Current configuration : 7277 bytes
!
version 15.4
service timestamps debug datetime localtime show-timezone
service timestamps log datetime msec localtime
service password-encryption
!
hostname FD-Medic16-Rtr
!
boot-start-marker
boot system flash:/c800-universalk9-mz.SPA.154-3.M5.bin
boot-end-marker
!
!
logging buffered 64000 notifications
no logging console
no logging monitor
enable secret 5 ~output deleted~ 
!
aaa new-model
!
!
aaa authentication login admin local
!
!
!
!
!
aaa session-id common
clock timezone EST -5 0
clock summer-time EDT recurring
service-module wlan-ap 0 bootimage unified
!
crypto pki trustpoint TP-self-signed-4044811526
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-4044811526
 revocation-check none
 rsakeypair TP-self-signed-4044811526
!
!
crypto pki certificate chain TP-self-signed-4044811526
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 34303434 38313135 3236301E 170D3136 30333239 32333137 
  34315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 30343438 
  31313532 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100B321 74BF20B7 68BDB135 60A13D2B 1F2B21DF 6B743129 EF74372A 7FDDE30A 
  F613DF14 770A79D9 060C8A3C 6CA210AB F1D9C4E0 10B501B8 D3BFA24C D3387E03 
  8E5B07B7 763AE7F4 AE1D6B09 8C5677E1 677C3829 8CCBE0DE 8C819807 EE25C56E 
  89E7D49A 709DCC48 F1975C37 A7B1A99F 1A35527C F76C0A34 CADD4B75 1355FE57 
  144F0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 
  551D2304 18301680 14D0732C 17A168EA D5A917CA 0BDC98FB 39E46AD3 1B301D06 
  03551D0E 04160414 D0732C17 A168EAD5 A917CA0B DC98FB39 E46AD31B 300D0609 
  2A864886 F70D0101 05050003 81810005 6BB582C8 0BB58058 644F6083 0654E182 
  B7328AF4 0B0EC71A 829C9663 3FC7932F 23428C07 3BD66D49 85C7FC79 A9423CC7 
  E8B5B013 7C00FB13 8EA237E3 034D1211 ED95A2BC 41925CD9 A5B5E64F AADD17B0 
  D5336B48 90345E98 0D486CA2 ADF70518 26B5A9EE 5BAC9E5B 5F85E28E 885F5776 
  E8B2B5EF 3502170E 196365F9 49417F
        quit
!
!
!
!
!
!
!
!         


