Configuration Routeur Cisco 3825 (ISS)
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISS
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
no aaa new-model
ip cef
!
!
!
!
ip multicast-routing
!
ipv6 unicast-routing
ftp-server enable
ftp-server topdir /
voice-card 0
no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-928275743
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-928275743
revocation-check none
rsakeypair TP-self-signed-928275743
!
!
crypto pki certificate chain TP-self-signed-928275743
certificate self-signed 01
30820239 308201A2 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 39323832 37353734 33301E17 0D303830 36313030 39333034
365A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3932 38323735
37343330 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
C82E9D09 0078320E 991CFA6C 580D1570 6AA33D59 E1218C71 30CDFC54 09EB1EAC
5ABC776F C5ADFC3D FDD2D920 1FAC3C2E BB0F6625 F55A29C4 86CE3ED1 AD5FCE7C
6535213A 5CFBFF2E 0C0B32C7 49CD9561 824139A0 ED369AE3 216DB2B5 186DA2CF
490E4D0E 502E21AD EBEF0F93 C7978811 5E349484 75DDE2D5 834908E3 6BC3299B
02030100 01A36330 61300F06 03551D13 0101FF04 05300301 01FF300E 0603551D
11040730 05820349 5353301F 0603551D 23041830 168014B5 A25B4927 79E5F375
0EF6A58E 53A3B974 B9E4E830 1D060355 1D0E0416 0414B5A2 5B492779 E5F3750E
F6A58E53 A3B974B9 E4E8300D 06092A86 4886F70D 01010405 00038181 00782BA9
B3CE501C 7A277A65 89BBB6DA F5F8C2A7 6906219A 62DE43CA 36C1CD07 C1AA3FAF
836E4225 DCD5AC8B B0558618 7F0E85E8 17ED50BB 117BC6AA FC491710 2A6611DB
3ABF0740 8CD91583 61989EE7 E0CADCFA 023F3054 362F6613 E36A0188 D6CC88FA
2F762609 46AAD89F 874292DD B2BC6A55 7519E8EA E055E209 0F7FC96B 9F
quit
username ISS
!
!
class-map match-any SDMBulk-GigabitEthernet0/0
match protocol exchange
match protocol ftp
match protocol irc
match protocol nntp
match protocol pop3
match protocol printer
match protocol secure-ftp
match protocol secure-irc
match protocol secure-nntp
match protocol secure-pop3
match protocol smtp
match protocol tftp
class-map match-any SDMSVideo-GigabitEthernet0/0
match protocol cuseeme
match protocol netshow
match protocol rtsp
match protocol streamwork
match protocol vdolive
class-map match-any SDMVoice-GigabitEthernet0/0
match protocol rtp audio
!
!
policy-map SDM-Pol-GigabitEthernet0/0
class SDMVoice-GigabitEthernet0/0
priority percent 70
set dscp ef
class SDMSVideo-GigabitEthernet0/0
bandwidth remaining percent 40
set dscp af41
!
!
!
crypto isakmp policy 1
hash md5
authentication pre-share
group 2
lifetime 3600
crypto isakmp key plateforme6 address 10.20.1.2
!
!
crypto ipsec transform-set PapaBear esp-3des
crypto ipsec transform-set MamaBear ah-md5-hmac esp-3des
crypto ipsec transform-set BabyBear ah-md5-hmac
!
crypto map armadillo 10 ipsec-isakmp
set peer 10.20.1.2
set transform-set MamaBear
match address 101
qos pre-classify
!
!
!
!
interface GigabitEthernet0/0
ip address 10.20.3.1 255.255.255.252
ip nbar protocol-discovery
ip pim dense-mode
ip igmp version 3
ip dvmrp unicast-routing
duplex auto
speed auto
media-type rj45
ipv6 address 2001:DB8:8000:1001::/64
ipv6 address 2001:DB8:8000:1001::1/64
ipv6 ospf 1 area 0
no keepalive
service-policy output SDM-Pol-GigabitEthernet0/0
ip rsvp bandwidth 50000 2000
!
interface GigabitEthernet0/1
ip address 10.20.4.2 255.255.255.0
ip dvmrp unicast-routing
duplex auto
speed auto
media-type rj45
ipv6 address autoconfig
no keepalive
!
interface FastEthernet1/0
!
interface FastEthernet1/1
!
interface FastEthernet1/2
!
interface FastEthernet1/3
!
interface FastEthernet1/4
!
interface FastEthernet1/5
!
interface FastEthernet1/6
!
interface FastEthernet1/7
!
interface FastEthernet1/8
!
interface FastEthernet1/9
!
interface FastEthernet1/10
!
interface FastEthernet1/11
!
interface FastEthernet1/12
!
interface FastEthernet1/13
!
interface FastEthernet1/14
!
interface FastEthernet1/15
!
