SNMP VS. Syslog
Hello
I have the Cisco MARCH tool SIM in my environment and I currently use syslog messages for report of activities for various devices; I would like to see what I would get if I compatible SNMP on what is currently collected through syslog messaging?
Thank you
Haitham
Hi Haitham,
SNMP provides limited/specific type of newspapers through traps, for example, restarting the system, BGP. ATS and so on.
For example, in the router, you can see snmp options via "snmp-Server enable traps?
http://www.Cisco.com/en/us/Tech/tk648/tk362/technologies_tech_note09186a008021de3e.shtml
Syslog will generate and send logs syslog level that allowed you to be sent to MARS. Recommended level is information so that you can collect all the information/events in a specific device. But you can always specify this level based on the criticality of the device.
SNMP and Syslog complement each other in order to provide accurate and sufficient information to be processed by MARCH. NetFlow is also an excellent source of information.
Rgds,
AK
Tags: Cisco Security
Similar Questions
-
Syslog collection via a Windows port ILO Server?
We have a few servers HP, ILO (2).
Can we push the traps SNMP and syslog information on the ILO connx?
Thank you.
Hi Jim,.
Syslogs are possible, don't know about the SNMP traps.
found this link on the internet [HP iLO 4 user - Business Support Center - Hewlett Packard Guide]:
http://bizsupport2.Austin.HP.com/BC/docs/support/SupportManual/c03334051/c03334051.PDF
Thank you-
Alya
[Note the useful post]
-
SNMP configuration on ASA 5520
I was wondering if someone could provide me with basic configuration or a link to the basic configuration for the monitoring of SNMP on an ASA 5520.
Thank you
Chris
SNMP-server host within the 192.168.1.185 community XXXXX
^ - Configures only host 192.168.1.185 can get snmp data
Server SNMP community xxxxx
^ - open to everyone, if you want to
location of Server SNMP-individuals
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Server enable SNMP traps syslog
Server SNMP traps enable ipsec works stop
Server enable SNMP traps entity config - change insert-fru fru - remove
Server SNMP enable doors remote access has exceeded the threshold of session
This should be the biggest part of what you need
-
Access Cisco profile 42 "Console, syslog and SSH
Hello
I profile 42 "with the version of the TCNC 4.2.1265253 software
I have query on Cisco profile 42 "and 52"
(1) profile 42 ", I activated the Serial Port Mode 'on '.
but I am not able to connect to profile 42 "(à l'intérieur de codec peut être c20) the console with onCOM1 rate 38400 baud rate"
Is it disabled in the profile 42 "code?
(2) I have configured security-> Audit-> IP server of syslog and logging-> external
But any change in configuration, I do it on profile 42 "is not loggin to syslog server.
But other devices such as the VCS and MCU send syslog server syslog message.
I have attached the profile 42 "screen shot, is there anything else required for syslog?
(3) profile 42 "with TCNC 4.2.1265253 - SSH software version is not supported?
even if I enable SSH mode 'on' I'm not able to ssh to the machine.
(4) we have another point of termination profile 52 "with active encryption version TC4.2.1.265253 software.
I am able to connect through SSH, but the problem is, it accepts the connection without asking for user name and password...!
I have attached the profile 42 "GUI config screenshot
Pls. suggest, if you have the solution to all these questions.
Thank you
Rajesh
Hello
I tried on my SX20 and I see the messages are sent to the port TCP 514:
[dderidde-sx20: / var/log/eventlog] $ tcp port 514 - vv x tcpdump
10:27:03.870003 IP (tos 0x0, ttl 64, id 2654, offset 0, flags [DF], proto TCP (6), length 145)
DHCP-dgm2-vl300-144-254-13-42.Cisco.com.53345 > drop.cisco.com.514: flags [P.], cksum 0xe629 (correct), seq, ack, 1:94 1, winning 137, the options [nop, nop, Rec. TS 45532890 3096889259 val], length 93
0x0000: 4500 4000-4006 e792 90fe 0d2a E...^@.@...* 0a5e 0091
0 0010 x: 0 to 30 a01e d061 0202 dd1b cc8c d 014 3b 09. 0... a... M;.
