Cisco IOS Software, SR520 Software (SR520-ADVIPSERVICESK9-M), Version 12.4(20)T2, RELEASE

SR520

Home Exec Configure

Top of Form

------show version ------

Cisco IOS Software, SR520 Software (SR520-ADVIPSERVICESK9-M), Version 12.4(20)T2, RELEASE SOFTWARE (fc4)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2009 by Cisco Systems, Inc.

Compiled Sun 01-Feb-09 02:34 by prod_rel_team

ROM: System Bootstrap, Version 12.3(8r)YI5, RELEASE SOFTWARE

SR520 uptime is 5 hours, 42 minutes

System returned to ROM by reload

System image file is "flash:sr520-advipservicesk9-mz.124-20.T2.bin"

Last reload reason: Reload Command

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to

.

Cisco SR520-FE (MPC8272) processor (revision 0x300) with 118784K/12288K bytes of memory.

Processor board ID FHK1308221R

MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10

5 FastEthernet interfaces

128K bytes of non-volatile configuration memory.

36864K bytes of processor board System flash (Intel Strataflash)

Configuration register is 0x2102

------show running-config ------

Building configuration...

Current configuration : 4170 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname SR520

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

enable secret 5 <removed>

!

no aaa new-model

clock timezone CST -6

!

crypto pki trustpoint TP-self-signed-2095584863

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-2095584863

revocation-check none

rsakeypair TP-self-signed-2095584863

!

!

crypto pki certificate chain TP-self-signed-2095584863

certificate self-signed 01

3082023D 308201A6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 32303935 35383438 3633301E 170D3032 30333031 30303039

34355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 30393535

38343836 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

8100C56A 0E3FAD58 42DD4079 B907D053 FCC43C03 E749C039 D7C79C25 2D042AB4

DB0E0221 4ABA6283 AB7D56BC 2D24F60E 6DEA83F2 BAD2BCE5 6E375044 7FA30B96

09BFEA38 0D3BB807 71005B64 1649DDBE 0D33148C C39AB5DE 09CE1DAE 1324980E

B0AFCF61 1E0622AD 8DC6AD3A E45BCFD1 FD163CFF 31091E74 CB2182F4 B48764DA

D0E30203 010001A3 65306330 0F060355 1D130101 FF040530 030101FF 30100603

551D1104 09300782 05535235 3230301F 0603551D 23041830 168014EC 55314AAD

D5EA277D CF8DE2BC 2F5CF89B B2A94930 1D060355 1D0E0416 0414EC55 314AADD5

EA277DCF 8DE2BC2F 5CF89BB2 A949300D 06092A86 4886F70D 01010405 00038181

008215D4 9005035A 5F231616 61FFDAD3 D3CF6021 0264236D 96341282 8BED7C5F

22D7945D 5DEE8BFE B6F5F77F E374CDF2 369E88A5 2345F331 500A6EBD 7D4B7CFF

AB5FC629 540CB78E 2717E11C A86821B8 14FDA9E8 30C26A41 E323D1DB 72293C23

B81A2781 570C6A56 4BC38684 99E13C83 C89AA2D4 323CD4D0 F0CF1764 61F73B62 55

quit

dot11 syslog

ip source-route

!

!

ip dhcp excluded-address 192.168.75.1 192.168.75.10

!

ip dhcp pool inside

network 192.168.75.0 255.255.255.0

default-router 192.168.75.1

dns-server 24.94.163.33 24.94.163.32

option 150 ip 10.1.1.1

lease 0 2

!

!

ip cef

ip name-server 65.24.7.10

ip name-server 65.24.7.11

ip accounting-list 0.0.0.0 0.0.0.0

!

no ipv6 cef

multilink bundle-name authenticated

!

!

username munger privilege 15 secret 5 <removed>

!

!

crypto isakmp policy 5

encr 3des

authentication pre-share

group 2

lifetime 28800

crypto isakmp key D6uKu4ap address 98.100.195.78

!

!

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

mode transport

!

crypto map CISCO 10 ipsec-isakmp

set peer 98.100.195.78

set transform-set ESP-3DES-SHA

set pfs group2

match address 105

!

archive

log config

hidekeys

!

!

!

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

ip address 192.168.1.200 255.255.255.0

ip virtual-reassembly

duplex auto

speed auto

crypto map CISCO

!

interface Vlan1

ip address 192.168.75.1 255.255.255.0

ip nat inside

ip virtual-reassembly

no ip route-cache cef

no ip route-cache

ip tcp adjust-mss 1452

!

no ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 192.168.1.1

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source route-map VPN-NAT interface FastEthernet4 overload

!

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 192.168.75.0 0.0.0.255

access-list 101 deny ip 192.168.75.0 0.0.0.255 10.1.1.0 0.0.0.255

access-list 101 deny ip 192.168.75.0 0.0.0.255 10.12.200.0 0.0.0.255

access-list 101 permit ip 192.168.75.0 0.0.0.7 any

access-list 102 permit ip any any

access-list 105 permit ip 192.168.75.0 0.0.0.255 10.12.200.0 0.0.0.255

access-list 105 permit ip 192.168.75.0 0.0.0.255 10.1.1.0 0.0.0.255

!

!

!

!

route-map VPN-NAT permit 10

match ip address 101

!

