PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password
passwd
hostname ChicagoPix
domain-name
clock summer-time CST recurring 2 Sun Mar 2:00 1 Sun Nov 2:00
fixup protocol dns maximum-length 2500
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
no fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
no fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
no names
name 192.168.1.21 web_4
name 192.168.1.20 web_3
name 192.168.1.19 web_2
name 192.168.1.18 web_1
name 192.168.1.17 spam_server
name 192.168.1.13 xdata
name 192.168.1.12 production_sql
name 208.61.xxx.xxx rick_rourk
name 216.177.xxx.xxx FB
name 65.242.xxx.xxx NYDataA
name 68.254.xxx.xxx NTSIntranet
name 192.168.1.11 Intranet
name 68.254.xxx.xxx VPN
name 192.168.1.14 OldWebmail
name 192.168.1.23 webmail
name 68.254.xxx.xxx webmailOutside
name 192.168.1.22 TaxQ
name 68.254.xxx.xxx OutsideTaxQ
name 192.168.1.157 Project
name 192.168.1.25 TaxQCert
name 192.168.1.26 Gecls
name 192.168.1.220 Elesh
name 192.168.1.27 Email_TaxQ_Imgs
name 192.168.1.158 CallAttendant
name 192.168.1.35 VSTF
name 207.7.xxx.xxx TX_Failover
name 192.168.1.60 TFS2012
object-group service WebAccess tcp
port-object eq www
port-object eq https
port-object eq ftp
port-object range 8039 8039
object-group network RickAccess
network-object 192.168.1.12 255.255.255.255
network-object 192.168.1.13 255.255.255.255
network-object 192.168.1.14 255.255.255.255
network-object 192.168.1.17 255.255.255.255
network-object 192.168.1.18 255.255.255.255
network-object 192.168.1.19 255.255.255.255
network-object 192.168.1.20 255.255.255.255
network-object 192.168.1.21 255.255.255.255
network-object 192.168.1.23 255.255.255.255
network-object 192.168.1.22 255.255.255.255
network-object 192.168.1.27 255.255.255.255
object-group network RickAccess_ref
network-object 66.244.xxx.xxx 255.255.255.255
network-object 66.244.xxx.xxx 255.255.255.255
network-object 66.244.xxx.xxx 255.255.255.255
network-object 66.244.xxx.xxx 255.255.255.255
network-object 66.244.xxx.xxx 255.255.255.255
network-object 66.244.xxx.xxx 255.255.255.255
network-object 66.244.xxx.xxx 255.255.255.255
network-object 66.244.xxx.xxx 255.255.255.255
network-object 66.244.xxx.xxx 255.255.255.255
network-object 66.244.xxx.xxx 255.255.255.255
network-object 66.244.xxx.xxx 255.255.255.255
object-group service mailaccess tcp
port-object eq pop3
port-object eq smtp
port-object eq pop2
port-object eq imap4
port-object eq telnet
object-group service pcAnywhereSupport tcp
description Support
port-object range pcanywhere-data 5632
port-object eq pcanywhere-data
object-group service SecureService tcp
description 443 Only
port-object eq https
object-group service Exchange tcp
group-object WebAccess
group-object mailaccess
access-list outside_access_in permit tcp any host 66.244.xxx.xxx eq 3389
access-list outside_access_in permit tcp 207.xxx.xxx 255.255.255.0 any
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group ma
ilaccess
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in remark ntsmail - the new webmail - Exchange 2003 O
WA
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group Ex
change
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group ma
ilaccess
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in permit tcp interface outside eq www any
access-list outside_access_in remark NTS Intranet Site
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group pc
AnywhereSupport
access-list outside_access_in remark NTS TaxQCert
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in remark Gecls
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in remark TFS2012
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in remark DEV FTP
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in remark VSTF
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in remark WF Loan Search
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in remark Apps websites
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in remark NY DataAccess point
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in remark Taxq Site
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in remark WS Site
access-list outside_access_in permit tcp any host 66.244.xxx.xxx object-group We
bAccess
access-list outside_access_in remark POM
access-list outside_access_in remark TFS2012
access-list inside_nat0_outbound permit ip host 192.168.1.12 host 66.244.xxx.xxx
access-list inside_nat0_outbound permit ip any 192.168.1.144 255.255.255.252
access-list inside_nat0_outbound permit ip 192.168.1.0 255.255.255.0 192.168.100
.0 255.255.255.0
access-list inside_nat0_outbound permit ip 192.168.1.0 255.255.255.0 192.168.10.
