version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname INTERNET-ROUTER ! boot-start-marker boot-end-marker ! logging buffered 51200 warnings ! no aaa new-model ! resource policy ! mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ip subnet-zero ip cef ! ! ! ! ip domain name XXX.xxx.com ! ! ! ! ! interface Loopback1 ip address XXX.XX.54.65 255.255.255.192 ! interface FastEthernet0/0 description ####### TO DISTRICT LAN ######## no ip address duplex auto speed auto ! interface FastEthernet0/0.2 description LOCAL LAN encapsulation dot1Q 2 ip address 10.1.1.4 255.255.0.0 ip nat inside no snmp trap link-status ! interface FastEthernet0/0.20 description DMZ encapsulation dot1Q 20 ip address 172.16.1.2 255.255.0.0 ip nat inside no snmp trap link-status ! interface FastEthernet0/1 description DSL-CONNECTION ISP 2 ip address XX.XX.23.4 255.255.255.0 ip nat outside duplex auto speed auto ! interface Serial0/1/0 description P2P link to ISP 1 T1 ip address xx.xxx.159.162 255.255.255.252 ip nat outside encapsulation ppp no fair-queue ! ip classless ip route 0.0.0.0 0.0.0.0 xx.xxx.159.161 T1 DEFAULT ip route 10.0.0.0 255.0.0.0 10.1.1.1 - MAIN INSIDE ROUTER ! ip http server ip http access-class 23 ip http authentication local ip http timeout-policy idle 60 life 86400 requests 10000 ip nat pool ISP1-POOL XXX.XX.54.64 XXX.XX.54.126 netmask 255.255.255.192 ip nat pool ovrld XXX.XX.54.65 XXX.XX.54.65 netmask 255.255.255.192 ip nat inside source list 2 pool ovrld overload ip nat inside source static tcp 10.1.2.8 21 XX.XX.23.175 21 extendable ip nat inside source static tcp 10.1.2.8 80 XX.XX.23.175 80 extendable ip nat inside source static tcp 10.1.2.8 443 XX.XX.23.175 443 extendable ip nat inside source static udp 10.1.2.8 501 XX.XX.23.175 501 extendable ip nat inside source static udp 10.1.2.8 1701 XX.XX.23.175 1701 extendable ip nat inside source static udp 10.1.2.8 1723 XX.XX.23.175 1723 extendable ip nat inside source static udp 10.1.2.8 4500 XX.XX.23.175 4500 extendable ip nat inside source static tcp 10.1.2.8 8080 XX.XX.23.175 8080 extendable ip nat inside source static tcp 10.1.2.10 25 XX.XX.23.176 25 extendable ip nat inside source static tcp 10.1.2.10 80 XX.XX.23.176 80 extendable ip nat inside source static tcp 10.1.2.10 110 XX.XX.23.176 110 extendable ip nat inside source static tcp 10.1.2.10 110 XX.XX.23.176 143 extendable ip nat inside source static tcp 10.1.2.10 443 XX.XX.23.176 443 extendable ip nat inside source static tcp 10.1.2.10 465 XX.XX.23.176 465 extendable ip nat inside source static tcp 10.1.2.10 993 XX.XX.23.176 993 extendable ip nat inside source static tcp 10.1.2.10 995 XX.XX.23.176 995 extendable ip nat inside source static tcp 172.16.2.1 21 XXX.XX.54.70 21 extendable ip nat inside source static tcp 172.16.2.1 80 XXX.XX.54.70 80 extendable ip nat inside source static tcp 172.16.2.1 443 XXX.XX.54.70 443 extendable ip nat inside source static tcp 10.1.2.1 8443 XXX.XX.54.85 8443 extendable ip nat inside source static udp 10.1.2.2 53 XXX.XX.54.86 53 extendable ip nat inside source static tcp 10.1.2.4 80 XXX.XX.54.87 