###### tags: `Redes` # Configuraçao retirada dos aparelhos final ## ASAV-MainSite ASA Version 9.9(2) ! hostname ASAV-MainSite enable password $sha512$5000$xXDwbfCPc02Ezvs0UKaMxQ==$JwRgd3iokpTdq3QZLpmOew== pbkdf2 names ip local pool VPN-POOL 10.0.15.100-10.0.15.150 mask 255.255.255.0 ! interface GigabitEthernet0/0 deion Ligacao Para o site de SQL nameif dmz3 security-level 70 ip address 172.16.200.1 255.255.255.240 ! interface GigabitEthernet0/1 deion Ligacao Para a Base de Dados do Site nameif dmz2 security-level 70 ip address 172.16.200.17 255.255.255.240 ! interface GigabitEthernet0/2 deion Ligacao Para o Switch L3 nameif dmz security-level 70 ip address 172.16.250.1 255.255.255.252 ! interface GigabitEthernet0/3 deion Para o R1_MainSite nameif inside security-level 100 ip address 10.0.250.1 255.255.255.252 ! interface GigabitEthernet0/4 deion Para o R2_MainSite nameif inside2 security-level 100 ip address 10.0.250.5 255.255.255.252 ospf cost 20 ! interface GigabitEthernet0/5 shutdown no nameif no security-level no ip address ! interface GigabitEthernet0/6 deion Ligacao para o INTERNET nameif outside security-level 0 ip address 189.15.10.2 255.255.255.240 ! interface Management0/0 management-only shutdown no nameif no security-level no ip address ! ftp mode passive same-security-traffic permit inter-interface same-security-traffic permit intra-interface object network DMZ_Network subnet 172.16.0.0 255.255.0.0 object network Inside_Network subnet 10.0.0.0 255.255.0.0 object network Branch_Site subnet 192.168.0.0 255.255.0.0 object network NETWORK_OBJ_10.0.15.0_24 subnet 10.0.15.0 255.255.255.0 object network PAT-DMZ subnet 172.16.0.0 255.255.0.0 deion PAT object network PAT-Inside subnet 10.0.0.0 255.255.0.0 deion PAT object network apache host 189.15.10.3 object network sql host 189.15.10.4 object network NAT-apache host 172.16.80.96 deion apacheSIte object network NAT-sql host 172.16.200.10 deion NAT object network apache-rule host 172.16.80.96 object service apache_port service tcp destination eq 14141 object network sitesql host 172.16.200.10 object-group network DM_INLINE_NETWORK_1 network-object object DMZ_Network network-object object Inside_Network object-group network DM_INLINE_NETWORK_2 network-object object DMZ_Network network-object object Inside_Network object-group network DM_INLINE_NETWORK_3 network-object object DMZ_Network network-object object Inside_Network object-group network DM_INLINE_NETWORK_4 network-object object DMZ_Network network-object object Inside_Network object-group network DM_INLINE_NETWORK_5 network-object object DMZ_Network network-object object Inside_Network access-list outside_cryptomap extended permit ip object-group DM_INLINE_NETWORK_1 object Branch_Site access-list outside_access_in extended permit object apache_port any object apache-rule access-list outside_access_in extended permit tcp any object sitesql eq www access-list dmz2_access_in extended permit ip any any access-list dmz3_access_in extended permit ip any any pager lines 23 mtu dmz3 1500 mtu dmz2 1500 mtu dmz 1500 mtu inside 1500 mtu inside2 1500 mtu outside 1500 no failover no monitor-interface service-module icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 no arp permit-nonconnected arp rate-limit 8192 nat (dmz,outside) source static any any destination static NETWORK_OBJ_10.0.15.0_24 NETWORK_OBJ_10.0.15.0_24 no-proxy-arp route-lookup nat (inside2,outside) source static any any destination static NETWORK_OBJ_10.0.15.0_24 NETWORK_OBJ_10.0.15.0_24 no-proxy-arp route-lookup nat (dmz3,outside) source static any any destination static NETWORK_OBJ_10.0.15.0_24 NETWORK_OBJ_10.0.15.0_24 no-proxy-arp route-lookup nat (dmz2,outside) source static any any destination static NETWORK_OBJ_10.0.15.0_24 NETWORK_OBJ_10.0.15.0_24 no-proxy-arp route-lookup nat (inside,outside) source static DM_INLINE_NETWORK_1 DM_INLINE_NETWORK_1 destination static Branch_Site Branch_Site no-proxy-arp route-lookup nat (inside,outside) source static any any destination static NETWORK_OBJ_10.0.15.0_24 NETWORK_OBJ_10.0.15.0_24 no-proxy-arp route-lookup nat (inside2,outside) source static DM_INLINE_NETWORK_2 DM_INLINE_NETWORK_2 destination static Branch_Site Branch_Site no-proxy-arp route-lookup nat (dmz,outside) source static DM_INLINE_NETWORK_3 DM_INLINE_NETWORK_3 destination static Branch_Site Branch_Site no-proxy-arp route-lookup nat (dmz2,outside) source static DM_INLINE_NETWORK_4 DM_INLINE_NETWORK_4 destination static Branch_Site Branch_Site no-proxy-arp route-lookup nat (dmz3,outside) source static DM_INLINE_NETWORK_5 DM_INLINE_NETWORK_5 destination static Branch_Site Branch_Site no-proxy-arp route-lookup ! object network PAT-DMZ nat (any,outside) dynamic interface object network PAT-Inside nat (any,outside) dynamic interface object network NAT-apache nat (dmz,outside) static 189.15.10.3 net-to-net service tcp 14141 www object network NAT-sql nat (dmz3,outside) static sql net-to-net access-group dmz3_access_in in interface dmz3 access-group dmz2_access_in in interface dmz2 access-group outside_access_in in interface outside router ospf 10 router-id 1.1.1.1 network 10.0.0.0 255.255.0.0 area 0 network 172.16.0.0 255.255.0.0 area 0 log-adj-changes default-information originate ! route outside 0.0.0.0 0.0.0.0 189.15.10.1 1 timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 timeout conn-holddown 0:00:15 timeout igp stale-route 0:01:10 user-identity default-domain LOCAL aaa authentication login-history http server enable http 172.16.50.100 255.255.255.255 dmz no snmp-server location no snmp-server contact crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS esp-aes esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS esp-aes esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transport crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transport crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS esp-des esp-sha-hmac crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transport crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS esp-des esp-md5-hmac crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transport