term len 0 yourname#show run Building configuration... Current configuration : 10236 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname yourname ! boot-start-marker boot-end-marker ! logging buffered 52000 debugging ! no aaa new-model ! resource policy ! ! ! ip cef no ip dhcp use vrf connected ip dhcp excluded-address 10.10.10.1 ip dhcp excluded-address 192.168.1.1 192.168.1.50 ip dhcp excluded-address 192.168.1.101 192.168.1.254 ip dhcp excluded-address 192.168.2.1 192.168.2.50 ip dhcp excluded-address 192.168.2.101 192.168.2.254 ip dhcp excluded-address 192.168.3.1 192.168.3.50 ip dhcp excluded-address 192.168.3.101 192.168.3.254 ip dhcp excluded-address 192.168.4.1 192.168.4.50 ip dhcp excluded-address 192.168.4.101 192.168.4.254 ip dhcp excluded-address 192.168.5.1 192.168.5.50 ip dhcp excluded-address 192.168.5.101 192.168.5.254 ! ip dhcp pool sdm-pool import all network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server 192.168.1.1 192.168.0.1 lease 3 ! ip dhcp pool AV import all network 192.168.2.0 255.255.255.0 dns-server 192.168.2.1 192.168.0.1 default-router 192.168.2.1 lease 5 ! ip dhcp pool Guest import all network 192.168.3.0 255.255.255.0 dns-server 192.168.3.1 192.168.0.1 default-router 192.168.3.1 lease 3 ! ip dhcp pool Ship import all network 192.168.4.0 255.255.255.0 dns-server 192.168.4.1 192.168.0.1 default-router 192.168.4.1 lease 3 ! ip dhcp pool Crew import all network 192.168.5.0 255.255.255.0 dns-server 192.168.5.1 192.168.0.1 default-router 192.168.5.1 lease 3 ! ! ip domain name yourdomain.com ip name-server 4.2.2.2 ip inspect name SDM_LOW cuseeme ip inspect name SDM_LOW dns ip inspect name SDM_LOW ftp ip inspect name SDM_LOW h323 ip inspect name SDM_LOW https ip inspect name SDM_LOW icmp ip inspect name SDM_LOW imap ip inspect name SDM_LOW pop3 ip inspect name SDM_LOW netshow ip inspect name SDM_LOW rcmd ip inspect name SDM_LOW realaudio ip inspect name SDM_LOW rtsp ip inspect name SDM_LOW esmtp ip inspect name SDM_LOW sqlnet ip inspect name SDM_LOW streamworks ip inspect name SDM_LOW tftp ip inspect name SDM_LOW tcp ip inspect name SDM_LOW udp ip inspect name SDM_LOW vdolive ! ! crypto pki trustpoint TP-self-signed-1440269520 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1440269520 revocation-check none rsakeypair TP-self-signed-1440269520 ! ! crypto pki certificate chain TP-self-signed-1440269520 certificate self-signed 01 3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 31343430 32363935 3230301E 170D3039 30373133 30373435 30375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 34343032 36393532 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100BFE2 DF406794 304154B1 8874D060 B3BF33AA 1FEC828D EBB965EC 8F0CAFFC C866ABA0 400F7040 4E77F7C1 0A4E084C 49DDE9BE A04907C5 9A78B794 57C2E1CE 48097400 F93FDB65 6460CAA1 7F17D53C 6741F4AC 57842C40 D4F15760 6D3E817B 7D730295 93E20F79 B23B4AE5 D7B9F690 CB32E749 5ABAED82 DB44356B 4B7B513D 63C90203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603 551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D 301F0603 551D2304 18301680 14BF9080 B7CB1F32 C74F5279 AE909EA4 04E2745B A5301D06 03551D0E 04160414 BF9080B7 CB1F32C7 4F5279AE 909EA404 E2745BA5 300D0609 2A864886 F70D0101 04050003 8181002D D29B8AA5 31BBA80C 0FA45082 48DD5890 2774147C 4B5D1EAB 10514A50 EEB4C52E 1C29C587 C330F7F1 C606878A 56DB2174 E3B08A16 535DDEE7 2DE7DACB 5300C2C9 3120172A 6DC8A2FE F470E19F 45E1240E 503B3DA4 E04BCE6F BBDEC9F1 A5478E25 DDF1369C 17D07AC0 F76886E8 87BE259F A966D097 F06D8F57 A5931357 846547 quit username admin privilege 15 secret 5 $1$pu6/$VMJb2DjNr5jDqpvdZ.pjh0 ! ! ! ! ! ! interface FastEthernet0 description $ETH-WAN$$FW_OUTSIDE$ ip address dhcp client-id FastEthernet0 ip nat outside ip virtual-reassembly duplex auto speed auto ! interface FastEthernet1 description $ETH-WAN$ ip address dhcp client-id FastEthernet1 ip nat outside ip virtual-reassembly shutdown duplex auto speed auto ! interface FastEthernet2 ! interface FastEthernet3 switchport access vlan 20 ! interface FastEthernet4 switchport access vlan 30 ! interface FastEthernet5 switchport access vlan 40 ! interface FastEthernet6 switchport access vlan 50 ! interface FastEthernet7 ! interface FastEthernet8 ! interface FastEthernet9 switchport mode trunk ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-FE 2$$FW_INSIDE$ ip address 192.168.