Showing posts with label cisco. Show all posts
Showing posts with label cisco. Show all posts

Tuesday, November 4, 2014

Cisco 2811 as PPTP VPN Server

internet-pptp-cisco 

We can use a cisco 2800 series router as a VPN server in a network, it can be used in a medium business, so there is a sample configuration for cisco 2811 as a PPTP VPN server:


Building configuration...

Current configuration : 1236 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
!
 --More--         !
vpdn enable
!
vpdn-group vpn
! Default PPTP VPDN group
 accept-dialin
  protocol pptp
  virtual-template 1
!
!
!
voice-card 0
 no dspfarm
!
!
!
!
!
!
!
!
!
!
 --More--         !
!
!
!
!
username test password 0 test
!
!
!
!
!
!
!
interface Loopback0
 ip address 200.200.200.200 255.255.255.255
!
interface FastEthernet0/0
 ip address 210.10.10.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 --More--         shutdown
 duplex auto
 speed auto
!
interface Serial0/0/0
 no ip address
 shutdown
 no fair-queue
 clock rate 2000000
!
interface Serial0/0/1
 no ip address
 shutdown
 clock rate 2000000
!
interface Virtual-Template1
 ip unnumbered FastEthernet0/0
 peer default ip address pool vpn
 ppp encrypt mppe auto required
 ppp authentication ms-chap ms-chap-v2
!
ip local pool vpn 100.0.0.1 100.0.0.10
ip classless
 --More--         !
!
ip http server
no ip http secure-server
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 --More--         login
!
scheduler allocate 20000 1000
!
end

Router#
Posted by at No comments:
Labels: , , , , , , ,

Wednesday, October 29, 2014

Configure Cisco 2811 ATM module



Configure Cisco 2811 ATM module

If you need too configure an ATM module on a cisco router don't hesitate its the simplest task ever:

interface ATM0/0/0
 description Connected to hell :))
 ip address 10.20.152.210 255.255.255.252
 no atm ilmi-keepalive
 pvc 7/92
  cbr 1024
  encapsulation aal5snap
Posted by at No comments:
Labels: , , , , , , ,

Cisco URL filtering configuration

Cisco URL filtering configuration
Cisco URL filtering configuration

This is my show run for this purpose:


sh run
Building configuration...

Current configuration : 1489 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
!
!
no ip domain lookup
ip inspect name test http urlfilter
ip urlfilter max-request 500
ip urlfilter max-resp-pak 150
ip urlfilter cache 4500
ip urlfilter exclusive-domain permit www.yahoo.com
ip urlfilter exclusive-domain permit www.360.yahoo.com
ip urlfilter exclusive-domain permit acc.asiatech.ir
ip urlfilter audit-trail
ip urlfilter urlf-server-log
ip urlfilter server vendor websense 192.168.10.3
!
!
voice-card 0
 no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 ip address 192.168.10.1 255.255.255.0
 ip nat inside
 ip inspect test in
 no ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 172.16.28.220 255.255.255.0
 ip nat outside
 no ip virtual-reassembly
 duplex auto
 speed auto
!
interface Serial0/0/0
 no ip address
 shutdown
 no fair-queue
 clock rate 2000000
!
interface Serial0/0/1
 no ip address
 shutdown
 clock rate 2000000
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.28.1
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/1 overload
!
access-list 1 permit 192.168.10.0 0.0.0.255
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
!
end

Router#
Router#
Posted by at No comments:
Labels: , , ,

Configuring CISCO switch to run SDM



Configuring switch to run SDM

Follow the instructions below to configure a switch to run SDM.

Step 1:

Connect to your switch using Telnet, SSH or via console.

Enter the global configuration mode using the command:

Router>enable

Router#conf terminal

Router(config)#

Step 2 :

Enable the router's HTTP/HTTPS server, using the following Cisco IOS commands: 

Router(config)# ip http server

Router(config)# ip http authentication local

Note:- HTTPS is enabled only for crypto enabled IOS images.

Step 3:

Create a user with privilege level 15.

Router(config)#aaa new-model

Router(config)#aaa authentication login default local

Router(config)# username <username> privilege 15 password 0 <password>

Note:- Replace <username> and <password> with the username and password that you want to configure.

Step 4:

Configure SSH and Telnet for local login and privilege level 15:

Router(config)# line vty 1 15

Router(config-line)# privilege level 15

Router(config-line)# login authentication default

Router(config-line)# transport input telnet

Router(config-line)# exit

Step 5: (Optional)

Enable local logging to support the log monitoring function: 

Router(config)# logging buffered 51200 warning





Posted by at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)