Scribd Logo
Hochladen

Willkommen bei Scribd!

  • CD-CDB Same Router

    Hochgeladen von

    Gabriel Alexandro Lingan Caballero
    14 Ansichten11 Seiten
    casdfas

    Originaltitel

    CD-cdb Same Router

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    DOCX, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    casdfas

    Copyright:

    © All Rights Reserved
    Als DOCX, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    14 Ansichten11 Seiten

    CD-CDB Same Router

    Hochgeladen von

    Gabriel Alexandro Lingan Caballero
    casdfas

    Copyright:

    © All Rights Reserved
    Als DOCX, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 11

    MIBANCO2-AG299-CD93775_OVALO_MARIATEGUI-E.

    140#sh run
    Building configuration...

    Current configuration : 13656 bytes


    !
    version 15.1
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    service password-encryption
    !
    hostname MIBANCO2-AG299-CD93775_OVALO_MARIATEGUI-E.140
    !
    boot-start-marker
    boot-end-marker
    !
    !
    logging buffered 16000
    enable secret 4 DiKsY/DcmXRGV.QPMLnIyeeXriKD1sTnxpocY6TlLp2
    !
    aaa new-model
    !
    !
    aaa group server tacacs+ GROUP-ACS
    server 10.125.25.17
    !
    aaa authentication login default group tacacs+ enable
    aaa authentication login CONSOLE local
    aaa authentication enable default none
    aaa authorization config-commands
    aaa authorization exec default group tacacs+ none
    aaa authorization commands 1 default group tacacs+ none
    aaa authorization commands 15 default group tacacs+ none
    aaa accounting exec default start-stop group tacacs+
    aaa accounting commands 1 default start-stop group tacacs+
    aaa accounting commands 15 default start-stop group tacacs+
    aaa accounting connection default start-stop group tacacs+
    !
    !
    !
    !
    !
    aaa session-id common
    clock timezone GMT 5 0
    !
    no ipv6 cef
    no ip source-route
    ip cef
    !
    !
    !
    ip flow-cache timeout active 1
    no ip domain lookup
    ip domain name cgrc.pe
    multilink bundle-name authenticated
    !
    !
    !
    !
    !
    crypto pki token default removal timeout 0
    !
    !
    voice-card 0
    !
    !
    !
    !
    !
    !
    !
    license udi pid CISCO2901/K9 sn FTX171180DA
    license boot module c2900 technology-package uck9
    license boot module c2900 technology-package datak9
    hw-module pvdm 0/0
    !
    !
    !
    !
    redundancy
    !
    !
    controller VDSL 0/2/0
    operating mode adsl1
    !
    ip telnet tos 0
    ip ssh time-out 60
    ip ssh precedence 0
    !
    class-map match-all DATA_TOP
    match access-group name DATOS_HIGH
    class-map match-all DATA
    match access-group name DATOS_LOW
    match access-group 190
    class-map match-all VOZ
    match access-group name VOZ_TRAFIC
    class-map match-any C-GESTION-ROUTING
    match access-group 104
    class-map match-all DATA_DOWN
    match access-group name DATOS_LOW
    !
    !
    policy-map IPVPN
    class C-GESTION-ROUTING
    bandwidth 8
    class VOZ
    priority 256
    set ip precedence 5
    class DATA_TOP
    bandwidth 500
    class DATA
    bandwidth 128
    class class-default
    fair-queue
    !
    !
    !
    !
    !
    interface Embedded-Service-Engine0/0
    no ip address
    shutdown
    !
    interface GigabitEthernet0/0
    description WAN|JCMARIATEGUI-93775|CD=93775
    bandwidth 1024
    ip address 10.128.192.18 255.255.255.252
    ip flow ingress
    duplex full
    speed 100
    service-policy output IPVPN
    !
    interface GigabitEthernet0/1
    description - LAN -
    no ip address
    duplex auto
    speed auto
    !
    interface GigabitEthernet0/1.1
    description LAN|JCMARIATEGUI-93775|CD=93775