crypto ipsec ikev2 ipsec-proposal DES protocol esp encryption des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal 3DES protocol esp encryption 3des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES protocol esp encryption aes protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES192 protocol esp encryption aes-192 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES256 protocol esp encryption aes-256 protocol esp integrity sha-1 md5 crypto ipsec security-association pmtu-aging infinite crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES crypto map outside_map 1 match address outside_cryptomap crypto map outside_map 1 set peer 189.15.11.2 crypto map outside_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5 crypto map outside_map 1 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map outside_map interface outside crypto ca trustpoint _SmartCallHome_ServerCA no validation-usage crl configure crypto ca trustpoint ASDM_Launcher_Access_TrustPoint_0 enrollment self fqdn none subject-name CN=172.16.250.1,CN=ASAV-MainSite keypair ASDM_LAUNCHER crl configure crypto ca trustpool policy auto-import crypto ca certificate chain _SmartCallHome_ServerCA certificate ca 513fb9743870b73440418d30930699ff 30820538 30820420 a0030201 02021051 3fb97438 70b73440 418d3093 0699ff30 0d06092a 864886f7 0d01010b 05003081 ca310b30 09060355 04061302 55533117 30150603 55040a13 0e566572 69536967 6e2c2049 6e632e31 1f301d06 0355040b 13165665 72695369 676e2054 72757374 204e6574 776f726b 313a3038 06035504 0b133128 63292032 30303620 56657269 5369676e 2c20496e 632e202d 20466f72 20617574 686f7269 7a656420 75736520 6f6e6c79 31453043 06035504 03133c56 65726953 69676e20 436c6173 73203320 5075626c 69632050 72696d61 72792043 65727469 66696361 74696f6e 20417574 686f7269 7479202d 20473530 1e170d31 33313033 31303030 3030305a 170d3233 31303330 32333539 35395a30 7e310b30 09060355 04061302 5553311d 301b0603 55040a13 1453796d 616e7465 6320436f 72706f72 6174696f 6e311f30 1d060355 040b1316 53796d61 6e746563 20547275 7374204e 6574776f 726b312f 302d0603 55040313 2653796d 616e7465 6320436c 61737320 33205365 63757265 20536572 76657220 4341202d 20473430 82012230 0d06092a 864886f7 0d010101 05000382 010f0030 82010a02 82010100 b2d805ca 1c742db5 175639c5 4a520996 e84bd80c f1689f9a 422862c3 a530537e 5511825b 037a0d2f e17904c9 b4967719 81019459 f9bcf77a 9927822d b783dd5a 277fb203 7a9c5325 e9481f46 4fc89d29 f8be7956 f6f7fdd9 3a68da8b 4b823341 12c3c83c ccd6967a 84211a22 04032717 8b1c6861 930f0e51 80331db4 b5ceeb7e d062acee b37b0174 ef6935eb cad53da9 ee9798ca 8daa440e 25994a15 96a4ce6d 02541f2a 6a26e206 3a6348ac b44cd175 9350ff13 2fd6dae1 c618f59f c9255df3 003ade26 4db42909 cd0f3d23 6f164a81 16fbf283 10c3b8d6 d855323d f1bd0fbd 8c52954a 16977a52 2163752f 16f9c466 bef5b509 d8ff2700 cd447c6f 4b3fb0f7 02030100 01a38201 63308201 5f301206 03551d13 0101ff04 08300601 01ff0201 00303006 03551d1f 04293027 3025a023 a021861f 68747470 3a2f2f73 312e7379 6d63622e 636f6d2f 70636133 2d67352e 63726c30 0e060355 1d0f0101 ff040403 02010630 2f06082b 06010505 07010104 23302130 1f06082b 06010505 07300186 13687474 703a2f2f 73322e73 796d6362 2e636f6d 306b0603 551d2004 64306230 60060a60 86480186 f8450107 36305230 2606082b 06010505 07020116 1a687474 703a2f2f 7777772e 73796d61 7574682e 636f6d2f 63707330 2806082b 06010505 07020230 1c1a1a68 7474703a 2f2f7777 772e7379 6d617574 682e636f 6d2f7270 61302906 03551d11 04223020 a41e301c 311a3018 06035504 03131153 796d616e 74656350 4b492d31 2d353334 301d0603 551d0e04 1604145f 60cf6190 55df8443 148a602a b2f57af4 4318ef30 1f060355 1d230418 30168014 7fd365a7 c2ddecbb f03009f3 4339fa02 af333133 300d0609 2a864886 f70d0101 0b050003 82010100 5e945649 dd8e2d65 f5c13651 b603e3da 9e7319f2 1f59ab58 7e6c2605 2cfa81d7 5c231722 2c3793f7 86ec85e6 b0a3fd1f e232a845 6fe1d9fb b9afd270 a0324265 bf84fe16 2a8f3fc5 a6d6a393 7d43e974 21913528 f463e92e edf7f55c 7f4b9ab5 20e90abd e045100c 14949a5d a5e34b91 e8249b46 4065f422 72cd99f8 8811f5f3 7fe63382 e6a8c57e fed008e2 25580871 68e6cda2 e614de4e 52242dfd e5791353 e75e2f2d 4d1b6d40 15522bf7 87897812 816ed94d aa2d78d4 c22c3d08 5f87919e 1f0eb0de 30526486 89aa9d66 9c0e760c 80f274d8 2af8b83a ced7d60f 11be6bab 14f5bd41 a0226389 f1ba0f6f 2963662d 3fac8c72 c5fbc7e4 d40ff23b 4f8c29c7 quit crypto ca certificate chain ASDM_Launcher_Access_TrustPoint_0 certificate 76adaf5d 308202da 308201c2 a0030201 02020476 adaf5d30 0d06092a 864886f7 0d01010b 0500302f 31163014 06035504 03130d41 5341562d 4d61696e 53697465 31153013 06035504 03130c31 37322e31 362e3235 302e3130 1e170d31 39313032 33303134 3430385a 170d3239 31303230 30313434 30385a30 2f311630 14060355 0403130d 41534156 2d4d6169 6e536974 65311530 13060355 0403130c 3137322e 31362e32 35302e31 30820122 300d0609 2a864886 f70d0101 01050003 82010f00 3082010a 02820101 009e1f98 248d5dc9 a67d0410 6b40e434 b99d8c96 fb8b3237 3ba6062a 50e7b66b f7b2496c 32c3f592 5a284a10 f45f1c4b 0fb949f8 ec583ec0 e37da78e 498ac785 a329b528 b6c8781d 3b4f3432 2919aaa7 432e8f56 82988744 7c0849fb 012f7a57 5368cd9a 31768348 2ba2f868 a3c79a66 40ea0ee3 ba8893f9 616a3f34 e5ad555d c0a96a52 dcec8d8e b7331d8e 8a29511a b75e7e0d 33c3e2a3 844de1b7 075d1669 7b2c4413 b3f57ff6 ffc822ad 810ae273 6595100c 0ad8cb34 87483a66 758308a4 09748b18 50dfdc63 9b7ee70a 5e800b14 e518fade 9d4afcd9 0f4326ea 93fc3d3a 50888428 1c15e782 777c380a ae1393f2 af5c083d 84661bd6 bbb0a74d 37da77b8 6b020301 0001300d 06092a86 4886f70d 01010b05 00038201 010042b5 5cbee417 b1b88a55 52ace56a 41d51bbe e8723ec6 eb0495d5 f42bb76a 5befd913 2631bd42 1affea49 7538881a 219cab54 5f976aff f6dc7187 00498df5 4b716b5b 79bc084f b85355ad 6ca467e1 a341eab7 681a3047 a8ca19af a5fccd83 58e552d9 914a8cf7 2f4b71d5 b07d5a8f f29b9d36 2ae2a4fb bf79b908 5e68d610 ae83c59e e1f3e104 7dd79298 67cd1101 d96d9647 4633dbe0 d2a7505f 44554138 8a6c4f27 b6e58ad5 2d8eb657 c8e8cdf9 0c1f2275 61a62bf0 04acbbe7 d7e3caa1 f1c251a0 4fb577bf d93c729e 87db7990 151ad950 d5a3d978 91806327 3c43c2b8 7b5378f7 c970b28d 57798b96 6c57af87 9c4b647b 95f5e449 4cc17e2f 0545bee2 2ccd quit crypto ikev2 policy 1 encryption aes-256 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 