! version 15.1 service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption ! hostname MIBANCO2-AG299-CD93775_OVALO_MARIATEGUI-E.140 ! boot-start-marker boot-end-marker ! ! logging buffered 16000 enable secret 4 DiKsY/DcmXRGV.QPMLnIyeeXriKD1sTnxpocY6TlLp2 ! aaa new-model ! ! aaa group server tacacs+ GROUP-ACS server 10.125.25.17 ! aaa authentication login default group tacacs+ enable aaa authentication login CONSOLE local aaa authentication enable default none aaa authorization config-commands aaa authorization exec default group tacacs+ none aaa authorization commands 1 default group tacacs+ none aaa authorization commands 15 default group tacacs+ none aaa accounting exec default start-stop group tacacs+ aaa accounting commands 1 default start-stop group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ aaa accounting connection default start-stop group tacacs+ ! ! ! ! ! aaa session-id common clock timezone GMT 5 0 ! no ipv6 cef no ip source-route ip cef ! ! ! ip flow-cache timeout active 1 no ip domain lookup ip domain name cgrc.pe multilink bundle-name authenticated ! ! ! ! ! crypto pki token default removal timeout 0 ! ! voice-card 0 ! ! ! ! ! ! ! license udi pid CISCO2901/K9 sn FTX171180DA license boot module c2900 technology-package uck9 license boot module c2900 technology-package datak9 hw-module pvdm 0/0 ! ! ! ! redundancy ! ! controller VDSL 0/2/0 operating mode adsl1 ! ip telnet tos 0 ip ssh time-out 60 ip ssh precedence 0 ! class-map match-all DATA_TOP match access-group name DATOS_HIGH class-map match-all DATA match access-group name DATOS_LOW match access-group 190 class-map match-all VOZ match access-group name VOZ_TRAFIC class-map match-any C-GESTION-ROUTING match access-group 104 class-map match-all DATA_DOWN match access-group name DATOS_LOW ! ! policy-map IPVPN class C-GESTION-ROUTING bandwidth 8 class VOZ priority 256 set ip precedence 5 class DATA_TOP bandwidth 500 class DATA bandwidth 128 class class-default fair-queue ! ! ! ! ! interface Embedded-Service-Engine0/0 no ip address shutdown ! interface GigabitEthernet0/0 description WAN|JCMARIATEGUI-93775|CD=93775 bandwidth 1024 ip address 10.128.192.18 255.255.255.252 ip flow ingress duplex full speed 100 service-policy output IPVPN ! interface GigabitEthernet0/1 description - LAN - no ip address duplex auto speed auto ! interface GigabitEthernet0/1.1 description LAN|JCMARIATEGUI-93775|CD=93775 encapsulation dot1Q 1 native ip address 10.254.140.1 255.255.255.0 ip helper-address 172.19.246.68 ip flow ingress ip flow egress rate-limit input access-group 108 256000 48000 96000 conform-action transmit exceed-action drop ip policy route-map DATA no cdp enable ! interface GigabitEthernet0/1.71 description --- VLAN DE VOZ --- encapsulation dot1Q 71 ip address 71.254.140.1 255.255.255.0 ip helper-address 172.19.246.68 ip flow ingress ip flow egress ip policy route-map DATA no cdp enable ! interface ATM0/2/0 no ip address ip flow ingress no atm ilmi-keepalive ! interface ATM0/2/0.1 point-to-point description WAN|Backup_ADSL|CD=99871 ip address 10.208.192.26 255.255.255.252 atm route-bridged ip pvc 8/60 protocol ip 10.208.192.25 broadcast vbr-nrt 256 256 broadcast oam-pvc 0 ! ! interface Ethernet0/2/0 no ip address shutdown no fair-queue ! ! router bgp 65530 bgp log-neighbor-changes timers bgp 10 30 redistribute connected neighbor 10.128.192.17 remote-as 6147 neighbor 10.128.192.17 update-source GigabitEthernet0/0 neighbor 10.128.192.17 version 4 neighbor 10.128.192.17 next-hop-self neighbor 10.128.192.17 send-community both neighbor 10.128.192.17 soft-reconfiguration inbound neighbor 10.128.192.17 route-map RECIBE in neighbor 10.128.192.17 route-map RED_LAN out neighbor 10.128.192.17 filter-list 10 out neighbor 10.208.192.25 remote-as 6147 neighbor 10.208.192.25 update-source ATM0/2/0.1 neighbor 10.208.192.25 send-community both neighbor 10.208.192.25 soft-reconfiguration inbound neighbor 10.208.192.25 route-map SET_LP in neighbor 10.208.192.25 route-map SET_COMM out neighbor 10.208.192.25 filter-list 10 out ! ip forward-protocol nd ! ip bgp-community new-format ip as-path access-list 10 permit ^$ ip as-path access-list 10 deny .