0 x 0020: 8018 0089 e629 0000 0101 080 a 02 b 6 c6da...) ..........
0 x 0030: c7ab 3 38 c b896 363rd 4a 61 3233 2031 6e20... <86>Jan.23.1
0 x 0040: 303 3 a 31 3236 286th 3720 6529 2073 6f6e a 0:26:17. (none) .s
0 x 0050: 645 b 7368 3233 3039 345 d 3 has 20 7061 6d5f shd [23094]: .pam_
0 x 0060: 756 6978 2873 7368 643 a 7365 7373 696f unix (sshd:sessio
0 x 0070: 3 a 20 7365 and 7373 696f 6e20 636 6e29 c 6f73 n):. session.clos
0 x 0080: 6564 2066 2075 7365 7220 726f 6f74 ed.for.user.root 6f72
0x0 0090: a
I found this DDT which tells me to use the TCP protocol as a "Workaround".
CSCts98937 - EX60/EX90 and impossible to get work of Syslog C90/C60
Symptom:
Not seeing the SNMP or Syslog traffic on port 514 UDP.
Conditions:
Normal operation.
Workaround solution:
Use port TCP 514...
Note:
Make sure you restart the codec after you enable the Syslog.
Contact the engineering/documentation if TCP is the only mode of transport.
86> -
Hello
We run 3xWLC controller with 800 AP using ISE 1.2 for authentication wireless 802. 1 x. I was looking in the config of the ISE and notice of 400 edge cheating only 2x2960s are configured with 802. 1 x (ISE RADIUS config) and SNMP and only 2 of the port is 2 ap tie with swtich remaining ports.and the 3XWLC in network devices.
I do not understand how an access point is to do this work (802.1 x) because it is location on different site and people are connecting to various different locations. ISE almost run/do 11 876 profiled ends.
version 12.2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$ fokm$ lesIWAaceFFs.SpNdJi7t.
!
Test-RADIUS username password 7 07233544471A1C5445415F
AAA new-model
Group AAA dot1x default authentication RADIUS
Group AAA authorization network default RADIUS
Group AAA authorization auth-proxy default RADIUS
start-stop radius group AAA accounting dot1x default
start-stop radius group AAA accounting system by default
!
!
!
!
AAA server RADIUS Dynamics-author
Client 10.178.5.152 server-key 7 151E1F040D392E
Client 10.178.5.153 server-key 7 060A1B29455D0C
!
AAA - the id of the joint session
switch 1 supply ws-c2960s-48 i/s-l
cooldown critical authentication 1000
!
!
IP dhcp snooping vlan 29,320,401
no ip dhcp snooping option information
IP dhcp snooping
no ip domain-lookup
analysis of IP device
!
logging of the EMP
!
Crypto pki trustpoint TP-self-signed-364377856
enrollment selfsigned
name of the object cn = IOS - Self - signed - certificate - 364377856
revocation checking no
rsakeypair TP-self-signed-364377856
!
!
TP-self-signed-364377856 crypto pki certificate chain
certificate self-signed 01
30820247 308201B 0 A0030201 02020101 300 D 0609 2A 864886 F70D0101 04050030
2 060355 04031325 494F532D 53656 C 66 2 AND 536967 6E65642D 43657274 30312E30
69666963 33363433 37373835 36301E17 393330 33303130 30303331 0D 6174652D
305A170D 2E302C06 1325494F 03550403 32303031 30313030 30303030 5A 303031
532D 5365 6C662D53 69676E65 642D 4365 72746966 69636174 652 3336 34333737
06092A 86 4886F70D 01010105 38353630 819F300D 00308189 02818100 0003818D
B09F8205 9DD44616 858B1F49 A27F94E4 9E9C3504 F56E18EB 6D1A1309 15C20A3D
31FCE168 5A8C610B 7F77E7FC D9AD3856 E4BABDD1 DFB28F54 6C24229D 97756ED4
975E2222 939CF878 48D7F894 618279CF 2F9C4AD5 4008AFBB 19733DDB 92BDF73E
B43E0071 C7DC51C6 B9A43C6A FF035C63 B53E26E2 C0522D40 3F850F0B 734DADED
02030100 01A 37130 03551 D 13 6F300F06 0101FF04 05300301 01FF301C 0603551D
11041530 13821150 5F494D2B 545F5374 61636B5F 322D312E 301F0603 551D 2304
18301680 1456F3D9 23759254 57BA0966 7C6C3A71 FFF07CE0 A2301D06 03551D0E
04160414 56F3D923 75925457 BA09667C 6C3A71FF F07CE0A2 2A 864886 300 D 0609
F70D0101 5B1CA52E B38AC231 E45F3AF6 12764661 04050003 81810062 819657B 5
F08D258E EAA2762F F90FBB7F F6E3AA8C 3EE98DB0 842E82E2 F88E60E0 80C1CF27
DE9D9AC7 04649AEA 51C49BD7 7BCE9C5A 67093FB5 09495971 926542 4 5A7C7022
8D9A8C2B 794D99B2 3B92B936 526216E0 79 D 80425 12B 33847 30F9A3F6 9CAC4D3C
7C96AA15 CC4CC1C0 5FAD3B
quit smoking
control-dot1x system-auth
dot1x critical eapol
!
