KEMBAR78
Network Configuration and ACL Setup | PDF | Computer Science | Networking Standards
Scribd
Upload
83 views6 pages

Network Configuration and ACL Setup

The document contains configuration details of a network device including VLANs, interfaces, ACLs, AAA configuration and SNMP configuration. The device has 10 VTY lines and currently has 1 VTY user logged in. The document also lists the current date and time.

Uploaded by

andryfloresots
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
83 views6 pages

Network Configuration and ACL Setup

The document contains configuration details of a network device including VLANs, interfaces, ACLs, AAA configuration and SNMP configuration. The device has 10 VTY lines and currently has 1 VTY user logged in. The document also lists the current date and time.

Uploaded by

andryfloresots
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 6

Info: The max number of VTY users is 10, and the number

of current VTY users on line is 1.


The current login time is 2061-08-25 10:52:02.
<czo-asw-gti-00>display cu
<czo-asw-gti-00>display current-configuration
#
!Software Version V200R001C00SPC300
sysname czo-asw-gti-00
#
info-center channel 2 name loghost1
info-center loghost 10.128.2.110
info-center logbuffer channel 2 size 1024
info-center timestamp log format-date
#
vlan batch 32 to 34 51 150 416 1114 to 1115
#
undo http server enable
#
undo nap slave enable
#
hwtacacs-server template cantvopsut
hwtacacs-server authentication 10.120.28.4
hwtacacs-server authentication 10.120.156.4 secondary
hwtacacs-server authorization 10.120.28.4
hwtacacs-server authorization 10.120.156.4 secondary
hwtacacs-server accounting 10.120.28.4
hwtacacs-server accounting 10.120.156.4 secondary
hwtacacs-server source-ip 10.162.4.10
hwtacacs-server shared-key cipher %$%$KYm`D^1Q9R+***9y^EtM*i`W%$%$
undo hwtacacs-server user-name domain-included
#
acl number 2010
description Acceso Remoto a Lineas VTY
rule 1 permit source 200.44.46.0 0.0.0.127
rule 2 permit source 161.196.49.0 0.0.0.127
rule 3 permit source 161.196.42.0 0.0.0.127
rule 4 permit source 161.196.84.0 0.0.0.127
rule 5 permit source 161.196.237.0 0.0.0.255
rule 6 permit source 10.162.0.0 0.0.255.255
rule 7 permit source 10.163.0.13 0
rule 8 permit source 10.163.248.13 0
rule 9 permit source 10.128.2.110 0
rule 10 permit source 10.120.76.16 0.0.0.15
rule 11 deny
#
acl number 2015
description Gestor NCE-T
rule 5 permit source 10.120.76.16 0.0.0.15
rule 10 deny
#
acl number 2020
description Access RW para C0rR3dO95U7
rule 1 permit source 10.129.0.0 0.0.0.255
rule 2 permit source 10.128.2.0 0.0.0.255
rule 3 permit source 200.44.32.0 0.0.0.255
rule 4 permit source 200.109.127.0 0.0.0.255
rule 5 permit source 10.128.0.171 0
rule 6 deny
#
acl number 2030
description Access RO D@taTr@ffic
rule 1 permit source 161.196.84.128 0.0.0.127
rule 2 deny
#
acl number 2040
description Gestor u2000 RW Comunidad Huawei
rule 1 permit source 10.163.248.13 0
rule 2 permit source 10.163.0.13 0
rule 3 deny
#
acl number 3021
description Cierre de Puertos
rule 0 permit tcp destination-port eq 113
rule 5 permit tcp source-port eq 113
rule 10 permit tcp destination-port eq 135
rule 15 permit tcp source-port eq 135
rule 20 permit tcp destination-port eq 139
rule 25 permit tcp source-port eq 139
rule 30 permit tcp destination-port eq 143
rule 35 permit tcp source-port eq 143
rule 40 permit tcp destination-port eq 444
rule 45 permit tcp source-port eq 444
rule 50 permit tcp destination-port eq 593
rule 55 permit tcp source-port eq 593
rule 60 permit tcp destination-port eq 1034
rule 65 permit tcp source-port eq 1034
rule 70 permit tcp destination-port eq 1233
rule 75 permit tcp source-port eq 1233
rule 80 permit tcp destination-port eq 1434
rule 85 permit tcp source-port eq 1434
rule 90 permit tcp destination-port eq 3128
rule 95 permit tcp source-port eq 3128
rule 100 permit tcp destination-port eq 3168
rule 105 permit tcp source-port eq 3168
rule 110 permit tcp destination-port eq 4000
rule 115 permit tcp source-port eq 4000
rule 120 permit tcp destination-port eq 4242
rule 125 permit tcp source-port eq 4242
rule 130 permit udp destination-port eq 4444
rule 135 permit udp source-port eq 4444
rule 140 permit tcp destination-port eq 4662
rule 145 permit tcp source-port eq 4662
rule 150 permit tcp destination-port eq 6129
rule 155 permit tcp source-port eq 6129
rule 160 permit tcp destination-port eq 6346
rule 165 permit tcp source-port eq 6346
rule 170 permit tcp destination-port eq 6667
rule 175 permit tcp source-port eq 6667
rule 180 permit tcp destination-port eq 6881
rule 185 permit tcp source-port eq 6881
rule 190 permit tcp destination-port eq 6969
