
Building configuration...

Current configuration : 7032 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname BlackHole
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5 $1$Z.DC$QfPTmiWv61hiATJMvzgPj1
enable password 7 09084B071C0637
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local 
!
!
aaa session-id common
clock timezone PCTime -5
no ip source-route
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.0.1.1 10.0.1.99
ip dhcp excluded-address 10.0.2.1 10.0.2.99
!
ip dhcp pool Internal-net
   import all
   network 10.0.1.0 255.255.255.0
   default-router 10.0.1.1 
   domain-name jseneca.com
   lease 4
!
ip dhcp pool VLAN20
   import all
   network 10.0.2.0 255.255.255.0
   default-router 10.0.2.1 
   domain-name jseneca.com
   lease 4
!
!
ip tcp synwait-time 10
no ip bootp server
no ip domain lookup
ip domain name jseneca.com
ip ssh time-out 60
ip ssh authentication-retries 2
ip inspect name MYFW tcp
ip inspect name MYFW udp
ip inspect name MYFW http urlfilter
ip urlfilter allow-mode on
ip urlfilter exclusive-domain deny .youtube.com
ip urlfilter exclusive-domain deny .myspace.com
!
multilink bundle-name authenticated
!
crypto pki trustpoint TP-self-signed-160102339
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-160102339
 revocation-check none
 rsakeypair TP-self-signed-160102339
!
!
crypto pki certificate chain TP-self-signed-160102339
 certificate self-signed 01
  3082024B 308201B4 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 31363031 30323333 39301E17 0D303730 39303831 30303330 
  385A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F 
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3136 30313032 
  33333930 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 
  A37E8593 EBFA6203 4CDA408E D2EEC55E C266C6AD 0A61BD59 AC8BA1E0 A9075D6E 
  944FADF7 235A8C0D 77DD695E C40FBDD3 2668E019 8589E0AA E9F11336 C0173B77 
  0990BDFF 8D323EBC D356D924 FBE0963F 70E02998 2B8FB722 47CABD17 A4A0D449 
  75A9BA76 8C51739B B6660B92 659792F3 799E004C 0A7DC80B 2024C403 ED79472B 
  02030100 01A37530 73300F06 03551D13 0101FF04 05300301 01FF3020 0603551D 
  11041930 17821542 6C61636B 486F6C65 2E6A7365 6E656361 2E636F6D 301F0603 
  551D2304 18301680 14874A48 C9214D82 02A3E6B7 2BE0035A 60BA6AD5 33301D06 
  03551D0E 04160414 874A48C9 214D8202 A3E6B72B E0035A60 BA6AD533 300D0609 
  2A864886 F70D0101 04050003 81810045 6C9F70F0 FF391FF8 225E6E36 71E98958 
  4CFAC264 3FE39E39 9E4A9E0C 742D3236 18B712B2 4A5A1700 9E0DA7BE 151E61ED 
  C33B62F8 61D6B042 8A05EB0A 5F0EBD46 D704B5E5 5738B50F 01BEA70D 48C51018 
  DA36E6FE EBBCAF94 7033CF10 868F47B3 75A62DCE D88B87BB 98AB5381 9AE9AF5C 
  A13515EA 0BAA8610 7D9C5B6A 2A8342
  quit
!
!
username jseneca privilege 15 password 7 114D1C0B12112B
username root secret 5 $1$E6bm$CA4LuDlqXHskBv8LB8E240
!
! 
!
bridge irb
!
!
!
interface Null0
 no ip unreachables
!
interface FastEthernet0
 spanning-tree portfast
!
interface FastEthernet1
 spanning-tree portfast
!
interface FastEthernet2
 spanning-tree portfast
!
interface FastEthernet3
 spanning-tree portfast
!
interface FastEthernet4
 description $FW_INSIDE$
 ip address dhcp
 ip access-group Internet-inbound-ACL in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 ip inspect MYFW out
 ip virtual-reassembly
 ip route-cache flow
 ip tcp adjust-mss 1460
 duplex auto
 speed auto
 no cdp enable
!
interface Dot11Radio0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 !
 encryption vlan 1 mode ciphers tkip 
 !
 encryption vlan 20 mode ciphers tkip 
 !
 ssid Andromeda
    vlan 20
    authentication open 
    authentication key-management wpa
    guest-mode
    wpa-psk ascii 7 041A2709080C49670758
 !
 ssid Nebula
    vlan 1
    authentication open 
    authentication key-management wpa
    wpa-psk ascii 7 097E41075F2712061F15372F25212B32
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 channel 2462
 station-role root
 no dot11 extension aironet
 no cdp enable
!
interface Dot11Radio0.1
 encapsulation dot1Q 1 native
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.20
 description Guest wireless LAN - routed WLAN
 encapsulation dot1Q 20
 ip address 10.0.2.1 255.255.255.0
 ip access-group Guest-ACL in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip inspect MYFW out
 ip virtual-reassembly
!
interface Vlan1
 description Internal Network
 no ip address
 ip nat inside
 ip virtual-reassembly
 bridge-group 1
 bridge-group 1 spanning-disabled
!
interface BVI1
 description Bridge to Internal Network
 ip address 10.0.1.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
!
ip route 0.0.0.0 0.0.0.0 dhcp
!
!
ip http server
ip http access-class 2
ip http secure-server
ip nat inside source list 1 interface FastEthernet4 overload
!
ip access-list extended Guest-ACL
 remark SDM_ACL Category=17
 remark Printer
 permit ip any host 10.0.1.25
 deny   ip any 10.0.1.0 0.0.0.255
 permit ip any any
ip access-list extended Internet-inbound-ACL
 permit udp any eq bootps any eq bootpc
 permit icmp any any echo
 permit icmp any any echo-reply
 permit icmp any any traceroute
 permit gre any any
 permit esp any any
ip access-list extended Java
 remark URL Filter
 remark SDM_ACL Category=1
 permit ip any any
!
logging trap debugging
logging 10.0.1.100
access-list 1 permit 10.0.1.0 0.0.0.255
access-list 1 permit 10.0.2.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark SDM_ACL Category=1
access-list 2 permit 10.0.2.0 0.0.0.255
access-list 2 permit 10.0.1.0 0.0.0.255
access-list 2 deny   any
access-list 100 remark VTY Access-class list
access-list 100 remark SDM_ACL Category=1
access-list 100 permit ip 10.0.2.0 0.0.0.255 any
access-list 100 permit ip 10.0.1.0 0.0.0.255 any
access-list 100 deny   ip any any
no cdp run
!
!
!
!
control-plane
!
bridge 1 route ip
banner login ^CAuthorized access only! This system is the property of IAG Technologies, LLC Disconnect IMMEDIATLY as you are not an authorized user!^C
!
line con 0
 password 7 1453170509070A
 no modem enable
 transport output telnet
line aux 0
 transport output telnet
line vty 0 4
 access-class 100 in
 password 7 041F0E080A226C
 transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end