version 12.4 service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname redacted ! boot-start-marker boot-end-marker ! logging buffered 16386 logging rate-limit 100 except warnings no logging console no logging monitor enable secret 5 redacted enable password 7 redacted ! aaa new-model ! ! aaa authentication login default local aaa authentication login ciscocp_vpn_xauth_ml_1 local aaa authorization exec default local aaa authorization network ciscocp_vpn_group_ml_1 local ! ! aaa session-id common clock timezone EST -5 clock summer-time EDT recurring ! crypto pki trustpoint TP-self-signed-4249068135 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-4249068135 revocation-check none rsakeypair TP-self-signed-4249068135 ! ! crypto pki certificate chain TP-Self-Signed-4249068135 certificate self-signed 01 redacted quit dot11 syslog ! ! ip cef no ip dhcp use vrf connected ip dhcp excluded-address 172.16.123.1 172.16.123.10 ip dhcp excluded-address 172.16.124.1 172.16.124.10 ip dhcp excluded-address 172.16.128.1 172.16.128.10 ! ip dhcp pool Services network 172.16.123.0 255.255.255.0 default-router 172.16.123.1 dns-server 172.16.122.2 172.16.122.3 ! ip dhcp pool Mobile network 172.16.124.0 255.255.255.0 default-router 172.16.124.1 dns-server 8.8.8.8 209.244.0.3 ! ip dhcp pool Guest network 172.16.128.0 255.255.255.0 default-router 172.16.128.1 dns-server 8.8.8.8 209.244.0.3 ! ! no ip bootp server ip domain name redacted ip name-server 172.16.122.2 ip name-server 172.16.122.3 ip inspect name DEFAULT ftp ip inspect name DEFAULT h323 ip inspect name DEFAULT netshow ip inspect name DEFAULT rcmd ip inspect name DEFAULT realaudio ip inspect name DEFAULT rtsp ip inspect name DEFAULT smtp ip inspect name DEFAULT sqlnet ip inspect name DEFAULT streamworks ip inspect name DEFAULT tftp ip inspect name DEFAULT udp ip inspect name DEFAULT tcp ip inspect name DEFAULT vdolive ip inspect name DEFAULT icmp login block-for 3600 attempts 3 within 30 login on-failure ! multilink bundle-name authenticated ! ! username wwishart privilege 15 secret 5 redacted ! ! crypto isakmp policy 100 encr aes 256 authentication pre-share group 5 lifetime 28800 crypto isakmp key redacted address 50.xxx.xxx.148 crypto isakmp key redacted address 173.xxx.xxx.145 ! ! crypto ipsec transform-set redactedTransformSet2 esp-aes 256 esp-sha-hmac mode transport ! crypto ipsec profile redactedProfile2 set security-association lifetime seconds 86400 set transform-set redactedTransformSet2 ! ! crypto ctcp archive log config hidekeys ! ! ip tcp synwait-time 10 ! track 1 rtr 1 reachability ! track 2 rtr 2 reachability ! ! ! interface Loopback0 ip address 172.16.131.1 255.255.255.0 ! interface Loopback1 no ip address shutdown ! interface Tunnel2 ip address 192.168.101.1 255.255.255.0 ip mtu 1400 ip tcp adjust-mss 1360 tunnel source 50.xxx.xxx.145 tunnel destination 50.xxx.xxx.148 tunnel protection ipsec profile redactedProfile2 ! interface Tunnel4 ip address 192.168.111.1 255.255.255.0 ip mtu 1400 ip tcp adjust-mss 1360 tunnel source 50.xxx.xxx.145 tunnel destination 173.71.81.145 tunnel protection ipsec profile redactedProfile2 ! interface BRI0 no ip address encapsulation hdlc shutdown ! interface FastEthernet0 description $ETH-WAN$ ip address 207.xxx.xxx.210 255.255.255.240 ip access-group 100 in ip access-group 105 out no ip redirects no ip unreachables no ip proxy-arp ip nbar protocol-discovery ip flow ingress ip nat outside ip inspect DEFAULT out ip virtual-reassembly duplex auto speed auto fair-queue 1 256 0 ! interface FastEthernet1 description $ETH-WAN$ ip address 50.xxx.xxx.145 255.255.255.248 ip access-group 