10 encryption aes-192 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 20 encryption aes integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 30 encryption 3des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 40 encryption des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 enable outside client-services port 443 crypto ikev2 remote-access trustpoint ASDM_Launcher_Access_TrustPoint_0 crypto ikev1 enable outside crypto ikev1 policy 10 authentication pre-share encryption aes-256 hash sha group 2 lifetime 86400 crypto ikev1 policy 20 authentication rsa-sig encryption aes-256 hash sha group 2 lifetime 86400 crypto ikev1 policy 40 authentication pre-share encryption aes-192 hash sha group 2 lifetime 86400 crypto ikev1 policy 50 authentication rsa-sig encryption aes-192 hash sha group 2 lifetime 86400 crypto ikev1 policy 70 authentication pre-share encryption aes hash sha group 2 lifetime 86400 crypto ikev1 policy 80 authentication rsa-sig encryption aes hash sha group 2 lifetime 86400 crypto ikev1 policy 100 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 crypto ikev1 policy 110 authentication rsa-sig encryption 3des hash sha group 2 lifetime 86400 crypto ikev1 policy 130 authentication pre-share encryption des hash sha group 2 lifetime 86400 crypto ikev1 policy 140 authentication rsa-sig encryption des hash sha group 2 lifetime 86400 telnet timeout 5 ssh stricthostkeycheck ssh timeout 5 ssh version 2 ssh key-exchange group dh-group1-sha1 console timeout 0 console serial threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ssl trust-point ASDM_Launcher_Access_TrustPoint_0 dmz3 ssl trust-point ASDM_Launcher_Access_TrustPoint_0 dmz2 ssl trust-point ASDM_Launcher_Access_TrustPoint_0 dmz ssl trust-point ASDM_Launcher_Access_TrustPoint_0 inside ssl trust-point ASDM_Launcher_Access_TrustPoint_0 inside2 ssl trust-point ASDM_Launcher_Access_TrustPoint_0 outside ssl trust-point ASDM_Launcher_Access_TrustPoint_0 dmz vpnlb-ip webvpn enable outside anyconnect image disk0:/anyconnect-win-4.6.00362-webdeploy-k9.pkg 1 anyconnect profiles RemoteVPN_client_profile disk0:/RemoteVPN_client_profile.xml anyconnect enable tunnel-group-list enable cache disable error-recovery disable group-policy GroupPolicy_RemoteVPN internal group-policy GroupPolicy_RemoteVPN attributes wins-server none dns-server value 172.16.80.30 172.16.80.126 vpn-tunnel-protocol ikev2 ssl-client default-domain value GoLuis.atec webvpn anyconnect profiles value RemoteVPN_client_profile type user group-policy GroupPolicy_189.15.11.2 internal group-policy GroupPolicy_189.15.11.2 attributes vpn-tunnel-protocol ikev1 ikev2 dynamic-access-policy-record DfltAccessPolicy username admin password $sha512$5000$B6M5lyI7H4mZNoOS0HxQkQ==$TIhPq1DI3iXmw1hgqk/n9Q== pbkdf2 privilege 15 tunnel-group 189.15.11.2 type ipsec-l2l tunnel-group 189.15.11.2 general-attributes default-group-policy GroupPolicy_189.15.11.2 tunnel-group 189.15.11.2 ipsec-attributes ikev1 pre-shared-key ***** ikev2 remote-authentication pre-shared-key ***** ikev2 local-authentication pre-shared-key ***** tunnel-group RemoteVPN type remote-access tunnel-group RemoteVPN general-attributes address-pool VPN-POOL default-group-policy GroupPolicy_RemoteVPN tunnel-group RemoteVPN webvpn-attributes group-alias RemoteVPN enable ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns migrated_dns_map_1 parameters message-length maximum client auto message-length maximum 512 no tcp-inspection policy-map global_policy class inspection_default inspect dns migrated_dns_map_1 inspect ftp inspect h323 h225 inspect h323 ras inspect ip-options inspect netbios inspect rsh inspect rtsp inspect skinny inspect esmtp inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp inspect icmp policy-map type inspect dns migrated_dns_map_2 parameters message-length maximum client auto message-length maximum 512 no tcp-inspection ! service-policy global_policy global prompt hostname context no call-home reporting anonymous call-home profile CiscoTAC-1 no active destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address email callhome@cisco.com destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly subscribe-to-alert-group configuration periodic monthly subscribe-to-alert-group telemetry periodic daily profile License destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination transport-method http Cryptochecksum:4de0af6eb3f0e29755db923e3f7814de : end ## MLS_DataCenter ! version 15.1 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption service compress-config ! hostname MLS_DataCenter ! boot-start-marker boot-end-marker ! ! enable secret 4 xqIySJpVSIOPJNE4PbUJtIjwSNDC5TjdegBbMEMxRjc ! username MLS_DataCenter password 7 0023212A260A59555B no aaa new-model clock timezone EET 2 0 ! ip cef ! ! no ip domain-lookup ip domain-name Go.Luis login block-for 120 attempts 3 within 90 no ipv6 cef ipv6 multicast rpf use-bgp ! ! ! ! ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! ! ! ! vlan internal allocation policy ascending ! ip ssh version 2 ! ! ! ! ! ! ! ! ! interface Ethernet0/0 switchport access vlan 50 duplex auto ! interface Ethernet0/1 duplex auto ! interface Ethernet0/2 deion Ligacao Para a ASAV_MainSite no switchport ip address 172.16.250.2 255.255.255.252 duplex auto ! interface Ethernet0/3 switchport access vlan 80 switchport mode access duplex auto ! interface Ethernet1/0 switchport access vlan 80 switchport mode access duplex auto ! interface Ethernet1/1 switchport access vlan 80 switchport mode access duplex auto ! interface Ethernet1/2 switchport access vlan 80 switchport mode access duplex auto ! interface Ethernet1/3 switchport access vlan 80 switchport mode access duplex auto ! interface Ethernet2/0 switchport access vlan 80 switchport mode access duplex auto ! interface Ethernet2/1 switchport access vlan 80 switchport mode access duplex auto ! interface Ethernet2/2 switchport access vlan 80 switchport mode access duplex auto ! interface Ethernet2/3 switchport access vlan 80 switchport mode access duplex auto ! interface Vlan50 deion