The Seoul-1 Router

Previous page
Table of content
Next page
 

The Seoul-1 device on the ZIP network is a Cisco 4700 router. The configuration of this router features the following:

  • An Ethernet interface to the local Seoul LAN segment with redundant HSRP groups

  • Two point-to-point Frame Relay interfaces to the Singapore router, and the other to the Kuala-Lumpur router

The complete configuration for the Seoul-1 router follows : 

 version 12.1 service timestamps debug datetime localtime service timestamps log datetime localtime service password-encryption ! hostname Seoul-1 ! aaa new-model aaa authentication login default group tacacs+ enable aaa authorization exec group tacacs+ if-authenticated aaa authorization network group radius if-authenticated aaa accounting exec stop-only group tacacs+ enable secret 5 toY$IJQPTVD4.aEDLwZ8nPrvX. ! ip tcp intercept mode watch ip tcp intercept list 120 ip tcp intercept watch-timeout 15 ip domain-list zipnet.com ip domain-list zipnet.net ip domain-name zipnet.com ip name-server 131.108.110.34 ip name-server 131.108.110.35 appletalk routing eigrp 25000 appletalk route-redistribution ipx routing 0000.0011.bceb ! clock timezone KST +9 ! interface Loopback1  description Seoul-1 router loopback  ip address 131.108.254.6 255.255.255.255 ! interface Ethernet0  description Seoul LAN Segment  ip address 131.108.3.1 255.255.255.128  ip helper-address 131.108.21.70  no ip redirects  media-type 10BaseT  ntp broadcast  appletalk cable-range 2001-2010  appletalk zone Asia Distribution  ipx network 2010  standby 1 ip 131.108.3.3  standby 1 priority 100  standby 1 track Serial1  standby 1 preempt  standby 2 ip 131.108.3.4  standby 2 priority 95  standby 2 preempt ! interface Serial0  description IETF frame relay PVCs on circuit S123789y  no ip address    encapsulation frame-relay ietf  bandwidth 256  frame-relay lmi-type ansi ! interface Serial0.16 point-to-point  description FR PVC 16 to Kuala-Lumpur  ip address 131.108.242.1 255.255.255.252  bandwidth 128  frame-relay interface-dlci 16    appletalk cable-range 2901-2901  appletalk zone WAN Zone  appletalk protocol eigrp  no appletalk protocol rtmp  ipx network 2901 ! interface Serial0.17 point-to-point  description FR PVC 17 to Singapore  ip address 131.108.242.5 255.255.255.252  bandwidth 128  frame-relay interface-dlci 17    appletalk cable-range 2902-2902  appletalk zone WAN Zone  appletalk protocol eigrp  no appletalk protocol rtmp  ipx network 2902 ! interface Serial1  description HDLC leased line on circuit MC23-01-KL889 to San Jose  ip address 131.108.241.2 255.255.255.252  appletalk cable-range 1901-1901  appletalk zone WAN Zone  appletalk protocol eigrp  no appletalk protocol rtmp  ipx network 1901 ! interface Serial2  description HDLC leased line on circuit ZW2390-1-H to ISP-A  ip address 211.21.2.2 255.255.255.252  ip access-group 101 in ! interface Serial3  no ip address  shutdown ! router eigrp 25000  redistribute bgp 25000 network 131.108.0.0  distribute-list 1300 out  no auto-summary ! router bgp 25000  no synchronization  network 131.108.0.0  neighbor 211.21.2.1 remote-as 701  neighbor 211.21.2.1 description Internet Connection to ISP-A  neighbor 211.21.2.1 distribute-list ISP-routes in  neighbor 211.21.2.1 distribute-list ZIP-routes out  neighbor 131.108.254.3 remote-as 25000  neighbor 131.108.254.3 description IBGP to SF-Core-1  neighbor 131.108.254.3 update-source Loopback 0 ! ip classless logging 131.108.110.33 logging trap debugging  logging console emergencies ip access-list standard ZIP-routes  permit 131.108.0.0 ip access-list standard ISP-routes  deny host 0.0.0.0  deny 127.0.0.0 0.255.255.255   deny 10.0.0.0 0.255.255.255  deny 172.16.0.0 0.15.255.255   deny 192.168.0.0 0.0.255.255   deny 192.0.2.0 0.0.0.255   deny 128.0.0.0 0.0.255.255   deny 191.255.0.0 0.0.255.  