ayuda con esta configuracion
Publicado por jorge (1 intervención) el 22/09/2018 06:25:59
quien me dice que tanto le configuraron a este router
hostname rSiteRS_BIENES_TARAPOTO
!
boot-start-marker
boot-end-marker
!
!
logging buffered 9000
no logging console
enable secret 5 $1$/ukt$FdlZtioNkbbTrdK8DNf0Q1
!
aaa new-model
!
!
aaa authentication login default group tacacs+ enable
aaa authentication enable default group tacacs+ enable
aaa authorization commands 1 default group tacacs+ none
aaa authorization commands 15 default group tacacs+ none
aaa accounting exec default
action-type start-stop
group tacacs+
!
aaa accounting commands 1 default
action-type start-stop
group tacacs+
!
aaa accounting commands 15 default
action-type start-stop
group tacacs+
!
aaa accounting network default
action-type start-stop
group tacacs+
!
aaa accounting connection default
action-type start-stop
group tacacs+
!
!
!
!
!
!
aaa session-id common
clock timezone GMT -5 0
!
!
!
!
!
!
no ip source-route "sirve para deshabilitar ip que interrumpan la seguridad"
!
!
!
!
!
!
!
!
ip domain name yourdomain.com
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
cts logging verbose
!
crypto pki trustpoint TP-self-signed-2252952738
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2252952738
revocation-check none
rsakeypair TP-self-signed-2252952738
!
!
crypto pki certificate chain TP-self-signed-2252952738
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32323532 39353237 3338301E 170D3137 31323131 31363131
30315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 32353239
35323733 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B161 D1DC9828 2B3DBD35 29D75120 414730A4 64A541B8 D72472EA 7C5DEFBE
7877FC50 28D04ABD 53E9A07E 12253841 C176F321 44B34340 4730FFB2 6A896008
4C5EFD71 5E4CB5BC 5F3675F6 30658C14 AC719800 4B64CC5F 424EA3AD 9B1617D0
C4F3EC1E 4EB7AA44 B8B2757C A45BDC25 6BDFD36F 4B577269 4A128BB3 1E3090D3
A6BD0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14B55CB0 BCDB4661 6B43F011 6355B44A 722D05E1 6F301D06
03551D0E 04160414 B55CB0BC DB46616B 43F01163 55B44A72 2D05E16F 300D0609
2A864886 F70D0101 05050003 8181002E 4629FA8B 07511090 1FAC46CD 4EAE299D
B2E2BB69 FF9E7776 63521BCB 5549199C 1CE6843F 9CF1F4F8 0867AECA 624DE724
553D3958 0556C3E6 A6541222 C51B5348 C0A32C42 5475E681 6E435674 64799223
B9DE298A E3373094 5F1C3806 CD665DAB 95C2FC4B 9C5B88CA 0BDF7B37 4343B37E
6E7461AC 9A7DB660 B0218909 4FCC39
quit
license udi pid CISCO1921DC/K9 sn FGL215090EX
!
!
!
no spanning-tree vlan 119
no spanning-tree vlan 2009
no spanning-tree vlan 2187
vtp mode transparent
!
redundancy
!
!
vlan 119
!
vlan 2009
name Compartamos-rSITE_BIENES_TARAPOT
!
vlan 2187
name gestion_UM
!
ip telnet tos 0
bridge irb
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description Conexion WAN-TRUNK hacia BIENES Y SERVICIOS PARA EL HOGAR CID:8420817
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
load-interval 30
duplex full
speed 100
!
interface GigabitEthernet0/0.10
description ENLACE WAN GESTION De EQUIPOS
encapsulation dot1Q 2187
ip address 10.116.78.62 255.255.255.252
no ip redirects
no ip proxy-arp
ip flow ingress
!
interface GigabitEthernet0/0.20
description WAN Servicio BIENES Y SERVICIOS PARA EL HOGAR CID:8420817 (MODO BRIDGE)
encapsulation dot1Q 2009
no ip redirects
no ip proxy-arp
ip flow ingress
bridge-group 2
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/0/0
description INTERFACE LAN DE BIENES Y SERVICIOS PARA EL HOGAR CID:8420817
switchport mode trunk
no ip address
load-interval 30
duplex full
speed 100
!
interface GigabitEthernet0/0/1
no ip address
!
interface GigabitEthernet0/0/2
no ip address
!
interface GigabitEthernet0/0/3
no ip address
!
interface Vlan1
no ip address
!
interface Vlan119
description Interface de Gestion de UM:: AMOV CID::8420817
ip address 10.116.142.33 255.255.255.248
no ip redirects
no ip proxy-arp
load-interval 30
!
interface Vlan2009
description Interface LAN (MODO BRIDGEBIENES Y SERVICIOS PARA EL HOGAR CID:8420817
no ip address
no ip redirects
no ip proxy-arp
load-interval 30
bridge-group 2
!
interface BVI2
no ip address
!
ip forward-protocol nd
!
no ip http server
ip http access-class 23
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 10.116.78.61
ip tacacs source-interface GigabitEthernet0/0.10
!
logging source-interface GigabitEthernet0/0.10
logging host 172.19.216.47
!
!
tacacs-server host 172.19.216.47
tacacs-server directed-request
tacacs-server key 7 142713051601382025252333351200130D
!
!
!
control-plane
!
bridge 2 protocol ieee
bridge 2 route ip
!
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
-----------------------------------------------------------------------
^C
banner login ^C
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.
YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN
CREDENTIALS
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want
to use.
IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE
TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.
For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
-----------------------------------------------------------------------
^C
!
line con 0
password Danzig69
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
session-timeout 10 output
access-class 23 in
privilege level 15
password Danzig69
transport input all
line vty 5 15
access-class 23 in
privilege level 15
transport input all
!
scheduler allocate 20000 1000
hostname rSiteRS_BIENES_TARAPOTO
!
boot-start-marker
boot-end-marker
!