100 in ip access-group 105 out no ip redirects no ip unreachables no ip proxy-arp ip nbar protocol-discovery ip flow ingress ip nat outside ip inspect DEFAULT out ip virtual-reassembly duplex auto speed auto fair-queue 1 256 0 ! interface FastEthernet2 switchport mode trunk speed 100 ! interface FastEthernet3 switchport access vlan 2 no cdp enable ! interface FastEthernet4 switchport mode trunk ! interface FastEthernet5 switchport access vlan 5 ! interface FastEthernet6 switchport mode trunk ! interface FastEthernet7 switchport access vlan 7 no cdp enable ! interface FastEthernet8 switchport mode trunk speed 100 ! interface FastEthernet9 switchport access vlan 10 speed 10 ! interface Vlan1 no ip address ! interface Vlan2 description $ES_LAN$ ip address 172.16.123.1 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip flow ingress ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 ! interface Vlan3 description Mobile Device Network ip address 172.16.124.1 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip flow ingress ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 ! interface Vlan4 ip address 172.16.125.1 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip flow ingress ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 ip policy route-map DMZ_Network ! interface Vlan5 ip address 172.16.122.1 255.255.255.0 ip access-group 105 in no ip redirects no ip unreachables no ip proxy-arp ip nbar protocol-discovery ip flow ingress ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 ip policy route-map SQL_Server_Network ! interface Vlan6 ip address 172.16.126.1 255.255.255.0 ip access-group 105 in no ip redirects no ip unreachables no ip proxy-arp ip nbar protocol-discovery ip flow ingress ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 ip policy route-map Client_Network ! interface Vlan7 ip address 172.16.127.1 255.255.255.0 ip nat inside ip virtual-reassembly ip policy route-map redacted ! interface Vlan8 ip address 172.16.128.1 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip flow ingress ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 ip policy route-map redacted ! interface Vlan9 no ip address ! interface Vlan10 ip address 172.16.130.1 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip flow ingress ip nat inside ip virtual-reassembly ip route-cache flow ip tcp adjust-mss 1452 ip policy route-map redacted ! router eigrp 10 network 10.0.0.0 0.0.255.255 network 172.16.120.0 0.0.7.255 network 192.168.100.0 network 192.168.101.0 network 192.168.111.0 auto-summary ! no ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 50.xxx.xxx.150 track 1 ip route 0.0.0.0 0.0.0.0 207.xxx.xxx.209 20 track 2 ip route 10.1.1.0 255.255.255.0 Tunnel2 ip route 10.1.2.0 255.255.255.0 Tunnel2 ip route 40.129.207.188 255.255.255.255 207.xxx.xxx.209 permanent ip route 96.120.74.105 255.255.255.255 50.xxx.xxx.150 permanent ! ip flow-cache timeout active 1 ip flow-export source Vlan4 ip flow-export version 9 ip flow-export destination 10.0.1.2 2055 ip flow-top-talkers top 20 sort-by bytes cache-timeout 5000 ! ip http server ip http access-class 4 ip http authentication local no ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 no ip nat service sip tcp port 5060 no ip nat service sip udp port 5060 no ip nat service allow-sip-even-rtp-port ip nat inside source route-map Comcast interface FastEthernet1 overload ip nat inside source route-map NetCarrier interface FastEthernet0 overload ! ! ip sla 1 icmp-echo 96.120.74.105 source-interface FastEthernet1 timeout 1000 threshold 1000 frequency 6 ip sla schedule 1 life forever start-time now ip sla 2 