! ! NVRAM config last updated at 00:07:40 GMT+3 Tue Nov 15 2005 by cisco ! version 12.3 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname cisco ! boot-start-marker boot-end-marker ! memory-size iomem 5 security authentication failure rate 3 log logging userinfo enable secret 5 ************************* ! username maddog privilege 15 secret 5 ******************************** clock timezone GMT+3 3 aaa new-model ! ! aaa authentication login userauthen local aaa authorization network groupauthor local aaa session-id common ip subnet-zero no ip source-route ! ! ip dhcp excluded-address 10.10.10.1 ! ip dhcp pool CLIENT import all network 10.10.10.0 255.255.255.0 default-router 10.10.10.1 dns-server 192.117.175.211 lease 0 2 ! ! ip cef no ip domain lookup ip domain name interhost.co.il ip name-server 192.116.202.222 ip name-server 213.8.172.83 no ip bootp server ip inspect log drop-pkt ip inspect tcp idle-time 604800 ip inspect name myfw ftp timeout 3600 ip inspect name myfw rcmd timeout 3600 ip inspect name myfw realaudio timeout 3600 ip inspect name myfw tftp timeout 30 ip inspect name myfw udp timeout 15 ip inspect name myfw cuseeme timeout 3600 ip inspect name myfw h323 timeout 3600 ip ips notify SDEE ip ips po max-events 100 login block-for 300 attempts 5 within 300 no ftp-server write-enable ! ! ! ! interface Null0 no ip unreachables ! interface Loopback0 no ip address no ip proxy-arp ip route-cache flow ! interface Ethernet0 description $FW_INSIDE$ ip address 10.10.10.1 255.255.255.0 secondary ip address 192.117.XXX.XXX 255.255.255.248 no ip proxy-arp ip mtu 1492 ip virtual-reassembly ip route-cache flow ip tcp adjust-mss 1452 priority-group 1 no cdp enable ! interface ATM0 no ip address no ip proxy-arp ip route-cache flow logging event atm pvc state logging event atm pvc autoppp atm vc-per-vp 64 no atm ilmi-keepalive dsl operating-mode auto dsl enable-training-log pvc 8/48 pppoe-client dial-pool-number 1 ! ! interface FastEthernet1 no ip address duplex auto speed auto ! interface FastEthernet2 no ip address duplex auto speed auto ! interface FastEthernet3 no ip address duplex auto speed auto ! interface FastEthernet4 no ip address duplex auto speed auto ! interface Virtual-Template1 no ip address ! interface Virtual-Template2 no ip address ! interface Dialer0 bandwidth 8192 no ip address shutdown no cdp enable ! interface Dialer1 description $FW_OUTSIDE$ ip unnumbered Ethernet0 no ip proxy-arp ip mtu 1492 ip inspect myfw out ip virtual-reassembly encapsulation ppp ip route-cache flow ip tcp adjust-mss 1452 dialer pool 1 dialer remote-name redback dialer-group 1 priority-group 1 ppp authentication pap chap callin ppp chap hostname user@DOmain ppp chap password 7 *********************** ppp pap sent-username d1m4@IInzahav password 7 ******************** ppp ipcp dns request ppp ipcp wins request crypto map SDM_CMAP_1 ! ip local pool ippool 10.10.10.100 10.10.10.200 no ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 ! ip http server ip http access-class 23 ip http authentication local ip http secure-server ip http timeout-policy idle 600 life 86400 requests 10000 ! ip nat log translations syslog ip nat translation timeout 100 ip nat translation tcp-timeout 100 ip nat translation udp-timeout 100 ip nat translation finrst-timeout 300 ip nat translation syn-timeout 100 ip nat translation dns-timeout 300 ip nat translation icmp-timeout 120 ip nat translation max-entries 200 ip nat inside source list 23 pool ovrld overload ! ! logging trap debugging logging 10.10.10.3 access-list 7 permit 10.10.10.0 0.0.0.255 access-list 23 permit 10.10.10.0 0.0.0.255 access-list 98 permit 10.10.10.0 0.0.0.255 access-list 100 permit ip 10.10.10.0 0.0.0.255 any access-list 111 permit icmp any any administratively-prohibited access-list 111 permit icmp any any echo access-list 111 permit icmp any any echo-reply access-list 111 permit icmp any any packet-too-big access-list 111 permit icmp any any time-exceeded access-list 