pem@CASMJUM32001> show configuration interfaces xe-5/0/0.

8039
description ID:ID000CI1133533:CAFAM:PER_K17C9:I;
vlan-tags outer 1428 inner 176;
family inet {
mtu 1500;
policer {
input 6M;
output 6M;
}
address 10.189.240.41/30;
}

{master}
pem@CASMJUM32001> show route next-hop 10.189.240.42 table inet.0

inet.0: 94067 destinations, 179215 routes (94036 active, 0 holddown, 35 hidden)

Restart Complete
@ = Routing Use Only, # = Forwarding Use Only
+ = Active Route, - = Last Active, * = Both

201.245.200.56/29 *[Static/5] 2w0d 08:44:23

> to 10.189.240.42 via xe-5/0/0.8039

{master}
pem@CASMJUM32001> ping 10.189.240.42 source 10.189.240.41 interface xe-5/0/0.8039
PING 10.189.240.42 (10.189.240.42): 56 data bytes
64 bytes from 10.189.240.42: icmp_seq=0 ttl=255 time=4.985 ms
64 bytes from 10.189.240.42: icmp_seq=1 ttl=255 time=4.994 ms
^C
--- 10.189.240.42 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 4.985/4.990/4.994/0.004 ms

{master}
pem@CASMJUM32001> telnet 10.189.240.42 source 10.189.240.41 interface xe-5/0/0.8039

Trying 10.189.240.42...
Connected to 10.189.240.42.
Escape character is '^]'.

User Access Verification

Password:
CAFAM_PER_K17C9_I>

CAFAM_PER_K17C9_I#show run
Building configuration...

Current configuration : 7331 bytes

!
! Last configuration change at 21:35:29 UTC Fri Feb 7 2020
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname CAFAM_PER_K17C9_I
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$EKYT$0rSqrVKri4ZTqEIiNq4tD.
enable password 7 0943415E141019165B
!
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
!
!
!
!
!
!
!
!
!
!

