ShirazOnline
نمایش نتایج: از شماره 1 تا 5 , از مجموع 5

موضوع: Cisco 2600 sample config file

  1. #1
    کاربر عادی aminahoora آواتار ها
    تاریخ عضویت
    Sep 2007
    نوشته ها
    1
    تشکرها / پسندها

    پیش فرض Cisco 2600 sample config file

    اگر اشتباهی دیدید به بزرگی خودتون ببخشید

    !
    version 12.4]
    no service pad
    service tcp-keepalives-in
    service tcp-keepalives-out
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    service password-encryption
    service compress-config
    service udp-small-servers
    service sequence-numbers
    !
    hostname Aminahoora-CISCO-Firewall
    !
    boot-start-marker
    boot-end-marker
    !
    security authentication failure rate 3 log
    security passwords min-length 6
    logging buffered 51200 warnings
    logging console critical
    enable secret 5
    enable password 7!
    aaa new-model
    !
    !
    aaa group server radius SDM_NAC_GROUP
    server 192.168.0.2 auth-port 1645 acct-port 1646
    !
    aaa authentication fail-message orng Access!!!

    aaa authentication password-prompt PIX-PASSWORD:
    aaa authentication username-prompt PIX-USERNAME:
    aaa authentication login default local
    aaa authentication login local_authen local
    aaa authentication eou default group SDM_NAC_GROUP
    aaa authorization exec local_author local
    !
    aaa session-id common
    !
    resource policy
    !
    clock timezone Tehran 3 30
    clock summer-time Tehran date Mar 22 2003 12:00 Sep 22 2003 12:00
    no network-clock-participate slot 1
    no network-clock-participate wic 0
    ip subnet-zero
    no ip source-route
    ip cef
    ip tcp synwait-time 10
    !
    !
    ip inspect name SDM_LOW http
    ip inspect name SDM_LOW https
    ip inspect name SDM_LOW appfw SDM_LOW
    ip inspect name Aminahoora esmtp alert on audit-trail on
    ip inspect name Aminahoora http urlfilter
    ip inspect name Aminahoora https
    ip admission name SDM_EOU_1 eapoudp inactivity-time 60
    no ip dhcp use vrf connected
    !
    !
    no ip ips deny-action ips-interface
    no ip bootp server
    ip urlfilter exclusive-domain permit [فقط اعضا می توانند لینک ها را مشاهده کنند برای ثبت نام اینجا را کلیک کنید]
    ip urlfilter exclusive-domain deny sex.com
    ip urlfilter exclusive-domain deny xxx.com
    ip urlfilter exclusive-domain permit cisco.com
    ip ssh time-out 60
    ip ssh authentication-retries 2
    !
    !
    !
    crypto pki trustpoint TP-self-signed-1037260179
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-1037260179
    revocation-check none
    rsakeypair TP-self-signed-1037260179
    !
    !
    crypto pki certificate chain TP-self-signed-1037260179
    certificate self-signed 01
    30820252 308201BB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 31303337 32363031 3739301E 170D3032 30333031 30303032
    32355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30333732
    36303137 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100D57D 479113C8 58278A12 A673F70B 48AFDA77 89FC3DEA A193084B F61FE6F7
    C14ED0BC F3023E25 1E24D28E CA18B1AE 9DE1B27E BE49BFED 452FBBE2 E6677649
    0AA2C7D4 DA2A5F3D 6C4A9172 1A283121 CFEE6B08 71CADDE5 5A79ABB8 39D81270
    F8411131 73FEBD0D 33B3DEC2 DE5FDD27 171CFCCC 105D01A1 D0375327 FCCDF5D6
    B8010203 010001A3 7A307830 0F060355 1D130101 FF040530 030101FF 30250603
    551D1104 1E301C82 1A416D69 6E61686F 6F72612D 43495343 4F2D4669 72657761
    6C6C2E30 1F060355 1D230418 30168014 276B101E 25C08CD6 9F0BEC36 DB89D734
    9400A27E 301D0603 551D0E04 16041427 6B101E25 C08CD69F 0BEC36DB 89D73494
    00A27E30 0D06092A 864886F7 0D010104 05000381 810076BD 5C2E8198 B2D80116
    895FA40D E8BA18A6 EDFAAE3A 18F14749 9A88B82C A5D18B11 2DEED269 AD03C630
    810E5C97 B8FC2A74 6B1337DB 9A1D7493 31D367CF 7A52E3F6 DDF2FEE7 3C55EDD0
    00342FBA C6D05397 ED9B4427 FB4B9358 3FCAD81B 1353E7EA 034AE66C 1E017279
    499155F0 56B8F946 823FF875 E65CC93A CF0F353D 5441
    quit
    eou clientless username
    eou clientless password
    eou allow clientless