icmp-echo 40.129.207.188 source-interface FastEthernet0 timeout 1000 threshold 1000 frequency 6 ip sla schedule 2 life forever start-time now ip access-list logging interval 300000 logging facility daemon logging 10.0.1.10 access-list 1 remark Comcast Access List access-list 1 permit 172.16.126.0 0.0.0.255 access-list 1 permit 172.16.121.0 0.0.0.255 access-list 1 permit 172.16.122.0 0.0.0.255 access-list 1 permit 172.16.123.0 0.0.0.255 access-list 1 permit 172.16.125.0 0.0.0.255 access-list 1 permit 172.16.124.0 0.0.0.255 access-list 1 permit 172.16.128.0 0.0.0.255 access-list 2 permit 172.16.120.0 0.0.0.255 access-list 2 remark T1 Access List access-list 2 permit 172.16.121.0 0.0.0.255 access-list 2 permit 172.16.122.0 0.0.0.255 access-list 2 permit 172.16.125.0 0.0.0.255 access-list 2 permit 172.16.126.0 0.0.0.255 access-list 2 permit 172.16.130.0 0.0.0.255 access-list 3 remark Guest WiFi Access List access-list 3 permit 172.16.124.0 0.0.0.255 access-list 4 remark Auto generated by SDM Management Access feature access-list 4 remark CCP_ACL Category=1 access-list 4 permit 172.16.126.0 0.0.0.255 access-list 100 remark IPS Protection for Router (08/08/2019) access-list 100 remark CCP_ACL Category=17 access-list 100 remark Auto generated by CCP for NTP (123) 64.90.182.55 access-list 100 permit udp host 64.90.182.55 eq ntp host 207.xxx.xxx.210 eq ntp access-list 100 permit tcp any any eq 2001 access-list 100 permit udp any any eq 2001 access-list 100 permit tcp any any range 2100 2105 access-list 100 permit tcp any any range 5000 5110 access-list 100 deny tcp any any eq 22 access-list 100 deny tcp any any eq telnet access-list 100 deny tcp any any eq 445 access-list 100 deny tcp any any eq 2002 access-list 100 deny udp any any eq 1645 access-list 100 deny udp any any eq 1646 access-list 100 deny udp any any eq 1812 access-list 100 deny udp any any eq 1813 access-list 100 deny udp any any eq 1978 access-list 100 deny udp any any eq 2002 access-list 100 deny udp any any eq 4156 access-list 100 deny ip 1.0.32.0 0.0.31.255 any access-list 100 deny ip 1.1.16.0 0.0.15.255 any access-list 100 deny ip 1.1.32.0 0.0.31.255 any access-list 100 deny ip 1.2.16.0 0.0.15.255 any access-list 100 deny ip 1.2.64.0 0.0.63.255 any access-list 100 deny ip 1.3.0.0 0.0.255.255 any access-list 100 deny ip 14.0.0.0 0.255.255.255 any access-list 100 deny ip host 20.249.106.170 any access-list 100 deny ip 23.95.27.0 0.0.0.255 any access-list 100 deny ip host 45.79.106.170 any access-list 100 deny ip 50.21.180.0 0.0.0.255 any access-list 100 deny ip 58.147.128.0 0.0.31.255 any access-list 100 deny ip 61.5.192.0 0.0.15.255 any access-list 100 deny ip 61.147.107.0 0.0.0.255 any access-list 100 deny ip 61.174.51.0 0.0.0.255 any access-list 100 deny ip 69.50.64.0 0.0.15.255 any access-list 100 deny ip 69.57.224.0 0.0.31.255 any access-list 100 deny ip 76.76.160.0 0.0.31.255 any access-list 100 deny ip 78.188.103.0 0.0.0.255 any access-list 100 deny ip host 89.248.172.16 any access-list 100 deny ip 92.247.120.0 0.0.0.255 any access-list 100 deny ip 93.174.93.0 0.0.0.255 any access-list 100 deny ip host 93.174.195.106 any access-list 100 deny ip 103.224.165.0 0.0.0.255 any access-list 100 deny ip 112.220.192.0 0.0.0.255 any access-list 100 deny ip 116.10.191.0 0.0.0.255 any access-list 100 deny ip 117.55.192.0 0.0.15.255 any access-list 100 deny ip 118.161.78.0 0.0.0.255 any access-list 100 deny ip 118.161.66.0 0.0.0.255 any access-list 100 deny ip 121.127.32.0 0.0.31.255 any access-list 100 deny ip 122.228.207.0 0.0.0.255 any access-list 100 deny ip 123.0.0.0 0.0.0.255 any access-list 100 deny ip 124.199.112.0 