!

control-plane

!

banner login ^CSR520 Base Config - MFG 1.0 ^C

!

line con 0

login local

no modem enable

line aux 0

line vty 0 4

privilege level 15

login local

transport input telnet ssh

!

scheduler max-task-time 5000

end

------show stacks ------

Minimum process stacks:

Free/Size Name

5452/6000 Clock Update Proc

5536/6000 Inspect Init Msg

5504/6000 SPAN Subsystem

5468/6000 SASL MAIN

2252/12000 Init

4408/6000 Update prst

5344/6000 RADIUS INITCONFIG

2124/3000 Rom Random Update Process

19276/24000 HTTP CP

34092/36000 TCP Command

8828/12000 Virtual Exec

Interrupt level stacks:

Level Called Unused/Size Name

2 40921 8088/9000 Host/PCI Bridge Interrupt

3 1174 8528/9000 SEC Interrupt Handler

5 19915 8972/9000 Console Break Risc Timer Interrupt

6 1710 8880/9000 MPC8270 Console Interrupt

7 5138056 8912/9000 MPC8270 Timer4 Interrupt

Spurious interrupts: 1

------show interfaces ------

FastEthernet0 is up, line protocol is up

Hardware is Fast Ethernet, address is 0024.978f.6f4e (bia 0024.978f.6f4e)

MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Full-duplex, 100Mb/s

ARP type: ARPA, ARP Timeout 04:00:00

Last input never, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

2526 packets input, 202621 bytes, 0 no buffer

Received 172 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 input packets with dribble condition detected

8018 packets output, 1235581 bytes, 0 underruns

0 output errors, 0 collisions, 2 interface resets

0 unknown protocol drops

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

FastEthernet1 is up, line protocol is up

Hardware is Fast Ethernet, address is 0024.978f.6f4f (bia 0024.978f.6f4f)

MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Full-duplex, 100Mb/s

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:33, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

5783 packets input, 644301 bytes, 0 no buffer

Received 1039 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 input packets with dribble condition detected

13801 packets output, 1180108 bytes, 0 underruns

0 output errors, 0 collisions, 2 interface resets

0 unknown protocol drops

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

FastEthernet2 is up, line protocol is down

Hardware is Fast Ethernet, address is 0024.978f.6f50 (bia 0024.978f.6f50)

MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Auto-duplex, Auto-speed

ARP type: ARPA, ARP Timeout 04:00:00

Last input never, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 2

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 input packets with dribble condition detected

0 packets output, 0 bytes, 0 underruns

0 output errors, 0 collisions, 2 interface resets

0 unknown protocol drops

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

FastEthernet3 is up, line protocol is down

Hardware is Fast Ethernet, address is 0024.978f.6f51 (bia 0024.978f.6f51)

MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Auto-duplex, Auto-speed

ARP type: ARPA, ARP Timeout 04:00:00

Last input never, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 2

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 input packets with dribble condition detected

0 packets output, 0 bytes, 0 underruns

0 output errors, 0 collisions, 2 interface resets

0 unknown protocol drops

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

FastEthernet4 is up, line protocol is down

Hardware is PQUICC_FEC, address is 0024.978f.6f58 (bia 0024.978f.6f58)

Internet address is 192.168.1.200/24

MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Auto-duplex, Auto Speed, 100BaseTX/FX

ARP type: ARPA, ARP Timeout 04:00:00

Last input 02:24:57, output 02:24:07, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

516 packets input, 74875 bytes

Received 497 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 watchdog

0 input packets with dribble condition detected

2571 packets output, 325850 bytes, 0 underruns

0 output errors, 0 collisions, 2 interface resets

0 unknown protocol drops

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

SSLVPN-VIF0 is up, line protocol is up

Hardware is SSLVPN_VIF

Interface is unnumbered. Using address of SSLVPN-VIF0 (0.0.0.0)

MTU 1406 bytes, BW 56 Kbit/sec, DLY 5000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation UNKNOWN, loopback not set

Last input never, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

0 packets output, 0 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 unknown protocol drops

0 output buffer failures, 0 output buffers swapped out

Vlan1 is up, line protocol is up

Hardware is EtherSVI, address is 0024.978f.6f4e (bia 0024.978f.6f4e)

Internet address is 192.168.75.1/24

MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:00, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 1000 bits/sec, 1 packets/sec

5 minute output rate 1000 bits/sec, 1 packets/sec

7798 packets input, 742564 bytes, 0 no buffer

Received 1129 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

5296 packets output, 1004798 bytes, 0 underruns

0 output errors, 1 interface resets

0 unknown protocol drops

0 output buffer failures, 0 output buffers swapped out

NVI0 is up, line protocol is up

Hardware is NVI

Interface is unnumbered. Using address of FastEthernet4 (192.168.1.200)

MTU 1514 bytes, BW 56 Kbit/sec, DLY 5000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation UNKNOWN, loopback not set

Last input never, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

0 packets output, 0 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 unknown protocol drops

0 output buffer failures, 0 output buffers swapped out

------show controllers ------

Interface FastEthernet0

Hardware is MPC8272

ADDR: 8360FDD8, FASTSEND: 800DEC64

DIST ROUTE ENABLED: 0

Route Cache Flag: 0

FCC Registers:

FCC General Mode register [GFMR] = 0x0000007C

FCC Protocol Mode register [FPSMR] = 0x14400080

FCC Data synchronisation register [FDSR] = 0xD555

FCC Transmit on demand register [FTODR] = 0x5555

FCC event register [FCCE] = 0x0000

FCC mask register [FCCM] = 0x00FF

Port A [PADIR]=0x00C03C08, [PAPAR]=0x0003FC1B

[PASOR]=0x0000001B, [PADAT]=0x003C03E5

Port B [PBDIR]=0x000003C4, [PBPAR]=0x00003FF6

[PBSOR]=0x00000004, [PBDAT]=0x00000019

Port C [PCDIR]=0x071B40FD, [PCPAR]=0x0C00A601

[PCSOR]=0x00000001, [PCDAT]=0x4EE7FBFD

Port D [PDDIR]=0x00001006, [PDPAR]=0x0003E000