----------------- show running-config ------------------ Building configuration... Current configuration : 8332 bytes ! version 15.4 no service pad service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption ! hostname Test ! boot-start-marker boot-end-marker ! ! enable secret 5 ! aaa new-model ! ! aaa authentication login default group tacacs+ local aaa authentication enable default group tacacs+ enable aaa authorization exec default group tacacs+ if-authenticated aaa accounting exec default start-stop group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ ! ! ! ! ! aaa session-id common clock timezone AEST 10 0 clock summer-time EDST recurring 1 Sun Oct 2:00 1 Sun Apr 3:00 ! ! ! ! ! ! no ip source-route ip icmp rate-limit unreachable 3000 ! ! ! ! ! ! ! ! ! ! ! ! no ip domain lookup ip domain name corporate.transgrid.local ip cef no ipv6 cef ! multilink bundle-name authenticated ! ! ! chat-script TG "" "ATDT*98*4#" TIMEOUT 60 "CONNECT" chat-script gsm "" "atdt*98*4#" TIMEOUT 60 "CONNECT" cts logging verbose ! crypto pki trustpoint TP-self-signed-1333561285 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1333561285 revocation-check none rsakeypair TP-self-signed-1333561285 ! ! crypto pki certificate chain TP-self-signed-1333561285 certificate self-signed 01 3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 31333333 35363132 3835301E 170D3135 31323038 32333535 30325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33333335 36313238 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100A5C0 6DCBA8C7 26A8CD55 28EE7423 1D03EBC0 3846931F 1829EF59 6CFCA3B1 48EDF4B0 77515DAD 85ABB25F 64DDE17A CDE1920D 811BE506 086AC5E7 E3BF0D04 E5DD8945 488279B6 64BD92B3 0635643B C4D3BEE9 CBA04405 D240E552 A6BF697F 49AFFDA4 553D61C5 B3DE4D22 0F5900B8 98BC2D42 17641280 87B97795 78FAF49A 8F2D0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 551D2304 18301680 1469F3C5 206A36FE 2E30F589 3D6AEB48 E3D67153 89301D06 03551D0E 04160414 69F3C520 6A36FE2E 30F5893D 6AEB48E3 D6715389 300D0609 2A864886 F70D0101 05050003 81810053 A1B5B629 1EB4A8A4 EB6947FA 5B5B4961 EFAEA0BA A77879B9 3DE7B01D F3385619 B5E81727 6742F547 679F3843 B2FD8035 D9D4E618 62D079BD 8D71AFD1 7A25DA70 8682EFED A1194297 8369674A F8DC4BF2 F441DA44 DC043E9D 88C03F1A 561429FA B73D9C64 E776080C 0F244003 FA9D1517 B4D206CB 635071C7 884E58AE AC2DD8 quit license udi pid CISCO2921/K9 sn FJC1922A1VC ! ! username operations password 7 ! redundancy ! ! ! ! ! controller Cellular 0/0 ! track 10 ip sla 10 reachability ! ! ! crypto isakmp policy 1 encr aes authentication pre-share lifetime 1440 crypto isakmp key address 192.168.254.1 ! ! crypto ipsec transform-set TG-NextG esp-aes esp-sha-hmac mode tunnel ! ! ! crypto map TG-NextG-map 10 ipsec-isakmp set peer 192.168.254.1 set transform-set TG-NextG match address SW-Tunnel ! ! ! ! ! interface Loopback0 description Management ip address 10.224.251.31 255.255.255.255 ! interface Tunnel0 description Tunnel to SW-GWIP bandwidth 384 bandwidth receive 2048 ip address 10.224.255.122 255.255.255.252 ip tcp adjust-mss 1330 load-interval 30 keepalive 20 3 tunnel source Dialer1 tunnel destination 192.168.254.1 tunnel bandwidth transmit 384 tunnel bandwidth receive 2048 crypto map TG-NextG-map ! interface Embedded-Service-Engine0/0 no ip address shutdown ! interface GigabitEthernet0/0 description To GAD-AC-01 G1/0/25 ip address 10.224.31.1 255.255.255.0 ip helper-address 10.142.171.22 ip helper-address 10.152.171.21 no ip redirects no ip unreachables no ip proxy-arp duplex auto speed auto ! interface GigabitEthernet0/1 no ip address shutdown duplex auto speed auto ! interface GigabitEthernet0/2 no ip address shutdown duplex auto speed auto ! interface Cellular0/0/0 description SIM 6056 3065 6N no ip address ip virtual-reassembly