Ligacao para o Admin_SSH_Client ip address 172.16.50.1 255.255.255.0 ! interface Vlan80 deion Ligacao para os Servidores ip address 172.16.80.1 255.255.255.0 ! router ospf 10 router-id 5.5.5.5 network 10.0.10.0 0.0.0.255 area 0 network 10.0.20.0 0.0.0.255 area 0 network 10.0.30.0 0.0.0.255 area 0 network 10.0.50.0 0.0.0.255 area 0 network 10.0.110.0 0.0.0.255 area 0 network 10.0.250.0 0.0.0.3 area 0 network 10.0.250.4 0.0.0.3 area 0 network 10.0.250.8 0.0.0.3 area 0 network 10.0.250.12 0.0.0.3 area 0 network 172.16.0.0 0.0.0.255 area 0 network 172.16.50.0 0.0.0.255 area 0 network 172.16.200.0 0.0.0.15 area 0 network 172.16.200.16 0.0.0.15 area 0 network 172.16.250.0 0.0.0.3 area 0 network 172.16.0.0 0.0.255.255 area 0 ! ! ip http server ! ip route 172.16.50.0 255.255.255.0 172.16.250.1 ! ! ! ! ! control-plane ! banner motd ^C ___ _ _ _ _ _ | _ \___ __| |_ _ _(_)__| |_ ___ __| | /_\ __ __ ___ ______ | / -_|_-< _| '_| / _| _/ -_) _` | / _ \/ _/ _/ -_|_-<_-< |_|_\___/__/\__|_| |_\__|\__\___\__,_| /_/ \_\__\__\___/__/__/ _ _ _ _ _ /_\ _ _| |_| |_ ___ _ _(_)______ __| | / _ \ || | _| ' \/ _ \ '_| |_ / -_) _` | /_/ \_\_,_|\__|_||_\___/_| |_/__\___\__,_| ___ _ ___ _ _ _ __ __ | _ \___ _ _ ___ ___ _ _ _ _ ___| | / _ \| \| | |\ \ / / | _/ -_) '_(_-</ _ \ ' \| ' \/ -_) | | (_) | .` | |_\ V / |_| \___|_| /__/\___/_||_|_||_\___|_| \___/|_|\_|____|_| ^C ! line con 0 logging synchronous login local line aux 0 line vty 0 4 login local transport input ssh ! end ## R1_MainSite hostname R1_MainSite ! boot-start-marker boot-end-marker ! ! enable secret 5 $1$2qvl$YOTS/xuJQypzou.htGI4d/ ! no aaa new-model ! ! ! bsd-client server url https://cloudsso.cisco.com/as/token.oauth2 clock timezone EET 2 0 mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! no ip domain lookup ip domain name Go.Luis ip cef login block-for 120 attempts 3 within 90 no ipv6 cef ! multilink bundle-name authenticated ! ! ! ! ! ! ! cts logging verbose ! ! username R1_MainSite secret 5 $1$eIZK$c/PyIv.kSLWQKwDe1RUPG1 ! redundancy ! ! ip ssh version 2 ! ! ! ! ! ! ! ! ! ! ! ! ! interface Tunnel1 ip address 10.0.250.18 255.255.255.252 tunnel source 10.0.250.10 tunnel destination 10.0.250.9 ! interface Ethernet0/0 no ip address ! interface Ethernet0/0.10 deion Vlan Dados1 encapsulation dot1Q 10 ip address 10.0.10.2 255.255.255.0 ip helper-address 172.16.80.30 ip helper-address 172.16.80.126 standby version 2 standby 1 ip 10.0.10.1 standby 1 priority 150 standby 1 preempt ! interface Ethernet0/0.20 deion Vlan Dados2 encapsulation dot1Q 20 ip address 10.0.20.2 255.255.255.0 standby version 2 standby 2 ip 10.0.20.1 standby 2 priority 150 standby 2 preempt ! interface Ethernet0/0.50 deion Management encapsulation dot1Q 50 ip address 10.0.50.2 255.255.255.0 standby version 2 standby 5 ip 10.0.50.1 standby 5 priority 150 standby 5 preempt ! interface Ethernet0/1 deion Ligacao para R_MainSite_Extension ip address 10.0.250.10 255.255.255.252 standby 1 track 1 decrement 60 ! interface Ethernet0/2 no ip address ! interface Ethernet0/3 deion Ligacao para ASAv ip address 10.0.250.2 255.255.255.252 standby 1 track 2 decrement 60 ! router ospf 10 router-id 2.2.2.2 network 10.0.10.0 0.0.0.255 area 0 network 10.0.20.0 0.0.0.255 area 0 network 10.0.30.0 0.0.0.255 area 0 network 10.0.50.0 0.0.0.255 area 0 network 10.0.250.0 0.0.0.3 area 0 network 10.0.250.8 0.0.0.3 area 0 network 10.0.250.16 0.0.0.3 area 0 ! ip forward-protocol nd ! ! no ip http server no ip http secure-server ! ! ip sla 1 icmp-echo 10.0.250.9 frequency 300 ip sla schedule 1 life forever start-time now ip sla 2 icmp-echo 10.0.250.1 frequency 300 ip sla schedule 2 life forever start-time now ! ! ! control-plane ! ! ! ! ! ! ! banner motd ^CC ___ _ _ _ _ _ | _ \___ __| |_ _ _(_)__| |_ ___ __| | /_\ __ __ ___ ______ | / -_|_-< _| '_| / _| _/ -_) _` | / _ \/ _/ _/ -_|_-<_-< |_|_\___/__/\__|_| |_\__|\__\___\__,_| /_/ \_\__\__\___/__/__/ _ _ _ _ _ /_\ _ _| |_| |_ ___ _ _(_)______ __| | / _ \ || | _| ' \/ _ \ '_| |_ / -_) _` | /_/ \_\_,_|\__|_||_\___/_| |_/__\___\__,_| ___ _ ___ _ _ _ __ __ | _ \___ _ _ ___ ___ _ _ _ _ ___| | / _ \| \| | |\ \ / / | _/ -_) '_(_-</ _ \ ' \| ' \/ -_) | | (_) | .` | |_\ V / |_| \___|_| /__/\___/_||_|_||_\___|_| \___/|_|\_|____|_| ^C ! line con 0 logging synchronous login local line aux 0 line vty 0 4 login local transport input ssh ! ! end ## R1_MainSite ## R2_MainSite ! version 15.5 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2_MainSite ! boot-start-marker boot-end-marker ! ! enable secret 5 $1$CC0R$x..m0HfzMwfvsdsD7T.f50 ! no aaa new-model ! ! ! bsd-client server url https://cloudsso.cisco.com/as/token.oauth2 clock timezone EET 2 0 mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! no ip domain lookup ip domain name Go.Luis ip cef login block-for 120 attempts 3 within 90 no ipv6 cef ! multilink bundle-name authenticated ! ! ! ! ! ! ! cts logging verbose ! ! username R2_MainSite secret 5 $1$utN0$Eh.jNT.LmtdEez1i9Uoa6/ ! redundancy ! ! ip ssh version 2 ! ! ! ! ! ! ! ! ! ! ! ! ! interface Tunnel2 ip address 10.0.250.22 255.255.255.252 tunnel source 10.0.250.14 tunnel destination 10.0.250.13 ! interface Ethernet0/0 no ip address ! interface Ethernet0/0.10 description Vlan Dados1 encapsulation dot1Q 10 ip address 10.0.10.3 255.255.255.0 standby version 2 standby 1 ip 10.0.10.1 ! interface Ethernet0/0.20 description Vlan Dados2 encapsulation dot1Q 20 ip address 10.0.20.3 255.255.255.0 standby version 2 standby 2 ip 10.0.20.1 ! interface Ethernet0/0.50 description Management encapsulation dot1Q 50 ip address 10.0.50.3 255.255.255.0 standby version 2 standby 5 ip 10.0.50.1 ! interface Ethernet0/1 no ip address shutdown ! interface Ethernet0/2 description Ligacao para R_MainSite_Extension ip address 10.0.250.14 255.255.255.252 ! interface Ethernet0/3 description Ligacao para ASAv ip address 10.0.250.6 255.255.255.252 ! router ospf 10 router-id 3.3.3.3 network 10.0.10.0 0.0.0.255 area 0 network 10.0.20.0 0.0.0.255 area 0 network 10.0.30.0 0.0.0.255 area 0 network 10.0.50.0 0.0.0.255 area 0 network 10.0.250.4 0.0.0.3 area 0 network 10.0.250.12 0.0.0.3 area 0 network 10.0.250.20 0.0.0.3 area 0 ! ip forward-protocol nd ! ! no ip http server no ip http secure-server ! ! ! ! ! control-plane ! ! ! ! ! ! ! banner motd ^CC ___ _ _ _ _ _ | _ \___ __| |_ _ _(_)__| |_ ___ __| | /_\ __ __ ___ ______ | / -_|_-< _| '_| / _| _/ -_) _` | / _ \/ _/ _/ -_|_-<_-< |_|_\___/__/\__|_| |_\__|\__\___\__,_| /_/ \_\__\__\___/__/__/ _ _ _ _ _ /_\ _ _| |_| |_ ___ _ _(_)______ __| | / _ \ || | _| ' \/ _ \ '_| |_ / -_) _` | /_/ \_\_,_|\__|_||_\___/_| |_/__\___\__,_| ___ _ ___ _ _ _ __ __ | _ \___ _ _ ___ ___ _ _ _ _ ___| | / _ \| \| | |\ \ / / | _/ -_) '_(_-</ _ \ ' \| ' \/ -_) | | (_) | .` | |_\ V / |_| \___|_| /__/\___/_||_|_||_\___|_| \___/|_|\_|____|_| ^C ! line con 0 logging synchronous login local line aux 0 line vty 0 4 login local transport input none ! ! end ## R_MainSite_Extension hostname R_MainSite_Extension ! boot-start-marker boot-end-marker ! ! enable secret 5 $1$WumE$JpqF3IPm8T541aewEOyD51 ! no aaa new-model ethernet lmi ce ! ! ! bsd-client server url https://cloudsso.cisco.com/as/token.oauth2 clock timezone EET 2 0 mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! no ip domain lookup ip domain name Go.Luis ip cef login block-for 120 attempts 3 within 90 no ipv6 cef ! multilink bundle-name authenticated ! ! ! ! ! ! ! cts logging verbose ! ! username R_MainSite_Extension secret 5 $1$GTjx$TrFg8B9zqmOaNeFlDE9vM1 ! redundancy ! ! ip ssh version 2 ! ! ! ! ! ! ! ! ! ! ! ! ! interface Tunnel1 ip address 10.0.250.17 255.255.255.252 tunnel source 10.0.250.9 tunnel destination 10.0.250.10 ! interface Tunnel2 ip address 10.0.250.21 255.255.255.252 tunnel source 10.0.250.13 tunnel destination 10.0.250.14 ! interface Ethernet0/0 deion Para o PC_MainSite_Extension ip address 10.0.110.1 255.255.255.0 ip helper-address 172.16.80.30 ! interface Ethernet0/1 deion Ligacao para R1_MainSite ip address 10.0.250.9 255.255.255.252 ! interface Ethernet0/2 deion Ligacao para R2_MainSite ip address 10.0.250.13 255.255.255.252 ! interface Ethernet0/3 no ip address shutdown ! router ospf 10 router-id 4.4.4.4 network 10.0.110.0 0.0.0.255 area 0 network 10.0.250.8 0.0.0.3 area 0 network 10.0.250.12 0.0.0.3 area 0 network 10.0.250.16 0.0.0.3 area 0 network 10.0.250.20 0.0.0.3 area 0 ! ip forward-protocol nd ! ! no ip http server no ip http secure-server ! ! ! ! ! control-plane ! ! ! ! ! ! ! banner motd ^CC ___ _ _ _ _ _ | _ \___ __| |_ _ _(_)__| |_ ___ __| | /_\ __ __ ___ ______ | / -_|_-< _| '_| / _| _/ -_) _` | / _ \/ _/ _/ -_|_-<_-< |_|_\___/__/\__|_| |_\__|\__\___\__,_| /_/ \_\__\__\___/__/__/ _ _ _ _ _ /_\ _ _| |_| |_ ___ _ _(_)______ __| | / _ \ || | _| ' \/ _ \ '_| |_ / -_) _` | /_/ \_\_,_|\__|_||_\___/_| |_/__\___\__,_| ___ _ ___ _ _ _ __ __ | _ \___ _ _ ___ ___ _ _ _ _ ___| | / _ \| \| | |\ \ / / | _/ -_) '_(_-</ _ \ ' \| ' \/ -_) | | (_) | .` | |_\ V / |_| \___|_| /__/\___/_||_|_||_\___|_| \___/|_|\_|____|_| ^C ! line con 0 logging synchronous login local line aux 0 line vty 0 4 login local transport input ssh ! ! end ## S1_MainSite S1_MainSite ! boot-start-marker boot-end-marker ! ! enable secret 4 xqIySJpVSIOPJNE4PbUJtIjwSNDC5TjdegBbMEMxRjc ! username S1_MainSite secret 4 xqIySJpVSIOPJNE4PbUJtIjwSNDC5TjdegBbMEMxRjc no aaa new-model clock timezone EET 2 0 no ip routing ! no ip cef ! ! no ip domain-lookup ip domain-name Go.Luis login block-for 120 attempts 3 within 90 no ipv6 cef ipv6 multicast rpf use-bgp ! ! ! ! ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! ! ! ! vlan internal allocation policy ascending ! ip ssh version 2 ! ! ! ! ! ! ! ! ! interface Port-channel1 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk ! interface Port-channel4 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk ! interface Ethernet0/0 switchport trunk encapsulation dot1q switchport mode trunk duplex auto ! interface Ethernet0/1 shutdown duplex auto ! interface Ethernet0/2 shutdown duplex auto ! interface Ethernet0/3 shutdown duplex auto ! interface Ethernet1/0 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 1 mode active ! interface Ethernet1/1 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 1 mode active ! interface Ethernet1/2 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 4 mode active ! interface Ethernet1/3 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 4 mode active ! interface Vlan50 ip address 10.0.50.100 255.255.255.0 no ip route-cache shutdown ! interface Vlan100 no ip address no ip route-cache shutdown ! ip default-gateway 10.0.50.1 ! ip http server ! ! ! ! ! ! control-plane ! banner motd ^CC ___ _ _ _ _ _ | _ \___ __| |_ _ _(_)__| |_ ___ __| | /_\ __ __ ___ ______ | / -_|_-< _| '_| / _| _/ -_) _` | / _ \/ _/ _/ -_|_-<_-< |_|_\___/__/\__|_| |_\__|\__\___\__,_| /_/ \_\__\__\___/__/__/ _ _ _ _ _ /_\ _ _| |_| |_ ___ _ _(_)______ __| | / _ \ || | _| ' \/ _ \ '_| |_ / -_) _` | /_/ \_\_,_|\__|_||_\___/_| |_/__\___\__,_| ___ _ ___ _ _ _ __ __ | _ \___ _ _ ___ ___ _ _ _ _ ___| | / _ \| \| | |\ \ / / | _/ -_) '_(_-</ _ \ ' \| ' \/ -_) | | (_) | .` | |_\ V / |_| \___|_| /__/\___/_||_|_||_\___|_| \___/|_|\_|____|_| ^C ! line con 0 logging synchronous login local line aux 0 line vty 0 4 login local transport input ssh ! end ## S2_MainSite hostname S2_MainSite ! boot-start-marker boot-end-marker ! ! enable secret 4 xqIySJpVSIOPJNE4PbUJtIjwSNDC5TjdegBbMEMxRjc ! username S2_MainSite secret 4 xqIySJpVSIOPJNE4PbUJtIjwSNDC5TjdegBbMEMxRjc no aaa new-model clock timezone EET 2 0 ! ip cef ! ! no ip domain-lookup ip domain-name Go.Luis login block-for 120 attempts 3 within 90 no ipv6 cef ipv6 multicast rpf use-bgp ! ! ! ! ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! ! ! ! vlan internal allocation policy ascending ! ip ssh version 2 ! ! ! ! ! ! ! ! ! interface Port-channel3 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk ! interface Port-channel4 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk ! interface Ethernet0/0 switchport trunk encapsulation dot1q switchport mode trunk duplex auto ! interface Ethernet0/1 shutdown duplex auto ! interface Ethernet0/2 shutdown duplex auto ! interface Ethernet0/3 shutdown duplex auto ! interface Ethernet1/0 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 3 mode active ! interface Ethernet1/1 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 3 mode active ! interface Ethernet1/2 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 4 mode active ! interface Ethernet1/3 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 4 mode active ! interface Vlan50 ip address 10.0.50.101 255.255.255.0 shutdown ! ip default-gateway 10.0.50.1 ! ip http server ! ! ! ! ! ! control-plane ! banner motd ^CC ___ _ _ _ _ _ | _ \___ __| |_ _ _(_)__| |_ ___ __| | /_\ __ __ ___ ______ | / -_|_-< _| '_| / _| _/ -_) _` | / _ \/ _/ _/ -_|_-<_-< |_|_\___/__/\__|_| |_\__|\__\___\__,_| /_/ \_\__\__\___/__/__/ _ _ _ _ _ /_\ _ _| |_| |_ ___ _ _(_)______ __| | / _ \ || | _| ' \/ _ \ '_| |_ / -_) _` | /_/ \_\_,_|\__|_||_\___/_| |_/__\___\__,_| ___ _ ___ _ _ _ __ __ | _ \___ _ _ ___ ___ _ _ _ _ ___| | / _ \| \| | |\ \ / / | _/ -_) '_(_-</ _ \ ' \| ' \/ -_) | | (_) | .` | |_\ V / |_| \___|_| /__/\___/_||_|_||_\___|_| \___/|_|\_|____|_| ^C ! line con 0 logging synchronous login local line aux 0 line vty 0 4 login local transport input ssh ! end ## S3_MainSite hostname S3_MainSite ! boot-start-marker boot-end-marker ! ! enable secret 4 xqIySJpVSIOPJNE4PbUJtIjwSNDC5TjdegBbMEMxRjc ! username S3_MainSite secret 4 xqIySJpVSIOPJNE4PbUJtIjwSNDC5TjdegBbMEMxRjc no aaa new-model clock timezone EET 2 0 no ip routing ! no ip cef ! ! no ip domain-lookup ip domain-name Go.Luis login block-for 120 attempts 3 within 90 no ipv6 cef ipv6 multicast rpf use-bgp ! ! ! ! ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! ! ! ! vlan internal allocation policy ascending ! ip ssh version 2 ! ! ! ! ! ! ! ! ! interface Port-channel2 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk ! interface Port-channel1 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk ! interface Ethernet0/0 switchport access vlan 10 switchport mode access switchport port-security maximum 5 switchport port-security switchport port-security violation restrict switchport port-security mac-address sticky switchport port-security mac-address sticky 5000.0011.0000 duplex auto ! interface Ethernet0/1 switchport access vlan 100 shutdown duplex auto ! interface Ethernet0/2 switchport access vlan 100 shutdown duplex auto ! interface Ethernet0/3 switchport access vlan 100 shutdown duplex auto ! interface Ethernet1/0 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 1 mode active ! interface Ethernet1/1 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 1 mode active ! interface Ethernet1/2 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 2 mode active ! interface Ethernet1/3 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 2 mode active ! interface Vlan10 no ip address no ip route-cache shutdown ! interface Vlan30 no ip address no ip route-cache shutdown ! interface Vlan50 ip address 10.0.50.102 255.255.255.0 no ip route-cache ! interface Vlan100 no ip address no ip route-cache shutdown ! ip default-gateway 10.0.50.1 ! ip http server ! ! ! ! ! ! control-plane ! banner motd ^CCC ___ _ _ _ _ _ | _ \___ __| |_ _ _(_)__| |_ ___ __| | /_\ __ __ ___ ______ | / -_|_-< _| '_| / _| _/ -_) _` | / _ \/ _/ _/ -_|_-<_-< |_|_\___/__/\__|_| |_\__|\__\___\__,_| /_/ \_\__\__\___/__/__/ _ _ _ _ _ /_\ _ _| |_| |_ ___ _ _(_)______ __| | / _ \ || | _| ' \/ _ \ '_| |_ / -_) _` | /_/ \_\_,_|\__|_||_\___/_| |_/__\___\__,_| ___ _ ___ _ _ _ __ __ | _ \___ _ _ ___ ___ _ _ _ _ ___| | / _ \| \| | |\ \ / / | _/ -_) '_(_-</ _ \ ' \| ' \/ -_) | | (_) | .` | |_\ V / |_| \___|_| /__/\___/_||_|_||_\___|_| \___/|_|\_|____|_| ^C ! line con 0 logging synchronous login local line aux 0 line vty 0 4 login local transport input ssh ! end ## S4_MainSite hostname S4_MainSite ! boot-start-marker boot-end-marker ! ! enable secret 4 xqIySJpVSIOPJNE4PbUJtIjwSNDC5TjdegBbMEMxRjc ! username S4_MainSite secret 4 xqIySJpVSIOPJNE4PbUJtIjwSNDC5TjdegBbMEMxRjc no aaa new-model clock timezone EET 2 0 ! ip cef ! ! no ip domain-lookup ip domain-name Go.Luis login block-for 120 attempts 3 within 90 no ipv6 cef ipv6 multicast rpf use-bgp ! ! ! ! ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! ! ! ! vlan internal allocation policy ascending ! ip ssh version 2 ! ! ! ! ! ! ! ! ! interface Port-channel3 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk ! interface Port-channel2 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk ! interface Ethernet0/0 switchport access vlan 20 switchport mode access switchport port-security maximum 5 switchport port-security switchport port-security violation restrict switchport port-security mac-address sticky switchport port-security mac-address sticky 0050.7966.6812 duplex auto ! interface Ethernet0/1 switchport access vlan 10 switchport trunk encapsulation dot1q switchport mode trunk shutdown duplex auto ! interface Ethernet0/2 shutdown duplex auto ! interface Ethernet0/3 shutdown duplex auto ! interface Ethernet1/0 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 3 mode active ! interface Ethernet1/1 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 3 mode active ! interface Ethernet1/2 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 2 mode active ! interface Ethernet1/3 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50 switchport mode trunk duplex auto channel-group 2 mode active ! interface Vlan10 no ip address shutdown ! interface Vlan20 no ip address shutdown ! interface Vlan30 no ip address shutdown ! interface Vlan50 ip address 10.0.50.103 255.255.255.0 shutdown ! interface Vlan100 no ip address shutdown ! ip default-gateway 10.0.50.1 ! ip http server ! ! ! ! ! ! control-plane ! banner motd ^CC ___ _ _ _ _ _ | _ \___ __| |_ _ _(_)__| |_ ___ __| | /_\ __ __ ___ ______ | / -_|_-< _| '_| / _| _/ -_) _` | / _ \/ _/ _/ -_|_-<_-< |_|_\___/__/\__|_| |_\__|\__\___\__,_| /_/ \_\__\__\___/__/__/ _ _ _ _ _ /_\ _ _| |_| |_ ___ _ _(_)______ __| | / _ \ || | _| ' \/ _ \ '_| |_ / -_) _` | /_/ \_\_,_|\__|_||_\___/_| |_/__\___\__,_| ___ _ ___ _ _ _ __ __ | _ \___ _ _ ___ ___ _ _ _ _ ___| | / _ \| \| | |\ \ / / | _/ -_) '_(_-</ _ \ ' \| ' \/ -_) | | (_) | .