Код: Выделить всё
!
! NVRAM config last updated at 13:02:02 UTC Wed Nov 30 2011 by phrozen
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router
!
boot-start-marker
boot system disk0:c7400-ik9o3s-mz.124-15.T7.bin
boot-end-marker
!
no logging console
!
aaa new-model
aaa session-mib disconnect
!
!
aaa authentication login default local
aaa authentication ppp default group radius
aaa authorization network default group radius
aaa accounting delay-start
aaa accounting update periodic 5
aaa accounting network default start-stop group radius
!
!
aaa session-id common
!
!
ip cef
ip name-server 217.9.147.42
ip name-server 217.9.148.4
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.0 192.168.0.100
!
ip dhcp pool LOCAL
network 192.168.0.0 255.255.252.0
dns-server 192.168.0.1
default-router 192.168.0.1
!
!
no ip pxf
!
multilink bundle-name authenticated
!
virtual-template 1 pre-clone 500
!
!
!
!
!
!
!
!
!
!
!
!
!
username phrozen privilege 15 secret 5 $1$dLo1$Lu049LyWt9iafVsAqX4z2/
archive
log config
logging enable
hidekeys
!
!
!
!
!
!
!
bba-group pppoe global
virtual-template 1
sessions max limit 8000
ac name nas1
sessions per-mac limit 1
sessions per-vlan limit 500
sessions auto cleanup
!
!
interface GigabitEthernet0/0
description BILLING
ip address 10.0.0.2 255.255.255.0
duplex full
speed auto
media-type rj45
!
interface GigabitEthernet0/1
description LOCAL
ip address 192.168.0.1 255.255.252.0
duplex full
speed auto
media-type rj45
vlan-range dot1q 1 4048
pppoe enable group global
exit-vlan-config
!
pppoe enable group global
no cdp enable
!
interface FastEthernet1/0
description INTERNET
ip address 172.29.1.2 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex full
!
interface Virtual-Template1
mtu 1492
ip unnumbered GigabitEthernet0/0
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly
autodetect encapsulation ppp
peer default ip address pool PPPoE
ppp max-bad-auth 3
ppp authentication chap
ppp timeout retry 3
ppp timeout authentication 45
ppp timeout idle 3600
!
ip local pool PPPoE 10.10.0.100 10.10.2.254
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 172.29.1.1
ip route 10.10.0.0 255.255.252.0 GigabitEthernet0/0
ip flow-export source Virtual-Template1
ip flow-export version 5
ip flow-export destination 10.0.0.1 9996
!
no ip http server
no ip http secure-server
!
ip nat inside source list 100 interface FastEthernet1/0 overload
!
!
ip access-list standard RW3
access-list 3 permit 10.0.0.1
access-list 3 deny any log
access-list 100 remark ** Internet ACL
access-list 100 permit ip 10.10.0.0 0.0.3.255 any
access-list 110 remark ** Local In ACL
access-list 110 permit ip 10.10.0.0 0.0.3.255 10.10.0.0 0.0.3.255
access-list 110 permit ip 10.10.0.0 0.0.3.255 10.0.0.0 0.0.0.255
access-list 110 deny ip any any
access-list 111 remark ** Local Out ACL
access-list 111 permit ip 10.10.0.0 0.0.3.255 10.10.0.0 0.0.3.255
access-list 111 permit ip 10.0.0.0 0.0.0.255 10.10.0.0 0.0.3.255
access-list 111 deny ip any any
access-list 114 remark ** Remix DAY-Time ACL
access-list 114 permit ip any any time-range DAY-REMIX
access-list 115 remark ** Remix NIGHT-Time ACL
access-list 115 permit ip any any time-range NIGHT-REMIX
snmp-server community public RO
snmp-server community private RW
!
!
!
radius-server attribute 8 include-in-access-req
radius-server attribute nas-port format e UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU
radius-server attribute 31 mac format unformatted
radius-server host 10.0.0.1 auth-port 1812 acct-port 1813
radius-server retransmit 5
radius-server timeout 30
radius-server deadtime 1
radius-server key 7 03175E08140A35
radius-server vsa send accounting
radius-server vsa send authentication
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
line aux 0
line vty 0 4
privilege level 15
!
time-range DAY-REMIX
periodic daily 8:00 to 23:59
!
time-range NIGHT-REMIX
periodic daily 0:00 to 7:59
!
!
end