0 255.255.255.0
access-list inside_nat0_outbound permit ip 192.168.1.0 255.255.255.0 host 207.7.
xxx.xxx
access-list inside_nat0_outbound permit ip 192.168.1.0 255.255.255.0 192.168.20.
0 255.255.255.0
access-list outside_cryptomap_10 permit ip host 192.168.1.12 host 66.244.xxx.xxx
access-list outside_cryptomap_10 permit ip host 192.168.1.14 host 66.244.xxx.xxx
access-list cpi permit tcp host 192.168.1.220 any eq www
access-list cpi permit tcp any eq www host 192.168.1.220
access-list cpo permit tcp host 68.254.xxx.xxx any eq www
access-list cpo permit tcp any eq www host 68.254.xxx.xxx
access-list outside_cryptomap_dyn_20 permit ip any 192.168.100.0 255.255.255.0
access-list tactest permit ip 192.168.100.0 255.255.255.0 host 192.168.1.220
access-list tactest permit ip host 192.168.1.220 192.168.100.0 255.255.255.0
access-list tactest permit ip host 192.168.100.2 host 192.168.1.220
access-list tactest permit ip host 192.168.1.220 host 192.168.100.2
access-list VpnAccess4Chicago_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0
192.168.100.0 255.255.255.0
access-list fake2 permit ip 192.168.1.0 255.255.255.0 192.168.10.0 255.255.255.0
access-list vpntraffic1 permit ip 192.168.1.0 255.255.255.0 192.168.10.0 255.255
.255.0
access-list vpntraffic1 permit ip 192.168.1.0 255.255.255.0 host 207.7.xxx.xxx
access-list vpntraffic2 permit ip 192.168.1.0 255.255.255.0 192.168.20.0 255.255
.255.0
pager lines 24
logging on
logging timestamp
logging console informational
logging monitor debugging
logging buffered notifications
logging trap warnings
logging history alerts
logging facility 16
logging host inside 192.168.1.220
icmp permit any outside
icmp permit any inside
mtu outside 1500
mtu inside 1500
ip address outside 66.244.xxx.xxx 255.255.255.240
ip address inside 192.168.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
ip local pool AtHome 192.168.100.1-192.168.100.254
pdm location 192.168.1.12 255.255.255.255 inside
pdm location 192.168.1.13 255.255.255.255 inside
pdm location 192.168.1.14 255.255.255.255 inside
pdm location 192.168.1.17 255.255.255.255 inside
pdm location 192.168.1.18 255.255.255.255 inside
pdm location 192.168.1.19 255.255.255.255 inside
pdm location 192.168.1.20 255.255.255.255 inside
pdm location 192.168.1.21 255.255.255.255 inside
pdm location 208.61.xxx.xxx 255.255.255.0 outside
pdm location 216.177.xxx.xxx 255.255.255.240 outside
pdm location 65.242.xxx.xxx 255.255.255.255 outside
pdm location 65.242.xxx.xxx 255.255.255.255 outside
pdm location 192.168.1.11 255.255.255.255 inside
pdm location 68.254.xxx.xxx 255.255.255.255 outside
pdm location 68.254.xxx.xxx 255.255.255.255 outside
pdm location 192.168.1.23 255.255.255.255 inside
pdm location 68.254.xxx.xxx 255.255.255.255 outside
pdm location 192.168.1.22 255.255.255.255 inside
pdm location 68.254.xxx.xxx 255.255.255.255 outside
pdm location 192.168.1.157 255.255.255.255 inside
pdm location 192.168.1.25 255.255.255.255 inside
pdm location 192.168.1.26 255.255.255.255 inside
pdm location 192.168.1.220 255.255.255.255 inside
pdm location 167.1.xxx.xxx 255.255.255.255 outside
pdm location 192.168.1.27 255.255.255.255 inside
pdm location 192.168.1.158 255.255.255.255 inside
pdm location 64.219.xxx.xxx 255.255.255.0 outside
pdm location 216.81.xxx.xxx 255.255.255.0 outside
pdm location 216.110.xxx.xxx 255.255.255.0 outside
pdm location 66.244.xxx.xxx 255.255.255.255 outside
pdm location 216.110.xxx.xxx 255.255.255.0 inside
pdm location 216.81.xxx.xxx 255.255.255.0 inside
pdm location 192.168.1.144 255.255.255.252 outside
pdm location 66.244.xxx.xxx 255.255.255.255 outside
pdm location 66.244.xxx.xxx 255.255.255.255 outside
pdm location 192.168.100.0 255.255.255.0 outside
pdm location 64.219.xxx.xxx 255.255.255.255 outside
pdm location 64.219.xxx.xxx 255.255.255.255 outside
pdm location 192.168.1.35 255.255.255.255 inside
pdm location 207.7.xxx.xxx 255.255.255.0 outside
pdm location 65.5.xxx.xxx 255.255.255.0 outside
