Here are my configs for my
Router:
!
version 15.7
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname NASA
!
boot-start-marker
boot-end-marker
!
!
security authentication failure rate 10 log
security passwords min-length 6
logging console critical
enable secret 5
enable password 7
!
aaa new-model
!
!
aaa authentication login local_auth local
!
!
!
!
!
!
aaa session-id common
!
!
!
!
!
!
no ip source-route
no ip gratuitous-arps
!
!
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 192.168.20.1 192.168.20.60
ip dhcp excluded-address 192.168.30.1 192.168.30.60
ip dhcp excluded-address 192.168.40.1 192.168.40.60
ip dhcp excluded-address 192.168.50.1 192.168.50.60
ip dhcp excluded-address 192.168.60.1 192.168.60.60
ip dhcp excluded-address 192.168.70.1 192.168.70.60
ip dhcp excluded-address 192.168.80.1 192.168.80.60
!
ip dhcp pool vlan 20
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 208.67.222.222 208.67.220.220
!
ip dhcp pool vlan 30
network 192.168.30.0 255.255.255.0
default-router 192.168.30.1
dns-server 208.67.222.222 208.67.220.220
!
ip dhcp pool vlan 40
network 192.168.40.0 255.255.255.0
default-router 192.168.40.1
dns-server 208.67.222.222 208.67.220.220
!
ip dhcp pool vlan 50
network 192.168.50.0 255.255.255.0
default-router 192.168.50.1
dns-server 208.67.222.222 208.67.220.220
!
ip dhcp pool vlan 60
network 192.168.60.0 255.255.255.0
default-router 192.168.60.1
dns-server 208.67.222.222 208.67.220.220
!
ip dhcp pool vlan 70
network 192.168.70.0 255.255.255.0
default-router 192.168.70.1
dns-server 208.67.222.222 208.67.220.220
!
ip dhcp pool vlan 80
network 192.168.80.0 255.255.255.0
default-router 192.168.80.1
dns-server 208.67.222.222 208.67.220.220
!
!
!
no ip bootp server
ip host JPL 192.168.2.2
ip cef
login block-for 13500 attempts 35 within 13500
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
license udi pid CISCO2911/K9 sn FGL1741129H
license accept end user agreement
license boot module c2900 technology-package securityk9
license boot module c2900 technology-package datak9
!
!
vtp mode transparent
username user password 7
!
redundancy
!
!
!
!
no cdp run
!
!
class-map type inspect match-all INSIDE-TO-OUTSIDE-CLASS
match access-group name INSIDE-TO-OUTSIDE
class-map type inspect match-all OUTSIDE-TO-INSIDE-CLASS
match access-group name OUTSIDE-TO-INSIDE
!
policy-map type inspect INSIDE-TO-OUTSIDE-POLICY
class type inspect INSIDE-TO-OUTSIDE-CLASS
pass
class class-default
pass
policy-map type inspect OUTSIDE-TO-INSIDE-POLICY
class type inspect OUTSIDE-TO-INSIDE-CLASS
drop
class class-default
drop
!
zone security INSIDE
zone security OUTSIDE
zone-pair security IN-TO-OUT source INSIDE destination OUTSIDE
service-policy type inspect INSIDE-TO-OUTSIDE-POLICY
zone-pair security OUT-TO-IN source OUTSIDE destination INSIDE
service-policy type inspect OUTSIDE-TO-INSIDE-POLICY
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 192.168.1.1 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
shutdown
no mop enabled
!
interface GigabitEthernet0/0
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
zone-member security OUTSIDE
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
zone-member security INSIDE
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1.1
encapsulation dot1Q 1 native
ip address 192.168.2.1 255.255.255.0
zone-member security INSIDE
no cdp enable
!
interface GigabitEthernet0/1.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
zone-member security INSIDE
no cdp enable
!
interface GigabitEthernet0/1.30
encapsulation dot1Q 30
ip address 192.168.30.1 255.255.255.0
no cdp enable
!
interface GigabitEthernet0/1.40
encapsulation dot1Q 40
ip address 192.168.40.1 255.255.255.0
no cdp enable
!
interface GigabitEthernet0/1.50
encapsulation dot1Q 50
ip address 192.168.50.1 255.255.255.0
no cdp enable
!
interface GigabitEthernet0/1.60
encapsulation dot1Q 60
ip address 192.168.60.1 255.255.255.0
no cdp enable
!
interface GigabitEthernet0/1.70
encapsulation dot1Q 70
ip address 192.168.70.1 255.255.255.0
no cdp enable
!
interface GigabitEthernet0/1.80
encapsulation dot1Q 80
ip address 192.168.80.1 255.255.255.0
no cdp enable
!
interface GigabitEthernet0/2
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
shutdown
duplex auto
speed auto
no mop enabled
!