` | |_\ V / |_| \___|_| /__/\___/_||_|_||_\___|_| \___/|_|\_|____|_| ^C ! line con 0 logging synchronous login local line aux 0 line vty 0 4 login local transport input ssh ! end ## R_Branch version 15.5 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R_Branch ! boot-start-marker boot-end-marker ! ! enable secret 5 $1$xfHh$.HnKL9XDM6.hCjtHBJ4sG0 ! no aaa new-model ! ! ! bsd-client server url https://cloudsso.cisco.com/as/token.oauth2 clock timezone EET 2 0 mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ip dhcp excluded-address 192.168.10.1 192.168.10.99 ip dhcp excluded-address 192.168.30.1 192.168.30.99 ! ip dhcp pool Voice network 192.168.30.0 255.255.255.0 option 150 ip 192.168.30.1 default-router 192.168.30.1 ! ip dhcp pool dados1 network 192.168.10.0 255.255.255.0 default-router 192.168.10.1 dns-server 172.16.80.30 172.16.80.126 domain-name GoLuis.atec option 150 ip 192.168.30.1 lease 0 4 30 ! ! ! no ip domain lookup ip domain name GoLuis.atec ip cef login block-for 120 attempts 3 within 90 no ipv6 cef ! multilink bundle-name authenticated ! ! ! ! voice service voip allow-connections sip to sip sip bind control source-interface Loopback30 bind media source-interface Loopback30 registrar server expires max 600 min 600 ! voice class codec 1 codec preference 1 g711alaw ! ! ! ! voice register global mode cme source-address 192.168.255.1 port 5060 max-dn 1 max-pool 1 time-format 24 date-format D/M/Y user-locale PT ! voice register dn 1 number 202 name gopaldas label gopaldas ! voice register pool 1 id mac 5000.0001.0000 number 1 dn 1 username 202 password 202 codec g711alaw ! ! ! cts logging verbose ! ! username R_Branch privilege 15 password 0 GRLB1234 ! redundancy ! ! ip ssh version 2 ! ! ! ! ! crypto isakmp policy 10 encr 3des authentication pre-share group 2 crypto isakmp key GRLB1234 address 189.15.10.2 ! ! crypto ipsec transform-set ESP-TUNNEL esp-3des esp-sha-hmac mode tunnel ! ! ! crypto map RT_Branch-ASAV 10 ipsec-isakmp set peer 189.15.10.2 set security-association lifetime seconds 86400 set transform-set ESP-TUNNEL match address VPN-ACL ! ! ! ! ! interface Loopback30 deion LoopBack do VOIP ip address 192.168.255.1 255.255.255.255 ! interface Ethernet0/0 no ip address ! interface Ethernet0/0.10 deion Gateway da Vlan Dados encapsulation dot1Q 10 ip address 192.168.10.1 255.255.255.0 ! interface Ethernet0/0.30 deion Gateway da Vlan VOIP encapsulation dot1Q 30 ip address 192.168.30.1 255.255.255.0 ! interface Ethernet0/0.50 encapsulation dot1Q 50 ip address 192.168.50.1 255.255.255.0 ! interface Ethernet0/0.80 encapsulation dot1Q 80 ip address 192.168.80.1 255.255.255.0 ! interface Ethernet0/1 deion Ligacao a INTERNET ip address 189.15.11.2 255.255.255.252 crypto map RT_Branch-ASAV ! interface Ethernet0/2 no ip address shutdown ! interface Ethernet0/3 no ip address shutdown ! ip forward-protocol nd ! ! no ip http server no ip http secure-server ip route 0.0.0.0 0.0.0.0 189.15.11.1 ! ip access-list extended VPN-ACL remark Link to the ASA permit ip 192.168.0.0 0.0.255.255 172.16.0.0 0.0.255.255 permit ip 192.168.0.0 0.0.255.255 10.0.0.0 0.0.255.255 ! ! ! ! control-plane ! ! ! ! ! ! dial-peer voice 1 voip deion **Incoming Call from SIP Trunk** session protocol sipv2 voice-class codec 1 dtmf-relay rtp-nte ! dial-peer voice 2 voip deion **Outgoing Call to SIP Trunk** destination-pattern 1.. session protocol sipv2 session target ipv4:172.16.80.222 voice-class codec 1 dtmf-relay rtp-nte ! ! banner motd ^CCC ___ _ _ _ _ _ | _ \___ __| |_ _ _(_)__| |_ ___ __| | /_\ __ __ ___ ______ | / -_|_-< _| '_| / _| _/ -_) _` | / _ \/ _/ _/ -_|_-<_-< |_|_\___/__/\__|_| |_\__|\__\___\__,_| /_/ \_\__\__\___/__/__/ _ _ _ _ _ /_\ _ _| |_| |_ ___ _ _(_)______ __| | / _ \ || | _| ' \/ _ \ '_| |_ / -_) _` | /_/ \_\_,_|\__|_||_\___/_| |_/__\___\__,_| ___ _ ___ _ _ _ __ __ | _ \___ _ _ ___ ___ _ _ _ _ ___| | / _ \| \| | |\ \ / / | _/ -_) '_(_-</ _ \ ' \| ' \/ -_) | | (_) | .` | |_\ V / |_| \___|_| /__/\___/_||_|_||_\___|_| \___/|_|\_|____|_| ^C ! line con 0 logging synchronous login local line aux 0 line vty 0 4 login local transport input ssh ! ! end ## S1_Branch ! version 15.1 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption service compress-config ! hostname S1_Branch ! boot-start-marker boot-end-marker ! ! enable secret 4 xqIySJpVSIOPJNE4PbUJtIjwSNDC5TjdegBbMEMxRjc ! username S1_Branch privilege 15 password 0 GRLB1234 no aaa new-model clock timezone EET 2 0 no ip routing ! no ip cef ! ! no ip domain-lookup ip domain-name Go.Luis login block-for 120 attempts 3 within 90 no ipv6 cef ipv6 multicast rpf use-bgp ! ! ! ! ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! ! ! ! vlan internal allocation policy ascending ! ip ssh version 2 ! ! ! ! ! ! ! ! ! interface Port-channel2 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk ! interface Port-channel1 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk ! interface Ethernet0/0 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto ! interface Ethernet0/1 switchport access vlan 80 switchport trunk encapsulation dot1q switchport mode access switchport port-security maximum 5 switchport port-security switchport port-security violation restrict switchport port-security mac-address sticky switchport port-security mac-address sticky 5000.0017.0000 duplex auto ! interface Ethernet0/2 switchport trunk encapsulation dot1q switchport mode trunk duplex auto ! interface Ethernet0/3 switchport trunk encapsulation dot1q switchport mode trunk duplex auto ! interface Ethernet1/0 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto channel-group 1 mode on ! interface Ethernet1/1 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto channel-group 1 mode on ! interface Ethernet1/2 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto channel-group 2 mode on ! interface Ethernet1/3 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto channel-group 2 mode on ! interface Vlan10 no ip address no ip route-cache ! interface Vlan20 no ip address no ip route-cache ! interface Vlan30 no ip address no ip route-cache ! interface Vlan50 ip address 192.168.50.100 255.255.255.0 no ip route-cache ! interface Vlan80 no ip address no ip route-cache shutdown ! interface Vlan100 no ip address no ip route-cache ! ip default-gateway 192.168.50.1 ! ip http server ! ! ! ! ! ! control-plane ! banner motd ^CC ___ _ _ _ _ _ | _ \___ __| |_ _ _(_)__| |_ ___ __| | /_\ __ __ ___ ______ | / -_|_-< _| '_| / _| _/ -_) _` | / _ \/ _/ _/ -_|_-<_-< |_|_\___/__/\__|_| |_\__|\__\___\__,_| /_/ \_\__\__\___/__/__/ _ _ _ _ _ /_\ _ _| |_| |_ ___ _ _(_)______ __| | / _ \ || | _| ' \/ _ \ '_| |_ / -_) _` | /_/ \_\_,_|\__|_||_\___/_| |_/__\___\__,_| ___ _ ___ _ _ _ __ __ | _ \___ _ _ ___ ___ _ _ _ _ ___| | / _ \| \| | |\ \ / / | _/ -_) '_(_-</ _ \ ' \| ' \/ -_) | | (_) | .