deny 192.0.0.0 0.0.0.255   deny 223.255.255.0 0.0.0.255   deny 224.0.0.0 31.255.255.255  permit any access-list 1 permit 131.108.0.0  0.0.255.255 access-list 2 permit host 131.108.20.45 access-list 101 remark Permits NTP, DNS, WWW, and SMTP access-list 101 deny tcp host 192.7.2.2 host 192.7.2.2 log access-list 101 deny ip 131.108.0.0 0.0.255.255 any log access-list 101 deny ip 10.0.0.0 0.255.255.255 any access-list 101 deny ip 172.16.0.0 0.15.255.255 any access-list 101 deny ip 192.168.0.0 0.0.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 permit ip host 192.7.2.1 host 192.7.2.2 access-list 101 deny ip any host 192.7.2.2 access-list 101 permit udp any 131.108.101.99 eq domain access-list 101 permit udp host 15.255.160.64 host 131.108.254.3 eq ntp access-list 101 permit udp host 128.4.1.1 host 131.108.254.3 eq ntp access-list 101 permit udp host 16.1.0.4 host 131.108.254.3 eq ntp access-list 101 permit udp host 204.123.2.5 host 131.108.254.3 eq ntp access-list 101 permit tcp host 192.52.71.4 host 131.108.101.34 eq domain access-list 101 permit tcp host 192.52.71.4 host 131.108.101.35 eq domain access-list 101 permit tcp any host 131.108.101.34 eq smtp access-list 101 permit tcp any host 131.108.101.35 eq smtp access-list 101 permit tcp any host 131.108.101.100 eq www access-list 101 permit tcp any host 131.108.101.100 eq ftp access-list 101 permit tcp any host 131.108.101.100 eq ftp-data access-list 101 permit tcp any gt 1023 host 131.108.101.100 gt 1023 access-list 101 permit icmp any any echo-reply access-list 101 permit icmp any any time-exceeded access-list 101 permit icmp any any port-unreachable access-list 101 permit tcp any any established access-list 101 permit tcp any any eq 22 access-list 101 deny tcp any any eq ident access-list 101 deny ip any any log access-list 120 permit ip any 131.108.0.0 0.0.255.255 access-list 1300 permit 131.108.0.0 0.0.255.255 access-list 1300 permit 131.119.0.0 access-list 1300 permit 140.222.0.0 ! ipx router eigrp 25000  network 1901  network 2010  network 2901 ! tacacs-server host 131.108.110.33 tacacs-server key ZIPSecure radius-server host 131.108.110.33 radius-server key Radius4Me snmp-server community Zipnet RO 2 snmp-server community ZIPprivate RW 2 snmp-server host 131.108.20.45 Zipnet snmp frame-relay config snmp-server location 251 Second Street, Seoul, Korea snmp-server contact Allan Leinwand, allan@telegis.net ! line con 0  password 7 095B59 line aux 0 line vty 0 4  password 7 095B59  access-class 1 in ! ntp update-calendar ntp server 192.216.191.10  ntp server 129.189.134.11 ! end

Previous page
Table of content
Next page
Cisco Router Configuration
Cisco Router Configuration (2nd Edition)
ISBN: 1578702410
EAN: 2147483647
Year: 1999
Pages: 116
Authors: Allan Leinwand, Bruce Pinsky
BUY ON AMAZON
Beginning Cryptography with Java
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
SQL Hacks
VBScript in a Nutshell, 2nd Edition
Understanding Digital Signal Processing (2nd Edition)
Digital Character Animation 3 (No. 3)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy