devices/configs/216.31.138.42

!RANCID-CONTENT-TYPE: cisco-clean
!
!
!
!
!
version 15.4
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
service password-encryption
service sequence-numbers
no platform punt-keepalive disable-kernel-core
!
hostname AllanCompany_100MB_19KRGN537292PT_6733ConsolidatedWay
!
boot-start-marker
boot-end-marker
!
vrf definition Mgmt-intf
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
!
logging buffered 50000 informational
logging persistent url flash:/syslog1 size 10485760 filesize 40000 immediate
no logging console
!
aaa new-model
!
aaa authentication fail-message ^CCCCCCCCCC****TACACS+************^C
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ none
!
aaa session-id common
clock timezone PST -8 0
clock summer-time PST recurring
!


ip domain name auto
ip name-server 216.116.96.2
ip name-server 216.116.96.3
ip name-server 64.239.184.125

ip dhcp excluded-address 10.109.5.255 10.109.255.254
ip dhcp excluded-address 10.109.0.1 10.109.5.1
ip dhcp ping timeout 200
!
ip dhcp pool default
 network 10.109.0.0 255.255.0.0
 default-router 10.109.1.1 
 domain-name allanco.local
 dns-server 10.100.15.2 10.100.15.3 216.116.96.2 8.8.8.8 
 lease 0 4
!
ip dhcp pool HPBX
 network 10.10.10.0 255.255.255.0
 domain-name voip.tierzero.net
 default-router 10.10.10.1 
 dns-server 216.116.96.2 216.116.96.3 
 option 66 ascii "http://config:uCdh8qBc3Hb@ndp.tierzero.net/cfg/"
!
subscriber templating
!
multilink bundle-name authenticated
!
license udi pid ASR1001 sn JAE19020223
archive
 log config
  logging enable
spanning-tree extend system-id
!
username tzcare privilege 15 secret 5 $1$QcDi$cx/mqm7rFUUwXiVU5g0OJ.
!
redundancy
 mode none
!
track 1 ip sla 1 reachability
 delay down 180
!
ip tftp source-interface GigabitEthernet0
ip ssh version 2
!
class-map match-any VOIP
 match access-group 110
class-map match-all BANDWIDTH
 match any 
!
policy-map BANDWIDTH_100MB
 class VOIP
  priority level 1
 class class-default
  police rate 100000000  burst 500000  conform-action transmit  exceed-action drop 
policy-map VOIP-POLICE
 class VOIP
  priority percent 33
 class class-default
  fair-queue
  random-detect dscp-based
  random-detect ecn
!
interface Tunnel14
 description 6733ConsolidatedWay_CradlePoint_to JB_FrontierOffnet
 ip address 172.16.10.66 255.255.255.252
 keepalive 25 50
 tunnel source GigabitEthernet0/0/3
 tunnel destination 47.181.223.134
!
interface Tunnel25
 description 6733ConsolidatedWay_To_14620_Joanbridge_Baldwin_Park
 bandwidth 100000
 ip address 172.16.10.106 255.255.255.252
 keepalive 10 5
 tunnel source GigabitEthernet0/0/0.1
 tunnel destination 208.179.32.94
!
interface Tunnel126
 description ALLANCompany NBS Firewall Unit
 bandwidth 100000
 ip address 10.255.255.23 255.255.255.254
 keepalive 10 5
 tunnel source GigabitEthernet0/0/0.1
 tunnel destination 208.179.23.10
!
interface GigabitEthernet0/0/0
 description AllanCompany=19KRGN537292PT
 no ip address
 load-interval 30
 negotiation auto
 service-policy output BANDWIDTH_100MB
!
interface GigabitEthernet0/0/0.1
 encapsulation dot1Q 2565
 ip address 216.31.138.42 255.255.255.252
 ip nat outside
!
interface GigabitEthernet0/0/1
 description CustomerLAN
 ip address 208.179.23.153 255.255.255.252 secondary
 ip address 10.109.1.1 255.255.0.0
 ip nat inside
 negotiation auto
 service-policy output BANDWIDTH_100MB
!
interface GigabitEthernet0/0/2
 description HPBX
 no ip address
 negotiation auto
 service-policy output BANDWIDTH_100MB
!
interface GigabitEthernet0/0/2.1
 description HPBX
 encapsulation dot1Q 1159
 ip address 10.10.10.1 255.255.255.0
 ip nat inside
!
interface GigabitEthernet0/0/3
 description Peplink_Failover
 ip address 63.46.214.114 255.255.255.252
 ip nat outside
 speed 100
 no negotiation auto
 service-policy output BANDWIDTH_100MB
!