0.0.15.255 any access-list 100 deny ip 125.213.192.0 0.0.31.255 any access-list 100 deny ip 125.227.158.0 0.0.0.255 any access-list 100 deny ip 149.54.0.0 0.0.127.255 any access-list 100 deny ip 173.208.200.0 0.0.0.255 any access-list 100 deny ip 175.106.32.0 0.0.31.255 any access-list 100 deny ip 180.94.64.0 0.0.31.255 any access-list 100 deny ip 183.136.216.0 0.0.0.255 any access-list 100 deny ip 187.0.0.0 0.255.255.255 any access-list 100 deny ip 195.154.7.0 0.0.0.255 any access-list 100 deny ip 198.20.69.0 0.0.0.255 any access-list 100 deny ip 201.0.0.0 0.255.255.255 any access-list 100 deny ip 202.56.176.0 0.0.15.255 any access-list 100 deny ip 202.70.112.0 0.0.15.255 any access-list 100 deny ip 202.86.16.0 0.0.15.255 any access-list 100 deny ip 203.215.32.0 0.0.15.255 any access-list 100 deny ip 205.217.224.0 0.0.31.255 any access-list 100 deny ip 206.214.0.0 0.0.31.255 any access-list 100 deny ip 209.59.64.0 0.0.63.255 any access-list 100 deny ip 210.0.0.0 0.255.255.255 any access-list 100 deny ip 213.136.78.0 0.0.0.255 any access-list 100 deny ip 217.0.0.0 0.255.255.255 any access-list 100 deny ip 218.0.0.0 0.255.255.255 any access-list 100 permit ip any any access-list 101 remark Auto generated by SDM Management Access feature access-list 101 remark CCP_ACL Category=1 access-list 101 permit tcp 172.16.126.0 0.0.0.255 host 172.16.126.1 eq telnet access-list 101 permit tcp 172.16.126.0 0.0.0.255 host 172.16.126.1 eq 22 access-list 101 permit tcp 172.16.126.0 0.0.0.255 host 172.16.126.1 eq 443 access-list 101 permit tcp 172.16.126.0 0.0.0.255 host 172.16.126.1 eq cmd access-list 101 deny tcp any host 172.16.126.1 eq telnet access-list 101 deny tcp any host 172.16.126.1 eq 22 access-list 101 deny tcp any host 172.16.126.1 eq www access-list 101 deny tcp any host 172.16.126.1 eq 443 access-list 101 deny tcp any host 172.16.126.1 eq cmd access-list 101 deny udp any host 172.16.126.1 eq snmp access-list 101 permit ip any any access-list 102 remark Auto generated by SDM Management Access feature access-list 102 remark CCP_ACL Category=1 access-list 102 permit ip 172.16.126.48 0.0.0.15 any access-list 102 permit ip 10.0.1.0 0.0.0.255 any access-list 102 permit ip 10.0.2.0 0.0.0.255 any access-list 103 remark Auto generated by SDM Management Access feature access-list 103 remark CCP_ACL Category=1 access-list 103 permit ip 172.16.126.48 0.0.0.15 any access-list 103 permit ip 10.0.1.0 0.0.0.255 any access-list 103 permit ip 10.0.2.0 0.0.0.255 any access-list 104 remark CCP_ACL Category=4 access-list 104 permit ip 172.16.122.0 0.0.0.255 any access-list 104 permit ip 172.16.126.0 0.0.0.255 any access-list 105 remark IPS Protection for Router (08/08/2019) access-list 105 deny ip any 1.0.32.0 0.0.31.255 log access-list 105 deny ip any 1.1.16.0 0.0.15.255 log access-list 105 deny ip any 1.1.32.0 0.0.31.255 log access-list 105 deny ip any 1.2.16.0 0.0.15.255 log access-list 105 deny ip any 1.2.64.0 0.0.63.255 log access-list 105 deny ip any 1.3.0.0 0.0.255.255 log access-list 105 deny ip any 14.0.0.0 0.255.255.255 log access-list 105 deny ip any host 20.249.80.154 log access-list 105 deny ip any 23.95.27.0 0.0.0.255 log access-list 105 deny ip any host 45.79.106.170 log access-list 105 deny ip any 50.21.180.0 0.0.0.255 log access-list 105 deny ip any 58.147.128.0 0.0.31.255 log access-list 105 deny ip any 61.5.192.0 0.0.15.255 log access-list 105 deny ip any 61.147.107.0 0.0.0.255 log access-list 105 deny ip any 61.174.51.0 0.0.0.255 log access-list 105 deny ip any 69.50.64.0 0.0.15.255 log access-list 105 deny ip any 69.57.224.0 0.0.31.255 log access-list 105 deny ip any 