in encapsulation ppp load-interval 30 dialer in-band dialer pool-member 1 async mode interactive crypto map TG-NextG-map ! interface Dialer1 ip address negotiated ip access-group Remote in ip virtual-reassembly in encapsulation ppp dialer pool 1 dialer idle-timeout 0 dialer string gsm dialer persistent dialer-group 1 ppp authentication pap callin ppp chap refuse ppp pap sent-username Gadara@transgrid.net password 7 ppp ipcp address accept no cdp tlv app crypto map TG-NextG-map ! ! router ospf 100 router-id 10.224.251.31 auto-cost reference-bandwidth 20000 timers throttle spf 10 100 5000 timers throttle lsa 10 100 5000 timers lsa arrival 80 passive-interface GigabitEthernet0/0 passive-interface Dialer1 passive-interface Loopback0 network 10.224.0.0 0.0.255.255 area 224 distribute-list route-map Filter in ! ip forward-protocol nd no ip forward-protocol udp nameserver no ip forward-protocol udp domain no ip forward-protocol udp time no ip forward-protocol udp netbios-ns no ip forward-protocol udp netbios-dgm no ip forward-protocol udp tacacs ! no ip http server ip http secure-server ! ip route 192.168.254.1 255.255.255.255 Dialer1 ! ip access-list extended Remote permit udp host 192.168.254.1 host 192.168.255.31 eq isakmp log permit esp host 192.168.254.1 host 192.168.255.31 log permit tcp host 192.168.254.1 host 192.168.255.31 eq telnet log permit tcp host 192.168.254.1 host 192.168.255.31 eq 22 log permit icmp host 192.168.254.1 host 192.168.255.31 echo log permit icmp host 192.168.254.1 host 192.168.255.31 echo-reply log deny ip any any log ip access-list extended SW-Tunnel permit gre host 192.168.255.31 host 192.168.254.1 ! ip sla 10 icmp-echo 10.131.251.1 source-interface Loopback0 frequency 180 ip sla schedule 10 life forever start-time now logging origin-id hostname logging source-interface Loopback0 logging host 10.142.176.42 dialer-list 1 protocol ip permit ! route-map Filter deny 10 match tag 100 110 70 ! route-map Filter permit 100 ! ! snmp-server community RW 80 snmp-server location Gadara 132 Substation 3G snmp-server host 10.142.176.42 tacacs-server host 10.136.110.95 tacacs-server directed-request tacacs-server key 7 access-list 23 deny 10.128.9.0 0.0.0.7 access-list 23 deny 10.142.112.0 0.0.0.31 access-list 23 deny 192.55.198.0 0.0.0.255 access-list 23 permit any log access-list 80 permit 10.142.0.0 0.0.255.255 ! ! ! control-plane ! ! banner motd ^CC ********************************************************************** * * * Restricted Access Warning Message * * * * Access to this service is for TransGrid authorised users Only * * * ********************************************************************** WARNING: Unauthorised access beyond this point is prohibited. It is a criminal offence to obtain access to data without authority, or to damage, delete, alter or insert data without authority. Breaches of the law regarding unauthorised access are subject to heavy penalties, including imprisonment for up to 10 years. ^C ! line con 0 line aux 0 line 2 no activation-character no exec transport preferred none transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh stopbits 1 line 0/0/0 exec-timeout 0 0 script dialer gsm modem InOut no exec transport input all rxspeed 3600000 txspeed 384000 line vty 0 4 access-class 23 in exec-timeout 5 0 transport input none line vty 5 15 access-class 23 in exec-timeout 5 0 transport input none ! scheduler allocate 20000 1000 ntp server 10.152.0.50 ntp server 10.137.0.50 event manager applet CELL_LOSS event track 10 state down action 1.0 syslog msg "CELLULAR Interface seems to be STUCK" action 1.1 cli command "enable" action 1.2 cli command "test cellular 0/0/0 modem-power-cycle" action 1.3 syslog msg "CELLULAR Interface RESETTED" action 2.0 cli command "exit" ! end