deny udp any any eq 1978
- deny tcp any any eq 1978
- deny tcp any any eq 559
- deny udp any any eq 1434
- deny tcp any any eq 2535
- deny tcp any any eq 3127
- deny tcp any any eq 5554
- deny tcp any any eq 65506
- deny tcp any any eq 1080
- deny udp any any eq 10100
- deny icmp any any fragments
- permit icmp any any echo
- permit icmp any any echo-reply
- permit icmp any any packet-too-big
- permit icmp any any time-exceeded
- deny icmp any any
- permit ip any any
- ip access-list extended outgoing
- deny udp any any range 135 netbios-ss
- deny tcp any any range 135 139
- deny udp any any eq 445
- deny tcp any any eq 445
- deny tcp any any eq 2002
- deny udp any any eq 2002
- deny udp any any eq 4156
- deny udp any any eq 1978
- deny tcp any any eq 1978
- deny tcp any any eq 1080
- deny udp any any eq 1434
- permit ip any any
- !
- !
- !
- !
- !
- !
- !
- control-plane
- !
- !
- !
- line con 0
- password bdc0m#@!
- line aux 0
- line vty 0 4
- password bdc0m,l.;/'#@!
- !
- scheduler allocate 20000 1000
- end
dbbl_vpn_rtr.txt · Last modified: 2023/05/08 07:52 by sysadm