76.76.160.0 0.0.31.255 log access-list 105 deny ip any 78.188.103.0 0.0.0.255 log access-list 105 deny ip any host 89.248.172.16 log access-list 105 deny ip any 92.247.120.0 0.0.0.255 log access-list 105 deny ip any 93.174.93.0 0.0.0.255 log access-list 105 deny ip any host 93.174.95.106 log access-list 105 deny ip any 103.224.165.0 0.0.0.255 log access-list 105 deny ip any 112.220.192.0 0.0.0.255 log access-list 105 deny ip any 116.10.191.0 0.0.0.255 log access-list 105 deny ip any 117.55.192.0 0.0.15.255 log access-list 105 deny ip any 118.161.78.0 0.0.0.255 log access-list 105 deny ip any 118.161.66.0 0.0.0.255 log access-list 105 deny ip any 121.127.32.0 0.0.31.255 log access-list 105 deny ip any 122.228.207.0 0.0.0.255 log access-list 105 deny ip any 123.0.0.0 0.0.0.255 log access-list 105 deny ip any 124.199.112.0 0.0.15.255 log access-list 105 deny ip any 125.213.192.0 0.0.31.255 log access-list 105 deny ip any 125.227.158.0 0.0.0.255 log access-list 105 deny ip any 149.54.0.0 0.0.127.255 log access-list 105 deny ip any 173.208.200.0 0.0.0.255 log access-list 105 deny ip any 175.106.32.0 0.0.31.255 log access-list 105 deny ip any 180.94.64.0 0.0.31.255 log access-list 105 deny ip any 183.136.216.0 0.0.0.255 log access-list 105 deny ip any 187.0.0.0 0.255.255.255 log access-list 105 deny ip any 195.154.7.0 0.0.0.255 log access-list 105 deny ip any 198.20.69.0 0.0.0.255 log access-list 105 deny ip any 201.0.0.0 0.255.255.255 log access-list 105 deny ip any 202.56.176.0 0.0.15.255 log access-list 105 deny ip any 202.70.112.0 0.0.15.255 log access-list 105 deny ip any 202.86.16.0 0.0.15.255 log access-list 105 deny ip any 203.215.32.0 0.0.15.255 log access-list 105 deny ip any 205.217.224.0 0.0.31.255 log access-list 105 deny ip any 206.214.0.0 0.0.31.255 log access-list 105 deny ip any 209.59.64.0 0.0.63.255 log access-list 105 deny ip any 210.0.0.0 0.255.255.255 log access-list 105 deny ip any 213.136.78.0 0.0.0.255 log access-list 105 deny ip any 217.0.0.0 0.255.255.255 log access-list 105 deny ip any 218.0.0.0 0.255.255.255 log access-list 105 permit ip any any access-list 115 remark block un-authorized traffic from reaching server network (OUT) access-list 115 deny ip 172.16.125.0 0.0.0.255 172.16.122.0 0.0.0.255 access-list 115 deny ip 172.16.123.0 0.0.0.255 172.16.122.0 0.0.0.255 access-list 115 deny ip 172.16.124.0 0.0.0.255 172.16.122.0 0.0.0.255 access-list 115 permit ip 172.16.122.0 0.0.0.255 172.16.122.0 0.0.0.255 access-list 115 permit ip 172.16.126.0 0.0.0.255 172.16.122.0 0.0.0.255 access-list 122 remark Services Network Policy Based T1 Routing access-list 123 remark Guest Wi-Fi Network Policy Based T1 Routing access-list 124 remark DMZ Network T1 Routing (11/08/2018 Addition of redacted01) access-list 124 remark CCP_ACL Category=16 access-list 124 remark redacted Inbound access-list 124 permit tcp host 172.16.125.111 eq 2001 any access-list 124 remark redacted Control Outbound access-list 124 permit tcp host 172.16.125.111 any range 2003 2099 access-list 124 remark redacted Ports access-list 124 permit tcp host 172.16.125.98 range 5001 5099 any access-list 124 remark KeyScan RI Ports access-list 124 permit tcp host 172.16.125.109 range 5101 5199 any access-list 124 remark redacted traffic access-list 124 permit ip host 172.16.125.101 any access-list 124 permit ip host 172.16.125.97 any access-list 124 remark redacted Web Traffic access-list 124 permit tcp host 172.16.125.111 eq 8080 any access-list 124 permit tcp host 172.16.125.111 eq www any access-list 124 remark Web Traffic access-list 124 permit tcp host 172.16.125.98 eq 443 any access-list 124 