pvst spanning-tree mode
spanning tree extend id-system
No vlan spanning tree 294-312,314-319,321-335,337-345,400,480,484-493,499,950
!
!
!
errdisable recovery cause Uni-directional
errdisable recovery cause bpduguard
errdisable recovery cause of security breach
errdisable recovery cause channel-misconfig (STP)
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause FPS-config-incompatibility
errdisable recovery cause gbic-invalid
errdisable recovery cause psecure-violation
errdisable cause of port-mode-failure recovery
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause pppoe-AI-rate-limit
errdisable recovery cause mac-limit
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery cause inline-power
errdisable recovery cause arp-inspection
errdisable recovery cause loopback
errdisable recovery cause small-frame
errdisable recovery cause psp
!
internal allocation policy of VLAN ascendant
!
!
interface GigabitEthernet1/0/10
switchport access vlan 320
switchport mode access
IP access-group ACL-LEAVE in
authentication event fail following action method
action of death server to authenticate the event permit
living action of the server reset the authentication event
multi-domain of host-mode authentication
open authentication
authentication order dot1x mab
authentication priority dot1x mab
Auto control of the port of authentication
periodic authentication
authentication violation replace
MAB
dot1x EAP authenticator
dot1x tx-time 10
spanning tree portfast
spanning tree enable bpduguardinterface GigabitEthernet1/0/16
switchport access vlan 320
switchport mode access
IP access-group ACL-LEAVE in
authentication event fail following action method
action of death server to authenticate the event permit
living action of the server reset the authentication event
multi-domain of host-mode authentication
open authentication
authentication order dot1x mab
authentication priority dot1x mab
Auto control of the port of authentication
periodic authentication
authentication violation replace
MAB
dot1x EAP authenticator
dot1x tx-time 10
spanning tree portfast
spanning tree enable bpduguard
interface GigabitEthernet1/0/24
switchport access vlan 320
switchport mode access
IP access-group ACL-LEAVE in
authentication event fail following action method
action of death server to authenticate the event permit
living action of the server reset the authentication event
multi-domain of host-mode authentication
open authentication
authentication order dot1x mab
authentication priority dot1x mab
Auto control of the port of authentication
periodic authentication
authentication violation replace
MAB
dot1x EAP authenticator
dot1x tx-time 10
spanning tree portfast
spanning tree enable bpduguard
!
interface GigabitEthernet1/0/33
switchport access vlan 320
switchport mode access
IP access-group ACL-LEAVE in
authentication event fail following action method
action of death server to authenticate the event permit
living action of the server reset the authentication event
multi-domain of host-mode authentication
open authentication
authentication order dot1x mab
authentication priority dot1x mab
Auto control of the port of authentication
periodic authentication
authentication violation replace
MAB
dot1x EAP authenticator
dot1x tx-time 10
spanning tree portfast
spanning tree enable bpduguard
interface GigabitEthernet1/0/34
switchport access vlan 320
switchport mode access
IP access-group ACL-LEAVE in
authentication event fail following action method
action of death server to authenticate the event permit
living action of the server reset the authentication event
multi-domain of host-mode authentication
open authentication
authentication order dot1x mab
authentication priority dot1x mab
Auto control of the port of authentication
periodic authentication
authentication violation replace
MAB
dot1x EAP authenticator
dot1x tx-time 10
spanning tree portfast
spanning tree enable bpduguard
!
