version 12.2 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime service timestamps log datetime msec localtime service password-encryption service counters max age 10 ! hostname moc-ag01 ! boot system flash sup-bootflash: ! no aaa new-model clock timezone GMT 8 clock calendar-valid firewall multiple-vlan-interfaces firewall module 3 vlan-group 3 firewall vlan-group 3 6,7,10,50,80,90,100,200,202 ssl-proxy module 6 allowed-vlan 40,203 ip subnet-zero no ip source-route no ip gratuitous-arps ! ! no ip domain-lookup ! no ip bootp server ip ssh time-out 60 mls ip multicast flow-stat-timer 9 no mls flow ip no mls flow ipv6 mls cef error action freeze ! ! ! ! ! spanning-tree mode rapid-pvst spanning-tree loopguard default no spanning-tree optimize bpdu transmission spanning-tree vlan 1-1000 priority 8192 module ContentSwitchingModule 7 ft group 1 vlan 201 priority 110 alt 100 heartbeat-time 1 failover 3 preempt ! vlan 6 client ip address 192.168.20.4 255.255.255.0 alt 192.168.20.5 255.255.255.0 gateway 192.168.20.1 alias 192.168.20.6 255.255.255.0 ! vlan 60 server ip address 192.168.20.4 255.255.255.0 alt 192.168.20.5 255.255.255.0 ! vlan 7 client ip address 192.168.10.4 255.255.255.0 alt 192.168.10.5 255.255.255.0 alias 192.168.10.6 255.255.255.0 ! vlan 70 server ip address 192.168.10.4 255.255.255.0 alt 192.168.10.5 255.255.255.0 ! vlan 40 server ip address 192.168.60.4 255.255.255.0 alt 192.168.60.5 255.255.255.0 alias 192.168.60.6 255.255.255.0 ! probe ICMP icmp interval 3 failed 5 ! probe HTTPWEB http interval 3 failed 5 ! probe HTTPSWEB tcp interval 3 failed 5 port 445 ! probe TCP tcp interval 2 failed 3 ! serverfarm MOCINT-VIP1 nat server no nat client predictor leastconns real 192.168.20.71 inservice real 192.168.20.72 inservice probe ICMP probe HTTPWEB probe HTTPSWEB ! serverfarm MOCWEB-VIP1 nat server no nat client predictor leastconns real 192.168.10.65 inservice real 192.168.10.66 inservice probe ICMP probe HTTPSWEB probe HTTPWEB ! serverfarm SSL-MOCINT nat server no nat client real 192.168.60.11 445 inservice real 192.168.60.12 445 inservice probe TCP ! serverfarm SSL-MOCWEB nat server no nat client real 192.168.60.21 445 inservice real 192.168.60.22 445 inservice probe TCP ! sticky 1 cookie cookie-server timeout 10 ! sticky 2 cookie cookie-server timeout 10 ! vserver DECRYPT-MOCINT virtual 192.168.60.10 tcp 445 vlan 40 serverfarm MOCINT-VIP1 sticky 10 group 1 replicate csrp sticky persistent rebalance parse-length 4000 inservice ! vserver DECRYPT-MOCWEB virtual 192.168.60.20 tcp 445 vlan 40 serverfarm MOCWEB-VIP1 sticky 10 group 2 replicate csrp sticky persistent rebalance parse-length 4000 inservice ! vserver HTTP-MOCINT virtual 192.168.20.70 tcp www vlan 6 serverfarm MOCINT-VIP1 advertise active sticky 10 group 1 replicate csrp sticky persistent rebalance parse-length 4000 inservice ! vserver HTTP-MOCWEB virtual 192.168.10.60 tcp www vlan 7 serverfarm MOCWEB-VIP1 advertise active sticky 10 group 2 replicate csrp sticky persistent rebalance parse-length 4000 inservice ! vserver HTTPS-MOCINT virtual 192.168.20.70 tcp https vlan 6 serverfarm SSL-MOCINT persistent rebalance inservice ! vserver HTTPS-MOCWEB virtual 192.168.10.60 tcp https vlan 7 serverfarm SSL-MOCWEB persistent rebalance inservice ! diagnostic cns publish cisco.cns.device.diag_results diagnostic cns subscribe cisco.cns.device.diag_commands ! redundancy mode sso main-cpu auto-sync running-config ! vlan internal allocation policy ascending vlan dot1q tag native vlan access-log ratelimit 2000 ! ! interface Loopback0 no ip address ! interface Port-channel2 description GEC-AG2 no ip address switchport switchport trunk encapsulation dot1q switchport mode trunk spanning-tree guard loop ! interface Port-channel3 description GEC-AS1 no ip address switchport switchport trunk encapsulation dot1q switchport mode trunk spanning-tree guard loop ! interface Port-channel4 description GEC-AS2 no ip address switchport switchport trunk encapsulation dot1q switchport mode trunk spanning-tree guard loop ! interface GigabitEthernet1/1 description GEC-AG2 no ip address logging event link-status switchport switchport trunk encapsulation dot1q switchport mode trunk channel-group 2 mode desirable ! interface GigabitEthernet1/2 description GEC-AG2 no ip address logging event link-status switchport switchport trunk encapsulation dot1q switchport mode trunk channel-group 2 mode desirable ! interface GigabitEthernet1/3 description GEC-AS1 