!
router rip
version 2
network 142.165.0.0
network 192.168.2.0
network 192.168.20.0
network 207.47.196.0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 dhcp
ip identd
!
ip access-list extended INSIDE-TO-OUTSIDE
ip access-list extended OUTSIDE-TO-INSIDE
!
logging trap debugging
logging facility local2
dialer-list 1 protocol ip permit
ipv6 ioam timestamp
!
!
!
!
control-plane host
!
!
control-plane
!
!
vstack
banner login ^C
******* ***** ,******. ,************** ,******,
**********, ***** .********** ,***************** **********
******,***** ***** ************ ******************* ************
***** ***** ***** ***** ****** ***** ***** ,*****
***** *****, ***** ****** ***** ***** ,***** *****
***** ***** ***** ***** ***** ,**************** ***** *****
***** ,***** ***** ***** ****** ***************** ***** ,*****
***** ***** ***** ***** ***** ,,,,,,,,****** .***** *****
***** ,***** ***** ***** ***** ***** ***** *****
***** ***** ********** *****, ***********, ******
***** ***********.***** *********************** ***** *****
***** ********* ***** ******************** ***** ***** ^C
banner motd ^C
Welcome to ^C
!
line con 0
exec-timeout 5 0
login authentication local_auth
transport output telnet
speed 115200
line aux 0
exec-timeout 15 0
login authentication local_auth
modem InOut
transport input telnet
transport output telnet
flowcontrol hardware
line 2
exec-timeout 15 0
login authentication local_auth
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password 7
login authentication local_auth
transport input none
!
scheduler allocate 20000 1000
!
end Switch:
!
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service compress-config
!
hostname JPL
!
boot-start-marker
boot host bootflash:startup-config
boot system bootflash:startup-config
boot config bootflash:startup-config
boot-end-marker
!
enable secret 5
enable password 7
!
username user privilege 15 password 7
!
!
no aaa new-model
ip subnet-zero
ip vrf mgmtVrf
!
!
!
vtp domain test-02
vtp mode transparent
!
!
!
power redundancy-mode redundant
!
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 20,30,40,50,60,70,80,159-160
!
!
!
interface FastEthernet1
ip vrf forwarding mgmtVrf
no ip address
speed auto
duplex auto
!
interface GigabitEthernet1/1
switchport access vlan 20
switchport mode dot1q-tunnel
no cdp enable
!
interface GigabitEthernet1/2
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/3
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/4
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/5
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/6
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/7
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/8
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/9
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/10
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/11
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/12
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/13
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/14
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/15
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/16
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/17
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/18
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/19
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/20
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/21
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/22
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/23
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/24
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/25
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/26
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/27
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/28
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/29
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/30
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/31
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/32
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/33
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/34
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/35
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/36
switchport access vlan 40
switchport mode access
!
interface GigabitEthernet1/37
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/38
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/39
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/40
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/41
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/42
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/43
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/44
switchport access vlan 50
switchport mode access
!
interface GigabitEthernet1/45
switchport access vlan 50
switchport mode access
media-type rj45
!
interface GigabitEthernet1/46
switchport access vlan 50
switchport mode access
media-type rj45
!
interface GigabitEthernet1/47
switchport access vlan 50
switchport mode access
media-type rj45
!
interface GigabitEthernet1/48
switchport trunk encapsulation dot1q
switchport mode trunk
media-type rj45
!
interface Vlan1
ip address 192.168.2.2 255.255.255.0
spanning-tree portfast
spanning-tree link-type shared
!
router rip
network 192.168.2.0
!
ip route 0.0.0.0 0.0.0.0 192.168.2.1
no ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!
banner login ^C
**** *****************, ****
**** ******************* ****
**** ****. **** ****
**** ****. **** ****
**** ****. ***********, ****
**** ****. ****
**** ****. ****
,,,,,,,,,,,,,****** ****. ******,,,,,,,,,,,,,
****************, ****. ****************, ^C
banner motd ^C
Welcome to ^C
!
line con 0
login local
stopbits 1
line vty 0 5
login local
!
end
Any ideas?
---------------------
"Fortune favors the brave."
▊▊▊
