Scribd Logo
Upload

Welcome to Scribd!

  • Config Router WAN

    Uploaded by

    Ronald Enrique
    50 views6 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    50 views6 pages

    Config Router WAN

    Uploaded by

    Ronald Enrique

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    !

    ! Last configuration change at 18:14:53 GMT Thu Jun 12 2014 by rmamani


    ! NVRAM config last updated at 08:11:10 GMT Mon Jun 30 2014 by rmamani
    !
    version 15.0
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    service password-encryption
    !
    hostname PJUDICIAL-CD83623_ABL
    !
    boot-start-marker
    boot-end-marker
    !
    logging buffered 16000
    enable secret 5 $1$wIrn$j9isdS0ovc7TBzdFfdVji1
    !
    aaa new-model
    !
    !
    aaa group server tacacs+ GROUP-ACS
    server 10.125.25.17
    !
    aaa authentication login default group tacacs+ enable
    aaa authentication login CONSOLE local
    aaa authentication enable default none
    aaa authorization config-commands
    aaa authorization exec default group tacacs+ none
    aaa authorization commands 1 default group tacacs+ none
    aaa authorization commands 15 default group tacacs+ none
    aaa accounting exec default
    action-type start-stop
    group tacacs+
    !
    aaa accounting commands 1 default
    action-type start-stop
    group tacacs+
    !
    aaa accounting commands 15 default
    action-type start-stop
    group tacacs+
    !
    aaa accounting connection default
    action-type start-stop
    group tacacs+
    !
    !
    !
    !
    !
    !
    aaa session-id common
    clock timezone GMT 5
    !
    no ipv6 cef
    no ip source-route
    ip cef
    !
    !

    !
    !
    ip flow-cache timeout active 1
    no ip domain lookup
    ip domain name cgrc.pe
    multilink bundle-name authenticated
    !
    !
    !
    !
    license udi pid CISCO2911/K9 sn FGL153211KJ
    !
    !
    !
    !
    ip telnet tos 0
    ip ssh time-out 60
    !
    class-map match-all DATOS
    match access-group 101
    class-map match-all TELEFONIA
    match access-group 100
    !
    !
    policy-map MPLS-QoS-20M
    class TELEFONIA
    priority 2000
    set ip precedence 5
    class DATOS
    bandwidth 17000
    class class-default
    fair-queue
    policy-map MPLS-QoS-16M
    class TELEFONIA
    priority 1024
    set ip precedence 5
    class DATOS
    bandwidth 11520
    class class-default
    fair-queue
    !
    !
    !
    !
    !
    interface GigabitEthernet0/0
    description LAN|ABL|CD=83623|IPVPN
    no ip address
    ip flow ingress
    ip flow egress
    duplex auto
    speed auto
    !
    interface GigabitEthernet0/0.1
    description LAN|DATOS
    encapsulation dot1Q 1 native
    ip address 172.25.0.1 255.255.0.0
    ip accounting output-packets
    ip policy route-map DATOS
    !

    interface GigabitEthernet0/0.2
    description LAN|VOZ-TLAN
    encapsulation dot1Q 2
    ip address 172.50.9.1 255.255.255.0
    ip flow ingress
    ip flow egress
    ip policy route-map TELEFONIA
    !
    interface GigabitEthernet0/0.3
    description LAN|VOZ-ELAN
    encapsulation dot1Q 3
    ip address 172.51.9.254 255.255.255.0
    ip flow ingress
    ip flow egress
    ip policy route-map TELEFONIA
    !
    interface GigabitEthernet0/0.100
    description LAN|Gestion
    encapsulation dot1Q 100
    ip address 150.150.4.1 255.255.255.248
    !
    interface GigabitEthernet0/1
    description WAN|ABL|CD=83623|IPVPN|PRINCIPAL
    bandwidth 20000
    ip address 10.192.71.90 255.255.255.252
    ip flow ingress
    ip flow egress
    duplex full
    speed 100
    service-policy output MPLS-QoS-20M
    !
    interface GigabitEthernet0/2
    description WAN|ABL|CD=83625|IPVPN|BACKUP
    bandwidth 20000
    ip address 10.128.71.94 255.255.255.252
    ip flow ingress
    ip flow egress
    duplex full
    speed 100
    service-policy output MPLS-QoS-20M
    !
    router bgp 65040
    no synchronization
    bgp log-neighbor-changes
    network 150.150.4.0 mask 255.255.255.248
    network 172.25.0.0
    network 172.50.9.0 mask 255.255.255.0
    network 172.51.9.0 mask 255.255.255.0
    redistribute static metric 1 route-map STATICAS
    neighbor 10.128.71.93 remote-as 6147
    neighbor 10.128.71.93 update-source GigabitEthernet0/2
    neighbor 10.128.71.93 next-hop-self
    neighbor 10.128.71.93 send-community both
    neighbor 10.128.71.93 soft-reconfiguration inbound
    neighbor 10.128.71.93 route-map SET_LP in
    neighbor 10.128.71.93 route-map SET_COMM out
    neighbor 10.128.71.93 filter-list 10 out
    neighbor 10.192.71.89 remote-as 6147
    neighbor 10.192.71.89 update-source GigabitEthernet0/1
    neighbor 10.192.71.89 next-hop-self

