! ! Last configuration change at 17:39:41 BST Thu Sep 29 2005 by gw-lan-config ! NVRAM config last updated at 17:49:32 BST Thu Sep 29 2005 by gw-lan-config ! version 12.2 service nagle no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname gw-lan ! logging buffered 4096 debugging no logging console no logging monitor aaa new-model aaa authentication login gw-lan none enable secret 5 ******************* ! username gw-lan-config password 7 **************** clock timezone GMT 0 clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00 ip subnet-zero ip flow-cache timeout active 1 ip cef ! ! ip domain-name first4internet.co.uk ip name-server x.x.x.7 ip name-server x.x.x.1 ip dhcp excluded-address x.x.x.1 x.x.x.49 ip dhcp excluded-address x.x.x.50 x.x.x.55 ! ip dhcp pool F4ILAN network x.x.x.0 255.255.255.0 netbios-node-type h-node domain-name first4internet.co.uk default-router x.x.x.1 netbios-name-server x.x.x.4 dns-server x.x.x.7 x.x.x.8 option 42 ip x.x.x.1 lease 0 12 ! no ip bootp server ip multicast-routing ! call rsvp-sync ! ! ! ! ! ! ! ! interface FastEthernet0/0 ip address x.x.x.1 255.255.255.0 ip access-group LAN in ip nat inside ip route-cache flow speed 100 full-duplex ! interface FastEthernet0/1 ip address x.x.x.11 255.255.255.224 ip nat outside ip route-cache flow speed 100 full-duplex ! interface Ethernet1/0 ip address x.x.x.1 255.255.255.0 ip access-group TESTNET in ip access-group TESTNET-O out ip nat inside full-duplex ! ip nat pool UUNET x.x.x.15 x.x.x.29 netmask 255.255.255.224 ip nat inside source list 7 pool UUNET overload ip nat inside source static tcp x.x.x.4 1723 interface FastEthernet0/1 1723 ip nat inside source static x.x.x.9 x.x.x.3 ip nat inside source static tcp x.x.x.2 1723 x.x.x.12 1723 extendable ip nat inside source static tcp x.x.x.49 6881 x.x.x.16 6881 extendable ip nat inside source static udp x.x.x.16 161 x.x.x.16 161 extendable ip nat inside source static udp x.x.x.16 162 x.x.x.16 162 extendable ip nat inside source static tcp x.x.x.5 22 x.x.x.12 22 extendable ip nat inside source static udp x.x.x.5 1194 x.x.x.12 1194 extendable ip nat inside source static tcp x.x.x.5 20 x.x.x.12 20 extendable ip nat inside source static tcp x.x.x.5 21 x.x.x.12 21 extendable ip nat inside source static x.x.x.5 x.x.x.12 ip flow-export source FastEthernet0/0 ip flow-export version 5 ip flow-export destination x.x.x.16 2000 ip classless ip route 0.0.0.0 0.0.0.0 x.x.x.30 ip route 10.0.0.0 255.255.255.0 x.x.x.4 permanent no ip http server ip pim bidir-enable ! ! ip access-list extended LAN permit tcp x.x.x.0 0.0.0.255 any established permit tcp x.x.x.0 0.0.0.255 any eq www permit tcp x.x.x.0 0.0.0.255 any eq domain permit udp x.x.x.0 0.0.0.255 any eq domain permit tcp x.x.x.0 0.0.0.255 any eq nntp permit tcp x.x.x.0 0.0.0.255 any eq 443 permit tcp x.x.x.0 0.0.0.255 any eq 6901 permit udp x.x.x.0 0.0.0.255 any eq 7001 permit tcp x.x.x.0 0.0.0.255 any range 6666 7000 permit tcp x.x.x.0 0.0.0.255 any range ftp-data ftp permit tcp x.x.x.0 0.0.0.255 x.x.x.0 0.0.0.255 range 2049 2064 permit icmp x.x.x.0 0.0.0.255 any permit tcp x.x.x.0 0.0.0.255 host x.x.x.1 eq 22 permit udp x.x.x.0 0.0.0.255 eq domain any permit udp x.x.x.0 0.0.0.255 host x.x.x.1 eq tftp permit udp any range bootps bootpc any range bootps bootpc permit udp x.x.x.0 0.0.0.255 host x.x.x.1 gt 1023 permit tcp host x.x.x.49 x.x.x.0 0.0.0.30 eq 3389 permit udp host x.x.x.49 x.x.x.0 0.0.0.30 eq 3389 permit tcp x.x.x.0 0.0.0.255 any eq 3389 permit tcp host x.x.x.9 any eq smtp deny tcp any any eq 135 deny tcp any any eq 1025 syn deny tcp any any eq 42 syn permit gre host x.x.x.4 any permit