| | Hi everyone
Brand new, as you can see from my infancy q coming...
I am having difficulty connecting to proctor with my configs below. It usually drops me after a minute or so. But when it actually stays up, my laptop web connection is extremely slow.
I also had to remove access group from f0/0. It was not allowing pings.
Any assistance and suggestions will be very appreciated
tks Nick
**2621XM**
! version 12.4 service timestamps debug datetime service timestamps log datetime service password-encryption ! hostname router ! boot-start-marker boot-end-marker ! logging buffered 512000 informational enable secret 5 $1$VWgI$P3thrL8UufzY/er2wYJ4H1 ! no aaa new-model no network-clock-participate slot 1 no network-clock-participate wic 0 ip cef ! ! no ip dhcp use vrf connected ip dhcp excluded-address 192.168.11.1 192.168.11.10 ip dhcp excluded-address 192.168.12.1 192.168.12.10 ip dhcp excluded-address 192.168.13.1 192.168.13.10 ip dhcp excluded-address 192.168.14.1 192.168.14.10 ! ip dhcp pool HQ-BR1-Pool import all network 192.168.11.0 255.255.255.0 option 150 ip 10.10.210.10 default-router 192.168.11.1 domain-name proctorlabs.com dns-server 8.8.4.4
8.8.8.8 lease 8 ! ip dhcp pool BR2-Pool import all network 192.168.12.0 255.255.255.0 option 150 ip 10.10.202.1 default-router 192.168.12.1 domain-name proctorlabs.com dns-server 8.8.4.4 8.8.8.8 lease 8 ! ip dhcp pool PSTN-Pool import all network 192.168.13.0 255.255.255.0 option 150 ip 10.10.100.2 default-router 192.168.13.1 domain-name proctorlabs.com dns-server 8.8.4.4 8.8.8.8 lease 8 ! ip dhcp pool Laptop-Pool import all network 192.168.14.0 255.255.255.0 default-router 192.168.14.1 dns-server 8.8.4.4 8.8.8.8 domain-name proctorlabs.com lease 8 ! ! ip domain name proctorlabs.home ip inspect
name CBAC-FW tcp timeout 3600 ip inspect name CBAC-FW udp timeout 3600 ip inspect name CBAC-FW http java-list 1 timeout 3600 ip inspect name CBAC-FW https timeout 3600 ip inspect name CBAC-FW icmp ip inspect name CBAC-FW ddns-v3 ip inspect name CBAC-FW smtp ip inspect name CBAC-FW pop3 ip inspect name CBAC-FW pop3s ip inspect name CBAC-FW imap ip inspect name CBAC-FW ftps ip inspect name CBAC-FW ntp ip inspect name CBAC-FW ftp timeout 3600 ! multilink bundle-name authenticated ! ! username proctorlabs privilege 15 password 7 1047191C1D071719180C252621 archive log config hidekeys ! ! crypto isakmp policy 10 encr 3des authentication pre-share group 2 ! ! crypto ipsec client ezvpn Voice-vRack connect manual group vpodgroup key proctorvoice mode network-plus peer 74.126.20.247 xauth userid mode
interactive ! ! interface Loopback0 ip address 10.10.100.15 255.255.255.255 ! interface FastEthernet0/0 description (Outside Public Interface) ip address dhcp no ip unreachables ip mtu 1300 ip nat outside ip inspect CBAC-FW out ip virtual-reassembly duplex auto speed auto no cdp enable crypto ipsec client ezvpn Voice-vRack ! interface FastEthernet0/1 no ip address speed 100 full-duplex ! interface FastEthernet0/1.11 description (Inside Private Interface) encapsulation dot1Q 11 ip address 192.168.11.1 255.255.255.0 ip nat inside ip virtual-reassembly crypto ipsec client ezvpn Voice-vRack inside ! interface FastEthernet0/1.12 description (Inside Private Interface) encapsulation dot1Q 12 ip address 192.168.12.1
255.255.255.0 ip nat inside ip virtual-reassembly crypto ipsec client ezvpn Voice-vRack inside ! interface FastEthernet0/1.13 description (Inside Private Interface) encapsulation dot1Q 13 ip address 192.168.13.1 255.255.255.0 ip nat inside ip virtual-reassembly crypto ipsec client ezvpn Voice-vRack inside ! interface FastEthernet0/1.14 description (Inside Private Interface) encapsulation dot1Q 14 native ip address 192.168.14.1 255.255.255.0 ip nat inside ip virtual-reassembly crypto ipsec client ezvpn Voice-vRack inside ! interface Virtual-Template1 type tunnel ip unnumbered Loopback0 tunnel mode ipsec ipv4 ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 dhcp ! ! no ip http server no ip http secure-server ip nat inside source list 101 interface FastEthernet0/0
overload ! ip access-list extended FW-IN permit udp any any eq bootpc deny ip 10.0.0.0 0.255.255.255 any log deny ip 172.16.0.0 0.15.255.255 any log deny ip 192.168.0.0 0.0.255.255 any log deny ip 224.0.0.0 15.255.255.255 any log deny ip host 0.0.0.0 any log deny ip host 255.255.255.255 any log deny ip 169.254.0.0 0.0.255.255 any log deny ip 127.0.0.0 0.255.255.255 any log permit esp host 74.126.20.247 any permit esp host 12.159.40.185 any permit udp host 74.126.20.247 any eq isakmp permit udp host 12.159.40.185 any eq isakmp permit udp host 74.126.20.247 any eq non500-isakmp permit udp host 12.159.40.185 any eq non500-isakmp deny ip any any log ! access-list 101 deny ip 192.168.0.0
0.0.255.255 10.10.0.0 0.0.255.255 access-list 101 permit ip 192.168.0.0 0.0.255.255 any ! end
**3560**
! version 12.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Switch ! boot-start-marker boot-end-marker ! ! no aaa new-model system mtu routing 1500 no ip domain-lookup ! ! ! ! crypto pki trustpoint TP-self-signed-874562048 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-874562048 revocation-check none rsakeypair TP-self-signed-874562048 ! ! ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! ! ! ! interface FastEthernet0/1 description ** HQ Phone 3 Port ** switchport access vlan 14 switchport mode access switchport voice vlan 11 spanning-tree portfast ! interface FastEthernet0/2 description ** BR1
Phone 3 Port ** switchport access vlan 14 switchport mode access switchport voice vlan 11 spanning-tree portfast ! interface FastEthernet0/3 description ** BR2 Phone 3 Port ** switchport access vlan 14 switchport mode access switchport voice vlan 12 spanning-tree portfast ! interface FastEthernet0/4 description ** BR2 Phone 4 Port ** switchport access vlan 14 switchport mode access switchport voice vlan 12 spanning-tree portfast ! interface FastEthernet0/5 description ** PSTN Phone Port ** switchport access vlan 14 switchport mode access switchport voice vlan 13 spanning-tree portfast ! interface FastEthernet0/6 description ** Your Laptop Port ** switchport access vlan 14 switchport mode access speed 100 duplex
full spanning-tree portfast ! interface FastEthernet0/7 description ** To-Router-Fa0/1 ** switchport trunk encapsulation dot1q switchport trunk native vlan 14 switchport mode trunk speed 100 duplex full spanning-tree portfast trunk ! ! interface Vlan1 no ip address no ip route-cache ! interface Vlan14 ip address 192.168.14.2 255.255.255.0 ! ip default-gateway 192.168.14.1 ip classless ip http server ip http secure-server ! ! ip sla enable reaction-alerts ! ! end
| |
| |
|
|
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com