interface GigabitEthernet1/0/44
switchport access vlan 320
switchport mode access
IP access-group ACL-LEAVE in
authentication event fail following action method
action of death server to authenticate the event permit
living action of the server reset the authentication event
multi-domain of host-mode authentication
open authentication
authentication order dot1x mab
authentication priority dot1x mab
Auto control of the port of authentication
periodic authentication
authentication violation replace
MAB
dot1x EAP authenticator
dot1x tx-time 10
spanning tree portfast
spanning tree enable bpduguard!
interface GigabitEthernet1/0/46
switchport access vlan 320
switchport mode access
IP access-group ACL-LEAVE in
authentication event fail following action method
action of death server to authenticate the event permit
living action of the server reset the authentication event
multi-domain of host-mode authentication
open authentication
authentication order dot1x mab
authentication priority dot1x mab
Auto control of the port of authentication
periodic authentication
authentication violation replace
MAB
dot1x EAP authenticator
dot1x tx-time 10
spanning tree portfast
spanning tree enable bpduguardinterface GigabitEthernet1/0/48
switchport access vlan 320
switchport mode access
IP access-group ACL-LEAVE in
authentication event fail following action method
action of death server to authenticate the event permit
living action of the server reset the authentication event
multi-domain of host-mode authentication
open authentication
authentication order dot1x mab
authentication priority dot1x mab
Auto control of the port of authentication
periodic authentication
authentication violation replace
MAB
dot1x EAP authenticator
dot1x tx-time 10
spanning tree portfast
spanning tree enable bpduguard
!
interface GigabitEthernet1/0/49
Description link GH
switchport trunk allowed vlan 1,2,320,350,351,401
switchport mode trunk
MLS qos trust dscp
IP dhcp snooping trust
!interface GigabitEthernet1/0/52
Description link CORE1
switchport trunk allowed vlan 1,2,29,277,278,314,320,401
switchport mode trunk
MLS qos trust dscp
IP dhcp snooping trust
!
!
interface Vlan320
IP 10.178.61.5 255.255.255.128
no ip-cache cef route
no ip route cache
!
default IP gateway - 10.178.61.1
IP http server
IP http secure server
IP http secure-active-session-modules no
active session modules IP http no
!
!
Access IP extended ACL-AGENT-REDIRECT list
deny udp any any domain eq bootps
permit tcp any any eq www
permit any any eq 443 tcp
IP extended ACL-ALLOW access list
allow an ip
IP access-list extended by DEFAULT ACL
allow udp any eq bootpc any eq bootps
allow udp any any eq field
allow icmp a whole
allow any host 10.178.5.152 eq 8443 tcp
permit tcp any host 10.178.5.152 eq 8905
allow any host 10.178.5.152 eq 8905 udp
permit tcp any host 10.178.5.152 eq 8906
allow any host 10.178.5.152 eq 8906 udp
allow any host 10.178.5.152 eq 8909 tcp
allow any host 10.178.5.152 eq 8909 udp
allow any host 10.178.5.153 eq 8443 tcp
permit tcp any host 10.178.5.153 eq 8905
allow any host 10.178.5.153 eq 8905 udp
permit tcp any host 10.178.5.153 eq 8906
allow any host 10.178.5.153 eq 8906 udp
allow any host 10.178.5.153 eq 8909 tcp
allow any host 10.178.5.153 eq 8909 udp
refuse an entire ip
Access IP extended ACL-WEBAUTH-REDIRECT list
deny ip any host 10.178.5.152
deny ip any host 10.178.5.153
permit tcp any any eq www
permit any any eq 443 tcpradius of the IP source-interface Vlan320
exploitation forest esm config
logging trap alerts
logging Source ip id
connection interface-source Vlan320
record 192.168.6.31
host 10.178.5.150 record transport udp port 20514
host 10.178.5.151 record transport udp port 20514
access-list 10 permit 10.178.5.117
access-list 10 permit 10.178.61.100
Server SNMP engineID local 800000090300000A8AF5F181
SNMP - server RO W143L355 community
w143l355 RW SNMP-server community
SNMP-Server RO community lthpublic
SNMP-Server RO community lthise
Server SNMP trap-source Vlan320
Server SNMP informed source-interface Vlan320
Server enable SNMP traps snmp authentication linkdown, linkup cold start
SNMP-Server enable traps cluster
config SNMP-server enable traps
entity of traps activate SNMP Server
Server enable SNMP traps ipsla
Server enable SNMP traps syslog
Server enable SNMP traps vtp
SNMP Server enable traps mac-notification change move threshold
Server SNMP enable traps belonging to a vlan
SNMP-server host 10.178.5.152 version 2 c lthise mac-notification
SNMP-server host 10.178.5.153 version 2 c lthise mac-notification
!