    username aminahoora password 7!
    !
    class-map match-any SDM-Transactional-1
    match protocol citrix
    match protocol finger
    match protocol notes
    match protocol novadigm
    match protocol pcanywhere
    match protocol secure-telnet
    match protocol sqlnet
    match protocol sqlserver
    match protocol ssh
    match protocol telnet
    match protocol xwindows
    class-map match-any SDM-Signaling-1
    match protocol h323
    match protocol rtcp
    match protocol sip
    class-map match-any SDM-Scavenger-1
    match protocol napster
    match protocol fasttrack
    match protocol gnutella
    class-map match-any SDM-Routing-1
    match protocol bgp
    match protocol egp
    match protocol eigrp
    match protocol ospf
    match protocol rip
    match protocol rsvp
    class-map match-any SDM-Voice-1
    match protocol rtp audio
    class-map match-any SDM-Streaming-Video-1
    match protocol cuseeme
    match protocol netshow
    match protocol rtsp
    match protocol streamwork
    match protocol vdolive
    class-map match-any SDM-Management-1
    match protocol dhcp
    match protocol dns
    match protocol imap
    match protocol kerberos
    match protocol ldap
    match protocol secure-imap
    match protocol secure-ldap
    match protocol snmp
    match protocol *****
    match protocol syslog
    class-map match-any SDM-Interactive-Video-1
    match protocol rtp video
    class-map match-any SDM-BulkData-1
    match protocol exchange
    match protocol ftp
    match protocol irc
    match protocol nntp
    match protocol pop3
    match protocol printer
    match protocol secure-ftp
    match protocol secure-irc
    match protocol secure-nntp
    match protocol secure-pop3
    match protocol smtp
    match protocol tftp
    !
    !
    policy-map SDM-QoS-Policy-1
    class SDM-Voice-1
    set dscp ef
    priority percent 33
    class SDM-Signaling-1
    set dscp cs3
    bandwidth percent 5
    class SDM-Routing-1
    set dscp cs6
    bandwidth percent 5
    class SDM-Management-1
    set dscp cs2
    bandwidth percent 5
    class SDM-Transactional-1
    set dscp af21
    bandwidth percent 5
    class class-default
    fair-queue
    random-detect
    !
    !
    !
    crypto isakmp policy 1
    encr 3des
    group 2
    !
    crypto isakmp policy 2
    encr 3des
    hash md5
    !
    !
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    mode transport
    !
    crypto ipsec profile SDM_Profile1
    set transform-set ESP-3DES-SHA
    !
    !
    crypto dynamic-map CRYPTO 1
    set peer 20.20.20.1
    set transform-set ESP-3DES-SHA
    match address aminahoora1
    !
    !
    crypto map aminahoora 1 ipsec-isakmp
    set peer 20.20.20.1
    set transform-set ESP-3DES-SHA
    match address aminahoora1
    !
    !
    !
    interface Tunnel0
    bandwidth 1000
    ip address 20.20.20.1 255.255.255.0
    no ip redirects
    ip mtu 1400
    ip nhrp authentication DMVPN_NW
    ip nhrp map multicast dynamic
    ip nhrp network-id 100000
    ip nhrp holdtime 360
    ip tcp adjust-mss 1360
    no ip split-horizon
    delay 1000
    tunnel source FastEthernet0/0
    tunnel mode gre multipoint
    tunnel key 100000
    tunnel protection ipsec profile SDM_Profile1
    !
    interface Null0
    no ip unreachables
    !
    interface FastEthernet0/0
    description $FW_INSIDE$
    ip address 192.168.0.2 255.255.255.0
    ip broadcast-address 192.168.0.255
    ip access-group 100 in
    no ip redirects
    no ip unreachables
    no ip *****-arp
    ip nbar protocol-discovery
    ip admission SDM_EOU_1
    ip route-cache flow
    ip tcp adjust-mss 1412
    speed auto
    full-duplex
    no mop enabled
    service-policy output SDM-QoS-Policy-1
    !
    interface FastEthernet0/1
    description $ETH-WAN$
    no ip address
    no ip redirects
    no ip unreachables
    no ip *****-arp
    ip route-cache flow
    duplex auto
    speed auto
    pppoe enable
    pppoe-client dial-pool-number 1
    no mop enabled
    !
    interface Dialer0