permit tcp host 172.16.125.98 eq www any access-list 124 permit tcp host 172.16.125.110 eq 443 any access-list 124 permit tcp host 172.16.125.110 eq www any access-list 124 permit tcp host 172.16.125.98 eq 81 any access-list 124 permit tcp host 172.16.125.98 eq 444 any access-list 124 deny ip host 172.16.125.102 any access-list 125 remark SQL Network Route-Map Exceptions (03/01/17) access-list 125 deny ip host 172.16.122.50 any access-list 125 deny ip any host 172.16.122.50 access-list 125 permit ip any any access-list 126 remark T1 port filtering for client network (02/20/18)) access-list 126 remark CCP_ACL Category=16 access-list 126 remark Trap Ports access-list 126 permit tcp 172.16.126.0 0.0.0.255 range 2100 2115 any access-list 126 remark redacted access-list 126 permit tcp host 172.16.126.38 eq 2010 any access-list 126 remark redacted access-list 126 permit tcp any any range 2804 2810 access-list 127 remark redacted Policy Based T1 Routing (07/03/2014) access-list 127 remark CCP_ACL Category=16 access-list 127 remark redacted NET Path access-list 127 permit tcp host 172.16.127.2 eq 2001 any access-list 127 remark redacted CELL Path access-list 127 permit udp host 172.16.127.2 eq 2001 any access-list 130 remark redacted access-list 130 permit ip host 172.16.130.2 host 155.212.98.249 access-list 130 permit ip host 172.16.130.2 host 64.81.21.78 access-list 130 permit ip host 155.212.98.249 host 172.16.130.2 access-list 130 permit ip host 64.81.21.78 host 172.16.130.2 access-list 130 permit ip any any access-list 132 remark Services Network Policy Based Comcast Routing access-list 132 permit ip 172.16.123.0 0.0.0.255 any access-list 133 remark Guest Wi-Fi Policy Based Comcast Routing access-list 136 remark Client Network Policy Based Comcast Routing access-list 136 permit tcp 172.16.126.0 0.0.0.255 any eq www access-list 136 permit tcp 172.16.126.0 0.0.0.255 any eq 443 access-list 136 permit tcp 172.16.126.0 0.0.0.255 any eq 987 access-list 136 permit tcp 172.16.126.0 0.0.0.255 any eq 8081 access-list 136 permit tcp 172.16.136.0 0.0.0.255 any eq 25565 access-list 138 remark redacted access-list 138 permit ip any host 172.16.128.2 access-list 138 permit ip host 172.16.128.2 any access-list 144 remark DMZ Network Route-Map Exceptions (09/28/2018) access-list 144 remark redacted Communication Services access-list 144 permit tcp host 172.16.125.109 host 172.16.122.20 eq 5555 access-list 144 permit tcp host 172.16.125.109 host 172.16.122.20 eq 5556 access-list 144 permit tcp host 172.16.125.109 host 172.16.122.20 eq 1433 access-list 144 permit tcp host 172.16.125.109 host 172.16.122.20 eq 5544 access-list 144 permit tcp host 172.16.125.109 host 172.16.122.21 eq 5555 access-list 144 permit tcp host 172.16.125.109 host 172.16.122.21 eq 5556 access-list 144 permit tcp host 172.16.125.109 host 172.16.122.21 eq 1433 access-list 144 permit tcp host 172.16.125.109 host 172.16.122.21 eq 5544 access-list 144 remark redacted Communications access-list 144 permit tcp host 172.16.125.109 host 172.16.122.12 eq 1433 access-list 144 permit tcp host 172.16.125.109 host 172.16.122.12 eq 49261 access-list 144 remark redacted Communications access-list 144 permit ip host 172.16.125.111 172.16.122.0 0.0.0.255 access-list 144 remark Managability access-list 144 permit ip host 172.16.125.97 172.16.126.0 0.0.0.255 access-list 144 permit ip host 172.16.125.97 172.16.122.0 0.0.0.255 access-list 144 permit ip host 172.16.125.101 172.16.126.0 0.0.0.255 access-list 144 permit ip host 172.16.125.101 172.16.122.0 0.0.0.255 access-list 144 permit ip host 172.16.125.109 172.16.126.0 0.0.0.255 access-list 