sho ver Cisco IOS Software, C181X Software (C181X-ADVIPSERVICESK9-M), Version 12.4(15)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Mon 25-Jun-07 19:25 by prod_rel_team ROM: System Bootstrap, Version 12.3(8r)YH8, RELEASE SOFTWARE (fc2) RainingRose uptime is 4 weeks, 1 day, 23 hours, 5 minutes System returned to ROM by reload at 15:07:14 Chicago Fri Dec 28 2007 System restarted at 15:08:47 Chicago Fri Dec 28 2007 System image file is "flash:c181x-advipservicesk9-mz.124-15.T.bin" This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to export@cisco.com. Cisco 1811W (MPC8500) processor (revision 0x400) with 118784K/12288K bytes of memory. Processor board ID FTX1119Z0AY, with hardware revision 0000 10 FastEthernet interfaces 1 Serial interface 1 terminal line 2 802.11 Radios 31360K bytes of ATA CompactFlash (Read/Write) Configuration register is 0x2102 RainingRose#sho flash -#- --length-- -----date/time------ path 1 20315448 Dec 16 2007 09:33:46 -06:00 c181x-advipservicesk9-mz.124-15.T.bin 2 2374 May 7 2007 15:47:26 -06:00 sdmconfig-1811-1812.cfg 3 833024 May 7 2007 15:48:14 -06:00 es.tar 4 1052160 May 7 2007 15:48:32 -06:00 common.tar 5 1038 May 7 2007 15:48:48 -06:00 home.shtml 6 102400 May 7 2007 15:49:06 -06:00 home.tar 7 491213 May 7 2007 15:49:26 -06:00 128MB.sdf 8 1959936 May 7 2007 15:49:48 -06:00 wlanui.tar 9 1684577 May 7 2007 15:50:14 -06:00 securedesktop-ios-3.1.1.27-k9.pkg 10 398305 May 7 2007 15:50:36 -06:00 sslclient-win-1.1.0.154.pkg 5079040 bytes available (26857472 bytes used) RainingRose#sho conf Using 8393 out of 196600 bytes ! ! Last configuration change at 17:07:48 Chicago Sun Dec 30 2007 by admin ! NVRAM config last updated at 17:07:51 Chicago Sun Dec 30 2007 by admin ! version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname RainingRose ! boot-start-marker boot-end-marker ! security authentication failure rate 3 log security passwords min-length 6 logging buffered 51200 logging console critical enable secret 5 $1$Dzj7$R/Eb9I7UBXl3ee56U6DCN/ ! no aaa new-model clock timezone Chicago -6 clock summer-time Chicago date Apr 6 2003 2:00 Oct 26 2003 2:00 ! crypto pki trustpoint TP-self-signed-3789276459 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3789276459 revocation-check none rsakeypair TP-self-signed-3789276459 ! ! crypto pki certificate chain TP-self-signed-3789276459 certificate self-signed 01 nvram:IOS-Self-Sig#1.cer ! ! ! dot11 ssid RR-WLAN authentication open ! no ip source-route ! ! ip cef ! ! no ip bootp server ip domain name rainingrose.com ip name-server 10.2.1.6 ip name-server 216.203.115.234 ip name-server 205.171.3.65 ip inspect name DEFAULT100 cuseeme ip inspect name DEFAULT100 ftp ip inspect name DEFAULT100 h323 ip inspect name DEFAULT100 icmp ip inspect name DEFAULT100 netshow ip inspect name DEFAULT100 rcmd ip inspect name DEFAULT100 realaudio ip inspect name DEFAULT100 rtsp ip inspect name DEFAULT100 esmtp ip inspect name DEFAULT100 sqlnet ip inspect name DEFAULT100 streamworks ip inspect name DEFAULT100 tftp ip inspect name DEFAULT100 tcp ip inspect name DEFAULT100 udp ip inspect name DEFAULT100 vdolive ! multilink bundle-name authenticated ! ! username Admin privilege 15 secret 5 $1$1GgO$Xj1dqpZPN5yPEH.o9a27X. archive log config hidekeys ! ! ip tcp synwait-time 10 ip ssh time-out 60 ip ssh authentication-retries 2 track timer interface 5 ! track 1 rtr 1 reachability bridge irb ! ! ! interface FastEthernet0 description DYBB WIRELESS ip address 216.203.117.82 255.255.255.248 ip access-group 101 in ip verify unicast reverse-path no ip redirects no ip unreachables no ip proxy-arp ip nat outside ip inspect DEFAULT100 out ip virtual-reassembly ip route-cache flow duplex auto speed auto ! interface FastEthernet1 description QWEST DSL ip dhcp client route track 20 ip address dhcp no ip redirects no ip unreachables no ip proxy-arp ip nat outside ip inspect DEFAULT100 out ip virtual-reassembly ip route-cache flow duplex auto speed auto ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 ! interface FastEthernet5 ! interface FastEthernet6 ! interface FastEthernet7 ! interface FastEthernet8 ! interface FastEthernet9 ! interface Dot11Radio0 no ip address ! ssid RR-WLAN ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role root bridge-group 1 bridge-group 1 spanning-disabled ! interface Dot11Radio1 no ip address ! ssid RR-WLAN ! speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0 station-role root bridge-group 1 bridge-group 1 spanning-disabled ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-FE 2$$FW_INSIDE$ no ip address ip tcp adjust-mss 1452 bridge-group 1 ! interface Async1 no ip address no ip redirects no ip unreachables no ip proxy-arp encapsulation slip ! interface BVI1 description $ES_LAN$$FW_INSIDE$ ip address 10.2.1.254 255.255.255.0 ip access-group 100 in ip nat inside ip virtual-reassembly ip tcp adjust-mss 1412 ! ip route 0.0.0.0 0.0.0.0 216.203.117.81 ! ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source list 1 interface FastEthernet0 overload ip nat inside source static tcp 10.2.1.4 1494 216.203.117.83 1494 extendable ip nat inside source static tcp 10.2.1.4 3389 216.203.117.83 3389 extendable ip nat inside source static tcp 10.2.1.2 5360 216.203.117.83 5360 extendable ip nat inside source static tcp 10.2.1.3 5361 216.203.117.83 5361 extendable ip nat inside source static tcp 10.2.1.74 5364 216.203.117.83 5364 extendable ip nat inside source static tcp 10.2.1.77 5365 216.203.117.83 5365 extendable ip nat inside source static tcp 10.2.1.78 5366 216.203.117.83 5366 extendable ip nat inside source static tcp 10.2.1.100 5367 216.203.117.83 5367 extendable ip nat inside source static tcp 10.2.1.6 25 216.203.117.85 25 extendable ip nat inside source static tcp 10.2.1.6 80 216.203.117.85 80 extendable ip nat inside source static tcp 10.2.1.6 443 216.203.117.85 443 extendable ip nat inside source static tcp 10.2.1.6 5362 216.203.117.85 5362 extendable ! ip sla 1 icmp-echo 63.254.144.43 source-ip 216.203.117.82 frequency 5 ip sla schedule 1 life forever start-time now logging trap debugging access-list 1 remark INSIDE_IF=BVI1 access-list 1 remark SDM_ACL Category=2 access-list 1 permit 10.2.1.0 0.0.0.255 access-list 100 remark auto generated by Cisco SDM Express firewall configuration access-list 100 remark SDM_ACL Category=1 access-list 100 permit udp host 10.2.1.6 eq domain any access-list 100 deny ip 216.203.117.80 0.0.0.7 any access-list 100 deny ip host 255.255.255.255 any access-list 100 deny ip 127.0.0.0 0.255.255.255 any access-list 100 permit ip any any access-list 101 remark auto generated by Cisco SDM Express firewall configuration access-list 101 remark SDM_ACL Category=1 access-list 101 permit udp host 205.171.3.65 eq domain any access-list 101 permit udp host 216.203.115.234 eq domain any access-list 101 remark Auto generated by SDM for NTP (123) 132.163.4.102 access-list 101 permit udp host 132.163.4.102 eq ntp host 192.168.0.10 eq ntp access-list 101 remark Auto generated by SDM for NTP (123) 132.163.4.102 access-list 101 permit udp host 132.163.4.102 eq ntp host 216.203.117.82 eq ntp access-list 101 permit udp host 10.2.1.6 eq domain host 216.203.117.82 access-list 101 permit tcp any host 216.203.117.83 eq 1494 access-list 101 permit tcp any host 216.203.117.83 eq 5367 access-list 101 permit tcp any host 216.203.117.83 eq 5366 access-list 101 permit tcp any host 216.203.117.83 eq 5365 access-list 101 permit tcp any host 216.203.117.83 eq 5364 access-list 101 remark Soap server access-list 101 permit tcp any host 216.203.117.83 eq 3389 access-list 101 remark Sunscreen server access-list 101 permit tcp any host 216.203.117.83 eq 5360 access-list 101 remark Lotion server access-list 101 permit tcp any host 216.203.117.83 eq 5361 access-list 101 remark Shampoo server access-list 101 permit tcp any host 216.203.117.85 eq 5362 access-list 101 permit tcp any host 216.203.117.85 eq 443 access-list 101 permit tcp any host 216.203.117.85 eq www access-list 101 permit tcp any host 216.203.117.85 eq smtp access-list 101 deny ip 10.2.1.0 0.0.0.255 any access-list 101 permit icmp any host 216.203.117.82 echo-reply access-list 101 permit icmp any host 216.203.117.82 time-exceeded access-list 101 permit icmp any host 216.203.117.82 unreachable access-list 101 deny ip 10.0.0.0 0.255.255.255 any access-list 101 deny ip 172.16.0.0 0.15.255.255 any access-list 101 deny ip 192.168.0.0 0.0.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 deny ip host 255.255.255.255 any access-list 101 deny ip host 0.0.0.0 any access-list 101 deny ip any any no cdp run ! ! ! route-map primary-nat permit 10 match ip address 1 set ip next-hop verify-availability 216.203.117.81 1 track 1 ! route-map backup-nat permit 10 match ip address 1 set interface FastEthernet1 ! ! ! ! control-plane ! bridge 1 protocol ieee bridge 1 route ip banner login ^CAuthorized access only! Disconnect IMMEDIATELY if you are not an authorized user!^C ! line con 0 login local transport output telnet line 1 modem InOut stopbits 1 speed 115200 flowcontrol hardware line aux 0 login local transport output telnet line vty 0 4 privilege level 15 login local transport input telnet ssh line vty 5 15 privilege level 15 login local transport input telnet ssh ! scheduler allocate 4000 1000 scheduler interval 500 ntp update-calendar ntp server 132.163.4.102 ! webvpn cef ! webvpn context Default_context ssl authenticate verify all ! no inservice ! end RainingRose#sho ip interface brief | ex una Interface IP-Address OK? Method Status Protocol FastEthernet0 216.203.117.82 YES NVRAM up up FastEthernet1 192.168.0.2 YES DHCP up up BVI1 10.2.1.254 YES NVRAM up up RainingRose#