网络工程师培训选超级网工

Router防火墙模板,Router防火墙模板

· Router防火墙模板,Router防火墙模板

show running-config

version 11.2
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname fw-rtr
!
enable password cisco
!
username admin password cisco
username chw10.Sydney password cisco
no ip source-route
ip nat pool inside-pool 203.1.1.2 203.1.1.254 netmask 255.255.255.0
ip nat inside source list 99 pool inside-pool
ip domain-list domain.com
ip domain-name domain.com
ip name-server 192.168.1.1
ip inspect name internet smtp
ip inspect name internet http java-list 42 timeout 60
ip inspect name internet ftp
ip inspect name internet tcp
ip inspect name internet udp
ip inspect name internet realaudio
ip inspect name internet h323
ip inspect name internet cuseeme
isdn switch-type basic-net3
clock timezone AEST 10
!
interface Loopback0
ip address 203.1.1.1 255.255.255.0
!
interface Ethernet0
ip address 192.168.1.253 255.255.255.0
ip nat inside
ip route-cache same-interface
!
interface BRI0
no ip address
encapsulation ppp
dialer pool-member 1
no fair-queue
ppp authentication chap callin
ppp multilink
!
interface Dialer0
description BigPond Dialup Link
ip address 139.130.98.32 255.255.254.0
ip access-group 169 in
ip access-group 158 out
no ip unreachables
no ip directed-broadcast
no ip proxy-arp
ip nat outside
ip inspect internet out
encapsulation ppp
dialer remote-name chw10.Sydney
dialer idle-timeout 999999
dialer string 84486000
dialer load-threshold 1 either
dialer pool 1
dialer-group 1
no fair-queue
no cdp enable
ppp chap hostname anixte0
ppp multilink
!
ip classless
ip route 0.0.0.0 0.0.0.0 139.130.98.1
ip route 192.168.0.0 255.255.0.0 192.168.1.254
ip http server
ip http access-class 1
logging buffered 16000 debugging
logging 192.168.1.1
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 deny any
access-list 42 permit any
access-list 99 permit 192.168.0.0 0.0.255.255
access-list 101 deny udp any any eq rip
access-list 101 permit icmp any any
access-list 101 permit ip any any
access-list 158 permit icmp any any
access-list 158 permit udp any any
access-list 158 permit tcp any any
access-list 158 deny ip any any log-input
access-list 159 permit icmp any any
access-list 159 permit ip any any
access-list 159 permit tcp any any eq smtp
access-list 159 permit tcp any any eq www
access-list 159 permit tcp any any eq telnet
access-list 159 permit tcp any any eq ftp
access-list 159 permit tcp any any eq ftp-data
access-list 159 permit tcp any any eq domain
access-list 159 permit udp any any eq domain
access-list 159 permit tcp any any eq 554
access-list 159 permit tcp any any eq 7070
access-list 159 deny ip any any log-input
access-list 169 permit icmp any any
access-list 169 permit tcp any any eq smtp
access-list 169 permit tcp any any eq www
access-list 169 permit tcp any any eq ftp
access-list 169 permit tcp any any eq domain
access-list 169 permit udp any any eq domain
access-list 169 deny ip any any log-input
access-list 181 permit tcp any any eq www
access-list 181 permit tcp any eq www any
access-list 182 permit tcp any any eq ftp-data
access-list 182 permit tcp any eq ftp-data any
snmp-server community public RO 1
snmp-server community private RW 1
snmp-server trap-source Ethernet0
snmp-server contact Keith Sinclair
snmp-server host 192.168.1.1 public
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip list 101
banner motd #
*********************************************************************
* *
* Firewall Router. RESTRICTED ACCESS *
* *
* No Unauthorised Access. *
* *
* No Hackers, Phreaks, Crackers or so called security *
* experts allowed! *
* *
* Contact(s): http://www.net130.com *
* *
*********************************************************************
#
!
line con 0
login local
line vty 0 4
access-class 1 in
access-class 2 out
exec-timeout 15 0
login local
!
end


show version

Cisco Internetwork Operating System Software
IOS (tm) 1600 Software (C1600-OY-L), Version 11.2(17)P, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 12-Jan-99 14:25 by pwade
Image text-base: 0x0801FC84, data-base: 0x02005000

ROM: System Bootstrap, Version 11.1(10)AA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc
1)
ROM: 1600 Software (C1600-BOOT-R), Version 11.1(10)AA, EARLY DEPLOYMENT RELEASE
SOFTWARE (fc1)

fw-rtr uptime is 4 weeks, 5 hours, 47 minutes
System restarted by reload
System image file is "flash:c1600-oy-l_112-17_P.bin", booted via flash

cisco 1603 (68360) processor (revision C) with 3584K/512K bytes of memory.
Processor board ID 07064947, with hardware revision 00000000
Bridging software.
X.25 software, Version 2.0, NET2, BFE and GOSIP compliant.
Basic Rate ISDN software, Version 1.0.
1 Ethernet/IEEE 802.3 interface(s)
1 ISDN Basic Rate interface(s)
System/IO memory with parity disabled
2048K bytes of DRAM onboard 2048K bytes of DRAM on SIMM
System running from FLASH
8K bytes of non-volatile configuration memory.
4096K bytes of processor board PCMCIA flash (Read ONLY)

Configuration register is 0x2102

下一个文档： 轻松建立Linux拨号服务,Linux拨号服务如何建立,如何建立Linux拨号服务
上一个文档： CISCO路由器配置前缀列表解疑,CISCO路由器配置前缀列表解疑