pdm location 192.168.1.28 255.255.255.255 inside
pdm location 192.168.1.41 255.255.255.255 inside
pdm location 171.68.xxx.xxx 255.255.255.255 outside
pdm location 192.168.10.0 255.255.255.0 outside
pdm location 207.7.xxx.xxx 255.255.255.255 outside
pdm location 207.7.xxx.xxx 255.255.255.255 outside
pdm location 192.168.1.42 255.255.255.255 inside
pdm location 192.168.20.0 255.255.255.0 outside
pdm location 192.168.1.39 255.255.255.255 inside
pdm group RickAccess inside
pdm logging informational 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) tcp 66.244.xxx.xxx www 192.168.1.60 8080 dns netmask 255
.255.255.255 0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.17 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.12 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.13 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.23 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.18 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.19 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.20 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.21 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.11 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.25 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.26 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.158 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.35 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.28 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.41 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.42 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.39 netmask 255.255.255.255 0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.49 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.51 dns netmask 255.255.255.255
0 0
static (inside,outside) 66.244.xxx.xxx 192.168.1.52 dns netmask 255.255.255.255
0 0
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 66.244.xxx.xxx 1
route outside 66.244.xxx.xxx 255.255.255.255 66.244.xxx.xxx 1
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout sip-disconnect 0:02:00 sip-invite 0:03:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
url-server (inside) vendor websense host 192.168.1.14 timeout 5 protocol TCP ver
sion 4
url-cache src_dst 128KB
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
http server enable
http 167.1.xxx.xxx 255.255.255.255 outside
http 64.219.xxx.xxx 255.255.255.0 outside
http 192.168.1.0 255.255.255.0 inside
snmp-server host outside 64.219.161.130
no snmp-server location
snmp-server contact xxx.xxx
snmp-server community dell2020
snmp-server enable traps
tftp-server inside 192.168.1.115 /pixconfig
floodguard enable
sysopt connection permit-ipsec
sysopt connection permit-pptp
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto dynamic-map outside_dyn_map 30 set transform-set ESP-3DES-MD5
crypto map outside_map 20 ipsec-isakmp
crypto map outside_map 20 match address vpntraffic1
crypto map outside_map 20 set peer 207.7.xxx.xxx
crypto map outside_map 20 set transform-set myset
crypto map outside_map 30 ipsec-isakmp
crypto map outside_map 30 match address vpntraffic2
crypto map outside_map 30 set peer 76.251.xxx.xxx
crypto map outside_map 30 set transform-set myset
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
isakmp enable outside
isakmp key ******** address 207.7.xxx.xxx netmask 255.255.255.255
isakmp key ******** address 76.251.xxx.xxx netmask 255.255.255.255
isakmp identity address
isakmp nat-traversal 20
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash sha
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
isakmp policy 30 authentication pre-share
isakmp policy 30 encryption 3des
isakmp policy 30 hash md5
isakmp policy 30 group 2
isakmp policy 30 lifetime 86400
vpngroup AtHome idle-time 1800
vpngroup AtHome password ********
vpngroup AtHomeCisco idle-time 1800
vpngroup AtHomeCisco password ********
vpngroup VpnAccess4Chicago address-pool AtHome
