Scribd
Upload
151 views9 pages

Teldat Infointernet Modelo + DHCP + NAT + WIFI

The document contains configuration settings for a router including network interfaces, access control lists, AAA authentication, DHCP and SNMP settings. BGP, NTP and SSH are also configured along with bandwidth reservation and netflow export. Detailed rules are set for wireless security, routing, NAT and other network protocols on the device.

Uploaded by

saenzmontalvan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
151 views9 pages

Teldat Infointernet Modelo + DHCP + NAT + WIFI

The document contains configuration settings for a router including network interfaces, access control lists, AAA authentication, DHCP and SNMP settings. BGP, NTP and SSH are also configured along with bandwidth reservation and netflow export. Detailed rules are set for wireless security, routing, NAT and other network protocols on the device.

Uploaded by

saenzmontalvan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 9

CD175751_DANISCO_PERU Config$show config

; Showing Menu and Submenus Configuration for access-level 15 ...


; M1Router 4GESW SLOT1 WL IPSec SNA VoIP T+ 34 36 Version 11.01.05.00.02

log-command-errors
no configuration
add device eth-subinterface ethernet2/0 264
add device bvi 0
set data-link at cellular1/0
set data-link at cellular1/1
set hostname CD175751_DANISCO_PERU
feature afs
enable
exit
;
feature access-lists
; -- Access Lists user configuration --
access-list 1
entry 1 default
entry 1 permit
entry 1 source address 192.168.1.0 255.255.255.0
;
exit
;
access-list 500
entry 1 description "Red Telefonica Gestion 1"
entry 1 default
entry 1 permit
entry 1 source address 200.48.103.0 255.255.255.0
entry 1 destination port-range 21 23
;
entry 2 description "Red WAN"
entry 2 default
entry 2 permit
entry 2 source address 172.22.192.68 255.255.255.252
entry 2 destination port-range 21 23
;
entry 3 description "Red Solardwind"
entry 3 default
entry 3 permit
entry 3 source address 200.37.102.160 255.255.255.224
entry 3 destination port-range 21 23
;
entry 5 description "Deny SSH TELNET"
entry 5 default
entry 5 deny
entry 5 destination port-range 21 23
;
entry 6 description "Deny ACCESO WEB"
entry 6 default
entry 6 deny
entry 6 destination port-range 80 80
;
entry 10 default
entry 10 permit
;
exit
;
access-list 150
entry 10 default
entry 10 permit
entry 10 source address 172.22.192.70 255.255.255.255
entry 10 destination address 172.22.192.69 255.255.255.255
entry 10 destination port-range 179 179
entry 10 protocol tcp
;
entry 15 default
entry 15 permit
entry 15 source address 172.22.192.70 255.255.255.255
entry 15 source port-range 179 179
entry 15 destination address 172.22.192.69 255.255.255.255
entry 15 protocol tcp
;
entry 20 default
entry 20 permit
entry 20 source address 172.22.192.70 255.255.255.255
entry 20 destination port-range 49 49
entry 20 protocol tcp
;
entry 30 default
entry 30 permit
entry 30 source address 172.22.192.70 255.255.255.255
entry 30 source port-range 21 23
entry 30 protocol tcp
;
exit
;
exit
;
banner login "|------------------------------------------------------------------|"
banner login "| WARNING |"
banner login "| This system is for the use of authorized users only. Individuals |"
banner login "| using this computer system without authority, or in activities |"
banner login "| on this system monitored and recorded by system personnel. |"
banner login "| |"
banner login "| In the course of monitoring individuals improperly using this |"
banner login "| system, or in the course of system maintenance, the activities |"
banner login "| of authorized users may also be monitored. |"
banner login "| |"
banner login "| Anyone using this system expressly consents to such monitoring |"
banner login "| and is advised that if such monitoring reveals possible |"
banner login "| evidence of criminal activity, system personnel may provide the |"
banner login "| evidence of such monitoring to law enforcement officials. |"
banner login "|------------------------------------------------------------------|"
;
banner exec "--------------------------------------------------------------------"
banner exec " 0 | "
banner exec " 000 0 | DANISCO PERU S.A.C "
banner exec " 0000 000 00 | "
banner exec " =====0000000 0000 000 | "
banner exec " 00000000 00000 0000 | "
banner exec " 00000000000000000 | AV. MANUEL OLGUIN 335 INT. 1608 "
banner exec " 0000000000000 | SANTIAGO DE SURCO "
banner exec " 000000000 | "
banner exec " 0000000 | TELEFONICA DEL PERU "
banner exec " 0000 | LIMA - PERU "
banner exec " 00 | INFOINTERNET 20MB - CDU 175751 "
banner exec " 0 | "
banner exec "--------------------------------------------------------------------"
;
feature aaa
; -- AAA user configuration --
enable
tacacs-servers
server "TDP1"
timeout 3
port 4900
key ciphered 0xA7951452B9E4E867
host 200.48.103.18
source-address 200.10.95.209
exit
;
exit
;
group server tacacs+ "GROUP-ACS"
server TDP1
exit
;
authentication login "default"
method 1 group GROUP-ACS
method 2 local
exit
;
authorization exec "default"
method 1 group GROUP-ACS
method 2 none
exit
;
authorization commands "default"
privilege-level 1
method 1 group GROUP-ACS
method 2 none
exit
;
privilege-level 5
method 1 group GROUP-ACS
method 2 none
exit
;
privilege-level 15
method 1 group GROUP-ACS
method 2 none
exit
;
exit
;
accounting exec "default"
action-type start-stop
method 1 group GROUP-ACS
exit
;
accounting commands "default"
privilege-level 1
action-type start-stop
method 1 group GROUP-ACS
exit
;
privilege-level 15
action-type start-stop
method 1 group GROUP-ACS
exit
;
exit
;
exit
;
;
network wlan0/0
; -- Wireless LAN Interface. Configuration --
description "WAN ||DANISCO_PERU|| CD175751"
bss "DANISCO "
privacy-invoked
rsn wpa2
cipher tkip
cipher aes-ccmp
akm-suite psk
wpa-psk passphrase ciphered 0xDBA8744AD79EB752F8769E4BD375926D
exit
;
exit
;
network ethernet2/0
; -- Ethernet Interface User Configuration --
auto-negotiation
exit
;
network bvi0
; -- Bridge Virtual Interface configuration --
description "LAN ||DANISCO_PERU|| CD175751"
;
ip address 200.60.66.169 255.255.255.248
ip address 192.168.1.1 255.255.255.0 secondary
;
exit
;
;
network ethernet2/0.264
; -- Ethernet Subinterface Configuration --
ip address 172.22.192.70 255.255.255.252
;
encapsulation dot1q 264
;
;
;
;
;
exit
;
feature netflow
; -- NETFLOW/IPFIX Configuration --