    description $FW_OUTSIDE$
    ip address 192.168.10.2 255.255.255.0
    ip access-group 101 in
    no ip redirects
    no ip unreachables
    no ip *****-arp
    ip mtu 1452
    ip inspect SDM_LOW out
    encapsulation ppp
    ip route-cache flow
    dialer pool 1
    dialer-group 1
    ppp authentication chap pap callin
    ppp chap hostname aminahoora
    ppp chap password 7 011E0713570A545A76
    ppp pap sent-username aminahoora password 7
    !
    router rip
    version 2
    network 20.0.0.0
    no auto-summary
    !
    ip classless
    !
    ip http server
    ip http access-class 1
    ip http authentication local
    ip http secure-server
    ip http secure-trustpoint amin
    ip http timeout-policy idle 60 life 86400 requests 10000
    !
    ip access-list extended aminahoora1
    remark SDM_ACL Category=4
    permit ip 20.20.20.0 0.0.0.255 any
    !
    ip radius source-interface Dialer0
    logging trap debugging
    access-list 1 remark HTTP Access-class list
    access-list 1 remark SDM_ACL Category=1
    access-list 1 permit 192.168.0.0 0.0.0.255
    access-list 1 deny any
    access-list 100 remark auto generated by SDM firewall configuration
    access-list 100 remark SDM_ACL Category=1
    access-list 100 permit tcp any host 192.168.0.2 eq cmd
    access-list 100 permit tcp any host 192.168.0.2 eq telnet
    access-list 100 permit tcp any host 192.168.0.2 eq 22
    access-list 100 permit tcp any host 192.168.0.2 eq www
    access-list 100 permit tcp any host 192.168.0.2 eq 443
    access-list 100 permit ip any host 192.168.0.2
    access-list 100 permit udp host 192.168.0.2 eq 1646 host 192.168.0.2 eq 1646
    access-list 100 permit udp host 192.168.0.2 eq 1645 host 192.168.0.2 eq 1645
    access-list 100 permit udp any eq 21862 host 192.168.0.2
    access-list 100 permit udp any host 192.168.0.2 eq non500-isakmp
    access-list 100 permit udp any host 192.168.0.2 eq isakmp
    access-list 100 permit esp any host 192.168.0.2
    access-list 100 permit ahp any host 192.168.0.2
    access-list 100 permit gre any host 192.168.0.2
    access-list 100 deny ip 192.168.10.0 0.0.0.255 any
    access-list 100 deny ip host 255.255.255.255 any
    access-list 100 deny ip 127.0.0.0 0.255.255.255 any
    access-list 100 permit ip any any
    access-list 101 remark auto generated by SDM firewall configuration
    access-list 101 remark SDM_ACL Category=1
    access-list 101 deny ip 192.168.0.0 0.0.0.255 any
    access-list 101 permit icmp any host 192.168.10.2 echo-reply
    access-list 101 permit icmp any host 192.168.10.2 time-exceeded
    access-list 101 permit icmp any host 192.168.10.2 unreachable
    access-list 101 deny ip 10.0.0.0 0.255.255.255 any
    access-list 101 deny ip 172.16.0.0 0.15.255.255 any
    access-list 101 deny ip 192.168.0.0 0.0.255.255 any
    access-list 101 deny ip 127.0.0.0 0.255.255.255 any
    access-list 101 deny ip host 255.255.255.255 any
    access-list 101 deny ip host 0.0.0.0 any
    access-list 101 deny ip any any log
    access-list 102 remark VTY Access-class list
    access-list 102 remark SDM_ACL Category=1
    access-list 102 permit ip 192.168.0.0 0.0.0.255 any
    access-list 102 deny ip any any
    dialer-list 1 protocol ip permit
    no cdp run
    !
    radius-server host 192.168.0.2 auth-port 1645 acct-port 1646
    radius-server vsa send authentication
    !
    control-plane
    !
    !
    !
    banner login IPS Sescor is Active "You have an authurotize Access Please check Your permission!!! "
    !
    line con 0
    login authentication local_authen
    transport output telnet
    line aux 0
    login authentication local_authen
    transport output telnet
    line vty 0 4
    access-class 102 in
    authorization exec local_author
    login authentication local_authen
    transport input telnet ssh
    line vty 5 15
    access-class 102 in
    authorization exec local_author
    login authentication local_authen
    transport input telnet ssh
    !
    scheduler allocate 4000 1000
    !
    end