interface GigabitEthernet0
 vrf forwarding Mgmt-intf
 no ip address
 shutdown
 negotiation auto
!
ip nat translation timeout 300
ip nat translation tcp-timeout 300
ip nat translation udp-timeout 90
no ip nat service sip udp port 5060
ip nat inside source route-map CradlePoint_Circuit interface GigabitEthernet0/0/3 overload
ip nat inside source route-map FIBER interface GigabitEthernet0/0/0.1 overload
ip nat inside source static 10.109.9.51 208.179.19.154 extendable
ip forward-protocol nd
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 216.31.138.41 track 1
ip route 0.0.0.0 0.0.0.0 63.46.214.113 250 name Peplink_Failover
ip route 10.100.0.0 255.255.0.0 Tunnel25
ip route 10.100.0.0 255.255.0.0 Tunnel14 250 name JB_FrontierOffnet
ip route 208.179.23.10 255.255.255.255 216.31.138.41
!
ip access-list extended NAT
 permit ip 10.10.10.0 0.0.0.255 any
 permit ip 10.109.0.0 0.0.255.255 any
 deny   ip any any
!
ip sla 1
 icmp-echo 216.31.138.41 source-ip 216.31.138.42
 timeout 60000
 threshold 60000
ip sla schedule 1 life forever start-time now
ip sla 2
 icmp-echo 216.31.138.237
 frequency 30
 timeout 30000
 threshold 30000
 history enhanced interval 60 buckets 100
ip sla schedule 2 life forever start-time now
ip sla reaction-configuration 2 react rtt threshold-value 100 60 threshold-type immediate action-type trapOnly
ip sla logging traps
access-list 25 permit 23.241.22.188
access-list 25 permit 64.239.128.0 0.0.63.255
access-list 25 permit 66.6.208.0 0.0.15.255
access-list 25 permit 72.18.0.0 0.0.31.255
access-list 25 permit 208.179.0.0 0.0.255.255
access-list 25 permit 216.31.128.0 0.0.63.255
access-list 25 permit 216.116.96.0 0.0.31.255
access-list 25 deny   any
access-list 110 permit ip any host 64.239.185.8
access-list 110 permit ip any host 64.239.185.9
access-list 110 permit ip any host 64.239.185.5
access-list 110 permit ip any host 64.239.188.8
access-list 110 permit ip any host 64.239.188.9
!
route-map CradlePoint_Circuit permit 10
 match ip address NAT
 match interface GigabitEthernet0/0/3
!
route-map FIBER permit 10
 match ip address NAT
 match interface GigabitEthernet0/0/0.1
!
snmp-server engineID local 0000000902000050547D0984
snmp-server community tierzero RO
!
tacacs-server host 216.116.96.47
tacacs-server timeout 10
tacacs-server directed-request
tacacs-server key 7 01040E554F58165F2F5501
!
control-plane
!
 !
 !
 !
 !
!
banner motd ^CCCCCCCCCCC
*************************************************************
Tierzero:
Unauthorized access to this device or the attached
networks is prohibited without express written permission.
Violators may be prosecuted to the fullest extent of the law.
Phone: 213-784-1400 option 1
Email: [tac@tierzero.net]
*********TACACS+*************************
^C
!
line con 0
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 access-class 25 in
 transport input all
line vty 5 15
 access-class 25 in
 transport input all
!
ntp server 204.152.184.72
ntp server 216.31.128.192
ntp server 216.116.96.3
!