* no ip http server no ip http secure-server ip flow-export source GigabitEthernet0/1.1 ip flow-export version 5 ip flow-export destination 172.19.253.16 9995 ip flow-top-talkers top 15 sort-by bytes ! ! ip access-list extended DATOS_HIGH permit tcp any any eq 1301 permit tcp any eq 1301 any permit tcp any any eq 4646 permit tcp any eq 4646 any permit tcp any any eq 48854 permit tcp any eq 48854 any permit tcp any any eq 55753 permit tcp any eq 55753 any permit tcp any any eq 8280 permit tcp any eq 8280 any permit tcp any any eq 1418 permit tcp any eq 1418 any permit tcp any any eq 1679 permit tcp any eq 1679 any permit tcp any any eq 1837 permit tcp any eq 1837 any permit tcp any any range 33192 65512 permit tcp any range 33192 65512 any ip access-list extended DATOS_LOW permit udp any any eq 80 permit udp any eq 80 any permit tcp any any eq 8014 permit tcp any eq 8014 any permit tcp any any eq 8080 permit tcp any eq 8080 any permit tcp any any eq www permit tcp any eq www any ip access-list extended TerminalAccess permit tcp 10.128.192.16 0.0.0.3 any eq telnet permit tcp 10.208.192.24 0.0.0.3 any eq telnet permit tcp any any eq 22 deny tcp any any ip access-list extended VOZ_TRAFIC permit tcp any any eq 1718 permit tcp any eq 1718 any permit tcp any any eq 1719 permit tcp any eq 1719 any permit tcp any any eq 1720 permit tcp any eq 1720 any permit tcp any any eq 2000 permit tcp any eq 2000 any permit udp any any eq 4100 permit udp any eq 4100 any permit udp any any eq 5000 permit udp any eq 5000 any permit udp any any eq 5200 permit udp any eq 5200 any permit udp any any range 28000 28255 permit udp any any range 51000 51200 permit udp any range 28000 28255 any permit udp any any range 16384 32767 permit udp any range 16384 32767 any permit udp any range 5201 5263 any ! ! ip prefix-list IP_LOCAL seq 10 permit 10.254.140.0/24 ip prefix-list IP_LOCAL seq 15 permit 71.254.140.0/24 ! ip prefix-list RECIBE_REDES seq 5 permit 0.0.0.0/0 ip prefix-list RECIBE_REDES seq 10 permit 10.2.0.0/16 ip prefix-list RECIBE_REDES seq 15 permit 10.2.0.0/24 ip prefix-list RECIBE_REDES seq 20 permit 10.4.0.0/24 ip prefix-list RECIBE_REDES seq 25 permit 10.5.0.0/24 ip prefix-list RECIBE_REDES seq 30 permit 10.6.0.0/24 ip prefix-list RECIBE_REDES seq 45 permit 10.9.0.0/24 logging trap critical access-list 50 remark IP GESTION WAN access-list 50 permit 10.28.128.0 0.0.0.255 access-list 50 permit 10.125.25.0 0.0.0.255 access-list 50 permit 172.19.253.0 0.0.0.255 access-list 50 permit 172.16.8.0 0.0.0.255 access-list 50 permit 172.17.1.0 0.0.0.255 access-list 50 deny any access-list 90 remark SNMP RESTRINGIDO access-list 90 permit 10.2.30.72 access-list 90 permit 10.4.0.200 access-list 90 permit 10.4.0.220 access-list 90 permit 10.125.25.0 0.0.0.255 access-list 104 permit tcp any eq bgp any access-list 104 permit tcp any any eq bgp access-list 104 permit tcp any any eq tacacs access-list 104 permit tcp any eq tacacs any access-list 104 permit tcp any any eq 22 access-list 104 permit tcp any eq 22 any access-list 104 permit tcp any any eq cmd access-list 104 permit tcp any eq cmd any access-list 104 permit udp any any eq snmp access-list 104 permit udp any eq snmp any access-list 104 permit udp any any eq syslog access-list 104 permit udp any eq syslog any access-list 104 permit icmp any any access-list 104 permit tcp any eq telnet any access-list 104 permit tcp any any eq telnet access-list 108 permit ip any host 172.16.5.163 access-list 108 permit ip any host 172.16.5.164 access-list 108 permit ip any host 172.16.5.165 access-list 108 permit ip any host 172.16.5.166 access-list 108 permit ip any host 10.100.0.161 access-list 108 permit ip any host 10.100.0.162 access-list 108 permit ip any host 10.100.0.163 access-list 108 permit ip any host 10.100.0.164 access-list 108 permit ip any host 172.16.5.173 access-list 108 permit ip any host 172.16.3.47 access-list 190 permit ip any any ! no cdp run ! ! ! route-map SET_LP permit 10 match ip address prefix-list RECIBE_REDES set local-preference 90 ! route-map