111 permit icmp any any traceroute access-list 111 permit icmp any any unreachable access-list 111 permit udp any eq bootps any eq bootpc access-list 111 permit udp any eq bootps any eq bootps access-list 111 permit udp any eq domain any access-list 111 permit esp any any access-list 111 permit udp any any eq isakmp access-list 111 permit udp any any eq 10000 access-list 111 permit tcp any any eq 1723 access-list 111 permit tcp any any eq 139 access-list 111 permit udp any any eq netbios-ns access-list 111 permit udp any any eq netbios-dgm access-list 111 permit gre any any access-list 111 deny ip any any access-list 138 remark natrule access-list 138 remark SDM_ACL Category=2 access-list 138 permit ip any any dialer-list 1 protocol ip permit priority-list 1 protocol ip low tcp smtp priority-list 1 protocol ip low tcp pop3 priority-list 1 protocol ip medium tcp irc priority-list 1 protocol ip medium tcp 6667 priority-list 1 protocol ip high tcp 22 priority-list 1 protocol ip high tcp www priority-list 1 protocol ip low tcp 5668 priority-list 1 protocol ip medium tcp telnet priority-list 1 protocol ip high tcp ftp priority-list 1 protocol ip low tcp 5190 priority-list 1 protocol ip high tcp 443 priority-list 1 protocol ip low udp snmp priority-list 1 protocol ip high tcp 554 priority-list 1 protocol ip low tcp 5050 priority-list 1 protocol ip low tcp 5222 priority-list 1 protocol ip low tcp 1863 priority-list 1 protocol ip high udp 5060 priority-list 1 protocol ip medium udp 5693 snmp-server community public RO 98 snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart snmp-server enable traps vrrp snmp-server enable traps tty snmp-server enable traps bgp snmp-server enable traps ospf state-change snmp-server enable traps ospf errors snmp-server enable traps ospf retransmit snmp-server enable traps ospf lsa snmp-server enable traps ospf cisco-specific state-change snmp-server enable traps ospf cisco-specific errors snmp-server enable traps ospf cisco-specific retransmit snmp-server enable traps ospf cisco-specific lsa snmp-server enable traps flash insertion removal snmp-server enable traps pppoe snmp-server enable traps l2tun session snmp-server enable traps rtr snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message snmp-server enable traps ipmulticast snmp-server enable traps msdp snmp-server enable traps atm subif snmp-server enable traps entity snmp-server enable traps syslog snmp-server enable traps cpu threshold snmp-server enable traps isakmp policy add snmp-server enable traps isakmp policy delete snmp-server enable traps isakmp tunnel start snmp-server enable traps isakmp tunnel stop snmp-server enable traps ipsec cryptomap add snmp-server enable traps ipsec cryptomap delete snmp-server enable traps ipsec cryptomap attach snmp-server enable traps ipsec cryptomap detach snmp-server enable traps ipsec tunnel start snmp-server enable traps ipsec tunnel stop snmp-server enable traps ipsec too-many-sas snmp-server enable traps rsvp snmp-server enable traps config snmp-server enable traps config-copy no cdp run ! ! control-plane ! banner incoming Ccisco.efnet.co.il banner login ############################################# Authority of HiLLz/efNET - ^MadDog^ Welcome to cisco.efnet.co.il If you are not authorized/confirmed - FIN now! ############################################# Unauthorized use of this system is unlawful, and may be subject to civil and/or criminal penalties. Any use of the system is logged & monitored, and the resulting logs may be used as evidence in court! ! line con 0 no modem enable transport preferred all transport output telnet stopbits 1 speed 115200 line aux 0 access-class 23 in length 0 transport preferred all transport input telnet ssh transport output telnet line vty 0 4 access-class 23 in length 0 transport preferred all transport input telnet ssh transport output all ! scheduler max-task-time 5000 scheduler interval 500 ntp clock-period 17180034 ntp peer 192.116.202.203