end
updates 2025-12-08 16:39:58 -08:00			`!RANCID-CONTENT-TYPE: cisco-clean`
			`!`
			`!`
			`!`
			`!`
			`!`
			`version 15.4`
			`service timestamps debug datetime msec localtime show-timezone year`
			`service timestamps log datetime msec localtime show-timezone year`
			`service password-encryption`
			`service sequence-numbers`
			`no platform punt-keepalive disable-kernel-core`
			`!`
			`hostname AllanCompany_100MB_19KRGN537292PT_6733ConsolidatedWay`
			`!`
			`boot-start-marker`
			`boot-end-marker`
			`!`
			`vrf definition Mgmt-intf`
			`!`
			`address-family ipv4`
			`exit-address-family`
			`!`
			`address-family ipv6`
			`exit-address-family`
			`!`
			`logging buffered 50000 informational`
			`logging persistent url flash:/syslog1 size 10485760 filesize 40000 immediate`
			`no logging console`
			`!`
			`aaa new-model`
			`!`
			`aaa authentication fail-message ^CCCCCCCCCC**TACACS+**********^C`
			`aaa authentication login default group tacacs+ local`
			`aaa authentication enable default group tacacs+ none`
			`!`
			`aaa session-id common`
			`clock timezone PST -8 0`
			`clock summer-time PST recurring`
			`!`


			`ip domain name auto`
			`ip name-server 216.116.96.2`
			`ip name-server 216.116.96.3`
			`ip name-server 64.239.184.125`

			`ip dhcp excluded-address 10.109.5.255 10.109.255.254`
			`ip dhcp excluded-address 10.109.0.1 10.109.5.1`
			`ip dhcp ping timeout 200`
			`!`
			`ip dhcp pool default`
			`network 10.109.0.0 255.255.0.0`
			`default-router 10.109.1.1`
			`domain-name allanco.local`
			`dns-server 10.100.15.2 10.100.15.3 216.116.96.2 8.8.8.8`
			`lease 0 4`
			`!`
			`ip dhcp pool HPBX`
			`network 10.10.10.0 255.255.255.0`
			`domain-name voip.tierzero.net`
			`default-router 10.10.10.1`
			`dns-server 216.116.96.2 216.116.96.3`
			`option 66 ascii "http://config:uCdh8qBc3Hb@ndp.tierzero.net/cfg/"`
			`!`
			`subscriber templating`
			`!`
			`multilink bundle-name authenticated`
			`!`
			`license udi pid ASR1001 sn JAE19020223`
			`archive`
			`log config`
			`logging enable`
			`spanning-tree extend system-id`
			`!`
			`username tzcare privilege 15 secret 5 $1$QcDi$cx/mqm7rFUUwXiVU5g0OJ.`
			`!`
			`redundancy`
			`mode none`
			`!`
			`track 1 ip sla 1 reachability`
			`delay down 180`
			`!`
			`ip tftp source-interface GigabitEthernet0`
			`ip ssh version 2`
			`!`
			`class-map match-any VOIP`
			`match access-group 110`
			`class-map match-all BANDWIDTH`
			`match any`
			`!`
			`policy-map BANDWIDTH_100MB`
			`class VOIP`
			`priority level 1`
			`class class-default`
			`police rate 100000000 burst 500000 conform-action transmit exceed-action drop`
			`policy-map VOIP-POLICE`
			`class VOIP`
			`priority percent 33`
			`class class-default`
			`fair-queue`
			`random-detect dscp-based`
			`random-detect ecn`
			`!`
			`interface Tunnel14`
			`description 6733ConsolidatedWay_CradlePoint_to JB_FrontierOffnet`
			`ip address 172.16.10.66 255.255.255.252`
			`keepalive 25 50`
			`tunnel source GigabitEthernet0/0/3`
			`tunnel destination 47.181.223.134`
			`!`
			`interface Tunnel25`
			`description 6733ConsolidatedWay_To_14620_Joanbridge_Baldwin_Park`
			`bandwidth 100000`
			`ip address 172.16.10.106 255.255.255.252`
			`keepalive 10 5`
			`tunnel source GigabitEthernet0/0/0.1`
			`tunnel destination 208.179.32.94`
			`!`
			`interface Tunnel126`
			`description ALLANCompany NBS Firewall Unit`
			`bandwidth 100000`
			`ip address 10.255.255.23 255.255.255.254`
			`keepalive 10 5`
			`tunnel source GigabitEthernet0/0/0.1`
			`tunnel destination 208.179.23.10`
			`!`
			`interface GigabitEthernet0/0/0`
			`description AllanCompany=19KRGN537292PT`
			`no ip address`
			`load-interval 30`
			`negotiation auto`
			`service-policy output BANDWIDTH_100MB`
			`!`
			`interface GigabitEthernet0/0/0.1`
			`encapsulation dot1Q 2565`
			`ip address 216.31.138.42 255.255.255.252`
			`ip nat outside`
			`!`
			`interface GigabitEthernet0/0/1`
			`description CustomerLAN`
			`ip address 208.179.23.153 255.255.255.252 secondary`
			`ip address 10.109.1.1 255.255.0.0`
			`ip nat inside`