vpngroup VpnAccess4Chicago dns-server 192.168.1.12 216.146.xxx.xxx
vpngroup VpnAccess4Chicago default-domain xxx.xxx
vpngroup VpnAccess4Chicago split-tunnel VpnAccess4Chicago_splitTunnelAcl
vpngroup VpnAccess4Chicago idle-time 1800
vpngroup VpnAccess4Chicago password ********
telnet 64.219.xxx.xxx 255.255.255.0 outside
telnet 216.81.xxx.xxx 255.255.255.0 outside
telnet 216.110.xxx.xxx 255.255.255.0 outside
telnet 171.68.xxx.xxx 255.255.255.255 outside
telnet 192.168.1.220 255.255.255.255 inside
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 64.219.xxx.xxx 255.255.255.0 outside
ssh 0.0.0.0 0.0.0.0 outside
ssh 216.110.xxx.xxx 255.255.255.0 inside
ssh 216.81.xxx.xxx 255.255.255.0 inside
ssh timeout 60
management-access inside
console timeout 0
vpdn group PPTP-VPDN-GROUP accept dialin pptp
vpdn group PPTP-VPDN-GROUP ppp authentication pap
vpdn group PPTP-VPDN-GROUP ppp authentication chap
vpdn group PPTP-VPDN-GROUP ppp authentication mschap
vpdn group PPTP-VPDN-GROUP ppp encryption mppe auto
vpdn group PPTP-VPDN-GROUP client configuration address local AtHome
vpdn group PPTP-VPDN-GROUP client configuration dns 216.146.xxx.xxx 192.168.1.12
vpdn group PPTP-VPDN-GROUP pptp echo 60
vpdn group PPTP-VPDN-GROUP client authentication local
vpdn username lori password *********
vpdn username national1 password *********
vpdn enable outside
dhcpd address 192.168.1.2-192.168.1.129 inside
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside
url-block url-mempool 2000
url-block url-size 4
url-block block 128
terminal width 80
Cryptochecksum:53fe5820d9e21c70368de4d9a82f5669
: end
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname NTSCORESW1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$vMrS$nTJsKx70GlTdQ5Xq/70/4.
!
!
!
no aaa new-model
clock timezone UTC -6
clock summer-time UTC recurring
switch 1 provision ws-c3750x-24
switch 2 provision ws-c3750x-24
system mtu routing 1500
ip routing
!
!
!
!
crypto pki trustpoint TP-self-signed-1444244992
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1444244992
revocation-check none
rsakeypair TP-self-signed-1444244992
!
!
crypto pki certificate chain TP-self-signed-1444244992
certificate self-signed 01 nvram:IOS-Self-Sig#3232.cer
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0
ip address 192.168.1.1 255.255.255.0
no ip route-cache cef
no ip route-cache
no ip mroute-cache
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface GigabitEthernet2/0/1
!
interface GigabitEthernet2/0/2
!
interface GigabitEthernet2/0/3
!
interface GigabitEthernet2/0/4
!
interface GigabitEthernet2/0/5
!
interface GigabitEthernet2/0/6
!
interface GigabitEthernet2/0/7
!
interface GigabitEthernet2/0/8
!
interface GigabitEthernet2/0/9
!
interface GigabitEthernet2/0/10
!
interface GigabitEthernet2/0/11
!
interface GigabitEthernet2/0/12
!
interface GigabitEthernet2/0/13
!
interface GigabitEthernet2/0/14
!
interface GigabitEthernet2/0/15
!
interface GigabitEthernet2/0/16
!
interface GigabitEthernet2/0/17
!
interface GigabitEthernet2/0/18
!
interface GigabitEthernet2/0/19
!
interface GigabitEthernet2/0/20
!
interface GigabitEthernet2/0/21
!
interface GigabitEthernet2/0/22
!
interface GigabitEthernet2/0/23
!
interface GigabitEthernet2/0/24
!
interface GigabitEthernet2/1/1
!
interface GigabitEthernet2/1/2
!
interface GigabitEthernet2/1/3
!
interface GigabitEthernet2/1/4
!
interface TenGigabitEthernet2/1/1
!
interface TenGigabitEthernet2/1/2
!
interface Vlan1
no ip address
!
interface Vlan2
ip address 192.168.2.1 255.255.255.0
!
interface Vlan3
ip address 192.168.3.1 255.255.255.0
!
interface Vlan10
ip address 10.1.10.1 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.2
ip http server
ip http secure-server
!
ip sla enable reaction-alerts
!
!
line con 0
line vty 0 4
password xxxxxx
login
line vty 5 15
password xxxxxx
login
!
end
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname NTSCORESW1
!
boot-start-marker
boot-end-marker
!
enable secret 5
!
!