no ip address logging event link-status switchport switchport trunk encapsulation dot1q switchport mode trunk channel-group 3 mode desirable ! interface GigabitEthernet1/4 description GEC-AS1 no ip address logging event link-status switchport switchport trunk encapsulation dot1q switchport mode trunk channel-group 3 mode desirable ! interface GigabitEthernet1/5 description MOCWEB01-BGE1 no ip address logging event link-status switchport switchport access vlan 70 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/6 description MOCINT01-BGE1 no ip address logging event link-status switchport switchport access vlan 60 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/7 description MOCDB03-BGE1 no ip address logging event link-status switchport switchport access vlan 80 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/8 description MOCQAT01-BGE1 no ip address logging event link-status switchport switchport access vlan 80 switchport mode access spanning-tree portfast ! interface GigabitEthernet2/1 description GEC-AS2 no ip address logging event link-status switchport switchport trunk encapsulation dot1q switchport mode trunk channel-group 4 mode desirable ! interface GigabitEthernet2/2 description GEC-AS2 no ip address logging event link-status switchport switchport trunk encapsulation dot1q switchport mode trunk channel-group 4 mode desirable ! interface GigabitEthernet2/3 description MOCWEB02-BGE1 no ip address logging event link-status switchport switchport access vlan 70 switchport mode access spanning-tree portfast ! interface GigabitEthernet2/4 description MOCINT02-BGE1 no ip address logging event link-status switchport switchport access vlan 60 switchport mode access spanning-tree portfast ! interface GigabitEthernet2/5 description MOCDEV01-BGE1 no ip address logging event link-status switchport switchport access vlan 80 switchport mode access spanning-tree portfast ! interface GigabitEthernet2/6 no ip address shutdown ! interface GigabitEthernet2/7 no ip address shutdown ! interface GigabitEthernet2/8 no ip address shutdown ! interface FastEthernet4/1 description MOC-BR01 ip address 192.168.53.1 255.255.255.252 no ip redirects no ip unreachables no ip proxy-arp ip ospf authentication message-digest ip ospf message-digest-key 1 md5 ip ospf hello-interval 1 ip ospf dead-interval 3 logging event link-status speed 100 duplex full ! interface FastEthernet4/2 description MOC-EXT01 no ip address no ip redirects no ip unreachables no ip proxy-arp logging event link-status ! interface FastEthernet4/3 description PIX Eth0 ip address 192.168.53.21 255.255.255.252 no ip redirects no ip unreachables no ip proxy-arp logging event link-status speed 100 duplex full ! interface FastEthernet4/4 description MOC-DR01 no ip address logging event link-status switchport ! interface FastEthernet4/5 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/6 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/7 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/8 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/9 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/10 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/11 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/12 description nawir's laptop no ip address logging event link-status shutdown switchport switchport access vlan 60 switchport mode access ! interface FastEthernet4/13 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/14 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/15 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/16 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/17 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/18 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/19 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/20 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/21 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/22 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/23 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/24 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/25 no ip address logging event link-status switchport switchport access vlan 70 switchport mode access ! interface FastEthernet4/26 no ip address logging event link-status switchport switchport access vlan 70 switchport mode access ! interface FastEthernet4/27 no ip address logging event link-status switchport switchport access vlan 60 switchport mode access ! interface FastEthernet4/28 