tzadmin/devices
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4a24c3d213
devices/configs/216.31.138.26
RANCID 3076c6f85a updates
2025-12-08 16:39:58 -08:00

335 lines
9.2 KiB
Plaintext
Raw Blame History

!RANCID-CONTENT-TYPE: cisco-clean
!
!
!
!
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime localtime
service password-encryption
service sequence-numbers
!
hostname AllanCompany_10MB_13.KQGN.617701.PT_2540S.MainSt
!
boot-start-marker
boot-end-marker
!
logging buffered 20000
logging persistent url flash:/syslog1 size 10485760 filesize 40000
no logging console
!
aaa new-model
!
aaa authentication fail-message ^CCCCCCCCCCC****TACACS+************^C
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ none
!
aaa session-id common
!
no process cpu autoprofile hog
memory-size iomem 10
clock timezone PST -8 0
clock summer-time PST recurring
!
crypto pki token default removal timeout 0
!
dot11 syslog
ip source-route
!
ip cef
!
ip dhcp pool HPBX
network 10.10.10.0 255.255.255.0
domain-name voip.tierzero.net
default-router 10.10.10.1
dns-server 216.116.96.2 216.116.96.3
option 66 ascii "http://config:uCdh8qBc3Hb@ndp.tierzero.net/cfg/"
!
ip dhcp pool DEFAULT
network 10.101.0.0 255.255.224.0
domain-name allanco.local
default-router 10.101.1.1
dns-server 10.100.15.2 10.100.15.3 216.116.96.2 8.8.8.8
lease 0 8
!
ip dhcp pool computer1
host 10.101.13.4 255.255.224.0
hardware-address 3417.ebbc.8be9
default-router 10.101.1.1
dns-server 10.100.15.2 10.100.15.3 216.116.96.2 8.8.8.8
!
ip dhcp pool computer2
host 10.101.13.7 255.255.224.0
hardware-address 90b1.1c63.4cc4
default-router 10.101.1.1
dns-server 10.100.15.2 10.100.15.3 216.116.96.2 8.8.8.8
!
ip dhcp pool Camera
host 10.101.0.59 255.255.224.0
hardware-address 70b3.d526.1aff
default-router 10.101.1.1
dns-server 10.100.15.2 10.100.15.3 216.116.96.2 8.8.8.8
!
ip domain name auto
ip name-server 216.116.96.2
ip name-server 216.116.96.3
no ipv6 cef
!
multilink bundle-name authenticated
!
voice-card 0
!
license udi pid CISCO2851 sn FTX1448AKC2
archive
log config
logging enable
logging persistent auto
username tzcare privilege 15 secret 5 $1$QcDi$cx/mqm7rFUUwXiVU5g0OJ.
!
redundancy
!
ip ssh version 2
!
track 1 ip sla 1 reachability
delay down 180
!
class-map match-any VOIP
match access-group 110
class-map match-all BANDWIDTH
match any
!
policy-map VOIP-POLICE
class VOIP
priority percent 33
class class-default
fair-queue
random-detect dscp-based
random-detect ecn
policy-map BANDWIDTH_10MB
class BANDWIDTH
shape average 10000000
queue-limit 62500 bytes
service-policy VOIP-POLICE
class class-default
fair-queue
random-detect dscp-based
random-detect ecn
!
interface Tunnel4
description description 2540_S_Main_Street_Santa_Ana_CradlePoint_to_JB_FrontierOffnet
ip address 172.16.10.26 255.255.255.252
keepalive 25 50
tunnel source FastEthernet1/0
tunnel destination 47.181.223.134
!
interface Tunnel5
description 2540_S_Main_Street_Santa_Ana_Location_To__14620_Joanbridge_Baldwin_Park
ip address 172.16.10.30 255.255.255.252
keepalive 25 50
tunnel source GigabitEthernet0/0.1
tunnel destination 208.179.32.94
!
interface Tunnel128
description ALLANCompany NBS Firewall Unit
bandwidth 10000
ip address 10.255.255.27 255.255.255.254
keepalive 10 5
tunnel source GigabitEthernet0/0.1
tunnel destination 208.179.23.10
!
interface GigabitEthernet0/0
description AllanCompany=13KQGN617722PT
no ip address
ip flow ingress
ip nat outside
ip virtual-reassembly in
load-interval 30
duplex full
speed 100
no cdp enable
service-policy output BANDWIDTH_10MB
!
interface GigabitEthernet0/0.1
encapsulation dot1Q 2564
ip address 216.31.138.26 255.255.255.252
ip flow ingress
ip nat outside
ip virtual-reassembly in
no cdp enable
!
interface GigabitEthernet0/1
ip address 64.239.145.129 255.255.255.248 secondary
ip address 208.179.211.121 255.255.255.248 secondary
ip address 208.179.41.33 255.255.255.248
ip flow ingress
ip virtual-reassembly in
duplex auto
speed auto
no cdp enable
service-policy output BANDWIDTH_10MB
!
interface GigabitEthernet0/1.1
description CustomerLAN
encapsulation dot1Q 1 native
ip address 10.101.1.1 255.255.224.0
ip access-group 194 in
ip access-group 194 out
ip flow ingress
ip nat inside
ip virtual-reassembly in
no cdp enable
!
interface GigabitEthernet0/1.2
encapsulation dot1Q 2
ip address 10.101.33.1 255.255.224.0
ip flow ingress
ip nat inside
ip virtual-reassembly in
no cdp enable
!
interface GigabitEthernet0/1.3
description HPBX
encapsulation dot1Q 1159
ip address 10.10.10.1 255.255.255.0
ip flow ingress
ip nat inside
ip virtual-reassembly in
no cdp enable
!