interface GigabitEthernet1/0
no switchport
ip address 10.20.6.1 255.255.255.252
ip nbar protocol-discovery
ip pim dense-mode
ip igmp query-interval 125
ip dvmrp unicast-routing
ipv6 address 2001:DB8:8000:2::1/64
ipv6 ospf 1 area 0
service-policy output SDM-Pol-GigabitEthernet0/0
ip rsvp bandwidth 50000 2000
!
interface FastEthernet2/0
!
interface FastEthernet2/1
!
interface FastEthernet2/2
!
interface FastEthernet2/3
!
interface FastEthernet2/4
!
interface FastEthernet2/5
!
interface FastEthernet2/6
!
interface FastEthernet2/7
!
interface FastEthernet2/8
!
interface FastEthernet2/9
!
interface FastEthernet2/10
!
interface FastEthernet2/11
!
interface FastEthernet2/12
!
interface FastEthernet2/13
!
interface FastEthernet2/14
!
interface FastEthernet2/15
!
interface GigabitEthernet2/0
no switchport
ip address 10.20.5.1 255.255.255.0
ip pim dense-mode
ip dvmrp unicast-routing
ipv6 address 2001:DB8:8000:1003::1/64
ipv6 ospf 1 area 0
!
interface Vlan1
no ip address
!
router ospf 65002
log-adjacency-changes
network 10.20.0.0 0.0.255.255 area 0
!
router bgp 65002
bgp router-id 10.20.6.1
bgp log-neighbor-changes
neighbor 10.20.3.2 remote-as 65002
neighbor 10.20.6.2 remote-as 65003
neighbor 2001:DB8:8000:2::2 remote-as 65003
!
address-family ipv4
redistribute ospf 65002
neighbor 10.20.3.2 activate
neighbor 10.20.6.2 activate
no neighbor 2001:DB8:8000:2::2 activate
no auto-summary
no synchronization
network 10.20.0.0 mask 255.255.0.0
exit-address-family
!
address-family ipv6
neighbor 2001:DB8:8000:2::2 activate
neighbor 2001:DB8:8000:2::2 soft-reconfiguration inbound
neighbor 2001:DB8:8000:2::2 prefix-list to-Mypeer1 out
network 2001:DB8:8000::/48
exit-address-family
!
!
!
ip http server
ip http secure-server
ip pim bidir-enable
!
access-list 101 permit ip 10.20.5.0 0.0.0.255 10.10.1.0 0.0.0.255
snmp-server user 65002 65002 v3
snmp-server group 65002 v3 noauth notify *tv.00000002.08000000.000801207F
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps ds1
snmp-server enable traps tty
snmp-server enable traps eigrp
snmp-server enable traps xgcp
snmp-server enable traps flash insertion removal
snmp-server enable traps ds3
snmp-server enable traps envmon
snmp-server enable traps icsudsu
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps isdn chan-not-avail
snmp-server enable traps isdn ietf
snmp-server enable traps ds0-busyout
snmp-server enable traps ds1-loopback
snmp-server enable traps atm subif
snmp-server enable traps bgp
snmp-server enable traps bulkstat collection transfer
snmp-server enable traps cnpd
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps dial
snmp-server enable traps dsp card-status
snmp-server enable traps entity
snmp-server enable traps event-manager
snmp-server enable traps frame-relay
snmp-server enable traps frame-relay subif
snmp-server enable traps hsrp
snmp-server enable traps ipmobile
snmp-server enable traps ipmulticast
snmp-server enable traps mpls ldp
snmp-server enable traps mpls traffic-eng
snmp-server enable traps mpls vpn
snmp-server enable traps msdp
snmp-server enable traps mvpn
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change nssa-trans-change
snmp-server enable traps ospf cisco-specific state-change shamlink interface-old
snmp-server enable traps ospf cisco-specific state-change shamlink neighbor
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps pppoe
snmp-server enable traps cpu threshold
snmp-server enable traps rsvp
snmp-server enable traps rtr
snmp-server enable traps syslog
snmp-server enable traps l2tun session
snmp-server enable traps vsimaster
snmp-server enable traps vtp
snmp-server enable traps isakmp policy add
snmp-server enable traps isakmp policy delete
snmp-server enable traps isakmp tunnel start
snmp-server enable traps isakmp tunnel stop
snmp-server enable traps ipsec cryptomap add
snmp-server enable traps ipsec cryptomap delete
snmp-server enable traps ipsec cryptomap attach
snmp-server enable traps ipsec cryptomap detach
snmp-server enable traps ipsec tunnel start
snmp-server enable traps ipsec tunnel stop
snmp-server enable traps ipsec too-many-sas
snmp-server enable traps rf
snmp-server enable traps voice poor-qov
snmp-server enable traps voice fallback
snmp-server enable traps dnis
snmp-server manager
ipv6 route 2001:DB8:8000:1001::/64 Null0
ipv6 router ospf 1
log-adjacency-changes
summary-prefix 2001:DB8:8000::/80
!
!
!
!
snmp mib target list 10.40.5.2 host 0.0.0.0
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 3
privilege level 15
password cisco
login
line vty 4
login
!
scheduler allocate 20000 1000
!
