no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug uptime service timestamps log uptime service password-encryption service sequence-numbers ! hostname C857W ! boot-start-marker boot-end-marker ! ! no aaa new-model ! resource policy ! clock timezone UTC 1 no ip source-route no ip dhcp use vrf connected ip dhcp excluded-address 192.168.1.1 192.168.1.99 ip dhcp excluded-address 192.168.1.1 ! ip dhcp pool dhcppool import all network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server 80.58.61.250 update arp ! ! ip cef ip tcp selective-ack ip tcp timestamp no ip bootp server ip domain name local ! ! ! ! ! ! bridge irb ! ! interface ATM0 no ip address no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0.1 point-to-point no snmp trap link-status pvc 8/32 pppoe-client dial-pool-number 1 ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Dot11Radio0 no ip address ! encryption mode ciphers tkip ! ssid SUPGRIP authentication open authentication key-management wpa guest-mode wpa-psk ascii 7 022B1D6803071D2448450C00 ! speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 station-role root no cdp enable bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Vlan1 no ip address bridge-group 1 bridge-group 1 spanning-disabled ! interface Dialer0 ip address negotiated ip access-group 101 in no ip redirects no ip unreachables ip mtu 1492 ip nat outside ip virtual-reassembly encapsulation ppp dialer pool 1 dialer-group 1 no cdp enable ppp chap hostname adslppp@telefonicanetpa ppp chap password adslppp ppp pap sent-username adslppp@telefonicanetpa password 7 06070B32405E1909 ppp ipcp dns request ! interface BVI1 ip address 192.168.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 ! ! ip http server no ip http secure-server ip nat inside source list 1 interface Dialer0 overload ! access-list 1 remark The local LAN. access-list 1 permit 192.168.1.0 0.0.0.255 ! access-list 2 remark where management can be done from. access-list 2 permit 192.168.1.0 0.0.0.255 ! access-list 101 remark Traffic allowed to enter the router from the Internet access-list 101 deny ip 0.0.0.0 0.255.255.255 any access-list 101 deny ip 10.0.0.0 0.255.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 deny ip 169.254.0.0 0.0.255.255 any access-list 101 deny ip 172.16.0.0 0.15.255.255 any access-list 101 deny ip 192.0.2.0 0.0.0.255 any access-list 101 deny ip 192.168.0.0 0.0.255.255 any access-list 101 deny ip 198.18.0.0 0.1.255.255 any access-list 101 deny ip 224.0.0.0 0.15.255.255 any access-list 101 deny ip any host 255.255.255.255 access-list 101 permit tcp any any eq 1723 access-list 101 permit gre any any access-list 101 deny icmp any any echo access-list 101 deny ip any any log ! access-list 102 remark Traffic allowed to enter the router from the Ethernet access-list 102 permit ip any host 192.168.1.1 access-list 102 deny ip any host 192.168.1.255 access-list 102 deny udp any any eq tftp log access-list 102 deny ip any 0.0.0.0 0.255.255.255 log access-list 102 deny ip any 10.0.0.0 0.255.255.255 log access-list 102 deny ip any 127.0.0.0 0.255.255.255 log access-list 102 deny ip any 169.254.0.0 0.0.255.255 log access-list 102 deny ip any 172.16.0.0 0.15.255.255 log access-list 102 deny ip any 192.0.2.0 0.0.0.255 log access-list 102 deny ip any 192.168.0.0 0.0.255.255 log access-list 102 deny ip any 192.18.0.0 0.1.255.255 log access-list 102 deny udp any any eq 135 log access-list 102 deny tcp any any eq 135 log access-list 102 deny udp any any eq netbios-ns log access-list 102 deny udp any any eq netbios-dgm log access-list 102 deny tcp any any eq 445 log access-list 102 permit ip 192.168.1.0 0.0.0.255 any access-list 102 permit ip any host 255.255.255.255 access-list 102 deny ip any any log ! dialer-list 1 protocol ip permit ! control-plane ! bridge 1 route ip ! line con 0 no modem enable line aux 0 line vty 0 4 access-class 2 in login ! scheduler max-task-time 5000 end