144 permit ip host 172.16.125.110 172.16.126.0 0.0.0.255 access-list 144 permit ip host 172.16.125.111 172.16.126.0 0.0.0.255 access-list 145 remark Server Network Route-Map Exceptions (11/13/14) access-list 145 permit ip 172.16.122.0 0.0.0.255 172.16.123.0 0.0.0.255 access-list 145 permit ip 172.16.122.0 0.0.0.255 172.16.125.0 0.0.0.255 access-list 145 permit ip 172.16.122.0 0.0.0.255 172.16.126.0 0.0.0.255 access-list 145 permit ip 172.16.122.0 0.0.0.255 172.16.128.0 0.0.0.255 access-list 145 permit ip 172.16.122.0 0.0.0.255 172.16.122.0 0.0.0.255 access-list 145 permit ip 172.16.122.0 0.0.0.255 10.0.1.0 0.0.0.255 access-list 145 permit ip 172.16.122.0 0.0.0.255 10.0.2.0 0.0.0.255 access-list 145 permit ip 172.16.122.0 0.0.0.255 192.168.43.0 0.0.0.255 access-list 146 remark Client Network Route-Map Exeptions (11/13/14) access-list 146 permit ip 172.16.126.0 0.0.0.255 172.16.122.0 0.0.0.255 access-list 146 permit ip 172.16.126.0 0.0.0.255 172.16.123.0 0.0.0.255 access-list 146 permit ip 172.16.126.0 0.0.0.255 172.16.125.0 0.0.0.255 access-list 146 permit ip 172.16.126.0 0.0.0.255 172.16.127.0 0.0.0.255 access-list 147 permit ip 172.16.127.0 0.0.0.255 172.16.122.0 0.0.0.255 access-list 147 permit ip 172.16.127.0 0.0.0.255 172.16.126.0 0.0.0.255 access-list 147 permit ip 172.16.127.0 0.0.0.255 172.16.127.0 0.0.0.255 access-list 148 permit ip 172.16.128.0 0.0.0.255 172.16.127.0 0.0.0.255 access-list 148 permit ip 172.16.128.0 0.0.0.255 172.16.122.0 0.0.0.255 access-list 148 permit ip 172.16.128.0 0.0.0.255 172.16.126.0 0.0.0.255 access-list 148 permit ip 172.16.128.0 0.0.0.255 172.16.123.0 0.0.0.255 access-list 148 permit ip 172.16.128.0 0.0.0.255 172.16.128.0 0.0.0.255 snmp-server community redactedRO snmp-server community redactedRW snmp-server ifindex persist snmp-server location redacted, USA snmp-server chassis-id Cisco1812-Router snmp-server enable traps snmp linkdown linkup coldstart warmstart snmp-server host 10.0.1.2 2c snmp-server host 10.0.1.2 version 2c redacted ! ! ! route-map NetCarrier permit 10 match ip address 2 match interface FastEthernet0 ! route-map SQL_Server_Network deny 10 match ip address 145 ! route-map SQL_Server_Network permit 20 match ip address 125 set ip next-hop verify-availability 207.xxx.xxx.209 1 track 2 set ip next-hop verify-availability 50.xxx.xxx.150 2 track 1 ! route-map Client_Network deny 10 match ip address 146 ! route-map Client_Network permit 20 match ip address 126 set ip next-hop verify-availability 207.xxx.xxx.209 1 track 2 set ip next-hop verify-availability 50.xxx.xxx.150 2 track 1 ! route-map redacted deny 5 match ip address 147 ! route-map redacted permit 10 match ip address 127 set ip next-hop 207.xxx.xxx.209 ! route-map Comcast permit 10 match ip address 1 match interface FastEthernet1 ! route-map DMZ_Network deny 10 match ip address 144 ! route-map DMZ_Network permit 20 match ip address 124 set ip next-hop verify-availability 207.xxx.xxx.209 1 track 2 set ip next-hop verify-availability 50.xxx.xxx.150 2 track 1 ! route-map redacted permit 10 match ip address 130 set ip next-hop verify-availability 207.xxx.xxx.209 1 track 2 set ip next-hop verify-availability 50.xxx.xxx.150 2 track 1 ! ! ! ! control-plane ! ! line con 0 line aux 0 line vty 0 4 access-class 103 in password 7 redacted transport input telnet ssh line vty 5 15 access-class 102 in transport input telnet ssh ! scheduler allocate 4000 1000 scheduler interval 500 no process cpu extended no process cpu autoprofile hog ntp clock-period 17180018 ntp update-calendar ntp server 64.90.182.55 source FastEthernet0 ntp server 129.6.15.28 source FastEthernet0 end