DATA permit 10 match ip address VOZ_TRAFIC set ip precedence critical ! route-map DATA permit 20 match ip address DATOS_HIGH set ip precedence priority ! route-map DATA permit 30 match ip address DATOS_LOW set ip precedence routine ! route-map DATA permit 40 match ip address 190 set ip precedence priority ! route-map SET_COMM permit 10 match ip address prefix-list IP_LOCAL set community 6147:90 ! route-map RECIBE permit 10 match ip address prefix-list RECIBE_REDES ! route-map RED_LAN permit 10 match ip address prefix-list IP_LOCAL ! route-map C-GESTION-ROUTING permit 10 match ip address 104 set ip precedence internet ! ! snmp-server community pubEDYFICAR RO snmp-server community pubcgrc RO 50 snmp-server community privcgrc RW 50 snmp-server community pubEDPYME RO 90 snmp-server community pubMIBANCO RO 50 snmp-server community m1b4nc0 RO 50 snmp-server community privEDPYME RW 50 snmp-server ifindex persist snmp-server location JC_MARIATEGUI snmp-server enable traps tty snmp-server enable traps envmon snmp-server enable traps isdn call-information snmp-server enable traps isdn layer2 snmp-server enable traps isdn chan-not-avail snmp-server enable traps bgp snmp-server enable traps atm pvc snmp-server enable traps config-copy snmp-server enable traps config snmp-server enable traps entity snmp-server enable traps frame-relay multilink bundle-mismatch snmp-server enable traps frame-relay snmp-server enable traps frame-relay subif snmp-server enable traps hsrp snmp-server enable traps cpu threshold snmp-server enable traps syslog snmp-server enable traps ipsla snmp-server enable traps voice snmp-server host 172.16.8.34 m1b4nc0 snmp-server host 172.17.1.142 privMIBANCO snmp-server host 10.125.25.37 privcgrc snmp-server host 10.125.25.38 privcgrc snmp-server host 10.28.128.130 privcgrc snmp-server host 172.17.1.142 privcgrc snmp-server host 172.19.253.16 privcgrc snmp-server host 10.2.4.128 pubEDPYME snmp-server host 10.4.0.200 pubEDPYME snmp-server host 10.2.30.232 pubEDYFICAR snmp-server host 10.125.25.37 pubcgrc snmp-server host 10.125.25.38 pubcgrc snmp-server host 10.28.128.130 pubcgrc snmp-server host 10.4.0.220 pubcgrc tacacs-server host 10.125.25.17 tacacs-server host 10.125.25.16 tacacs-server timeout 3 tacacs-server directed-request tacacs-server key 7 111B1C011E02 ! ! ! control-plane ! ! voice-port 0/0/0 ! voice-port 0/0/1 ! ! ! mgcp profile default ! ! ! ! ! gatekeeper shutdown ! ! banner exec ^CCCCCCC --------------------------------------------------------------------- . . | JC Mariategui | | | PPJJ VILLA EL SALVADOR MZ A LOTE 10 SECTOR 6 .|. .|. | Telefonica del Peru .|||. .|||. | Lima - Peru ..|||||||..|||||||.. | IP/VPN 1M CD93775 Backup CD99871 --------------------------------------------------------------------- ^C banner login ^CC |-----------------------------------------------------------------| | WARNING | | | | This system is for the use of authorized users only. | | Individuals using this computer system without authority, or in | | excess of their authority, are subject to having all of their | | activities on this system monitored and recorded by system | | personnel. | | | | In the course of monitoring individuals improperly using this | | system, or in the course of system maintenance, the activities | | of authorized users may also be monitored. | | | | Anyone using this system expressly consents to such monitoring | | and is advised that if such monitoring reveals possible | | evidence of criminal activity, system personnel may provide the | | evidence of such monitoring to law enforcement officials. | | | | TELEFONICA DEL PERU | |-----------------------------------------------------------------| ^C ! line con 0 exec-timeout 30 0 line aux 0 exec-timeout 30 0 line 2 no activation-character no exec transport preferred none transport input all transport output pad telnet rlogin lapb-ta mop udptn v120 ssh stopbits 1 line vty 0 4 access-class TerminalAccess in exec-timeout 30 0 password 7 044F0E0A0A274340001A04 transport input all ! scheduler allocate 20000 1000 ntp server 10.125.25.15 ntp server 10.125.25.17 end