Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
833
Views
0
Helpful
1
Replies

improve the configuration cisco 851

balamsystem
Level 1
Level 1

‎07-02-2011 04:48 PM - edited ‎03-04-2019 12:52 PM

Hello everyone

I'm new to the world of cisco, I have a cisco851 and is currently configured this way.

The question is:

1 .- This well configured?

2 .- the internet encourages me a little as I can improve

3. - how I can improve the performance

! Version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname ciberaries

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

enable secret 5 $1$XOkP$YigiWxZwrPTNKSWtaEuot.

!

aaa new-model

!

!

aaa authentication login default local

aaa authorization exec default local

!

!

aaa session-id common

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1

ip dhcp excluded-address 192.168.2. 1 192.168.2. 49

ip dhcp excluded-address 192.168.2. 151 192.168.2. 254

!

ip dhcp pool sdm-pool1

network 192.168.2. 0 255.255.255.0

domain-name ciberaries

default-router 192.168.2.1

dns-server 200.33.146. 249 200.33.146. 241

!

!

ip cef

ip domain name ciberaries. Com

ip name-server 200.33.146. 249

ip name-server 200.33.146. 241

!

crypto pki trustpoint TP-self-signed-545905166
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-545905166
revocation-check none
rsakeypair TP-self-signed-545905166
!
!
crypto pki certificate chain TP-self-signed-545905166
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 35343539 30353136 36301E17 0D303230 33303130 30303631
335A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3534 35393035
31363630 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
D9A01FC8 58966307 4AAFC6E7 410A62CA 114E731D 9621D062 4027E9E0 516D39F1
0577EDD5 1F3D2B1B F9D6EF47 44B09176 A5FA4D8F 3B3A2E10 F198537E F626A959
31B3D92E 83DBF54F EDB3A8DB 0DD887C8 16C8A0D2 ACCBA1EF 363CAB15 E1816F55
88B6EFBA 0510BE04 1542E376 39CDDB11 B08A505D 27A42EEF 67310C3A 96C55677
02030100 01A37930 77300F06 03551D13 0101FF04 05300301 01FF3024 0603551D
11041D30 1B821963 69626572 61726965 732E6369 62657261 72696573 2E636F6D
301F0603 551D2304 18301680 1450630E 8261C35C 9928B817 07265A57 770ADDF8
8F301D06 03551D0E 04160414 50630E82 61C35C99 28B81707 265A5777 0ADDF88F
300D0609 2A864886 F70D0101 04050003 8181006A 51EAB657 219D91D9 6336CB44
C70BB869 7A4014E1 18A1D1BE EC3F302D 3BBDBA48 3A25ECFF AAB32184 B167F134
67E669AC F42BA4EB A18A8138 14276193 5ED03246 23D5EA44 5D710BD1 990BDCE8
F9432AF2 725EE3C4 8C488F7A 31483932 144134D1 A8BA4F7E 24BBB3A6 4D7683F6
3153281B 0F55A7F1 9AC296DF 7E978C63 36C06F
quit
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description $ETH-WAN$$ES_WAN$
no ip address
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.2. 1 255.255.255.0
ip flow ingress
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1412
!
interface Dialer3
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxxxx@prodigy.net.mx
ppp chap password 0 xxxxxxxx
ppp pap sent-username xxxx@prodigy.net.mx password 0 xxxxx
!
ip route 0.0.0. 0 0.0.0. 0 Dialer3
ip route 192.168.2. 1 255.255.255. 255 Dialer3
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool pool1 192.168.2. 1 192.168.2. 254 netmask 255.255.255.0
ip nat inside source list 2 interface Dialer3 overload
ip nat inside source static tcp 192.168.2. 1 80 interface Dialer3 80
!
access-list 1 permit 192.168.2. 0 0.0.0. 255
access-list 2 remark INSIDE_IF=Vlan1
access-list 2 remark SDM_ACL Category=2
access-list 2 permit 192.168.2. 0 0.0.0. 255
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.

Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.

username <myuser>  privilege 15 secret 0 <mypassword>
no username cisco

Replace <myuser> and <mypassword> with the username and password you want to use.

For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
no modem enable
line aux 0
line vty 0 4
transport input telnet ssh
!
scheduler max-task-time 5000
end
!

regards

Labels:
0 Helpful
1 Reply 1

Thotsaphon Lueangwattanaphong
Level 7
Level 7

‎07-03-2011 12:17 AM

Hi,

   You configuration looks good to me. But you do not need the following command. It's an IP address of a connected interface on the router.

Router(conf)#no ip route 192.168.2. 1 255.255.255. 255 Dialer3

   You have used AAA model and used "local" database. But I don't see any users.

Router(conf)#username admin privilege level 15 password 0 cisco12345

Router#wr

HTH,

Toshi

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card