    encapsulation dot1Q 1 native
    ip address 10.254.140.1 255.255.255.0
    ip helper-address 172.19.246.68
    ip flow ingress
    ip flow egress
    rate-limit input access-group 108 256000 48000 96000 conform-action transmit exceed-action
    drop
    ip policy route-map DATA
    no cdp enable
    !
    interface GigabitEthernet0/1.71
    description --- VLAN DE VOZ ---
    encapsulation dot1Q 71
    ip address 71.254.140.1 255.255.255.0
    ip helper-address 172.19.246.68
    ip flow ingress
    ip flow egress
    ip policy route-map DATA
    no cdp enable
    !
    interface ATM0/2/0
    no ip address
    ip flow ingress
    no atm ilmi-keepalive
    !
    interface ATM0/2/0.1 point-to-point
    description WAN|Backup_ADSL|CD=99871
    ip address 10.208.192.26 255.255.255.252
    atm route-bridged ip
    pvc 8/60
    protocol ip 10.208.192.25 broadcast
    vbr-nrt 256 256
    broadcast
    oam-pvc 0
    !
    !
    interface Ethernet0/2/0
    no ip address
    shutdown
    no fair-queue
    !
    !
    router bgp 65530
    bgp log-neighbor-changes
    timers bgp 10 30
    redistribute connected
    neighbor 10.128.192.17 remote-as 6147
    neighbor 10.128.192.17 update-source GigabitEthernet0/0
    neighbor 10.128.192.17 version 4
    neighbor 10.128.192.17 next-hop-self
    neighbor 10.128.192.17 send-community both
    neighbor 10.128.192.17 soft-reconfiguration inbound
    neighbor 10.128.192.17 route-map RECIBE in
    neighbor 10.128.192.17 route-map RED_LAN out
    neighbor 10.128.192.17 filter-list 10 out
    neighbor 10.208.192.25 remote-as 6147
    neighbor 10.208.192.25 update-source ATM0/2/0.1
    neighbor 10.208.192.25 send-community both
    neighbor 10.208.192.25 soft-reconfiguration inbound
    neighbor 10.208.192.25 route-map SET_LP in
    neighbor 10.208.192.25 route-map SET_COMM out
    neighbor 10.208.192.25 filter-list 10 out
    !
    ip forward-protocol nd
    !
    ip bgp-community new-format
    ip as-path access-list 10 permit ^$
    ip as-path access-list 10 deny .*
    no ip http server
    no ip http secure-server
    ip flow-export source GigabitEthernet0/1.1
    ip flow-export version 5
    ip flow-export destination 172.19.253.16 9995
    ip flow-top-talkers
    top 15
    sort-by bytes
    !
    !
    ip access-list extended DATOS_HIGH
    permit tcp any any eq 1301
    permit tcp any eq 1301 any
    permit tcp any any eq 4646
    permit tcp any eq 4646 any
    permit tcp any any eq 48854
    permit tcp any eq 48854 any
    permit tcp any any eq 55753
    permit tcp any eq 55753 any
    permit tcp any any eq 8280
    permit tcp any eq 8280 any
    permit tcp any any eq 1418
    permit tcp any eq 1418 any
    permit tcp any any eq 1679
    permit tcp any eq 1679 any
    permit tcp any any eq 1837
    permit tcp any eq 1837 any
    permit tcp any any range 33192 65512
    permit tcp any range 33192 65512 any
    ip access-list extended DATOS_LOW
    permit udp any any eq 80
    permit udp any eq 80 any
    permit tcp any any eq 8014
    permit tcp any eq 8014 any
    permit tcp any any eq 8080
    permit tcp any eq 8080 any
    permit tcp any any eq www
    permit tcp any eq www any
    ip access-list extended TerminalAccess
    permit tcp 10.128.192.16 0.0.0.3 any eq telnet
    permit tcp 10.208.192.24 0.0.0.3 any eq telnet
    permit tcp any any eq 22
    deny tcp any any
    ip access-list extended VOZ_TRAFIC
    permit tcp any any eq 1718
    permit tcp any eq 1718 any
    permit tcp any any eq 1719
    permit tcp any eq 1719 any
    permit tcp any any eq 1720
    permit tcp any eq 1720 any
    permit tcp any any eq 2000
    permit tcp any eq 2000 any
    permit udp any any eq 4100
    permit udp any eq 4100 any
    permit udp any any eq 5000
    permit udp any eq 5000 any
    permit udp any any eq 5200
    permit udp any eq 5200 any
    permit udp any any range 28000 28255
    permit udp any any range 51000 51200
    permit udp any range 28000 28255 any
    permit udp any any range 16384 32767
    permit udp any range 16384 32767 any
    permit udp any range 5201 5263 any
    !
    !
    ip prefix-list IP_LOCAL seq 10 permit 10.254.140.0/24
    ip prefix-list IP_LOCAL seq 15 permit 71.254.140.0/24
    !
    ip prefix-list RECIBE_REDES seq 5 permit 0.0.0.0/0
    ip prefix-list RECIBE_REDES seq 10 permit 10.2.0.0/16
    ip prefix-list RECIBE_REDES seq 15 permit 10.2.0.0/24
    ip prefix-list RECIBE_REDES seq 20 permit 10.4.0.0/24
    ip prefix-list RECIBE_REDES seq 25 permit 10.5.0.0/24
    ip prefix-list RECIBE_REDES seq 30 permit 10.6.0.0/24
    ip prefix-list RECIBE_REDES seq 45 permit 10.9.0.0/24
    logging trap critical
    access-list 50 remark IP GESTION WAN
    access-list 50 permit 10.28.128.0 0.0.0.255
    access-list 50 permit 10.125.25.0 0.0.0.255
    access-list 50 permit 172.19.253.0 0.0.0.255
    access-list 50 permit 172.16.8.0 0.0.0.255
    access-list 50 permit 172.17.1.0 0.0.0.255
    access-list 50 deny any
    access-list 90 remark SNMP RESTRINGIDO
    access-list 90 permit 10.2.30.72
    access-list 90 permit 10.4.0.200
    access-list 90 permit 10.4.0.220
    access-list 90 permit 10.125.25.0 0.0.0.255
    access-list 104 permit tcp any eq bgp any
    access-list 104 permit tcp any any eq bgp
    access-list 104 permit tcp any any eq tacacs
    access-list 104 permit tcp any eq tacacs any
    access-list 104 permit tcp any any eq 22
    access-list 104 permit tcp any eq 22 any
    access-list 104 permit tcp any any eq cmd
    access-list 104 permit tcp any eq cmd any
    access-list 104 permit udp any any eq snmp
    access-list 104 permit udp any eq snmp any
    access-list 104 permit udp any any eq syslog
    access-list 104 permit udp any eq syslog any
    access-list 104 permit icmp any any
    access-list 104 permit tcp any eq telnet any
    access-list 104 permit tcp any any eq telnet
    access-list 108 permit ip any host 172.16.5.163
    access-list 108 permit ip any host 172.16.5.164
    access-list 108 permit ip any host 172.16.5.165
    access-list 108 permit ip any host 172.16.5.166
    access-list 108 permit ip any host 10.100.0.161
    access-list 108 permit ip any host 10.100.0.162
    access-list 108 permit ip any host 10.100.0.163
    access-list 108 permit ip any host 10.100.0.164
    access-list 108 permit ip any host 172.16.5.173
    access-list 108 permit ip any host 172.16.3.47
    access-list 190 permit ip any any
    !
    no cdp run
    !
    !
    !
    route-map SET_LP permit 10
    match ip address prefix-list RECIBE_REDES
    set local-preference 90
    !
    route-map DATA permit 10
    match ip address VOZ_TRAFIC
    set ip precedence critical
    !
    route-map DATA permit 20
    match ip address DATOS_HIGH
    set ip precedence priority
    !
    route-map DATA permit 30
    match ip address DATOS_LOW
    set ip precedence routine
    !
    route-map DATA permit 40
    match ip address 190
    set ip precedence priority
    !
    route-map SET_COMM permit 10
    match ip address prefix-list IP_LOCAL
    set community 6147:90
    !
    route-map RECIBE permit 10
    match ip address prefix-list RECIBE_REDES
    !
    route-map RED_LAN permit 10
    match ip address prefix-list IP_LOCAL
    !
    route-map C-GESTION-ROUTING permit 10
    match ip address 104
    set ip precedence internet
    !
    !
    snmp-server community pubEDYFICAR RO
    snmp-server community pubcgrc RO 50
    snmp-server community privcgrc RW 50
    snmp-server community pubEDPYME RO 90
    snmp-server community pubMIBANCO RO 50