RADIUS attribute 6 sur-pour-login-auth server
Server RADIUS attribute 8 include-in-access-req
RADIUS attribute 25-application access server include
dead-criteria 5 tent 3 times RADIUS server
test the server RADIUS host 10.178.5.152 auth-port 1812 acct-port 1813 username test-RADIUS 7 key 03084F030F1C24
test the server RADIUS host 10.178.5.153 auth-port 1812 acct-port 1813 username test-RADIUS 7 key 141B060305172F
RADIUS vsa server send accounting
RADIUS vsa server send authenticationany help would be really appreciated.
I'm not sure that completely understand the question; But if LSE is only political wireless, then none of the wired switches need any configuration of ISE.
Access points tunnel all wireless traffic to the WLC on CAPWAP (unless you use FlexConnect). This is the configuration 802. 1 x on the WLC that implements policies defined in ISE.
Switches wired never need to act as an access network (n) device and so do not need to be defined in ISE unless or until you want to apply policies of ISE for wired devices...
-
Cisco ASA 5515 two asa firewall ipsec vpn tunnel is not coming
HelloW everyone.
I configured ipsec vpn tunnel between Singapore and Malaysia with asa firewall.
but the vpn does not come to the top. can someone tell me what can be the root cause?
Here is the configuration of twa asa: (I changed the ip address all the)
Singapore:
See the race
ASA 2.0000 Version 4
!
ASA5515-SSG520M hostname
activate the encrypted password of PVSASRJovmamnVkD
names of
!
interface GigabitEthernet0/0
nameif inside
security-level 100
IP 192.168.15.4 255.255.255.0
!
interface GigabitEthernet0/1
nameif DMZ
security-level 50
IP 192.168.5.3 255.255.255.0
!
interface GigabitEthernet0/2
nameif outside
security-level 0
IP 160.83.172.8 255.255.255.224
<--- more="" ---="">
!
<--- more="" ---="">
interface GigabitEthernet0/3
<--- more="" ---="">
Shutdown
<--- more="" ---="">
No nameif
<--- more="" ---="">
no level of security
<--- more="" ---="">
no ip address
!
interface GigabitEthernet0/4
Shutdown
No nameif
no level of security
no ip address
!
interface GigabitEthernet0/5
nameif test
security-level 100
IP 192.168.168.219 255.255.255.0
!
interface Management0/0
management only
nameif management
security-level 100
IP 192.168.1.1 255.255.255.0
!
