The Seoul-1 device on the ZIP network is a Cisco 4700 router. The configuration of this router features the following:
The complete configuration for the Seoul-1 router follows : version 12.1 service timestamps debug datetime localtime service timestamps log datetime localtime service password-encryption ! hostname Seoul-1 ! aaa new-model aaa authentication login default group tacacs+ enable aaa authorization exec group tacacs+ if-authenticated aaa authorization network group radius if-authenticated aaa accounting exec stop-only group tacacs+ enable secret 5 toY$IJQPTVD4.aEDLwZ8nPrvX. ! ip tcp intercept mode watch ip tcp intercept list 120 ip tcp intercept watch-timeout 15 ip domain-list zipnet.com ip domain-list zipnet.net ip domain-name zipnet.com ip name-server 131.108.110.34 ip name-server 131.108.110.35 appletalk routing eigrp 25000 appletalk route-redistribution ipx routing 0000.0011.bceb ! clock timezone KST +9 ! interface Loopback1 description Seoul-1 router loopback ip address 131.108.254.6 255.255.255.255 ! interface Ethernet0 description Seoul LAN Segment ip address 131.108.3.1 255.255.255.128 ip helper-address 131.108.21.70 no ip redirects media-type 10BaseT ntp broadcast appletalk cable-range 2001-2010 appletalk zone Asia Distribution ipx network 2010 standby 1 ip 131.108.3.3 standby 1 priority 100 standby 1 track Serial1 standby 1 preempt standby 2 ip 131.108.3.4 standby 2 priority 95 standby 2 preempt ! interface Serial0 description IETF frame relay PVCs on circuit S123789y no ip address encapsulation frame-relay ietf bandwidth 256 frame-relay lmi-type ansi ! interface Serial0.16 point-to-point description FR PVC 16 to Kuala-Lumpur ip address 131.108.242.1 255.255.255.252 bandwidth 128 frame-relay interface-dlci 16 appletalk cable-range 2901-2901 appletalk zone WAN Zone appletalk protocol eigrp no appletalk protocol rtmp ipx network 2901 ! interface Serial0.17 point-to-point description FR PVC 17 to Singapore ip address 131.108.242.5 255.255.255.252 bandwidth 128 frame-relay interface-dlci 17 appletalk cable-range 2902-2902 appletalk zone WAN Zone appletalk protocol eigrp no appletalk protocol rtmp ipx network 2902 ! interface Serial1 description HDLC leased line on circuit MC23-01-KL889 to San Jose ip address 131.108.241.2 255.255.255.252 appletalk cable-range 1901-1901 appletalk zone WAN Zone appletalk protocol eigrp no appletalk protocol rtmp ipx network 1901 ! interface Serial2 description HDLC leased line on circuit ZW2390-1-H to ISP-A ip address 211.21.2.2 255.255.255.252 ip access-group 101 in ! interface Serial3 no ip address shutdown ! router eigrp 25000 redistribute bgp 25000 network 131.108.0.0 distribute-list 1300 out no auto-summary ! router bgp 25000 no synchronization network 131.108.0.0 neighbor 211.21.2.1 remote-as 701 neighbor 211.21.2.1 description Internet Connection to ISP-A neighbor 211.21.2.1 distribute-list ISP-routes in neighbor 211.21.2.1 distribute-list ZIP-routes out neighbor 131.108.254.3 remote-as 25000 neighbor 131.108.254.3 description IBGP to SF-Core-1 neighbor 131.108.254.3 update-source Loopback 0 ! ip classless logging 131.108.110.33 logging trap debugging logging console emergencies ip access-list standard ZIP-routes permit 131.108.0.0 ip access-list standard ISP-routes deny host 0.0.0.0 deny 127.0.0.0 0.255.255.255 deny 10.0.0.0 0.255.255.255 deny 172.16.0.0 0.15.255.255 deny 192.168.0.0 0.0.255.255 deny 192.0.2.0 0.0.0.255 deny 128.0.0.0 0.0.255.255 deny 191.255.0.0 0.0.255. deny 192.0.0.0 0.0.0.255 deny 223.255.255.0 0.0.0.255 deny 224.0.0.0 31.255.255.255 permit any access-list 1 permit 131.108.0.0 0.0.255.255 access-list 2 permit host 131.108.20.45 access-list 101 remark Permits NTP, DNS, WWW, and SMTP access-list 101 deny tcp host 192.7.2.2 host 192.7.2.2 log access-list 101 deny ip 131.108.0.0 0.0.255.255 any log access-list 101 deny ip 10.0.0.0 0.255.255.255 any access-list 101 deny ip 172.16.0.0 0.15.255.255 any access-list 101 deny ip 192.168.0.0 0.0.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 permit ip host 192.7.2.1 host 192.7.2.2 access-list 101 deny ip any host 192.7.2.2 access-list 101 permit udp any 131.108.101.99 eq domain access-list 101 permit udp host 15.255.160.64 host 131.108.254.3 eq ntp access-list 101 permit udp host 128.4.1.1 host 131.108.254.3 eq ntp access-list 101 permit udp host 16.1.0.4 host 131.108.254.3 eq ntp access-list 101 permit udp host 204.123.2.5 host 131.108.254.3 eq ntp access-list 101 permit tcp host 192.52.71.4 host 131.108.101.34 eq domain access-list 101 permit tcp host 192.52.71.4 host 131.108.101.35 eq domain access-list 101 permit tcp any host 131.108.101.34 eq smtp access-list 101 permit tcp any host 131.108.101.35 eq smtp access-list 101 permit tcp any host 131.108.101.100 eq www access-list 101 permit tcp any host 131.108.101.100 eq ftp access-list 101 permit tcp any host 131.108.101.100 eq ftp-data access-list 101 permit tcp any gt 1023 host 131.108.101.100 gt 1023 access-list 101 permit icmp any any echo-reply access-list 101 permit icmp any any time-exceeded access-list 101 permit icmp any any port-unreachable access-list 101 permit tcp any any established access-list 101 permit tcp any any eq 22 access-list 101 deny tcp any any eq ident access-list 101 deny ip any any log access-list 120 permit ip any 131.108.0.0 0.0.255.255 access-list 1300 permit 131.108.0.0 0.0.255.255 access-list 1300 permit 131.119.0.0 access-list 1300 permit 140.222.0.0 ! ipx router eigrp 25000 network 1901 network 2010 network 2901 ! tacacs-server host 131.108.110.33 tacacs-server key ZIPSecure radius-server host 131.108.110.33 radius-server key Radius4Me snmp-server community Zipnet RO 2 snmp-server community ZIPprivate RW 2 snmp-server host 131.108.20.45 Zipnet snmp frame-relay config snmp-server location 251 Second Street, Seoul, Korea snmp-server contact Allan Leinwand, allan@telegis.net ! line con 0 password 7 095B59 line aux 0 line vty 0 4 password 7 095B59 access-class 1 in ! ntp update-calendar ntp server 192.216.191.10 ntp server 129.189.134.11 ! end |