!
!
!
!
no ip domain lookup
ip domain name chesterfield.gov
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!         
!
cts logging verbose
license udi pid C819HWD-A-K9 sn FTX1733853M
!
!
archive
 log config
  hidekeys
vtp domain FD-Medic16
vtp mode transparent
username wasyk password 7 ~output deleted~ 
username CatTools password 7 ~output deleted~ 
username snover password 7 ~output deleted~ 
username Qualys password 7 ~output deleted~ 
username chambers password 7 ~output deleted~ 
username thompson password 7 ~output deleted~ 
!
!
!
!
!
vlan 601
 name Staff-Wired
!
vlan 651
 name Staff-Wireless
!
vlan 653
 name Public-Safety-Wireless
!
! 
!
crypto isakmp policy 10
 encr 3des
 hash md5
 authentication pre-share
 group 2
crypto isakmp key ~output deleted~ address 198.101.7.81   
crypto isakmp key ~output deleted~ address 198.101.7.85   
crypto isakmp key ~output deleted~ address 198.101.7.87   
!
crypto ipsec security-association lifetime seconds 28800
!
crypto ipsec transform-set myset esp-3des esp-sha-hmac 
 mode tunnel
!         
!
!
crypto map mymapA 10 ipsec-isakmp 
 set peer 198.101.7.81
 set transform-set myset 
 match address 110
!
crypto map mymapB 10 ipsec-isakmp 
 set peer 198.101.7.85
 set transform-set myset 
 match address 110
!
crypto map mymapC 10 ipsec-isakmp 
 set peer 198.101.7.87
 set transform-set myset 
 match address 110
!
!
!
!
!
!
interface FastEthernet0
 switchport access vlan 601
 no ip address
 shutdown
 spanning-tree portfast
!
interface FastEthernet1
 switchport access vlan 601
 no ip address
 shutdown
 spanning-tree portfast
!
interface FastEthernet2
 switchport access vlan 601
 no ip address
 shutdown
 spanning-tree portfast
!
interface FastEthernet3
 switchport access vlan 601
 no ip address
 shutdown
 spanning-tree portfast
!         
interface GigabitEthernet0
 description Verizon 4G WAN
 ip address dhcp
 duplex auto
 speed auto
 crypto map mymapB
!
interface Serial0
 no ip address
 shutdown
 clock rate 2000000
!
interface Wlan-GigabitEthernet0
 description Internal switch interface connecting to the embedded AP
 switchport trunk native vlan 601
 switchport mode trunk
 no ip address
!
interface wlan-ap0
 description Embedded Service module interface to manage the embedded AP
 ip unnumbered Vlan601
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
 no ip address
 ip tcp adjust-mss 1452
 shutdown
!
interface Vlan601
 description Data Network
 ip address 172.16.47.1 255.255.255.192
 ip helper-address 172.21.200.87
 ip helper-address 172.31.201.46
 no ip route-cache
!
interface Vlan651
 description Wireless Staff
 ip address 172.16.47.65 255.255.255.192
 ip helper-address 172.21.200.87
 ip helper-address 172.31.201.46
!
interface Vlan653
 description Wireless Public Safety
 ip address 172.16.47.129 255.255.255.192
 ip helper-address 172.21.200.87
 ip helper-address 172.31.201.46
!
ip forward-protocol nd
ip forward-protocol udp 12223
no ip http server
no ip http secure-server
!
!
ip ftp source-interface Vlan601
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0
ip ssh time-out 30
ip ssh version 2
!
logging trap notifications
logging host 172.24.10.138
!
snmp-server community da1e RO 99
access-list 10 permit 172.24.0.0 0.0.255.255
access-list 10 permit 172.21.8.0 0.0.0.255
access-list 10 permit 172.21.10.0 0.0.0.255
access-list 10 permit 198.101.7.0 0.0.0.255
access-list 10 permit 172.23.145.32 0.0.0.15
access-list 10 permit 172.23.145.80 0.0.0.15
access-list 10 permit 172.23.145.128 0.0.0.15
access-list 10 permit 172.23.72.0 0.0.1.255
access-list 10 deny   any log
access-list 99 permit 172.24.10.0 0.0.0.255
access-list 99 permit 172.21.210.0 0.0.0.255
access-list 99 deny   any log
access-list 110 permit ip 172.16.47.0 0.0.0.255 any
!
!
!
control-plane
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!         
!
banner login ^CCC

This is a proprietary system, NOT for public or personal use. All work products,
communications, files, data or information directly or indirectly created, input
or accessed on this system are and shall become the sole property of
Chesterfield County Gov.


This system is actively monitored and accessed by Chesterfield County Gov.
By logging onto this system, the user consents to such monitoring and access.


USE OF THIS SYSTEM WITHOUT OR IN EXCESS OF THE PROPER AUTHORIZATION MAY SUBJECT
THE USER TO DISCIPLINE AND/OR CIVIL AND CRIMINAL PENALTIES


^C
!
line con 0
 logging synchronous
 login authentication admin
 no modem enable
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 stopbits 1
line vty 0 4
 access-class 10 in
 login authentication admin
 transport input ssh
line vty 5 15
 access-class 10 in
 login authentication admin
 transport input ssh
!
scheduler allocate 20000 1000
ntp source Vlan601
ntp server 172.29.8.1
ntp server 10.1.3.30
ntp server 10.1.3.31
ntp server 172.25.17.71
!         
!
!
end