    snmp-server community m1b4nc0 RO 50
    snmp-server community privEDPYME RW 50
    snmp-server ifindex persist
    snmp-server location JC_MARIATEGUI
    snmp-server enable traps tty
    snmp-server enable traps envmon
    snmp-server enable traps isdn call-information
    snmp-server enable traps isdn layer2
    snmp-server enable traps isdn chan-not-avail
    snmp-server enable traps bgp
    snmp-server enable traps atm pvc
    snmp-server enable traps config-copy
    snmp-server enable traps config
    snmp-server enable traps entity
    snmp-server enable traps frame-relay multilink bundle-mismatch
    snmp-server enable traps frame-relay
    snmp-server enable traps frame-relay subif
    snmp-server enable traps hsrp
    snmp-server enable traps cpu threshold
    snmp-server enable traps syslog
    snmp-server enable traps ipsla
    snmp-server enable traps voice
    snmp-server host 172.16.8.34 m1b4nc0
    snmp-server host 172.17.1.142 privMIBANCO
    snmp-server host 10.125.25.37 privcgrc
    snmp-server host 10.125.25.38 privcgrc
    snmp-server host 10.28.128.130 privcgrc
    snmp-server host 172.17.1.142 privcgrc
    snmp-server host 172.19.253.16 privcgrc
    snmp-server host 10.2.4.128 pubEDPYME
    snmp-server host 10.4.0.200 pubEDPYME
    snmp-server host 10.2.30.232 pubEDYFICAR
    snmp-server host 10.125.25.37 pubcgrc
    snmp-server host 10.125.25.38 pubcgrc
    snmp-server host 10.28.128.130 pubcgrc
    snmp-server host 10.4.0.220 pubcgrc
    tacacs-server host 10.125.25.17
    tacacs-server host 10.125.25.16
    tacacs-server timeout 3
    tacacs-server directed-request
    tacacs-server key 7 111B1C011E02
    !
    !
    !
    control-plane
    !
    !
    voice-port 0/0/0
    !
    voice-port 0/0/1
    !
    !
    !
    mgcp profile default
    !
    !
    !
    !
    !
    gatekeeper
    shutdown
    !
    !
    banner exec ^CCCCCCC
    ---------------------------------------------------------------------
    . . | JC Mariategui
    | | | PPJJ VILLA EL SALVADOR MZ A LOTE 10 SECTOR 6
    .|. .|. | Telefonica del Peru
    .|||. .|||. | Lima - Peru
    ..|||||||..|||||||.. | IP/VPN 1M CD93775 Backup CD99871
    ---------------------------------------------------------------------
    ^C
    banner login ^CC
    |-----------------------------------------------------------------|
    | WARNING |
    | |
    | This system is for the use of authorized users only. |
    | Individuals using this computer system without authority, or in |
    | excess of their authority, are subject to having all of their |
    | activities on this system monitored and recorded by system |
    | personnel. |
    | |
    | In the course of monitoring individuals improperly using this |
    | system, or in the course of system maintenance, the activities |
    | of authorized users may also be monitored. |
    | |
    | Anyone using this system expressly consents to such monitoring |
    | and is advised that if such monitoring reveals possible |
    | evidence of criminal activity, system personnel may provide the |
    | evidence of such monitoring to law enforcement officials. |
    | |
    | TELEFONICA DEL PERU |
    |-----------------------------------------------------------------|
    ^C
    !
    line con 0
    exec-timeout 30 0
    line aux 0
    exec-timeout 30 0
    line 2
    no activation-character
    no exec
    transport preferred none
    transport input all
    transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
    stopbits 1
    line vty 0 4
    access-class TerminalAccess in
    exec-timeout 30 0
    password 7 044F0E0A0A274340001A04
    transport input all
    !
    scheduler allocate 20000 1000
    ntp server 10.125.25.15
    ntp server 10.125.25.17
    end

    Das könnte Ihnen auch gefallen