no ip address logging event link-status switchport switchport access vlan 60 switchport mode access ! interface FastEthernet4/29 no ip address logging event link-status switchport switchport access vlan 90 switchport mode access ! interface FastEthernet4/30 no ip address logging event link-status switchport switchport access vlan 90 switchport mode access spanning-tree portfast ! interface FastEthernet4/31 no ip address logging event link-status switchport switchport access vlan 80 switchport mode access spanning-tree portfast ! interface FastEthernet4/32 no ip address logging event link-status switchport switchport access vlan 80 switchport mode access spanning-tree portfast ! interface FastEthernet4/33 no ip address logging event link-status switchport switchport access vlan 80 switchport mode access spanning-tree portfast ! interface FastEthernet4/34 no ip address logging event link-status switchport switchport access vlan 50 switchport mode access spanning-tree portfast ! interface FastEthernet4/35 no ip address logging event link-status switchport switchport access vlan 50 switchport mode access spanning-tree portfast ! interface FastEthernet4/36 no ip address logging event link-status switchport switchport access vlan 50 switchport mode access spanning-tree portfast ! interface FastEthernet4/37 no ip address logging event link-status shutdown switchport switchport mode access spanning-tree portfast ! interface FastEthernet4/38 no ip address logging event link-status shutdown switchport switchport mode access spanning-tree portfast ! interface FastEthernet4/39 no ip address logging event link-status shutdown switchport switchport mode access spanning-tree portfast ! interface FastEthernet4/40 no ip address logging event link-status shutdown switchport switchport mode access spanning-tree portfast ! interface FastEthernet4/41 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/42 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/43 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/44 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/45 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/46 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/47 no ip address logging event link-status shutdown switchport switchport mode access ! interface FastEthernet4/48 description MOCBR02 ip address 192.168.53.5 255.255.255.252 no ip redirects no ip unreachables no ip proxy-arp ip ospf authentication message-digest ip ospf message-digest-key 1 md5 ip ospf hello-interval 1 ip ospf dead-interval 3 logging event link-status speed 100 duplex full ! interface GigabitEthernet5/1 no ip address shutdown ! interface GigabitEthernet5/2 no ip address shutdown ! interface Vlan1 ip address 192.168.52.13 255.255.255.0 ! interface Vlan10 description FWSM outside interface ip address 192.168.0.2 255.255.255.0 no ip redirects no ip proxy-arp ip ospf authentication message-digest ip ospf message-digest-key 1 md5 ip ospf hello-interval 1 ip ospf dead-interval 3 ip ospf priority 10 standby 1 ip 192.168.0.1 standby 1 timers 1 3 standby 1 priority 110 standby 1 preempt delay minimum 60 ! interface Vlan201 description CSM_fault-tolerant no ip address no ip igmp snooping shutdown ! interface Vlan203 description SSL Management Vlan ip address 192.168.54.2 255.255.255.0 ! router ospf 20 log-adjacency-changes area 20 authentication message-digest timers throttle spf 1000 1000 1000 redistribute static metric-type 1 subnets passive-interface default no passive-interface Vlan1 no passive-interface Vlan10 no passive-interface FastEthernet4/1 no passive-interface FastEthernet4/3 no passive-interface FastEthernet4/48 network 192.168.0.0 0.0.0.255 area 20 network 192.168.52.0 0.0.0.255 area 20 network 192.168.53.0 0.0.0.255 area 20 network 192.168.54.0 0.0.0.255 area 20 ! no ip classless ip route 192.168.10.0 255.255.255.0 192.168.0.5 ip route 192.168.20.0 255.255.255.0 192.168.0.5 ip route 192.168.30.0 255.255.255.0 192.168.0.5 ip route 192.168.40.0 255.255.255.0 192.168.0.5 ip route 192.168.100.0 255.255.255.0 192.168.0.5 ip route 192.168.101.0 255.255.255.0 192.168.53.22 no ip http server ! ! ! ! ! ! control-plane ! ! ! line con 0 login local line vty 0 4 exec-timeout 0 0 no login no exec transport input none line vty 5 15 exec-timeout 0 0 no login no exec transport input none ! ! ntp clock-period 17179564 ntp source Loopback0 ntp master 15 ntp update-calendar ntp server 192.168.52.1 ntp peer 192.168.52.14 end