  2. # ADS
    Circuit advertisement
    تاریخ عضویت
    Always
    نوشته ها
    Many
     

  3. #2
    RezaBehroozi admin آواتار ها
    تاریخ عضویت
    Jan 1970
    محل سکونت
    Iran/Shiraz
    نوشته ها
    11,181
    تشکرها / پسندها

    پیش فرض

    ممنون...اگر پلن هم میگفتین عالی میشد...
    [فقط اعضا می توانند لینک ها را مشاهده کنند برای ثبت نام اینجا را کلیک کنید]

  4. #3
    کاربر عادی rmorrison100 آواتار ها
    تاریخ عضویت
    Mar 2011
    محل سکونت
    FL
    نوشته ها
    2
    تشکرها / پسندها

    پیش فرض

    با تشکر برای این یکی.
    من خیلی خوشحال

  5. #4
    کاربر عادی rmorrison100 آواتار ها
    تاریخ عضویت
    Mar 2011
    محل سکونت
    FL
    نوشته ها
    2
    تشکرها / پسندها

    پیش فرض

    با تشکر برای این یکی.
    [فقط اعضا می توانند لینک ها را مشاهده کنند برای ثبت نام اینجا را کلیک کنید]
    من خیلی خوشحال

  6. #5
    کاربر عادی daavidfischer آواتار ها
    تاریخ عضویت
    Nov 2012
    نوشته ها
    1
    تشکرها / پسندها

    پیش فرض

    I can’t see what the issue here is. Are you having problems while compiling the program? Or are you having problems when you run the program? I briefly verified the code you have provided and couldn’t find anything wrong. Sorry I don’t speak Arabic

    ___________________________
    [فقط اعضا می توانند لینک ها را مشاهده کنند برای ثبت نام اینجا را کلیک کنید]

اطلاعات موضوع

کاربرانی که در حال مشاهده این موضوع هستند

در حال حاضر 1 کاربر در حال مشاهده این موضوع است. (0 کاربران و 1 مهمان ها)

علاقه مندی ها (Bookmarks)

علاقه مندی ها (Bookmarks)

مجوز های ارسال و ویرایش

  • شما نمیتوانید موضوع جدیدی ارسال کنید
  • شما امکان ارسال پاسخ را ندارید
  • شما نمیتوانید فایل پیوست کنید.
  • شما نمیتوانید پست های خود را ویرایش کنید
  •