!
no aaa new-model
clock timezone UTC -6
clock summer-time UTC recurring
switch 1 provision ws-c3750x-24
switch 2 provision ws-c3750x-24
system mtu routing 1500
ip routing
!
!
!
!
crypto pki trustpoint TP-self-signed-1444244992
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1444244992
revocation-check none
rsakeypair TP-self-signed-1444244992
!
!
crypto pki certificate chain TP-self-signed-1444244992
certificate self-signed 01
30820243 308201AC A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31343434 32343439 3932301E 170D3933 30333031 30303031
33395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 34343432
34343939 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100D2EF 6A036B6F 24196433 ACD08CFF A42C7B4C 7646A803 D9862501 1DC6101A
82B5B6AE 9208F2D0 6EE0C20B 6D0D8E2B 1F841718 97F846AE ACA38ECE CD8675A8
4889EC3A 07D6F8D6 E75FA35F 8C191C6C 1967662E F876BBA1 D0A6A8AE 9E6F1883
3645F94B F6222046 E2195039 CD985BAC FEECEA1C DE2E7291 7574B831 EFC8729E
60390203 010001A3 6B306930 0F060355 1D130101 FF040530 030101FF 30160603
551D1104 0F300D82 0B4E5453 434F5245 5357312E 301F0603 551D2304 18301680
14329CAA 63052DEA 0AEB8154 DBA01DDD B378DE73 32301D06 03551D0E 04160414
329CAA63 052DEA0A EB8154DB A01DDDB3 78DE7332 300D0609 2A864886 F70D0101
04050003 8181008E BC9F9136 5B75AC19 5D785E69 0312EB5C BF35258B 0347EFF0
D92FC0A2 441E1976 1999504B 436A19BC 12088DE1 689F6CC5 4A346B74 17744859
07282076 B8B73055 00B1F1B4 87A7962E 44141FDC 9EC4F1E7 C5500629 B2CA86FA
93AA0171 EE60B7B3 9B59645A 5197F6CB A67A7B8B 83325A7E 8DB33741 A1A0077A
FC46ADEC 900C59
quit
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0
ip address 10.10.10.254 255.255.255.0
no ip route-cache cef
no ip route-cache
no ip mroute-cache
!
interface GigabitEthernet1/0/1
switchport mode access
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
switchport access vlan 2
!
interface GigabitEthernet1/0/8
switchport access vlan 2
!
interface GigabitEthernet1/0/9
switchport access vlan 2
!
interface GigabitEthernet1/0/10
switchport access vlan 2
!
interface GigabitEthernet1/0/11
switchport access vlan 2
!
interface GigabitEthernet1/0/12
switchport access vlan 2
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface GigabitEthernet2/0/1
!
interface GigabitEthernet2/0/2
!
interface GigabitEthernet2/0/3
!
interface GigabitEthernet2/0/4
!
interface GigabitEthernet2/0/5
!
interface GigabitEthernet2/0/6
!
interface GigabitEthernet2/0/7
!
interface GigabitEthernet2/0/8
!
interface GigabitEthernet2/0/9
!
interface GigabitEthernet2/0/10
!
interface GigabitEthernet2/0/11
!
interface GigabitEthernet2/0/12
!
interface GigabitEthernet2/0/13
!
interface GigabitEthernet2/0/14
!
interface GigabitEthernet2/0/15
!
interface GigabitEthernet2/0/16
!
interface GigabitEthernet2/0/17
!
interface GigabitEthernet2/0/18
!
interface GigabitEthernet2/0/19
!
interface GigabitEthernet2/0/20
!
interface GigabitEthernet2/0/21
!
interface GigabitEthernet2/0/22
!
interface GigabitEthernet2/0/23
!
interface GigabitEthernet2/0/24
!
interface GigabitEthernet2/1/1
!
interface GigabitEthernet2/1/2
!
interface GigabitEthernet2/1/3
!
interface GigabitEthernet2/1/4
!
interface TenGigabitEthernet2/1/1
!
interface TenGigabitEthernet2/1/2
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
!
interface Vlan2
ip address 192.168.2.1 255.255.255.0
!
interface Vlan3
ip address 192.168.3.1 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.2
ip http server
ip http secure-server
!
ip sla enable reaction-alerts
!
!
line con 0
line vty 0 4
password
login
line vty 5 15
password
login
!
end