Scribd Logo
Upload

Welcome to Scribd!

  • Vanilla PLIM849

    Uploaded by

    Renato Franchesco Valega Gamarra
    124 views5 pages
    un routercito :v

    Original Title

    Vanilla PLIM849 (1)

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    un routercito :v

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    124 views5 pages

    Vanilla PLIM849

    Uploaded by

    Renato Franchesco Valega Gamarra
    un routercito :v

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    ======================================================================

    Customer : Atlas copco business services nv


    Site : DISTRITO DE LIMA
    Name : PLIM849
    Device type : ISR4331-SEC/K9
    Soft file name : isr4300-universalk9.03.16.04c.S.155-3.S4c-ext.SPA
    (case sensitive)
    RFU_date :
    Inst. week :
    ======================================================================

    configure terminal
    ! End-user license agreement (EULA)
    license accept end user agreement
    ! Line required setting APPX license activation
    license boot level appxk9
    ! Line required setting SEC license activation
    license boot level securityk9
    ! Line required setting UC license activation
    license boot level uck9

    ! Warning : License Activation will need the router to reboot


    !
    ! Line required setting throughput level performance
    Platform hardware throughput level 100000
    ! Line required setting throughput level performance
    Platform hardware throughput level 300000

    ! Warning : License Activation will need the router to reboot


    !
    !
    ! Chassis ISR4331-SEC/K9
    hostname plim849
    !
    enable password sita
    no enable secret
    !
    !
    ip host iprns04 57.7.44.97
    ip host ipsin04 57.7.41.65
    ip host ipwas04 57.7.40.65
    !
    vpdn enable
    vpdn-group pppoe
    !
    !
    interface Loopback1111
    description --- Orange Inband Mngmt
    ip address 57.215.252.153 255.255.255.255
    !
    !
    crypto pki trustpoint PKI-Orange
    enrollment terminal
    revocation-check none
    !
    crypto pki certificate chain PKI-Orange
    certificate ca 12
    3082065E 30820446 A0030201 02020112 300D0609 2A864886 F70D0101 0B050030
    58310B30 09060355 04061302 4652310F 300D0603 55040A0C 064F7261 6E676531
    17301506 0355040B 0C0E3030 30322033 38303132 39383636 311F301D 06035504
    030C164F 72616E67 65204465 76696365 7320526F 6F742043 41301E17 0D313331
    31313331 30343835 385A170D 33373131 31333130 34383538 5A304131 0B300906
    03550406 13024652 310F300D 06035504 0A0C064F 72616E67 65312130 1F060355
    04030C18 50726F76 69646572 20456467 65206465 76696365 73204341 30820222
    300D0609 2A864886 F70D0101 01050003 82020F00 3082020A 02820201 00DD5023
    2B729A1E 72E7301E DF79C8A3 E8DDA6B9 6BA5937F BE776851 67A34F63 8B820B18
    B69B1937 7640AA02 B4F7F15C 1EE179DA 89AB9A72 556B2AFE C897C6CE AA512575
    3175D79E B009507B BBBAFBA8 F3E1B0F9 603F1737 711048F9 E3399DF3 CA80FE2C
    1C354D70 19332D91 FB6EE90E AFB9C871 F4CA80C7 70C6159D B5129101 5DDA3DDF
    301B5F89 9C83454F 108986EA F89A96CA D9ABA77B 41263AE0 9B17742D 5AA3AC0E
    4AF73AE3 EB22C93B A7C1BDDA FA07D7FC 3643A10C A0124524 D83630E4 C723A4C8
    CDCDC65D A835BB1B AB59482B 206C01CB A555FD71 4B4D046C 0BED4B3B 8C8E6F4E
    F932155B 883CE066 1A628A96 20397E28 94BDDFA0 F19A200D B3452B6A D899D535
    02B3F155 76A9651A 53327C68 4C97E566 EB9262A5 89EA22F1 C015EF4E CDC7D29B
    63C465DD 1C2BB254 C7F2FD7E B30D66AB 6E2E7BE5 424E99FA A1675FC7 B857A8F4
    CB7A29ED 23DDA275 3F5F7170 268812A4 89471045 4F1741F1 3BFEAE89 C11293AC
    F299FBEA B2940663 3C1D57F5 A4E1BA96 00F67EB2 C910A42A 0A7EBEE9 FFD3D693
    409B0734 EAFAFAB4 6E0206CA 67EB3633 C946D478 AEE59FC3 5BC2AC5A DCB01DE2
    ED821913 792A1A73 DFCACA03 F5541973 674E3D42 957B4A05 2A739766 32B0BADE
    D1882A20 BE40EEA3 B0B45E54 BF64840A AF6FE217 10D0A0E6 5D9DA2FD FFC78CBD
    DF738FF6 721F8715 5EF08436 6FBB45A8 985A17D2 4EACFBB9 410E91B7 F7020301
    0001A382 01483082 0144300F 0603551D 130101FF 04053003 0101FF30 0E060355
    1D0F0101 FF040403 02010630 1D060355 1D0E0416 0414639E D1CA36AC 0D047360
    30CF4EF6 9B14711B 99033062 0603551D 23045B30 59801430 B3369E1A 1623341A
    9CA3A1EC AE6AD174 A0563CA1 3E813C43 4E3D4F72 616E6765 20446576 69636573
    20526F6F 74204341 2C204F55 3D303030 32203338 30313239 3836362C 204F3D4F
    72616E67 652C2043 3D465282 01003081 85060355 1D1F047E 307C303B A039A037
    86356874 74703A2F 2F706B69 2D63726C 2E69746E 2E667467 726F7570 2F63726C
    2F6F7261 6E676564 65766963 65735F72 6F6F742E 63726C30 3DA03BA0 39863768
    7474703A 2F2F7777 772E6F72 616E6765 2E636F6D 2F736972 6975732F 706B692F
    6F72616E 67656465 76696365 735F726F 6F742E63 726C3016 0603551D 20040F30
    0D300B06 092A817A 01100C07 0101300D 06092A86 4886F70D 01010B05 00038202
    010087CB 2C35B271 B3D41A3A C1ACB7C6 0ACB6983 839CC629 6D59F07B FBCA9DF3
    88201A21 4BD26517 3BFDF755 0ACB9E39 3BBB26FC F70B5D2B DCFC3D35 1F1094DD
    9B2E9A16 1856FC4C D81EE238 5EE0B0FD 6E4CC2A1 44A00AEF 73773CD5 FA7E1005
    A8ACE749 5483821B A41CDE4B 08D338DD 5A9F0014 257A3870 C813C756 B8586716
    1502CD50 3122C924 D37FEF74 CC18116E 8FE2C28F 4AA382D4 347A568C 101474A8
    C586DD82 0F11BB1A 217DAFF9 0E2DD8D6 75F0DFA0 7E982C9F 4BF3DC22 32815B50
    0B2E11D5 01720C40 9094FC72 63402FC7 15CF5DB2 8B3B1EAB 955ED210 821BB6B2
    3D52F1E3 3B941390 01FFC05A 08BA2FDC 54EC822E 0C5BBC05 FD89A0EB 2C61D649
    022AE1CA AD3A5085 A356094C FF12020B 9D51C280 640F4027 9DF2CDA3 757EC4B9
    B0A2726F 80813831 85BE1CA8 1D75DCF0 3AD5A2E8 977B3FDE 13ED775E E39B3B4E
    E3413469 27822AC8 1CC850FF AD3BDC37 D6CECE79 0F5CD8BB 92599F7B DA9860FC
    87FE2D73 CD9C4E42 E577CF98 EF629C8D 149D9AB5 BBDAAA5B 08FD240A DC8DCF6A
    101322BC BD85A0DF 902F2A3A 4EF6A216 1B5CF0E5 138B9B70 D4497021 1A30FB4D
    6BEAC58F B138DD30 C95FBA8F 474DB84B 00915020 67E44DF9 43B0FDF4 E5C75044
    7D4B112D 1D34C048 D2F760FC 66DE0A6A C21D2DE3 FB148AF1 8EEB4FE2 221C73DA
    6A7271C4 102F3096 EA9EED72 DC2981D4 C6E39A7D A66940C6 263492EE 0C1064E3 8260
    quit
    crypto pki certificate storage nvram:
    !
    !
    password encryption aes
    key config-key password-encrypt maJgJKxwcHjN5GV0l7UcWzzRZ8ED1.oA
    !
    no crypto ikev2 policy default
    !
    no crypto ikev2 http-url cert
    !
    default crypto ikev2 authorization policy
    !
    crypto ikev2 authorization policy default
    route accept any tag 7
    exit
    !
    crypto ipsec df-bit clear
    crypto ipsec fragmentation after-encryption
    !
    crypto ikev2 proposal IkeV2Proposal
    encryption aes-cbc-256 aes-cbc-192
    integrity sha512 sha384 sha256
    group 16 14 5 2
    !
    crypto ikev2 policy IkeV2Policy
    proposal IkeV2Proposal
    !
    crypto ikev2 keyring IkeV2Keyring
    peer bjre656/bjae6568
    address 57.97.114.254
    pre-shared-key local
    6Vpw/CXhfKN.c3mk2yXM.14cSuJSU4G01fyPzBnGQxV5YhLUpH8BvfceazYvzBxW
    !
    crypto ikev2 profile Ikev2Profile
    match identity remote fqdn bjre656.orange.com
    match identity remote fqdn bjae6568.orange.com
    identity local email copconet*plim849@orange.com
    authentication remote rsa-sig
    authentication local pre-share
    keyring local IkeV2Keyring
    pki trustpoint PKI-Orange
    lifetime 14700
    aaa authorization group cert list default default
    no config-exchange set send
    !
    crypto ikev2 dpd 25 15 periodic
    crypto ikev2 fragmentation
    !
    crypto ipsec security-association replay window-size 512
    !
    crypto ipsec transform-set ESP-AES-256-SHA-1 esp-aes 256 esp-sha-hmac
    mode transport
    !
    crypto ipsec transform-set ESP-AES-256-SHA-512 esp-aes 256 esp-sha512-hmac
    mode transport
    !
    crypto ikev2 limit max-sa 1
    crypto call admission limit ipsec sa 2
    !
    crypto ipsec profile IpsecProfile
    set security-association lifetime seconds 14100
    set security-association lifetime kilobytes disable
    set pfs group16
    set ikev2-profile Ikev2Profile
    set transform-set ESP-AES-256-SHA-512 ESP-AES-256-SHA-1
    !
    crypto logging ikev2
    !
    Interface Tunnel0
    description --- Tunnel to bjre656 / bjae6568
    ip address negotiated
    ip tcp adjust-mss 1340
    tunnel source Dialer1
    tunnel destination 57.97.114.254
    tunnel protection ipsec profile IpsecProfile
    !
    !
    banner motd *
    NOTICE: This is a private network device. If you are not authorized
    to connect or configure this device, disconnect at once! Actual
    or attempted use, access, examination, or configuration change by
    an unauthorized person will result in criminal and civil pro-
    secution to the full extent of the law.

    For any account problem, please contact your NUAR Admin.


    *
    banner exec *
    Atlas copco business services nv - copconet / ACCESS ROUTER - DISTRITO DE LIMA -
    PLIM849
    *
    !
    !
    interface GigabitEthernet0/0/1
    description --- TO BJRE656 & BJAE6568 VTI 2000
    ip address 190.223.68.75 255.255.255.248
    no ip redirects
    no ip directed-broadcast
    no ip proxy-arp
    speed 100
    duplex full
    no cdp enable
    no shutdown
    ip virtual-reassembly in
    !
    !
    ip route 57.97.114.254 255.255.255.255 190.223.68.73
    ip route 57.7.0.0 255.255.128.0 57.210.107.39 30
    !
    no ip access-list 2392
    !
    access-list 2392 remark --- Permit Only IPsec traffic
    access-list 2392 permit esp host 57.97.114.254 any
    access-list 2392 permit udp host 57.97.114.254 any eq isakmp
    access-list 2392 remark --- Add this line if NAT-T is used
    access-list 2392 permit udp host 57.97.114.254 any eq non500-isakmp
    access-list 2392 remark --- Add this line if CPE is used as DHCP Relay
    access-list 2392 permit udp any eq bootps any eq bootpc
    access-list 2392 remark --- Permit return ping traffic for test
    access-list 2392 permit icmp any any echo-reply
    !
    no access-list 23
    access-list 23 permit 57.7.0.0 0.0.63.255
    access-list 23 permit 57.35.128.0 0.0.0.127
    access-list 23 permit 57.251.0.0 0.0.255.255
    access-list 23 permit 57.246.0.0 0.0.255.255
    access-list 23 permit 57.0.128.0 0.0.127.255
    no access-list 24
    access-list 24 deny any
    ! Legacy SITA/Equant communities for NMS3 sup
    no access-list 80
    access-list 80 permit 57.7.0.0 0.0.127.255
    !
    snmp-server community sitalan RO 80
    snmp-server community xs159109 RW 80
    !
    line con 0
    password sitalan
    login
    !
    line aux 0
    password sitalan
    login
    transport input all
    !
    line vty 0 4
    password sita
    login
    transport input telnet ssh
    end
    !
    copy running-config startup-config

    You might also like