!
ip dhcp excluded-address 172.26.80.1 172.26.80.19
!
ip dhcp pool LAN
network 172.26.80.0 255.255.255.0
default-router 172.26.80.1
dns-server 172.19.1.111 172.19.1.112 200.75.51.132
netbios-name-server 172.19.1.111
domain-name cafam.dom
lease 20
!
!
!
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
cts logging verbose
license udi pid C891FW-A-K9 sn FJC2229L291
!
!
!
!
!
!
!
!
policy-map LIMIT
class class-default
shape average 6048000
!
!
!
crypto isakmp policy 10
encr aes 256
authentication pre-share
group 2
crypto isakmp key 58uWgrc8p address 190.24.129.139
crypto isakmp keepalive 10 periodic
!
!
crypto ipsec transform-set AES128-SHA esp-aes esp-sha-hmac
mode tunnel
crypto ipsec df-bit clear
!
!
!
crypto map ETB local-address Loopback0
crypto map ETB 10 ipsec-isakmp
set peer 190.24.129.139
set security-association idle-time 3600
set transform-set AES128-SHA
match address VPN
!
!
!
!
!
!
interface Loopback0
description LAN
ip address 201.245.200.57 255.255.255.248
!
interface Loopback1
description GESTION_AP
ip address 2.2.2.2 255.255.255.255
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
isdn termination multidrop
!
interface FastEthernet0
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0
 no ip address
!
interface GigabitEthernet1
no ip address
!
interface GigabitEthernet2
no ip address
!
interface GigabitEthernet3
no ip address
!
interface GigabitEthernet4
no ip address
!
interface GigabitEthernet5
no ip address
!
interface GigabitEthernet6
no ip address
!
interface GigabitEthernet7
no ip address
!
interface GigabitEthernet8
description CONEXION WAN
no ip address
load-interval 30
duplex full
speed 100
!
interface GigabitEthernet8.176
encapsulation dot1Q 176
ip address 10.189.240.42 255.255.255.252
ip nat outside
ip virtual-reassembly in
crypto map ETB
!
interface Wlan-GigabitEthernet8
no ip address
!
interface wlan-ap0
no ip address
!
interface Vlan1
description LAN_CLIENTE
ip address 172.26.80.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Async3
no ip address
encapsulation slip
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat translation timeout 2
ip nat translation routemap-entry-timeout 2
ip nat translation icmp-timeout 2
ip nat inside source route-map NAT1-RM interface Loopback0 overload
ip route 0.0.0.0 0.0.0.0 10.189.240.41
!
ip access-list extended NAT
deny ip 172.26.80.0 0.0.0.255 10.0.0.0 0.255.255.255
deny ip 172.26.80.0 0.0.0.255 172.16.0.0 0.15.255.255
deny ip 172.26.80.0 0.0.0.255 192.168.0.0 0.0.255.255
permit tcp 172.26.80.0 0.0.0.255 host 200.26.150.71 eq 443
permit tcp 172.26.80.0 0.0.0.255 host 200.26.150.73 eq 443
permit tcp 172.26.80.0 0.0.0.255 host 190.27.225.98 eq 443
permit tcp 172.26.80.0 0.0.0.255 host 190.27.225.97 eq 443
permit ip 172.26.80.0 0.0.0.255 host 200.75.51.132
permit ip 172.26.80.0 0.0.0.255 host 190.24.129.144
permit ip 172.26.80.0 0.0.0.255 host 190.145.88.54
permit ip 172.26.80.0 0.0.0.255 host 190.145.88.55
permit ip 172.26.80.0 0.0.0.255 host 200.21.200.10
permit ip 172.26.80.0 0.0.0.255 host 200.21.200.80
permit ip 172.26.80.0 0.0.0.255 host 200.13.249.101
permit ip 172.26.80.0 0.0.0.255 host 200.13.224.254
permit ip 172.26.80.0 0.0.0.255 host 168.62.205.105
permit tcp 172.26.80.0 0.0.0.255 host 190.85.195.225 eq 443
permit tcp 172.26.80.0 0.0.0.255 host 190.85.195.225 eq 8080
permit tcp 172.26.80.0 0.0.0.255 host 190.85.195.226 eq 443
permit tcp 172.26.80.0 0.0.0.255 host 190.85.195.226 eq 8080
permit tcp 172.26.80.0 0.0.0.255 host 190.85.195.226 eq 8081
permit tcp 172.26.80.0 0.0.0.255 host 190.85.195.226 eq 45800
permit tcp 172.26.80.0 0.0.0.255 host 184.106.161.206 eq 83
permit tcp 172.26.80.0 0.0.0.255 host 200.122.195.157 eq 18080
permit ip 172.26.80.0 0.0.0.255 host 137.116.74.192
permit tcp 172.26.80.0 0.0.0.255 host 190.85.195.235 eq 443
permit tcp 172.26.80.0 0.0.0.255 host 190.85.195.235 eq 8080
ip access-list extended VPN
permit ip 172.26.80.0 0.0.0.255 any
permit ip 172.26.80.0 0.0.0.255 172.16.0.0 0.15.255.255
permit ip 172.26.80.0 0.0.0.255 192.168.0.0 0.0.255.255
permit ip 172.26.80.0 0.0.0.255 10.0.0.0 0.255.255.255
!
!
route-map NAT1-RM permit 10
match ip address NAT
!
snmp-server community CAFAM.ETB RO
snmp-server host 172.19.1.95 CAFAM.ETB
snmp-server host 172.26.100.101 CAFAM.ETB
snmp-server host 172.26.100.103 CAFAM.ETB
!
control-plane
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
banner login ^CC

!*EEEEEEEEEEEEEEEEEEEEE:
TEEEEEEEEEEEEEEEEEEEEEEEEEEEE
.EEEEEEEEETEEEEEE :!++:
ET!. EEEEE!
EEEEEE +EEEET
*TEEEEEEE! :EEEEE. EEEEE.
!EEEEEEEEEEEEE: EEEEE+ EEEEE* ***************************
TEEEEE .TEEEE+ +EEEEE :EEEEE * *
*EEEEE :EEEEE! EEEEEE! *EEEEE! .TEEEE: * El acceso a este equipo *
EEEEE. .EEEEEE: .EEEEE: EEEEE! +EEEEEEEE+ * es solo para personal *
EEEEEEEEEEEEEEE: EEEEET TEEEEEEEEEEEEEEEEE* * autorizado de ETB. *
EEEEE++++!. TEEEEE :EEEEEEE* EEEEEE! * *
EEEEE EEEEE+ EEEEEE+ .EEEEET * Toda actividad sera *
EEEEEE: .!TE+ EEEEEE *EEEEE. EEEEEE * monitoreada y almacenada*
*EEEEEEEEEEEEEE .EEEEE: EEEEE! *EEEEE! * y podra ser utilizada *
!EEEEEEEEE+: !EEEEET TEEEET EEEEEE: * legalmente. *
EEEEE* .TEEEEE! .TEEEEEET * *
+*+** EEEEEEEEEEEEE+ ***************************
.TEEEEEE+.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXX

!Atencion:
Usted esta a punto de utilizar un recursos tecnologico de ETB para
CAFAM_MED_K49C50_I,
no ingrese si no esta autorizado. Recuerde que su clave de acceso es personal e
intransferible.
La divulgacion de la clave puede afectar la seguridad de nuestra red.
En caso de sospecha de divulgacion de su clave proceda a cambiarla de inmediato.
Toda actividad sera monitoreada por razones de seguridad.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXX
^C
!
line con 0
password 7 045404510234424A59
login
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
stopbits 1
line 3
modem InOut
speed 115200
flowcontrol hardware
line vty 0 4
 password 7 02090B0C061301251C
login
transport input all
!
scheduler allocate 20000 1000
!
!
!
end

CAFAM_PER_K17C9_I#
CAFAM_PER_K17C9_I# show ip interface brief
Interface IP-Address OK? Method Status
Protocol
Async3 unassigned YES unset down down

BRI0 unassigned YES NVRAM administratively down down

BRI0:1 unassigned YES unset administratively down down

BRI0:2 unassigned YES unset administratively down down

FastEthernet0 unassigned YES NVRAM administratively down down

GigabitEthernet0 unassigned YES unset down down

GigabitEthernet1 unassigned YES unset down down

GigabitEthernet2 unassigned YES unset down down

GigabitEthernet3 unassigned YES unset down down

GigabitEthernet4 unassigned YES unset down down

GigabitEthernet5 unassigned YES unset down down

GigabitEthernet6 unassigned YES unset down down

GigabitEthernet7 unassigned YES unset down down

GigabitEthernet8 unassigned YES NVRAM up up

GigabitEthernet8.176 10.189.240.42 YES NVRAM up up

Loopback0 201.245.200.57 YES manual up up

Loopback1 2.2.2.2 YES manual up up

NVI0 10.189.240.42 YES unset up up

Vlan1 172.26.80.1 YES manual up up

Wlan-GigabitEthernet8 unassigned YES unset up up

wlan-ap0 unassigned YES NVRAM up up

CAFAM_PER_K17C9_I#show version
Cisco IOS Software, C800 Software (C800-UNIVERSALK9-M), Version 15.4(3)M3, RELEASE
SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Fri 05-Jun-15 16:04 by prod_rel_team

ROM: System Bootstrap, Version 15.4(1r)T1, RELEASE SOFTWARE (fc1)

CAFAM_PER_K17C9_I uptime is 2 hours, 31 minutes

System returned to ROM by power-on
System image file is "flash:c800-universalk9-mz.SPA.154-3.M3.bin"
Last reload type: Normal Reload
Last reload reason: power-on

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to

export@cisco.com.

Cisco C891FW-A-K9 (revision 1.0) with 357452K/35763K bytes of memory.

Processor board ID FJC2229L291
1 FastEthernet interface
10 Gigabit Ethernet interfaces
1 Serial interface
1 ISDN Basic Rate interface
2 terminal lines
1 Virtual Private Network (VPN) Module
1 cisco Embedded AP (s)
DRAM configuration is 32 bits wide
255K bytes of non-volatile configuration memory.
250880K bytes of ATA System CompactFlash (Read/Write)

License Info:

License UDI:

-------------------------------------------------
Device# PID SN
-------------------------------------------------
*1 C891FW-A-K9 FJC2229L291

License Information for 'c800'

License Level: advipservices Type: Permanent
Next reboot license Level: advipservices
Configuration register is 0x2102

CAFAM_PER_K17C9_I#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.189.240.41 21 0014.f6d4.a9f6 ARPA GigabitEthernet8.176
Internet 10.189.240.42 - 502f.a895.98c4 ARPA GigabitEthernet8.176
Internet 172.26.80.1 - 502f.a895.98b2 ARPA Vlan1
CAFAM_PER_K17C9_I#