rule 195 permit tcp source-port eq 6969
rule 200 permit tcp destination-port eq 7778
rule 205 permit tcp source-port eq 7778
rule 210 permit tcp destination-port eq 8888
rule 215 permit tcp source-port eq 8888
rule 220 permit tcp destination-port eq 445
rule 225 permit tcp source-port eq 445
#
vlan 32
description VLAN Gestion DCN ME 10.125.90.0 VLAN:32
vlan 33
description VLAN_GESTION
vlan 34
description VLAN Gestion DCN ME 10.125.92.0 VLAN:34/494
vlan 150
description "Servicio ABA UA Cazorla"
#
aaa
authentication-scheme default
authentication-scheme cantvopsut
authentication-mode local hwtacacs
authorization-scheme default
authorization-scheme cantvopsut
authorization-mode local hwtacacs
accounting-scheme default
accounting-scheme cantvopsut
accounting-mode hwtacacs
accounting start-fail online
domain default
domain default_admin
authentication-scheme cantvopsut
accounting-scheme cantvopsut
authorization-scheme cantvopsut
local-user ingopsut password cipher %$%$IPaV!7.S_'PA9{(Zn)Y:Bof]%$%$
local-user ingopsut privilege level 15
local-user ingopsut service-type ssh
undo local-user admin
#
interface Vlanif33
description Vlan Administracion/Monitoreo
ip address 10.125.91.244 255.255.255.0
#
interface MEth0/0/1
#
interface Eth-Trunk1
description Link-Aggregation to SW CX600 GUAYABAL Pto 1/0/4 & 1/0/5 to Metro San
Fernando de Apure Pto 1/1/15 & 1/1/16
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 32 to 34 51 150 416 1114 to 1115
mode lacp-static
lacp timeout fast
#
interface Eth-Trunk2
description Link-Aggregation to MSAG5200 Cazorla cazo-amgw-00
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 32 51 150
mode lacp-static
lacp timeout fast
#
interface GigabitEthernet0/0/1
undo negotiation auto
#
interface GigabitEthernet0/0/2
undo negotiation auto
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/10
#
interface GigabitEthernet0/0/11
#
interface GigabitEthernet0/0/12
#
interface GigabitEthernet0/0/13
#
interface GigabitEthernet0/0/14
#
interface GigabitEthernet0/0/15
#
interface GigabitEthernet0/0/16
#
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
undo negotiation auto
port link-type trunk
undo port trunk allow-pass vlan 1
stp disable
#
interface GigabitEthernet0/0/22
undo negotiation auto
speed 100
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 416
stp disable
#
interface GigabitEthernet0/0/23
undo negotiation auto
speed 100
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 1114 to 1115
stp disable
#
interface GigabitEthernet0/0/24
undo negotiation auto
port link-type trunk
undo port trunk allow-pass vlan 1
#
interface GigabitEthernet0/1/1
undo negotiation auto
description "Conexion to SW HUAWEI_CX600_SW CX600 GUAYABAL_gyb-dsw-opsut-00 Pto
1/0/4"
eth-trunk 1
#
interface GigabitEthernet0/1/2
undo negotiation auto
description "Conexion to SW W HUAWEI_CX600_SW CX600 GUAYABAL_gyb-dsw-opsut-00 Pto
1/0/5"
eth-trunk 1
#
interface GigabitEthernet0/1/3
undo negotiation auto
description "Conexion a MSAG5200 Cazorla cazo-amgw-00, GE03"
eth-trunk 2
#
interface GigabitEthernet0/1/4
undo negotiation auto
description "Conexion a MSAG5200 Cazorla cazo-amgw-00, GE04"
eth-trunk 2
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 10.125.91.1
#
snmp-agent
snmp-agent local-engineid 800007DB031047802B4F00
snmp-agent sys-info contact Datos APURE
snmp-agent sys-info location Central CAZORLA
snmp-agent sys-info version all
snmp-agent group v3 Cu@R7O8aT3 write-view ViewDefault notify-view ViewDefault
snmp-agent target-host trap address udp-domain 10.163.0.13 params securityname
Cu@R7O8aT3 v3
snmp-agent target-host trap address udp-domain 10.163.248.13 params securityname
Cu@R7O8aT3 v3
snmp-agent target-host trap address udp-domain 10.120.76.20 params securityname
TNC3_Hu4W31
snmp-agent target-host trap address udp-domain 10.120.76.25 params securityname
TNC3_Hu4W31
snmp-agent usm-user v3 Cu@R7O8aT3 Cu@R7O8aT3 authentication-mode sha %$%$!LJ'3|
IjzT\FG"~7{+E<Bulc%$%$ privacy-mode des56 %$%$!LJ'3|IjzT\FG"~7{+E<Bulc%$%$ acl 2040
snmp-agent notification-log enable
snmp-agent trap enable
#
undo ssh server compatible-ssh1x enable
sftp server enable
stelnet server enable
ssh authentication-type default password
ssh user ingopsut
ssh user ingopsut authentication-type password
ssh user ingopsut service-type all
ssh user ingopsut sftp-directory flash:/
ssh client first-time enable
#
user-interface con 0
authentication-mode password
set authentication password cipher %$%$OJ4IFtgEU5f.rzK8o\R=,MD;fXnyG0}Q~)
[<dUXg2>H~"SJE%$%$
user-interface vty 0 4
authentication-mode aaa
user privilege level 3
protocol inbound ssh
user-interface vty 16 20
#
return

You might also like