tcp x.x.x.0 0.0.0.255 host x.x.x.5 range 5500 5600 permit tcp x.x.x.0 0.0.0.255 host x.x.x.7 eq 1433 permit udp host x.x.x.4 host x.x.x.30 eq snmp permit tcp x.x.x.0 0.0.0.255 any eq 1863 permit tcp host x.x.x.49 any permit udp host x.x.x.4 host x.x.x.1 eq snmp permit tcp host x.x.x.48 any range 1024 5000 permit tcp x.x.x.0 0.0.0.255 any eq 6346 permit tcp host x.x.x.9 host 216.136.173.10 eq pop3 permit tcp x.x.x.0 0.0.0.255 x.x.x.0 0.0.0.255 range 2049 2074 deny tcp any any eq 445 syn deny tcp any any eq 139 syn deny tcp any any eq 135 syn permit gre host x.x.x.4 host 217.37.183.193 permit tcp host x.x.x.4 host 217.37.183.193 eq 1723 permit tcp host x.x.x.46 any eq 6129 permit tcp host x.x.x.46 any eq 8685 permit tcp host x.x.x.46 any eq 8686 permit udp host x.x.x.16 x.x.x.0 0.0.0.30 eq snmp permit udp host x.x.x.16 host x.x.x.1 eq snmp permit udp host x.x.x.16 host x.x.x.2 eq snmp permit udp host x.x.x.16 x.x.x.0 0.0.0.30 eq snmptrap permit udp host x.x.x.16 x.x.x.1 0.0.0.30 eq snmp permit udp host x.x.x.5 host 213.174.200.133 eq 1194 permit tcp host x.x.x.5 host 212.124.226.8 permit tcp x.x.x.0 0.0.0.255 host x.x.x.5 eq 8022 permit tcp x.x.x.0 0.0.0.255 any eq 5190 permit udp host x.x.x.49 host x.x.x.1 eq snmp ip access-list extended LAN-O permit tcp any x.x.x.0 0.0.0.255 established permit tcp any host x.x.x.9 eq pop3 permit tcp any host x.x.x.9 eq smtp permit udp any eq domain x.x.x.0 0.0.0.255 permit tcp any eq domain x.x.x.0 0.0.0.255 permit icmp any x.x.x.0 0.0.0.255 ip access-list extended TESTNET permit tcp x.x.x.0 0.0.0.255 any eq www permit tcp x.x.x.0 0.0.0.255 any eq domain permit udp x.x.x.0 0.0.0.255 any eq domain permit tcp x.x.x.0 0.0.0.255 any eq 443 permit icmp x.x.x.0 0.0.0.255 any permit tcp host x.x.x.2 range ftp-data ftp x.x.x.0 0.0.0.255 gt 1023 permit tcp host x.x.x.2 any eq ftp permit tcp host x.x.x.2 any eq ftp-data permit tcp host x.x.x.2 eq 1723 any established permit gre host x.x.x.2 host 193.203.65.166 permit tcp x.x.x.0 0.0.0.255 x.x.x.0 0.0.0.255 eq 5001 permit tcp x.x.x.0 0.0.0.255 any established ip access-list extended TESTNET-O permit tcp any x.x.x.0 0.0.0.255 established permit udp x.x.x.0 0.0.0.255 eq domain x.x.x.0 0.0.0.255 permit icmp any x.x.x.0 0.0.0.255 permit tcp x.x.x.0 0.0.0.255 host x.x.x.2 eq ftp permit tcp x.x.x.0 0.0.0.255 host x.x.x.2 eq ftp-data permit tcp x.x.x.0 0.0.0.255 range ftp-data ftp host x.x.x.2 gt 1023 permit tcp x.x.x.0 0.0.0.255 x.x.x.0 0.0.0.255 range 2064 2079 permit tcp host 193.203.65.166 host x.x.x.2 eq 1723 permit gre host 193.203.65.166 host x.x.x.2 access-list 7 permit x.x.x.0 0.0.0.255 access-list 7 permit x.x.x.0 0.0.0.255 access-list 101 permit tcp any eq 1723 any access-list 101 permit tcp any any access-list 101 permit tcp 0.0.0.0 255.255.255.0 any access-list 101 deny tcp any any access-list 102 permit tcp x.x.x.0 0.0.0.255 eq www any access-list 102 permit tcp x.x.x.0 0.0.0.255 eq ftp any access-list 102 permit tcp x.x.x.0 0.0.0.255 eq ftp-data any access-list 102 permit tcp x.x.x.0 0.0.0.255 eq domain x.x.x.0 0.0.0.255 access-list 102 permit udp x.x.x.0 0.0.0.255 eq domain x.x.x.0 0.0.0.255 snmp-server engineID local 000000090200000A41551EB0 snmp-server community F4ILAN RO snmp-server enable traps tty ! dial-peer cor custom ! ! ! ! banner login  This system is the property of First 4 Internet Ltd Disconnect IMMEDIATELY if you are not an authorised user! Contact admin@first4internet.co.uk for information  ! line con 0 exec-timeout 0 0 login authentication gw-lan transport preferred none line aux 0 line vty 0 4 password 7 **************** no exec transport preferred none ! end