ip cache timeout active 1m


ip export destination 200.37.102.166 2055
;
ip export source 200.60.66.169
ip export version 9
exit
;
;
;
;
;
;
protocol asrt
; -- ASRT Bridge user configuration --
port ethernet0/0 1
port wlan0/0 2
route-protocol ip
exit
;
protocol ip
; -- Internet protocol user configuration --
router-id 172.22.192.70
local access-group 500 in
;
nat
pool 1 ip 200.60.66.170
;
rule 1 out ethernet2/0.264 list 1 dynamic overload
rule 1 translation source pool 1
;
exit
;
exit
;
protocol dhcp
; -- DHCP Configuration --
server
; -- DHCP Server Configuration --
enable
;
;
subnet SERVER 0 network 192.168.1.0 255.255.255.0
subnet SERVER 0 range 192.168.1.10 192.168.1.254
subnet SERVER 0 dns-server 200.48.0.50
subnet SERVER 0 dns-server 200.48.0.51
subnet SERVER 0 router 192.168.1.1
;
exit
;
exit
;
;
;
protocol snmp
; -- SNMP user configuration --
community pubcgrc subnet 200.48.103.0 255.255.255.128
community pubcgrc subnet 200.37.103.192 255.255.255.240
community pubcgrc subnet 200.37.102.160 255.255.255.240
;
community privcgrc access write-read-trap
community privcgrc subnet 200.48.103.0 255.255.255.128
community privcgrc subnet 200.37.103.192 255.255.255.240
community privcgrc subnet 200.37.102.160 255.255.255.240
;
trap sending-parameters reachability-checking ip-route
exit
;

protocol bgp
; -- Border Gateway Protocol user configuration --
enable
;
as 64999
;
address-family ipv4
; -- BGP IPv4 address family configuration --
export as 6147 prot direct 200.60.66.168 mask 255.255.255.248
;
exit
;
group type external peer-as 6147
; -- BGP group configuration --
peer 172.22.192.69
peer 172.22.192.69 local-interface ethernet2/0.264
peer 172.22.192.69 next-hop-self
peer 172.22.192.69 send-community
exit
;
exit
;
feature ntp
; -- NTP Protocol user configuration --
protocol
peer address 1 200.48.103.18
exit
;
feature bandwidth-reservation
; -- Bandwidth Reservation user configuration --
network ethernet0/1.100
enable
class control 100 real-time
;
class local 10
;
class default 40
;
;
access-list 150 control urgent set precedence 6
;
rate-limit 102400
exit
;
exit
;
feature ssh
; -- SSH protocol configuration --

server
; -- SSH Server --
version 2
max-auth-tries 2
auth-time 1m
ephemeral-key bits 1024
enable
exit
;
exit
;
;
dump-command-errors
end

You might also like