Cisco 887va-w-e-k9
From MS Computech
My Cisco 887va-w-e-k9 config--Snifer 11:27, 20 December 2014 (ICT)
Cisco887-3bb#sh running-config
Building configuration...
Current configuration : 4512 bytes
!
! Last configuration change at 17:15:44 UTC Wed Dec 17 2014 by msc
! NVRAM config last updated at 17:09:08 UTC Wed Dec 17 2014 by msc
! NVRAM config last updated at 17:09:08 UTC Wed Dec 17 2014 by msc
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco887-3bb
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
clock timezone UTC 7 0
!
crypto pki trustpoint TP-self-signed-2946708549
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2946708549
revocation-check none
rsakeypair TP-self-signed-2946708549
!
!
crypto pki certificate chain TP-self-signed-2946708549
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32393436 37303835 3439301E 170D3134 31303238 30303032
35375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39343637
30383534 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
810099C7 C9759FB8 63575E6E D44E08BE E7EE9154 9EC33D4C 45A864A5 431CDF8B
AED8AEC0 500E175E 97D1186A D8AE834C 8ABB5EB9 BA3A3808 CB5B248F 17F2AA59
898362D1 262592AB 27492CDE DA155C4F E7552E34 ECA979C0 07F60524 D6B0350A
43613658 C1815FE6 87538CB1 839835BF C9F0898E 06BCCE83 5592A1FC 0B4EC528
B2D70203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 148E9377 7A4A67A3 85BBC6D6 EA6C387A C6B02654 D1301D06
03551D0E 04160414 8E93777A 4A67A385 BBC6D6EA 6C387AC6 B02654D1 300D0609
2A864886 F70D0101 05050003 8181002D 7F361AF8 A92452A2 1CDE6304 294EC09D
7F690B8C CB7016F5 98C09474 CF2AF506 32397C0A 340929FB DC9CE473 289C0A46
1A1A0B34 B65B96DB 42E6982C B7EC0591 289248C9 714BADB9 58E38298 F17EE1D1
077BD75F 77C7B044 B93210CF 91DD8829 F23CFB33 F5B01821 96966FDC D8EDD29C
53B822BD D796D194 D17B11BF 019A4D
quit
ip cef
!
!
!
ip dhcp excluded-address 192.168.101.1
!
ip dhcp pool ccp-pool
import all
network 192.168.101.0 255.255.255.0
default-router 192.168.101.1
dns-server 192.168.101.1 8.8.8.8
lease 0 2
!
!
!
ip domain name google.com
ip name-server 208.67.222.222
ip name-server 208.67.220.220
no ipv6 cef
!
!
license udi pid C887VA-W-E-K9 sn xxxxxxxxx
!
!
username msc privilege 15 secret 5 $1$ywXw$Zvdk50OuHVTD6ZW3aNijH0
!
!
!
!
!
controller VDSL 0
!
!
!
!
!
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
pvc 0/33
pppoe-client dial-pool-number 1
!
!
interface Ethernet0
no ip address
shutdown
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
no ip address
!
interface wlan-ap0
description Embedded Service module interface to manage the embedded AP
ip unnumbered Vlan1
!
interface Vlan1
ip address 192.168.101.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
!
interface Dialer1
mtu 1492
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
ppp authentication pap chap callin
ppp chap hostname xxxxxxx@3bb10m
ppp chap password 0 xxx1234
ppp pap sent-username xxxxxxx@3bb10m password 0 xxx1234
no cdp enable
!
ip forward-protocol nd
no ip http server
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip dns server
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 192.168.101.2 3389 interface Dialer1 3389
ip nat inside source static tcp 192.168.101.2 3390 interface Dialer1 3390
ip nat inside source static tcp 192.168.101.2 222 interface Dialer1 222
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 1 permit 192.168.101.0 0.0.0.255
!
!
!
line con 0
login local
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
ntp master
ntp update-calendar
ntp server 1.th.pool.ntp.org
!
end
Wireless Lan
Cisco-AP802GN-E-K9#sh running-config Building configuration... Current configuration : 3411 bytes ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Cisco-AP802GN-E-K9 ! logging rate-limit console 9 enable secret 5 $1$mCE/$0c0UtyZSWlH0012ghkH6fZW66mk1 ! no aaa new-model ip domain name google.com ip name-server 208.67.222.222 ! ! dot11 syslog ! dot11 ssid SNP-R1 vlan 1 authentication open authentication key-management wpa version 2 mbssid guest-mode wpa-psk ascii 0 yourpassword ! ! ! username msc privilege 15 secret 5 $1$Nla.$VVHr7k.YF14jhqADpPvReUZF4da1 ! ! ip ssh version 2 bridge irb ! ! interface Dot11Radio0 no ip address no ip route-cache ! encryption vlan 1 mode ciphers aes-ccm tkip ! ssid SNP-R1 ! antenna gain 0 mbssid speed basic-1.0 basic-2.0 basic-5.5 basic-11.0 basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15. station-role root access-point ! interface Dot11Radio0.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface GigabitEthernet0 description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router no ip address no ip route-cache ! interface GigabitEthernet0.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled ! interface BVI1 ip address 192.168.101.254 255.255.255.0 no ip route-cache ! ip default-gateway 192.168.101.1 no ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag bridge 1 route ip ! ! banner exec ^CC % Password change notice. ----------------------------------------------------------------------- Default username/password setup on AP is cisco/cisco with privilege level 15. It is strongly suggested that you create a new username with privilege level 15 using the following command for console security. username <myuser> privilege 15 secret 0 <mypassword> no username cisco Replace <myuser> and <mypassword> with the username and password you want to use. After you change your username/password you can turn off this message by configuring "no banner login" and "no banner exec" in privileged mode. ----------------------------------------------------------------------- ^C banner login ^CC % Password change notice. ----------------------------------------------------------------------- Default username/password setup on AP is cisco/cisco with privilege level 15. It is strongly suggested that you create a new username with privilege level 15 using the following command for console security. username <myuser> privilege 15 secret 0 <mypassword> no username cisco Replace <myuser> and <mypassword> with the username and password you want to use. After you change your username/password you can turn off this message by configuring "no banner login" and "no banner exec" in privileged mode. ----------------------------------------------------------------------- ^C ! line con 0 privilege level 15 login local no activation-character line vty 0 4 privilege level 15 login local transport input ssh ! cns dhcp end
Allow Access SSH by command
ip ssh version 2 crypto key generate rsa 1024
--Snifer 11:27, 20 December 2014 (ICT)
