204 lines
4.8 KiB
Plaintext
204 lines
4.8 KiB
Plaintext
!RANCID-CONTENT-TYPE: cisco-clean
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
version 12.4
|
|
service timestamps debug datetime msec
|
|
service timestamps log datetime localtime
|
|
service password-encryption
|
|
!
|
|
hostname OrangePsychiatricMedicalGroup_50MB_13KQGN639404PT_770MagnoliaAve
|
|
!
|
|
boot-start-marker
|
|
boot-end-marker
|
|
!
|
|
logging message-counter syslog
|
|
logging buffered 20000
|
|
no logging console
|
|
!
|
|
aaa new-model
|
|
!
|
|
aaa authentication fail-message ^CCCCCCCCCCC****TACACS+************^C
|
|
aaa authentication login default group tacacs+ local
|
|
aaa authentication enable default group tacacs+ none
|
|
!
|
|
aaa session-id common
|
|
clock timezone PST -8
|
|
clock summer-time PST recurring
|
|
!
|
|
dot11 syslog
|
|
ip source-route
|
|
!
|
|
ip cef
|
|
!
|
|
ip dhcp pool HPBX
|
|
network 10.10.25.0 255.255.255.0
|
|
domain-name voip.tierzero.net
|
|
default-router 10.10.25.1
|
|
dns-server 216.116.96.2 216.116.96.3
|
|
option 66 ascii "http://config:uCdh8qBc3Hb@ndp.tierzero.net/cfgb
|
|
!
|
|
ip dhcp pool LAN_DHCP
|
|
network 192.168.1.0 255.255.255.0
|
|
default-router 192.168.1.1
|
|
dns-server 216.116.96.2 216.116.96.3
|
|
lease 0 23
|
|
!
|
|
ip domain name tierzero.net
|
|
ip name-server 216.116.96.2
|
|
ip name-server 216.116.96.3
|
|
ip name-server 64.239.184.125
|
|
no ipv6 cef
|
|
!
|
|
multilink bundle-name authenticated
|
|
!
|
|
voice-card 0
|
|
no dspfarm
|
|
!
|
|
username tzcare privilege 15 secret 5 $1$QcDi$cx/mqm7rFUUwXiVU5g0OJ.
|
|
!
|
|
archive
|
|
log config
|
|
hidekeys
|
|
!
|
|
class-map match-any VOIP
|
|
match access-group 110
|
|
class-map match-all BANDWIDTH
|
|
match any
|
|
!
|
|
policy-map VOIP-POLICE
|
|
class VOIP
|
|
priority percent 40
|
|
class class-default
|
|
fair-queue
|
|
random-detect dscp-based
|
|
random-detect ecn
|
|
policy-map BANDWIDTH_50MB
|
|
class BANDWIDTH
|
|
shape average 50000000
|
|
queue-limit 62500 bytes
|
|
service-policy VOIP-POLICE
|
|
class class-default
|
|
fair-queue
|
|
random-detect dscp-based
|
|
random-detect ecn
|
|
policy-map BANDWIDTH_50MB2
|
|
class BANDWIDTH
|
|
shape peak 50000000
|
|
queue-limit 62500 bytes
|
|
service-policy VOIP-POLICE
|
|
class class-default
|
|
fair-queue
|
|
random-detect dscp-based
|
|
random-detect ecn
|
|
!
|
|
interface GigabitEthernet0/0
|
|
description OrangePsychiatricMedicalGroup=13KQGN639404PT
|
|
no ip address
|
|
ip virtual-reassembly
|
|
load-interval 30
|
|
duplex full
|
|
speed 100
|
|
service-policy output BANDWIDTH_50MB2
|
|
!
|
|
interface GigabitEthernet0/0.1
|
|
encapsulation dot1Q 2613
|
|
ip address 216.31.132.166 255.255.255.252
|
|
ip nat outside
|
|
ip virtual-reassembly
|
|
!
