| | | | Hi everyone
Brand new, as you can see from my infancy q coming...
I am having difficulty connecting to proctor with my configs below. It usually drops me after a minute or so. But when it actually stays up, my laptop web connection is extremely slow.
I also had to remove access group from f0/0. It was not allowing pings.
Any assistance and suggestions will be very appreciated
tks Nick
**2621XM**
!
version 12.4
service timestamps debug datetime
service timestamps log datetime
service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
logging buffered 512000 informational
enable secret 5 $1$VWgI$P3thrL8UufzY/er2wYJ4H1
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.11.1 192.168.11.10
ip dhcp excluded-address 192.168.12.1 192.168.12.10
ip dhcp excluded-address 192.168.13.1 192.168.13.10
ip dhcp excluded-address 192.168.14.1 192.168.14.10
!
ip dhcp pool HQ-BR1-Pool
import all
network 192.168.11.0 255.255.255.0
option 150 ip 10.10.210.10
default-router 192.168.11.1
domain-name proctorlabs.com
dns-server 8.8.4.4
8.8.8.8
lease 8
!
ip dhcp pool BR2-Pool
import all
network 192.168.12.0 255.255.255.0
option 150 ip 10.10.202.1
default-router 192.168.12.1
domain-name proctorlabs.com
dns-server 8.8.4.4 8.8.8.8
lease 8
!
ip dhcp pool PSTN-Pool
import all
network 192.168.13.0 255.255.255.0
option 150 ip 10.10.100.2
default-router 192.168.13.1
domain-name proctorlabs.com
dns-server 8.8.4.4 8.8.8.8
lease 8
!
ip dhcp pool Laptop-Pool
import all
network 192.168.14.0 255.255.255.0
default-router 192.168.14.1
dns-server 8.8.4.4 8.8.8.8
domain-name proctorlabs.com
lease 8
!
!
ip domain name proctorlabs.home
ip inspect
name CBAC-FW tcp timeout 3600
ip inspect name CBAC-FW udp timeout 3600
ip inspect name CBAC-FW http java-list 1 timeout 3600
ip inspect name CBAC-FW https timeout 3600
ip inspect name CBAC-FW icmp
ip inspect name CBAC-FW ddns-v3
ip inspect name CBAC-FW smtp
ip inspect name CBAC-FW pop3
ip inspect name CBAC-FW pop3s
ip inspect name CBAC-FW imap
ip inspect name CBAC-FW ftps
ip inspect name CBAC-FW ntp
ip inspect name CBAC-FW ftp timeout 3600
!
multilink bundle-name authenticated
!
!
username proctorlabs privilege 15 password 7 1047191C1D071719180C252621
archive
log config
hidekeys
!
!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
!
!
crypto ipsec client ezvpn Voice-vRack
connect manual
group vpodgroup key proctorvoice
mode network-plus
peer 74.126.20.247
xauth userid mode
interactive
!
!
interface Loopback0
ip address 10.10.100.15 255.255.255.255
!
interface FastEthernet0/0
description (Outside Public Interface)
ip address dhcp
no ip unreachables
ip mtu 1300
ip nat outside
ip inspect CBAC-FW out
ip virtual-reassembly
duplex auto
speed auto
no cdp enable
crypto ipsec client ezvpn Voice-vRack
!
interface FastEthernet0/1
no ip address
speed 100
full-duplex
!
interface FastEthernet0/1.11
description (Inside Private Interface)
encapsulation dot1Q 11
ip address 192.168.11.1 255.255.255.0
ip nat inside
ip virtual-reassembly
crypto ipsec client ezvpn Voice-vRack inside
!
interface FastEthernet0/1.12
description (Inside Private Interface)
encapsulation dot1Q 12
ip address 192.168.12.1
255.255.255.0
ip nat inside
ip virtual-reassembly
crypto ipsec client ezvpn Voice-vRack inside
!
interface FastEthernet0/1.13
description (Inside Private Interface)
encapsulation dot1Q 13
ip address 192.168.13.1 255.255.255.0
ip nat inside
ip virtual-reassembly
crypto ipsec client ezvpn Voice-vRack inside
!
interface FastEthernet0/1.14
description (Inside Private Interface)
encapsulation dot1Q 14 native
ip address 192.168.14.1 255.255.255.0
ip nat inside
ip virtual-reassembly
crypto ipsec client ezvpn Voice-vRack inside
!
interface Virtual-Template1 type tunnel
ip unnumbered Loopback0
tunnel mode ipsec ipv4
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 dhcp
!
!
no ip http server
no ip http secure-server
ip nat inside source list 101 interface FastEthernet0/0
overload
!
ip access-list extended FW-IN
permit udp any any eq bootpc
deny ip 10.0.0.0 0.255.255.255 any log
deny ip 172.16.0.0 0.15.255.255 any log
deny ip 192.168.0.0 0.0.255.255 any log
deny ip 224.0.0.0 15.255.255.255 any log
deny ip host 0.0.0.0 any log
deny ip host 255.255.255.255 any log
deny ip 169.254.0.0 0.0.255.255 any log
deny ip 127.0.0.0 0.255.255.255 any log
permit esp host 74.126.20.247 any
permit esp host 12.159.40.185 any
permit udp host 74.126.20.247 any eq isakmp
permit udp host 12.159.40.185 any eq isakmp
permit udp host 74.126.20.247 any eq non500-isakmp
permit udp host 12.159.40.185 any eq non500-isakmp
deny ip any any log
!
access-list 101 deny ip 192.168.0.0
0.0.255.255 10.10.0.0 0.0.255.255
access-list 101 permit ip 192.168.0.0 0.0.255.255 any
!
end
**3560**
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
system mtu routing 1500
no ip domain-lookup
!
!
!
!
crypto pki trustpoint TP-self-signed-874562048
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-874562048
revocation-check none
rsakeypair TP-self-signed-874562048
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
interface FastEthernet0/1
description ** HQ Phone 3 Port **
switchport access vlan 14
switchport mode access
switchport voice vlan 11
spanning-tree portfast
!
interface FastEthernet0/2
description ** BR1
Phone 3 Port **
switchport access vlan 14
switchport mode access
switchport voice vlan 11
spanning-tree portfast
!
interface FastEthernet0/3
description ** BR2 Phone 3 Port **
switchport access vlan 14
switchport mode access
switchport voice vlan 12
spanning-tree portfast
!
interface FastEthernet0/4
description ** BR2 Phone 4 Port **
switchport access vlan 14
switchport mode access
switchport voice vlan 12
spanning-tree portfast
!
interface FastEthernet0/5
description ** PSTN Phone Port **
switchport access vlan 14
switchport mode access
switchport voice vlan 13
spanning-tree portfast
!
interface FastEthernet0/6
description ** Your Laptop Port **
switchport access vlan 14
switchport mode access
speed 100
duplex
full
spanning-tree portfast
!
interface FastEthernet0/7
description ** To-Router-Fa0/1 **
switchport trunk encapsulation dot1q
switchport trunk native vlan 14
switchport mode trunk
speed 100
duplex full
spanning-tree portfast trunk
!
!
interface Vlan1
no ip address
no ip route-cache
!
interface Vlan14
ip address 192.168.14.2 255.255.255.0
!
ip default-gateway 192.168.14.1
ip classless
ip http server
ip http secure-server
!
!
ip sla enable reaction-alerts
!
!
end
| | |
| |
|
| |
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