80 extendable ip nat inside source static tcp 10.1.2.4 407 XXX.XX.54.87 407 extendable ip nat inside source static tcp 10.1.2.4 5071 XXX.XX.54.87 5071 extendable ip nat inside source static tcp 10.1.2.4 7880 XXX.XX.54.87 7880 extendable ip nat inside source static tcp 10.1.2.6 80 XXX.XX.54.88 80 extendable ip nat inside source static tcp 10.1.2.7 80 XXX.XX.54.89 80 extendable ip nat inside source static tcp 10.1.2.7 3389 XXX.XX.54.89 3389 extendable ip nat inside source static tcp 10.1.2.8 21 XXX.XX.54.90 21 extendable ip nat inside source static tcp 10.1.2.8 80 XXX.XX.54.90 80 extendable ip nat inside source static tcp 10.1.2.8 443 XXX.XX.54.90 443 extendable ip nat inside source static udp 10.1.2.8 501 XXX.XX.54.90 501 extendable ip nat inside source static udp 10.1.2.8 1701 XXX.XX.54.90 1701 extendable ip nat inside source static udp 10.1.2.8 1723 XXX.XX.54.90 1723 extendable ip nat inside source static udp 10.1.2.8 4500 XXX.XX.54.90 4500 extendable ip nat inside source static tcp 10.1.2.8 8080 XXX.XX.54.90 8080 extendable ip nat inside source static tcp 10.1.2.8 8081 XXX.XX.54.90 8081 extendable ip nat inside source static tcp 10.1.2.10 25 XXX.XX.54.91 25 extendable ip nat inside source static tcp 10.1.2.10 80 XXX.XX.54.91 80 extendable ip nat inside source static tcp 10.1.2.10 110 XXX.XX.54.91 110 extendable ip nat inside source static tcp 10.1.2.10 143 XXX.XX.54.91 143 extendable ip nat inside source static tcp 10.1.2.10 443 XXX.XX.54.91 443 extendable ip nat inside source static tcp 10.1.2.10 465 XXX.XX.54.91 465 extendable ip nat inside source static tcp 10.1.2.10 993 XXX.XX.54.91 993 extendable ip nat inside source static tcp 10.1.2.10 995 XXX.XX.54.91 995 extendable ip nat inside source static tcp 10.1.2.11 8980 XXX.XX.54.92 8980 extendable ip nat inside source static tcp 10.6.2.6 95 XXX.XX.54.93 95 extendable ip nat inside source static tcp 10.2.6.101 22 XXX.XX.54.94 22 extendable ip nat inside source static tcp 10.1.3.20 9100 XXX.XX.54.110 9100 extendable ip nat inside source static tcp 10.1.3.21 9100 XXX.XX.54.111 9100 extendable ip nat inside source static tcp 10.1.3.22 9100 XXX.XX.54.112 9100 extendable ip nat inside source static tcp 10.1.3.24 9100 XXX.XX.54.113 9100 extendable ip nat inside source static tcp 10.2.3.10 9100 XXX.XX.54.114 9100 extendable ip nat inside source static tcp 10.3.3.10 9100 XXX.XX.54.115 9100 extendable ip nat inside source static tcp 10.4.3.10 9100 XXX.XX.54.116 9100 extendable ip nat inside source static tcp 10.5.3.10 9100 XXX.XX.54.117 9100 extendable ip nat inside source static tcp 10.6.3.10 9100 XXX.XX.54.118 9100 extendable ! access-list 1 permit 10.0.0.0 0.0.0.255 access-list 1 permit 172.16.0.0 0.0.255.255 access-list 2 permit 10.0.0.0 0.255.255.255 access-list 2 permit 172.16.0.0 0.0.255.255 access-list 23 permit 10.10.10.0 0.0.0.7 access-list 23 permit any ! control-plane line con 0 login local line aux 0 line vty 0 4 access-class 23 in privilege level 15 login local transport input telnet line vty 5 15 access-class 23 in privilege level 15 login local transport input telnet !