			`negotiation auto`
			`service-policy output BANDWIDTH_100MB`
			`!`
			`interface GigabitEthernet0/0/2`
			`description HPBX`
			`no ip address`
			`negotiation auto`
			`service-policy output BANDWIDTH_100MB`
			`!`
			`interface GigabitEthernet0/0/2.1`
			`description HPBX`
			`encapsulation dot1Q 1159`
			`ip address 10.10.10.1 255.255.255.0`
			`ip nat inside`
			`!`
			`interface GigabitEthernet0/0/3`
			`description Peplink_Failover`
			`ip address 63.46.214.114 255.255.255.252`
			`ip nat outside`
			`speed 100`
			`no negotiation auto`
			`service-policy output BANDWIDTH_100MB`
			`!`
			`interface GigabitEthernet0`
			`vrf forwarding Mgmt-intf`
			`no ip address`
			`shutdown`
			`negotiation auto`
			`!`
			`ip nat translation timeout 300`
			`ip nat translation tcp-timeout 300`
			`ip nat translation udp-timeout 90`
			`no ip nat service sip udp port 5060`
			`ip nat inside source route-map CradlePoint_Circuit interface GigabitEthernet0/0/3 overload`
			`ip nat inside source route-map FIBER interface GigabitEthernet0/0/0.1 overload`
			`ip nat inside source static 10.109.9.51 208.179.19.154 extendable`
			`ip forward-protocol nd`
			`!`
			`no ip http server`
			`no ip http secure-server`
			`ip route 0.0.0.0 0.0.0.0 216.31.138.41 track 1`
			`ip route 0.0.0.0 0.0.0.0 63.46.214.113 250 name Peplink_Failover`
			`ip route 10.100.0.0 255.255.0.0 Tunnel25`
			`ip route 10.100.0.0 255.255.0.0 Tunnel14 250 name JB_FrontierOffnet`
			`ip route 208.179.23.10 255.255.255.255 216.31.138.41`
			`!`
			`ip access-list extended NAT`
			`permit ip 10.10.10.0 0.0.0.255 any`
			`permit ip 10.109.0.0 0.0.255.255 any`
			`deny ip any any`
			`!`
			`ip sla 1`
			`icmp-echo 216.31.138.41 source-ip 216.31.138.42`
			`timeout 60000`
			`threshold 60000`
			`ip sla schedule 1 life forever start-time now`
			`ip sla 2`
			`icmp-echo 216.31.138.237`
			`frequency 30`
			`timeout 30000`
			`threshold 30000`
			`history enhanced interval 60 buckets 100`
			`ip sla schedule 2 life forever start-time now`
			`ip sla reaction-configuration 2 react rtt threshold-value 100 60 threshold-type immediate action-type trapOnly`
			`ip sla logging traps`
			`access-list 25 permit 23.241.22.188`
			`access-list 25 permit 64.239.128.0 0.0.63.255`
			`access-list 25 permit 66.6.208.0 0.0.15.255`
			`access-list 25 permit 72.18.0.0 0.0.31.255`
			`access-list 25 permit 208.179.0.0 0.0.255.255`
			`access-list 25 permit 216.31.128.0 0.0.63.255`
			`access-list 25 permit 216.116.96.0 0.0.31.255`
			`access-list 25 deny any`
			`access-list 110 permit ip any host 64.239.185.8`
			`access-list 110 permit ip any host 64.239.185.9`
			`access-list 110 permit ip any host 64.239.185.5`
			`access-list 110 permit ip any host 64.239.188.8`
			`access-list 110 permit ip any host 64.239.188.9`
			`!`
			`route-map CradlePoint_Circuit permit 10`
			`match ip address NAT`
			`match interface GigabitEthernet0/0/3`
			`!`
			`route-map FIBER permit 10`
			`match ip address NAT`
			`match interface GigabitEthernet0/0/0.1`
			`!`
			`snmp-server engineID local 0000000902000050547D0984`
			`snmp-server community tierzero RO`
			`!`
			`tacacs-server host 216.116.96.47`
			`tacacs-server timeout 10`
			`tacacs-server directed-request`
			`tacacs-server key 7 01040E554F58165F2F5501`
			`!`
			`control-plane`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`banner motd ^CCCCCCCCCCC`
			`*************************************************************`
			`Tierzero:`
			`Unauthorized access to this device or the attached`
			`networks is prohibited without express written permission.`
			`Violators may be prosecuted to the fullest extent of the law.`
			`Phone: 213-784-1400 option 1`
			`Email: [tac@tierzero.net]`
			`*******TACACS+***********************`
			`^C`
			`!`
			`line con 0`
			`stopbits 1`
			`line aux 0`
			`stopbits 1`
			`line vty 0 4`
			`access-class 25 in`
			`transport input all`
			`line vty 5 15`
			`access-class 25 in`
			`transport input all`
			`!`
			`ntp server 204.152.184.72`
			`ntp server 216.31.128.192`
			`ntp server 216.116.96.3`
			`!`
			`end`