    neighbor 10.192.71.89 send-community both


    neighbor 10.192.71.89 soft-reconfiguration inbound
    neighbor 10.192.71.89 filter-list 10 out
    no auto-summary
    !
    ip forward-protocol nd
    !
    ip bgp-community new-format
    ip as-path access-list 10 permit ^$
    ip as-path access-list 10 deny .*
    no ip http server
    no ip http secure-server
    ip flow-export source GigabitEthernet0/1
    ip flow-export version 9
    ip flow-export destination 172.18.5.5 2055
    ip flow-export destination 172.40.23.14 9995
    ip flow-top-talkers
    top 10
    sort-by bytes
    !
    ip route 192.168.240.0 255.255.255.0 172.25.250.250
    !
    ip access-list extended TerminalAccess
    permit ip host 172.19.0.17 any
    permit ip host 172.34.127.127 any
    permit ip host 10.147.128.6 any
    permit ip host 10.193.71.74 any
    permit ip host 10.132.128.42 any
    permit ip host 10.132.128.22 any
    permit tcp 10.192.71.88 0.0.0.3 any eq telnet log
    permit tcp 10.128.71.92 0.0.0.3 any eq telnet log
    permit tcp any any eq 22 log
    deny tcp any any log
    !
    !
    ip prefix-list ESTATICAS seq 10 permit 192.168.240.0/24
    logging trap critical
    logging source-interface GigabitEthernet0/1
    logging 10.125.25.38
    access-list 50 permit 172.19.0.17
    access-list 50 remark IP GESTION WAN
    access-list 50 permit 10.28.128.0 0.0.0.255
    access-list 50 permit 10.125.25.0 0.0.0.255
    access-list 50 permit 10.159.160.0 0.0.0.31
    access-list 50 deny any
    access-list 100 permit ip 172.50.9.0 0.0.0.255 any
    access-list 100 permit ip 172.51.9.0 0.0.0.255 any
    access-list 100 permit ip 172.16.4.0 0.0.0.255 any
    access-list 100 permit ip 10.10.4.0 0.0.0.255 any
    access-list 101 permit ip any any
    !
    route-map SET_LP permit 10
    set local-preference 90
    !
    route-map STATICAS permit 10
    match ip address prefix-list ESTATICAS
    !
    route-map SET_COMM permit 20
    set community 6147:90
    !

    route-map DATOS permit 10


    match ip address 101
    set ip precedence priority
    !
    route-map TELEFONIA permit 10
    match ip address 100
    set ip precedence critical
    !
    !
    snmp-server community privPJUDICIAL RW
    snmp-server community pubPJUDICIAL RO
    snmp-server community pubcgrc RO 50
    snmp-server community privcgrc RW 50
    snmp-server ifindex persist
    snmp-server trap-source GigabitEthernet0/1
    snmp-server location ABL, Cercado, Lima
    snmp-server contact Ruben Rocca
    snmp-server enable traps tty
    snmp-server enable traps envmon temperature
    snmp-server enable traps isdn call-information
    snmp-server enable traps bgp state-changes
    snmp-server enable traps config-copy
    snmp-server enable traps config
    snmp-server enable traps entity
    snmp-server enable traps hsrp
    snmp-server enable traps cpu threshold
    snmp-server enable traps syslog
    snmp-server host 10.125.25.38 privPJUDICIAL
    snmp-server host 10.125.25.37 privcgrc
    snmp-server host 10.125.25.38 privcgrc
    snmp-server host 10.28.128.130 privcgrc
    snmp-server host 10.125.25.38 pubPJUDICIAL
    snmp-server host 10.125.25.37 pubcgrc
    snmp-server host 10.125.25.38 pubcgrc
    snmp-server host 10.28.128.130 pubcgrc
    snmp-server host 172.19.0.17 pubcgrc
    tacacs-server host 10.125.25.17
    tacacs-server timeout 3
    tacacs-server directed-request
    tacacs-server key 7 0214015F0216
    !
    control-plane
    !
    alias exec sic show ip cache flow
    alias exec sif show ip flow top-talkers
    alias exec sis show interface summary | begin Interface
    alias exec sib show ip bgp summary | begin Neig
    alias exec sid show interface description
    alias exec siib show ip interface brief
    alias exec sia show ip access-lists
    banner exec CC
    --------------------------------------------------------------------------.
    .
    | PODER JUDICIAL | ANSELMO BARRETO LEON
    .|.
    .|.
    | Av Abancay Cdra 5 S/N - Lima
    .|||.
    .|||.
    | TELEFONICA DEL PERU
    .|||||.
    .|||||.
    | LIMA - PERU
    .:|||||||:..:|||||||:. | CD83623/CD83625 - IPVPN
    ---------------------------------------------------------------------------
    banner login CCC
    |-----------------------------------------------------------------|

    |
    WARNING
    |
    |
    |
    | This system is for the use of authorized users only.
    |
    | Individuals using this computer system without authority, or in |
    | excess of their authority, are subject to having all of their |
    | activities on this system monitored and recorded by system
    |
    | personnel.
    |
    |
    |
    | In the course of monitoring individuals improperly using this |
    | system, or in the course of system maintenance, the activities |
    | of authorized users may also be monitored.
    |
    |
    |
    | Anyone using this system expressly consents to such monitoring |
    | and is advised that if such monitoring reveals possible
    |
    | evidence of criminal activity, system personnel may provide the |
    | evidence of such monitoring to law enforcement officials.
    |
    |
    |
    |
    TELEFONICA DEL PERU
    |
    |-----------------------------------------------------------------|
    
    !
    line con 0
    exec-timeout 30 0
    line aux 0
    exec-timeout 30 0
    line vty 0 4
    exec-timeout 30 0
    password 7 03105E0703092E42470A184557
    escape-character 3
    !
    scheduler allocate 20000 1000
    ntp server 10.125.25.17
    end

    You might also like