!
logging buffered 9000
no logging console
enable secret 5 $1$/ukt$FdlZtioNkbbTrdK8DNf0Q1
!
aaa new-model
!
!
aaa authentication login default group tacacs+ enable
aaa authentication enable default group tacacs+ enable
aaa authorization commands 1 default group tacacs+ none
aaa authorization commands 15 default group tacacs+ none
aaa accounting exec default
action-type start-stop
group tacacs+
!
aaa accounting commands 1 default
action-type start-stop
group tacacs+
!
aaa accounting commands 15 default
action-type start-stop
group tacacs+
!
aaa accounting network default
action-type start-stop
group tacacs+
!
aaa accounting connection default
action-type start-stop
group tacacs+
!
!
!
!
!
!
aaa session-id common
clock timezone GMT -5 0
!
!
!
!
!
!
no ip source-route "sirve para deshabilitar ip que interrumpan la seguridad"
!
!
!
!
!
!
!
!
ip domain name yourdomain.com
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
cts logging verbose
!
crypto pki trustpoint TP-self-signed-2252952738
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2252952738
revocation-check none
rsakeypair TP-self-signed-2252952738
!
!
crypto pki certificate chain TP-self-signed-2252952738
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32323532 39353237 3338301E 170D3137 31323131 31363131
30315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 32353239
35323733 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B161 D1DC9828 2B3DBD35 29D75120 414730A4 64A541B8 D72472EA 7C5DEFBE
7877FC50 28D04ABD 53E9A07E 12253841 C176F321 44B34340 4730FFB2 6A896008
4C5EFD71 5E4CB5BC 5F3675F6 30658C14 AC719800 4B64CC5F 424EA3AD 9B1617D0
C4F3EC1E 4EB7AA44 B8B2757C A45BDC25 6BDFD36F 4B577269 4A128BB3 1E3090D3
A6BD0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14B55CB0 BCDB4661 6B43F011 6355B44A 722D05E1 6F301D06
03551D0E 04160414 B55CB0BC DB46616B 43F01163 55B44A72 2D05E16F 300D0609
2A864886 F70D0101 05050003 8181002E 4629FA8B 07511090 1FAC46CD 4EAE299D
B2E2BB69 FF9E7776 63521BCB 5549199C 1CE6843F 9CF1F4F8 0867AECA 624DE724
553D3958 0556C3E6 A6541222 C51B5348 C0A32C42 5475E681 6E435674 64799223
B9DE298A E3373094 5F1C3806 CD665DAB 95C2FC4B 9C5B88CA 0BDF7B37 4343B37E
6E7461AC 9A7DB660 B0218909 4FCC39
quit
license udi pid CISCO1921DC/K9 sn FGL215090EX
!
!
!
no spanning-tree vlan 119
no spanning-tree vlan 2009
no spanning-tree vlan 2187
vtp mode transparent
!
redundancy
!
!
vlan 119
!
vlan 2009
name Compartamos-rSITE_BIENES_TARAPOT
!
vlan 2187
name gestion_UM
!
ip telnet tos 0
bridge irb
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description Conexion WAN-TRUNK hacia BIENES Y SERVICIOS PARA EL HOGAR CID:8420817
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
load-interval 30
duplex full
speed 100
!
interface GigabitEthernet0/0.10
description ENLACE WAN GESTION De EQUIPOS
encapsulation dot1Q 2187
ip address 10.116.78.62 255.255.255.252
no ip redirects
no ip proxy-arp
ip flow ingress
!
interface GigabitEthernet0/0.20
description WAN Servicio BIENES Y SERVICIOS PARA EL HOGAR CID:8420817 (MODO BRIDGE)
encapsulation dot1Q 2009
no ip redirects
no ip proxy-arp
ip flow ingress
bridge-group 2
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/0/0
description INTERFACE LAN DE BIENES Y SERVICIOS PARA EL HOGAR CID:8420817
switchport mode trunk
no ip address
load-interval 30
duplex full
speed 100
!
interface GigabitEthernet0/0/1
no ip address
!
interface GigabitEthernet0/0/2
no ip address
!
interface GigabitEthernet0/0/3
no ip address
!
interface Vlan1
no ip address
!
interface Vlan119
description Interface de Gestion de UM:: AMOV CID::8420817
ip address 10.116.142.33 255.255.255.248
no ip redirects
no ip proxy-arp
load-interval 30
!
interface Vlan2009
description Interface LAN (MODO BRIDGEBIENES Y SERVICIOS PARA EL HOGAR CID:8420817
no ip address
no ip redirects
no ip proxy-arp
load-interval 30
bridge-group 2
!
interface BVI2
no ip address
!
ip forward-protocol nd
!
no ip http server
ip http access-class 23
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 10.116.78.61
ip tacacs source-interface GigabitEthernet0/0.10
!
logging source-interface GigabitEthernet0/0.10
logging host 172.19.216.47
!
!
tacacs-server host 172.19.216.47
tacacs-server directed-request
tacacs-server key 7 142713051601382025252333351200130D
!
!
!
control-plane
!
bridge 2 protocol ieee
bridge 2 route ip
!
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
-----------------------------------------------------------------------
^C
banner login ^C
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.
YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN
CREDENTIALS
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want
to use.
IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE
TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.
For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
-----------------------------------------------------------------------
^C
!
line con 0
password Danzig69
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
session-timeout 10 output
access-class 23 in
privilege level 15
password Danzig69
transport input all
line vty 5 15
access-class 23 in
privilege level 15
transport input all
!
scheduler allocate 20000 1000
Valora esta pregunta
0
