Scribd Logo
Upload

Welcome to Scribd!

  • Cisco Router Config

    Uploaded by

    Amit Singh
    32 views5 pages

    Original Title

    CISCO ROUTER CONFIG.txt

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    32 views5 pages

    Cisco Router Config

    Uploaded by

    Amit Singh

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    !

    ! Last configuration change at 22:37:58 UTC Mon Aug 12 2019


    !
    version 16.9
    service config
    service timestamps debug datetime msec
    service timestamps log datetime msec
    platform qfp utilization monitor load 80
    no platform punt-keepalive disable-kernel-core
    !
    hostname NEXUS-1
    !
    boot-start-marker
    boot-end-marker
    !
    !
    enable secret 5 XXXXXXXX
    enable password XXXXXXXX
    !
    no aaa new-model
    !
    ip name-server 192.168.1.1
    ip dhcp excluded-address 10.14.14.1 10.14.14.9
    ip dhcp excluded-address 10.14.14.250 10.14.14.254
    ip dhcp excluded-address 10.19.14.1 10.19.14.9
    ip dhcp excluded-address 10.19.14.250 10.19.14.254
    ip dhcp excluded-address 10.2.14.1 10.2.14.9
    ip dhcp excluded-address 10.2.14.250 10.2.14.254
    !
    ip dhcp pool NEXNET
    network 10.14.14.0 255.255.255.0
    default-router 10.14.14.1
    dns-server 10.14.14.1
    !
    ip dhcp pool SkyNET
    network 10.19.14.0 255.255.255.0
    default-router 10.19.14.1
    dns-server 10.19.14.1
    !
    ip dhcp pool bitNET
    network 10.2.14.0 255.255.255.0
    default-router 10.2.14.1
    dns-server 10.2.14.1
    !
    !
    !
    ipv6 unicast-routing
    !
    !
    !
    !
    !
    !
    !
    subscriber templating
    multilink bundle-name authenticated
    !
    !
    !
    crypto pki trustpoint TP-self-signed-2759056948
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-2759056948
    revocation-check none
    rsakeypair TP-self-signed-2759056948
    !
    !
    crypto pki certificate chain TP-self-signed-2759056948
    certificate self-signed 01 nvram:IOS-Self-Sig#5.cer
    !
    license udi pid C1111-8P sn XXXXXXXX
    no license smart enable
    !
    diagnostic bootup level minimal
    !
    spanning-tree extend system-id
    !
    !
    username YYYYYYYY privilege 15 password 0 XXXXXXXX
    !
    redundancy
    mode none
    !
    !
    vlan internal allocation policy ascending
    !
    !
    !
    !
    !
    !
    interface GigabitEthernet0/0/0
    description Internet
    ip address dhcp
    negotiation auto
    ipv6 enable
    ipv6 nd autoconfig default-route
    ipv6 dhcp client request vendor
    !
    interface GigabitEthernet0/0/1
    description Intranet
    ip address dhcp
    negotiation auto
    !
    interface GigabitEthernet0/1/0
    description SkyNET
    switchport access vlan 200
    !
    interface GigabitEthernet0/1/1
    description bitNET
    switchport access vlan 400
    !
    interface GigabitEthernet0/1/2
    description SkyNET
    switchport access vlan 200
    !
    interface GigabitEthernet0/1/3
    description bitNET
    switchport access vlan 400
    !
    interface GigabitEthernet0/1/4
    description SkyNET
    switchport access vlan 200
    !
    interface GigabitEthernet0/1/5
    description bitNET
    switchport access vlan 400
    !
    interface GigabitEthernet0/1/6
    description SkyNET
    switchport access vlan 200
    !
    interface GigabitEthernet0/1/7
    description bitNET
    switchport access vlan 400
    !
    interface Vlan1
    no ip address
    !
    interface Vlan100
    description NEXNET
    ip address 10.14.14.1 255.255.255.0
    !
    interface Vlan200
    description SkyNET
    ip address 10.19.14.1 255.255.255.0
    !
    interface Vlan400
    description bitNET
    ip address 10.2.14.1 255.255.255.0
    !
    ip forward-protocol nd
    ip http server
    ip http authentication local
    ip http secure-server
    ip http client source-interface GigabitEthernet0/0/0
    ip route 0.0.0.0 0.0.0.0 192.168.1.1 GigabitEthernet0/0/0
    !
    !
    !
    !
    snmp-server community XXXXXXXX RO
    !
    !
    control-plane
    !
    !
    line con 0
    transport input none
    stopbits 1
    line vty 0 4
    password XXXXXXXX
    login
    !
    ntp server ip 0.de.pool.ntp.org prefer source GigabitEthernet0/0/0
    ntp server 1.de.pool.ntp.org source GigabitEthernet0/0/0
    ntp server 1.ciscosb.pool.ntp.org source GigabitEthernet0/0/0
    ntp server ip 0.ciscosb.pool.ntp.org source GigabitEthernet0/0/0
    !
    !
    !
    !
    !
    end

    You need the following:

    int gi0/0/0

    ip nat outside

    int vlan 100

    ip nat inside

    int vlan 200

    ip nat inside

    int vlan 400

    ip nat inside

    ip nat inside source list 11 interface gi0/0/0 overload

    access-list 11 remark define internal networks

    access-list 11 permit 10.14.14.0 0.0.0.255

    access-list 11 permit 10.2.14.0 0.0.0.255

    access-list 11 permit 10.19.14.0 0.0.0.255

    Routing is not enough to provide internet access you need NAT.

    Your default static route is fine and you don't need to change it.

    >>

    ip route 0.0.0.0 0.0.0.0 192.168.1.1 GigabitEthernet0/0/0

    This is fine.
    You need also to associate one L2 access interface to vlan 100 to be able to use
    SVI vlan 100.

    To be noted also the ISP assigned is a private IP address and the ISP will perform
    NAT on its device too.

    (unless you changed your public IP to this 192.168.1.1 for security reasons).

    NAT is triggered when a packet needs to go from a NAT inside interface to a NAT
    outside interface.

    Inter Vlan routing should still work correctly because all SVIs are configured with
    ip nat inside.

    Hope to help

    Giuseppe

    You might also like