Building configuration... Current configuration : 5880 bytes ! ! Last configuration change at 09:33:54 Paris Sun Mar 18 2007 ! NVRAM config last updated at 06:44:05 Paris Sun Mar 18 2007 ! version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug uptime service timestamps log uptime service password-encryption service sequence-numbers ! hostname C857W ! boot-start-marker boot-end-marker ! logging buffered 10240 debugging logging console critical ! no aaa new-model ! resource policy ! clock timezone Paris 1 clock summer-time Paris date Mar 30 2003 2:00 Oct 26 2003 3:00 no ip source-route no ip dhcp use vrf connected ip dhcp excluded-address 192.168.1.1 192.168.1.99 ip dhcp excluded-address 192.168.1.254 ! ip dhcp pool dhcppool import all network 192.168.1.0 255.255.255.0 default-router 192.168.1.254 dns-server 80.58.61.250 update arp ! ! ip cef ip inspect name firewall tcp ip inspect name firewall udp ip inspect name firewall cuseeme ip inspect name firewall h323 ip inspect name firewall rcmd ip inspect name firewall realaudio ip inspect name firewall streamworks ip inspect name firewall vdolive ip inspect name firewall sqlnet ip inspect name firewall tftp ip inspect name firewall ftp ip inspect name firewall icmp ip inspect name firewall sip ip inspect name firewall esmtp max-data 52428800 ip inspect name firewall fragment maximum 256 timeout 1 ip inspect name firewall pptp ip inspect name firewall rtsp ip tcp selective-ack ip tcp timestamp no ip bootp server no ip domain lookup ip domain name local ! ! ! file verify auto username daniel secret 5 $1$TYs1$LM9r0KUBbnSsyEDj44SlR0 ! ! ! bridge irb ! ! interface ATM0 no ip address no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0.1 point-to-point no snmp trap link-status pvc 8/32 pppoe-client dial-pool-number 1 ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Dot11Radio0 no ip address ! encryption vlan 1 mode ciphers tkip ! ssid Cisco vlan 1 authentication open authentication shared authentication key-management wpa guest-mode ! ssid cisco ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 channel 2462 station-role root no cdp enable ! interface Dot11Radio0.1 encapsulation dot1Q 1 native no snmp trap link-status no cdp enable bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 port-protected bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Vlan1 no ip address ip tcp adjust-mss 1452 bridge-group 1 bridge-group 1 spanning-disabled ! interface Dialer0 ip address negotiated ip access-group 101 in no ip redirects no ip unreachables ip mtu 1492 ip inspect firewall out ip nat outside ip virtual-reassembly encapsulation ppp dialer pool 1 dialer-group 1 no cdp enable ppp pap sent-username adslppp@telefonicanetpa password 7 104F0D0A0907021B ppp ipcp dns request ! interface BVI1 ip address 192.168.1.254 255.255.255.0 ip access-group 102 in ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 ! ip route 0.0.0.0 0.0.0.0 Dialer0 ! ip http server no ip http secure-server ip nat inside source list 1 interface Dialer0 overload ! access-list 1 remark The local LAN. access-list 1 permit 192.168.1.0 0.0.0.255 access-list 2 remark Where management can be done from. access-list 2 permit 192.168.1.0 0.0.0.255 access-list 101 remark Traffic allowed to enter the router from the Internet access-list 101 deny ip 0.0.0.0 0.255.255.255 any access-list 101 deny ip 10.0.0.0 0.255.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 deny ip 169.254.0.0 0.0.255.255 any access-list 101 deny ip 172.16.0.0 0.15.255.255 any access-list 101 deny ip 192.0.2.0 0.0.0.255 any access-list 101 deny ip 192.168.0.0 0.0.255.255 any access-list 101 deny ip 198.18.0.0 0.1.255.255 any access-list 101 deny ip 224.0.0.0 0.15.255.255 any access-list 101 deny ip any host 255.255.255.255 access-list 101 permit tcp any any eq 1723 access-list 101 permit gre any any access-list 101 deny icmp any any echo access-list 101 deny ip any any log access-list 102 remark Traffic allowed to enter the router from the Ethernet access-list 102 permit ip any host 192.168.1.254 access-list 102 deny ip any host 192.168.1.255 access-list 102 deny udp any any eq tftp log access-list 102 deny ip any 0.0.0.0 0.255.255.255 log access-list 102 deny ip any 10.0.0.0 0.255.255.255 log access-list 102 deny ip any 127.0.0.0 0.255.255.255 log access-list 102 deny ip any 169.254.0.0 0.0.255.255 log access-list 102 deny ip any 172.16.0.0 0.15.255.255 log access-list 102 deny ip any 192.0.2.0 0.0.0.255 log access-list 102 deny ip any 192.168.0.0 0.0.255.255 log access-list 102 deny ip any 198.18.0.0 0.1.255.255 log access-list 102 deny udp any any eq 135 log access-list 102 deny tcp any any eq 135 log access-list 102 deny udp any any eq netbios-ns log access-list 102 deny udp any any eq netbios-dgm log access-list 102 deny tcp any any eq 445 log access-list 102 permit ip 192.168.1.0 0.0.0.255 any access-list 102 permit ip any host 255.255.255.255 access-list 102 deny ip any any log dialer-list 1 protocol ip permit ! control-plane ! bridge 1 protocol ieee bridge 1 route ip banner motd ^C Original config prepared by daniel@morenatti.net/DMS Servicios Informaticos You require authorisation to connect to this device. If you are not authorised to connect to this device please disconnect now. If you fail to disconnect you may be prosecuted under the Crimes Amendment Act 2003 section 252 under Spain law. ^C ! line con 0 no modem enable line aux 0 line vty 0 4 access-class 2 in login ! scheduler max-task-time 5000 end