` | |_\ V / |_| \___|_| /__/\___/_||_|_||_\___|_| \___/|_|\_|____|_| ^C ! line con 0 logging synchronous login local line aux 0 line vty 0 4 login local transport input ssh ! end ## S2_Branch version 15.1 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption service compress-config ! hostname S2_Branch ! boot-start-marker boot-end-marker ! ! enable secret 4 xqIySJpVSIOPJNE4PbUJtIjwSNDC5TjdegBbMEMxRjc ! username S2_Branch privilege 15 password 0 GRLB1234 no aaa new-model clock timezone EET 2 0 no ip routing ! no ip cef ! ! no ip domain-lookup ip domain-name Go.Luis login block-for 120 attempts 3 within 90 no ipv6 cef ipv6 multicast rpf use-bgp ! ! ! ! ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! ! ! ! vlan internal allocation policy ascending ! ip ssh version 2 ! ! ! ! ! ! ! ! ! interface Port-channel3 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk ! interface Port-channel1 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk ! interface Ethernet0/0 switchport access vlan 10 switchport mode access switchport voice vlan 30 switchport port-security maximum 5 switchport port-security switchport port-security violation restrict switchport port-security mac-address sticky switchport port-security mac-address sticky 5000.0001.0000 switchport port-security mac-address sticky 5001.0001.0000 duplex auto ! interface Ethernet0/1 duplex auto ! interface Ethernet0/2 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto channel-group 3 mode on ! interface Ethernet0/3 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto channel-group 3 mode on ! interface Ethernet1/0 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto channel-group 1 mode on ! interface Ethernet1/1 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto channel-group 1 mode on ! interface Ethernet1/2 duplex auto ! interface Ethernet1/3 duplex auto ! interface Vlan10 no ip address no ip route-cache ! interface Vlan20 no ip address no ip route-cache shutdown ! interface Vlan30 no ip address no ip route-cache shutdown ! interface Vlan50 ip address 192.168.50.101 255.255.255.0 no ip route-cache ! interface Vlan80 no ip address no ip route-cache shutdown ! interface Vlan100 no ip address no ip route-cache shutdown ! ip default-gateway 192.168.50.1 ! ip http server ! ! ! ! ! ! control-plane ! banner motd ^CC ___ _ _ _ _ _ | _ \___ __| |_ _ _(_)__| |_ ___ __| | /_\ __ __ ___ ______ | / -_|_-< _| '_| / _| _/ -_) _` | / _ \/ _/ _/ -_|_-<_-< |_|_\___/__/\__|_| |_\__|\__\___\__,_| /_/ \_\__\__\___/__/__/ _ _ _ _ _ /_\ _ _| |_| |_ ___ _ _(_)______ __| | / _ \ || | _| ' \/ _ \ '_| |_ / -_) _` | /_/ \_\_,_|\__|_||_\___/_| |_/__\___\__,_| ___ _ ___ _ _ _ __ __ | _ \___ _ _ ___ ___ _ _ _ _ ___| | / _ \| \| | |\ \ / / | _/ -_) '_(_-</ _ \ ' \| ' \/ -_) | | (_) | .` | |_\ V / |_| \___|_| /__/\___/_||_|_||_\___|_| \___/|_|\_|____|_| ^C ! line con 0 logging synchronous login local line aux 0 line vty 0 4 login local transport input ssh ! end ## S3_Branch ! version 15.1 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption service compress-config ! hostname S3_Branch ! boot-start-marker boot-end-marker ! ! enable secret 4 xqIySJpVSIOPJNE4PbUJtIjwSNDC5TjdegBbMEMxRjc ! username S3_Branch privilege 15 password 0 GRLB1234 no aaa new-model clock timezone EET 2 0 no ip routing ! no ip cef ! ! no ip domain-lookup ip domain-name Go.Luis login block-for 120 attempts 3 within 90 no ipv6 cef ipv6 multicast rpf use-bgp ! ! ! ! ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! ! ! ! vlan internal allocation policy ascending ! ip ssh version 2 ! ! ! ! ! ! ! ! ! interface Port-channel2 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk ! interface Port-channel3 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk ! interface Ethernet0/0 duplex auto ! interface Ethernet0/1 duplex auto ! interface Ethernet0/2 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto channel-group 3 mode on ! interface Ethernet0/3 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto channel-group 3 mode on ! interface Ethernet1/0 duplex auto ! interface Ethernet1/1 duplex auto ! interface Ethernet1/2 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto channel-group 2 mode on ! interface Ethernet1/3 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,30,50,80 switchport mode trunk duplex auto channel-group 2 mode on ! interface Vlan50 ip address 192.168.50.102 255.255.255.0 ! ip default-gateway 192.168.50.1 ! ip http server ! ! ! ! ! ! control-plane ! banner motd ^CC ___ _ _ _ _ _ | _ \___ __| |_ _ _(_)__| |_ ___ __| | /_\ __ __ ___ ______ | / -_|_-< _| '_| / _| _/ -_) _` | / _ \/ _/ _/ -_|_-<_-< |_|_\___/__/\__|_| |_\__|\__\___\__,_| /_/ \_\__\__\___/__/__/ _ _ _ _ _ /_\ _ _| |_| |_ ___ _ _(_)______ __| | / _ \ || | _| ' \/ _ \ '_| |_ / -_) _` | /_/ \_\_,_|\__|_||_\___/_| |_/__\___\__,_| ___ _ ___ _ _ _ __ __ | _ \___ _ _ ___ ___ _ _ _ _ ___| | / _ \| \| | |\ \ / / | _/ -_) '_(_-</ _ \ ' \| ' \/ -_) | | (_) | .` | |_\ V / |_| \___|_| /__/\___/_||_|_||_\___|_| \___/|_|\_|____|_| ^C ! line con 0 logging synchronous login local line aux 0 line vty 0 4 login local transport input ssh ! end
Last changed by  
Gopaldas Couto Rajani
83

Read more

Configuração Retirada dos Aparelhos

10/21/2019
Economia 2.0

10/16/2019
Copia dos Equipamentos fisicos (Trabalho de Redes 2.0)

9/17/2019
Ficha 1

7/29/2019
Read more from Gopaldas Couto Rajani
Published on HackMD