nikrons
Advanced Member | Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
Спасибо, что откликнулись...
Router#sh ver
Cisco IOS Software, C1700 Software (C1700-K9O3SY7-M), Version 12.3(8)T5, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2004 by Cisco Systems, Inc.
Compiled Wed 20-Oct-04 10:54 by cmong
ROM: System Bootstrap, Version 12.2(7r)XM2, RELEASE SOFTWARE (fc1)
Router uptime is 2 weeks, 16 hours, 19 minutes
System returned to ROM by power-on
System image file is "flash:c1700-k9o3sy7-mz.123-8.T5.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
Имена и пароли я забил XXX...
Router#sh run
Building configuration...
Current configuration : 6086 bytes
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret XXX
enable password XXX
!
username XXX
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
aaa new-model
!
aaa user profile XXX
!
aaa session-id common
ip subnet-zero
!
ip domain name dbank.donpac.ru
ip name-server 195.161.174.1
ip cef
ip ips po max-events 100
no ftp-server write-enable
password encryption aes
!
bridge irb
!
interface ATM0
no ip address
no ip mroute-cache
no atm ilmi-keepalive
bundle-enable
dsl operating-mode auto
bridge-group 1
hold-queue 224 in
pvc 65/67
encapsulation aal5snap
!
!
interface BRI0
no ip address
shutdown
no cdp enable
!
interface FastEthernet0
ip address 213.24.16.67 255.255.255.240 secondary
ip address 192.168.2.158 255.255.255.224
ip nat inside
ip virtual-reassembly
no ip mroute-cache
speed auto
full-duplex
no cdp enable
!
interface BVI1
ip address 213.24.16.126 255.255.255.252
ip access-group 100 in
ip access-group 101 out
ip nat outside
ip virtual-reassembly
!
ip classless
ip route 0.0.0.0 0.0.0.0 213.24.16.125
ip route 192.168.2.0 255.255.255.248 192.168.2.130
ip route 192.168.2.16 255.255.255.248 192.168.2.130
ip route 192.168.2.32 255.255.255.224 192.168.2.130
ip route 192.168.2.64 255.255.255.224 192.168.2.130
ip route 192.168.2.96 255.255.255.224 192.168.2.130
ip route 192.168.2.160 255.255.255.224 192.168.2.130
ip route 213.24.16.96 255.255.255.240 213.24.16.65
no ip http server
no ip http secure-server
ip nat inside source list 1 interface BVI1 overload
!
logging 192.168.2.135
access-list 1 permit 192.168.2.135
access-list 100 permit ip host 87.117.5.109 any
access-list 100 permit ip host 83.239.146.79 any
access-list 100 deny tcp any any eq 135
access-list 100 deny udp any any eq 135
access-list 100 deny udp any any eq netbios-ns
access-list 100 deny udp any any eq netbios-dgm
access-list 100 deny tcp any any eq 139
access-list 100 deny tcp any any eq 445
access-list 100 deny udp any any eq 445
access-list 100 deny tcp any any eq 593
access-list 100 permit ip any host 213.24.16.69
access-list 100 permit icmp any any
access-list 100 permit gre any any
access-list 100 permit esp any any
access-list 100 permit ahp any any
access-list 100 permit tcp any host 213.24.16.66 eq 100
access-list 100 permit tcp any host 213.24.16.65 eq smtp
access-list 100 permit tcp any eq smtp host 213.24.16.65
access-list 100 permit tcp any host 213.24.16.65 eq pop3
access-list 100 permit tcp any eq 37 host 213.24.16.65
access-list 100 permit udp any eq time host 213.24.16.65
access-list 100 permit tcp any eq 123 host 213.24.16.65
access-list 100 permit udp any eq ntp host 213.24.16.65
access-list 100 permit tcp any host 213.24.16.65 range ftp-data ftp
access-list 100 permit tcp any eq 1352 any
access-list 100 permit udp any eq 1352 any
access-list 100 permit tcp any eq telnet any
access-list 100 permit tcp any eq 19020 any
access-list 100 permit tcp any eq 1723 any
access-list 100 permit tcp any eq 3579 any
access-list 100 permit tcp any eq www any
access-list 100 permit tcp any eq 443 any
access-list 100 permit tcp any range ftp-data ftp any gt 1023
access-list 100 permit tcp any eq domain any
access-list 100 permit udp any eq domain any
access-list 100 permit udp any host 213.24.16.110 eq isakmp
access-list 100 permit tcp any host 213.24.16.110 eq 443
access-list 100 permit tcp any host 213.24.16.110 eq 22
access-list 100 permit tcp any eq 5101 any
access-list 100 permit tcp any eq 11023 any
access-list 101 permit ip any host 87.117.5.109
access-list 101 permit ip any host 83.239.146.79
access-list 101 deny tcp any eq 135 any
access-list 101 deny udp any eq 135 any
access-list 101 deny udp any eq netbios-ns any
access-list 101 deny udp any eq netbios-dgm any
access-list 101 deny udp any eq netbios-ss any
access-list 101 deny tcp any eq 445 any
access-list 101 deny udp any eq 445 any
access-list 101 deny tcp any eq 593 any
access-list 101 permit ip host 213.24.16.69 any
access-list 101 permit icmp any any
access-list 101 permit gre any any
access-list 101 permit esp any any
access-list 101 permit ahp any any
access-list 101 permit tcp host 213.24.16.66 eq 100 any
access-list 101 permit tcp host 213.24.16.65 any eq smtp
access-list 101 permit tcp host 213.24.16.65 eq smtp any
access-list 101 permit tcp host 213.24.16.65 eq pop3 any
access-list 101 permit udp host 213.24.16.65 any eq time
access-list 101 permit tcp host 213.24.16.65 any eq 37
access-list 101 permit tcp host 213.24.16.65 any eq 123
access-list 101 permit udp host 213.24.16.65 any eq ntp
access-list 101 permit tcp host 213.24.16.65 range ftp-data ftp any
access-list 101 permit tcp any any eq telnet
access-list 101 permit tcp any any eq 19020
access-list 101 permit tcp any any eq www
access-list 101 permit tcp any any eq 443
access-list 101 permit tcp any gt 1023 any range ftp-data ftp
access-list 101 permit tcp any any eq domain
access-list 101 permit udp any any eq domain
access-list 101 permit tcp any any eq 1352
access-list 101 permit udp any any eq 1352
access-list 101 permit tcp any any eq 1723
access-list 101 permit tcp any any eq 3579
access-list 101 permit udp host 213.24.16.110 eq isakmp any
access-list 101 permit tcp host 213.24.16.110 eq 443 any
access-list 101 permit tcp host 213.24.16.110 eq 22 any
access-list 101 permit tcp any any eq 5101
access-list 101 permit tcp any any eq 11023
snmp-server community public RO
snmp-server enable traps tty
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner motd ^C
JSC CB Donbank <046006935>,
K.Marx Ave. 31/33, Kamensk-Shakhtinsky, Rostov-on-Don region,
Russia, 347800. Phone: +7 (86365)71173.
Administrator: nikrons@dbank.donpac.ru
--- Warning! Unauthorized access is prohibited by the Law! ---^C
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
password XXX
!
end
Router#
|
