Pavas#show run Building configuration... Current configuration : 40194 bytes ! ! Last configuration change at 09:20:59 CST Mon Aug 18 2008 by admin ! NVRAM config last updated at 09:27:02 CST Mon Aug 18 2008 by admin ! version 12.2 service timestamps debug uptime service timestamps log datetime msec service password-encryption service counters max age 10 ! hostname Pavas ! boot system flash sup-bootflash: card type e1 1 0 no logging on enable secret 5 $1$C8OH$.WO43TIPAFaX1AShtbH.F1 enable password 7 121A0C041104 ! username IDSin password 7 014208100113004014 username gviquez privilege 15 password 7 111A001645425B59 username admin secret 5 $1$ozbf$2p7cDFouVrTZDEzAbL.7W/ aaa new-model aaa authentication login default local aaa authentication enable default enable ! aaa session-id common clock timezone CST -6 firewall multiple-vlan-interfaces firewall module 5 vlan-group 1 firewall vlan-group 1 2-11 ip subnet-zero ! ! ip ftp username cisco ip ftp password 7 060506324F41 ip domain-name aya.go.cr ! ip ssh version 2 mls ip multicast flow-stat-timer 9 no mls flow ip no mls flow ipv6 mls cef error action freeze ! ! ! ! ! power redundancy-mode combined spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id no diagnostic cns publish no diagnostic cns subscribe ! redundancy mode sso main-cpu auto-sync startup-config auto-sync running-config auto-sync config-register auto-sync bootvar auto-sync standard interface GigabitEthernet9/5 description "Internal DNS (DMZ --> DNSin 172.29.1.2)" no ip address switchport switchport access vlan 4 ! interface GigabitEthernet13/45 description "OAS Server (DMZ --> OASin172.29.1.5)" no ip address switchport switchport access vlan 4 ! interface GigabitEthernet13/17 description "SIRE Server (DMZ_APP --> SIRE_APP 172.29.2.5)" no ip address switchport switchport access vlan 11 interface Vlan1 description NATIVE VLAN ip address 10.50.1.250 255.255.0.0 ! interface Vlan2 ip address 172.30.0.1 255.255.0.0 ! interface Vlan3 description Inside VLAN (faces inside interface on context EXTRA) ip address 10.100.100.1 255.255.255.0 ! ! interface Vlan5 description VLAN for Servers ip address 10.1.1.1 255.255.255.0 -------------------------------------------------------------------------- -------------------------------------------------------------------------- NEW CONFIG LINES ADDED IN ORDER TO MAKE IT WORK! -------------------------------------------------------------------------- -------------------------------------------------------------------------- interface Vlan4 description DMZ (configured on context EXTRA) ip address 172.29.1.254 255.255.255.0 shutdown interface Vlan6 description (configured on context INTRA, faces the external enterprises) ip address 10.11.1.254 255.255.255.0 ! interface Vlan11 description DMZ_SIRE (configured on context EXTRA) ip address 172.29.2.254 255.255.255.0