interface FastEthernet1/0
description CradlePoint_Failover
ip address 166.253.33.69 255.255.255.0
ip flow ingress
ip nat outside
ip virtual-reassembly in
duplex full
speed 100
no cdp enable
service-policy output BANDWIDTH_10MB
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip flow-export source GigabitEthernet0/0
ip flow-export version 5
ip flow-export destination 216.116.96.71 2055
!
ip nat translation timeout 300
ip nat translation tcp-timeout 300
ip nat translation udp-timeout 90
no ip nat service sip udp port 5060
ip nat inside source route-map CradlePoint_Circuit interface FastEthernet1/0 overload
ip nat inside source route-map EOC_Circuit interface GigabitEthernet0/0 overload
ip nat inside source route-map FIBER interface GigabitEthernet0/0.1 overload
ip nat inside source static tcp 10.10.10.253 22 64.239.145.129 22 extendable
ip nat inside source static tcp 10.10.10.253 23 64.239.145.129 23 extendable
ip nat inside source static tcp 10.10.10.254 161 64.239.145.129 161 extendable
ip nat inside source static tcp 10.10.10.254 22 64.239.145.130 22 extendable
ip nat inside source static tcp 10.10.10.254 23 64.239.145.130 23 extendable
ip nat inside source static tcp 10.10.10.254 161 64.239.145.130 161 extendable
ip nat inside source static tcp 10.101.0.59 80 64.239.145.131 80 extendable
ip nat inside source static tcp 10.101.0.59 9000 64.239.145.131 9000 extendable
ip nat inside source static tcp 10.101.2.5 80 208.179.211.122 8000 extendable
ip nat inside source static tcp 10.101.5.61 25 216.31.144.198 25 extendable
ip nat inside source static tcp 10.101.5.61 29 216.31.144.198 29 extendable
ip nat inside source static tcp 10.101.5.61 30 216.31.144.198 30 extendable
ip nat inside source static tcp 10.101.5.61 31 216.31.144.198 31 extendable
ip nat inside source static tcp 10.101.5.7 125 216.31.144.198 125 extendable
ip nat inside source static udp 10.10.10.253 161 64.239.145.129 161 extendable
ip nat inside source static udp 10.10.10.254 161 64.239.145.130 161 extendable
ip route 0.0.0.0 0.0.0.0 216.31.138.25 track 1
ip route 0.0.0.0 0.0.0.0 166.253.33.70 250 name CradlePoint_Failover
ip route 10.100.0.0 255.255.0.0 Tunnel5
ip route 10.100.0.0 255.255.0.0 Tunnel4 250 name JB_FrontierOffnet
!
ip access-list extended NAT
permit ip 10.10.10.0 0.0.0.255 any
permit ip 10.101.0.0 0.0.31.255 any
permit ip 10.101.32.0 0.0.31.255 any
deny ip any any
!
ip sla 1
icmp-echo 216.31.138.25 source-ip 216.31.138.26
timeout 30000
threshold 30000
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 216.31.138.25
frequency 30
timeout 30000
threshold 30000
history enhanced interval 60 buckets 100
ip sla schedule 2 life forever start-time now
ip sla reaction-configuration 2 react rtt threshold-value 100 60 threshold-type immediate action-type trapOnly
ip sla logging traps
access-list 25 permit 64.239.128.0 0.0.63.255
access-list 25 permit 66.6.208.0 0.0.15.255
access-list 25 permit 72.18.0.0 0.0.31.255
access-list 25 permit 208.179.0.0 0.0.255.255
access-list 25 permit 216.31.128.0 0.0.63.255
access-list 25 permit 216.116.96.0 0.0.31.255
access-list 25 deny any
access-list 110 permit ip any host 64.239.185.8
access-list 110 permit ip any host 64.239.185.9
access-list 110 permit ip any host 64.239.185.5
access-list 110 permit ip any host 64.239.188.8
access-list 110 permit ip any host 64.239.188.9
access-list 197 permit icmp host 10.10.10.10 host 20.20.20.20
access-list 198 permit icmp host 10.10.10.10 host 20.20.20.20
access-list 199 permit icmp host 10.10.10.10 host 20.20.20.20
no cdp run
!
route-map CradlePoint_Circuit permit 10
match ip address NAT
match interface FastEthernet1/0
!
route-map EOC_Circuit permit 10
match ip address NAT
match interface GigabitEthernet0/0
!
route-map FIBER permit 10
match ip address NAT
match interface GigabitEthernet0/0.1
!
snmp-server engineID local 0000000902000050547D0984
snmp-server community tierzero RO
snmp-server enable traps ipsla
snmp-server host 216.116.96.71 version 2c tierzero
!
tacacs-server host 216.116.96.47
tacacs-server timeout 10
tacacs-server directed-request
tacacs-server key 7 01040E554F58165F2F5501
!
control-plane
!
mgcp profile default
!
banner motd ^CCCCCCCCCCCC
*************************************************************
Tierzero:
Unauthorized access to this device or the attached
networks is prohibited without express written permission.
Violators may be prosecuted to the fullest extent of the law.
Phone: 213-784-1400 option 1
Email: [tac@tierzero.net]
*********TACACS+*************************
^C
!
line con 0
line aux 0
line vty 0 4
access-class 25 in
transport input all
line vty 5 15
access-class 25 in
transport input all
!
scheduler allocate 20000 1000
ntp server 204.152.184.72
ntp server 216.31.128.192
ntp server 216.116.96.3
end
Reference in New Issue View Git Blame Copy Permalink