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 ! interface Vlan20 description $FW_INSIDE$ ip address 192.168.2.1 255.255.255.0 ip nat inside ip virtual-reassembly ! interface Vlan30 description $FW_INSIDE$ ip address 192.168.3.1 255.255.255.0 ip nat inside ip virtual-reassembly ! interface Vlan40 description $FW_INSIDE$ ip address 192.168.4.1 255.255.255.0 ip nat inside ip virtual-reassembly ! interface Vlan50 description $FW_INSIDE$ ip address 192.168.5.1 255.255.255.0 ip nat inside ip virtual-reassembly ! interface Async1 no ip address encapsulation slip shutdown ! ! ip dns server ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source list 2 interface FastEthernet0 overload ! access-list 1 remark SDM_ACL Category=2 access-list 1 permit 192.168.4.0 0.0.0.255 access-list 1 permit 192.168.1.0 0.0.0.255 access-list 1 permit 192.168.3.0 0.0.0.255 access-list 1 permit 192.168.2.0 0.0.0.255 access-list 1 permit 192.168.5.0 0.0.0.255 access-list 2 remark SDM_ACL Category=2 access-list 2 permit 192.168.4.0 0.0.0.255 access-list 2 permit 192.168.3.0 0.0.0.255 access-list 2 permit 192.168.2.0 0.0.0.255 access-list 2 permit 192.168.5.0 0.0.0.255 access-list 2 permit 192.168.1.0 0.0.0.255 access-list 100 remark auto generated by SDM firewall configuration access-list 100 remark SDM_ACL Category=1 access-list 100 deny ip 192.168.5.0 0.0.0.255 any access-list 100 deny ip 192.168.2.0 0.0.0.255 any access-list 100 deny ip 192.168.3.0 0.0.0.255 any access-list 100 deny ip 192.168.4.0 0.0.0.255 any access-list 100 deny ip host 255.255.255.255 any access-list 100 deny ip 127.0.0.0 0.255.255.255 any access-list 100 permit ip any any access-list 101 remark auto generated by SDM firewall configuration access-list 101 remark SDM_ACL Category=1 access-list 101 deny ip 192.168.5.0 0.0.0.255 any access-list 101 deny ip 192.168.3.0 0.0.0.255 any access-list 101 deny ip 192.168.1.0 0.0.0.255 any access-list 101 deny ip 192.168.4.0 0.0.0.255 any access-list 101 deny ip host 255.255.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 permit ip any any access-list 102 remark auto generated by SDM firewall configuration access-list 102 remark SDM_ACL Category=1 access-list 102 deny ip 192.168.5.0 0.0.0.255 any access-list 102 deny ip 192.168.2.0 0.0.0.255 any access-list 102 deny ip 192.168.1.0 0.0.0.255 any access-list 102 deny ip 192.168.4.0 0.0.0.255 any access-list 102 deny ip host 255.255.255.255 any access-list 102 deny ip 127.0.0.0 0.255.255.255 any access-list 102 permit ip any any access-list 103 remark auto generated by SDM firewall configuration access-list 103 remark SDM_ACL Category=1 access-list 103 deny ip 192.168.5.0 0.0.0.255 any access-list 103 deny ip 192.168.2.0 0.0.0.255 any access-list 103 deny ip 192.168.3.0 0.0.0.255 any access-list 103 deny ip 192.168.1.0 0.0.0.255 any access-list 103 deny ip host 255.255.255.255 any access-list 103 deny ip 127.0.0.0 0.255.255.255 any access-list 103 permit ip any any access-list 104 remark auto generated by SDM firewall configuration access-list 104 remark SDM_ACL Category=1 access-list 104 deny ip 192.168.2.0 0.0.0.255 any access-list 104 deny ip 192.168.3.0 0.0.0.255 any access-list 104 deny ip 192.168.1.0 0.0.0.255 any access-list 104 deny ip 192.168.4.0 0.0.0.255 any access-list 104 deny ip host 255.255.255.255 any access-list 104 deny ip 127.0.0.0 0.255.255.255 any access-list 104 permit ip any any access-list 105 remark auto generated by SDM firewall configuration access-list 105 remark SDM_ACL Category=1 access-list 105 deny ip 192.168.5.0 0.0.0.255 any access-list 105 deny ip 192.168.2.0 0.0.0.255 any access-list 105 deny ip 192.168.3.0 0.0.0.255 any access-list 105 deny ip 192.168.1.0 0.0.0.255 any access-list 105 deny ip 192.168.4.0 0.0.0.255 any access-list 105 permit udp any eq bootps any eq bootpc access-list 105 permit icmp any any echo-reply access-list 105 permit icmp any any time-exceeded access-list 105 permit icmp any any unreachable access-list 105 deny ip host 255.255.255.255 any access-list 105 deny ip any any log no cdp run ! ! ! ! ! ! control-plane ! banner login ^C ----------------------------------------------------------------------- Cisco Router and Security Device Manager (SDM) is installed on this device. This feature requires the one-time use of the username "cisco" with the password "cisco". The default username and password have a privilege level of 15. Please change these publicly known initial credentials using SDM or the IOS CLI. Here are the Cisco IOS commands. username privilege 15 secret 0 no username cisco Replace and with the username and password you want to use. For more information about SDM please follow the instructions in the QUICK START GUIDE for your router or go to http://www.cisco.com/go/sdm ----------------------------------------------------------------------- ^C ! line con 0 login local line 1 modem InOut stopbits 1 speed 115200 flowcontrol hardware line aux 0 line vty 0 4 privilege level 15 login local transport input telnet ssh line vty 5 15 privilege level 15 login local transport input telnet ssh ! ! webvpn context Default_context ssl authenticate verify all ! no inservice ! end yourname#