|
|
interface GigabitEthernet0/1
|
|
description VOIP
|
|
no ip address
|
|
ip flow ingress
|
|
ip nat inside
|
|
ip virtual-reassembly
|
|
duplex auto
|
|
speed auto
|
|
service-policy output BANDWIDTH_50MB
|
|
!
|
|
interface GigabitEthernet0/1.1
|
|
encapsulation dot1Q 1159
|
|
ip address 10.10.25.1 255.255.255.0
|
|
ip flow ingress
|
|
ip nat inside
|
|
ip virtual-reassembly
|
|
!
|
|
interface FastEthernet1/0
|
|
description CustomerLAN
|
|
ip address 64.239.130.25 255.255.255.248 secondary
|
|
ip address 192.168.1.1 255.255.255.0
|
|
ip access-group 198 in
|
|
ip flow ingress
|
|
ip nat inside
|
|
ip virtual-reassembly
|
|
duplex auto
|
|
speed auto
|
|
service-policy output BANDWIDTH_50MB
|
|
!
|
|
ip forward-protocol nd
|
|
ip route 0.0.0.0 0.0.0.0 216.31.132.165
|
|
no ip http server
|
|
no ip http secure-server
|
|
!
|
|
ip nat translation timeout 300
|
|
ip nat translation tcp-timeout 300
|
|
ip nat translation udp-timeout 90
|
|
no ip nat service sip tcp port 5060
|
|
no ip nat service sip udp port 5060
|
|
ip nat inside source list 1 interface GigabitEthernet0/0.1 overload
|
|
!
|
|
access-list 1 permit 10.10.25.0 0.0.0.255
|
|
access-list 1 permit 192.168.1.0 0.0.0.255
|
|
access-list 1 permit 192.168.12.0 0.0.0.255
|
|
access-list 25 permit 64.239.128.0 0.0.63.255
|
|
access-list 25 permit 66.6.208.0 0.0.15.255
|
|
access-list 25 permit 72.18.0.0 0.0.31.255
|
|
access-list 25 permit 208.179.0.0 0.0.255.255
|
|
access-list 25 permit 216.31.128.0 0.0.63.255
|
|
access-list 25 permit 216.116.96.0 0.0.31.255
|
|
access-list 25 deny any
|
|
access-list 110 permit ip any host 64.239.185.8
|
|
access-list 110 permit ip any host 64.239.185.9
|
|
access-list 110 permit ip any host 64.239.185.5
|
|
access-list 110 permit ip any host 64.239.188.8
|
|
access-list 110 permit ip any host 64.239.188.9
|
|
access-list 198 permit tcp any host 64.239.130.26 eq 443
|
|
access-list 198 deny ip any host 64.239.130.26
|
|
access-list 198 permit ip any any
|
|
snmp-server engineID local 0000000902000050547D0984
|
|
snmp-server community tierzero RO
|
|
!
|
|
tacacs-server host 216.116.96.47
|
|
tacacs-server timeout 10
|
|
tacacs-server directed-request
|
|
tacacs-server key 7 01040E554F58165F2F5501
|
|
!
|
|
control-plane
|
|
!
|
|
banner motd ^CCCCCCCCCCCC
|
|
*************************************************************
|
|
Tierzero:
|
|
Unauthorized access to this device or the attached
|
|
networks is prohibited without express written permission.
|
|
Violators may be prosecuted to the fullest extent of the law.
|
|
Phone: 213-784-1400 option 1
|
|
Email: [tac@tierzero.net]
|
|
*********TACACS+*************************
|
|
^C
|
|
!
|
|
line con 0
|
|
line aux 0
|
|
line vty 0 4
|
|
access-class 25 in
|
|
line vty 5 15
|
|
access-class 25 in
|
|
!
|
|
scheduler allocate 20000 1000
|
|
ntp server 204.152.184.72
|
|
ntp server 216.31.128.192
|
|
ntp server 216.116.96.3
|
|
end
|