connection of the banner ^ C please disconnect if you are unauthorized access ^ C
connection of the banner please disconnect if you are unauthorized access
boot system Disk0: / asa922-4-smp - k8.bin
passive FTP mode
network of the SG object
<--- more="" ---="">
192.168.15.0 subnet 255.255.255.0
network of the MK object
192.168.6.0 subnet 255.255.255.0
service of the TCP_5938 object
Service tcp destination eq 5938
Team Viewer description
service tcp_3306 object
Service tcp destination eq 3306
service tcp_465 object
tcp destination eq 465 service
service tcp_587 object
Service tcp destination eq 587
service tcp_995 object
tcp destination eq 995 service
service of the TCP_9000 object
tcp destination eq 9000 service
network of the Inside_host object
Home 192.168.15.202
service tcp_1111 object
Service tcp destination eq 1111
service tcp_7878 object
Service tcp destination eq 7878
service tcp_5060 object
SIP, service tcp destination eq
<--- more="" ---="">
service tcp_5080 object
Service tcp destination eq 5080
network of the NETWORK_OBJ_192.168.15.0_24 object
192.168.15.0 subnet 255.255.255.0
inside_access_in list extended access allowed object SG ip everything
OUTSIDE_IN list extended access permit tcp any newspaper EQ 9000 Inside_host object
access extensive list ip 192.168.15.0 outside_cryptomap allow 255.255.255.0 object MK
pager lines 24
Enable logging
timestamp of the record
exploitation forest-size of the buffer of 30000
debug logging in buffered memory
recording of debug trap
debugging in the history record
asdm of logging of information
host test 192.168.168.231 record
host test 192.168.168.203 record
Within 1500 MTU
MTU 1500 DMZ
Outside 1500 MTU
test MTU 1500
management of MTU 1500
no failover
<--- more="" ---="">
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 7221.bin
don't allow no asdm history
ARP timeout 14400
no permit-nonconnected arp
NAT (inside, outside) static source SG SG static destination MK MK non-proxy-arp-search to itinerary
!
network of the SG object
NAT dynamic interface (indoor, outdoor)
network of the Inside_host object
NAT (inside, outside) interface static 9000 9000 tcp service
inside_access_in access to the interface inside group
Access-group OUTSIDE_IN in interface outside
Route outside 0.0.0.0 0.0.0.0 160.83.172.x 1--->--->--->--->--->--->--->--->--->
Route inside 10.0.1.0 255.255.255.0 192.168.15.199 1
Route inside 10.0.2.0 255.255.255.0 192.168.15.199 1
Route inside 10.0.11.0 255.255.255.0 192.168.15.199 1
Route inside 10.1.0.0 255.255.0.0 192.168.15.199 1
Route inside 10.8.0.0 255.255.0.0 192.168.15.199 1
Route inside 10.104.0.0 255.255.0.0 192.168.15.199 1
Route inside 192.168.8.0 255.255.255.0 192.168.15.199 1
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
<--- more="" ---="">
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
identity of the user by default-domain LOCAL
the ssh LOCAL console AAA authentication
Enable http serverCommunity trap SNMP-server host test 192.168.168.231 *.
No snmp server location
No snmp Server contact
Server enable SNMP traps syslog
Crypto ipsec transform-set ikev1 VPN-TRANSFORM esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-SHA aes - esp esp-sha-hmac
<--- more="" ---="">
Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-SHA-TRANS-aes - esp esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-TRANS-aes - esp esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transit
Crypto ipsec transform-set ikev1 SHA-ESP-3DES esp-3des esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-DES-SHA esp - esp-sha-hmac
<--- more="" ---="">
Crypto ipsec transform-set ikev1 esp ESP-DES-MD5-esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-DES-SHA-TRANS esp - esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-DES-MD5-TRANS esp - esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transit
Crypto ipsec pmtu aging infinite - the security association
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 define ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
crypto CRYPTO - map 2 map corresponds to the address outside_cryptomap
card crypto CRYPTO-map 2 set peer 103.246.3.54
card crypto CRYPTO-map 2 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
card crypto CRYPTO-map 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
CRYPTO-card interface card crypto outside
trustpool crypto ca policy
Crypto ikev1 allow outside
IKEv1 crypto policy 10
preshared authentication
aes-256 encryption
sha hash
Group 2--->--->--->
life 86400Console timeout 0
management of 192.168.1.2 - dhcpd address 192.168.1.254
enable dhcpd management
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
SSL encryption rc4-aes128-sha1 aes256-3des-sha1 sha1 sha1
internal GroupPolicy1 group strategy
attributes of Group Policy GroupPolicy1
Ikev1 VPN-tunnel-Protocol
username, password admin eY/fQXw7Ure8Qrz7 encrypted privilege 15
username gmsadmin password HS/VyK0jtJ/PANQT encrypted privilege 15
tunnel-group 143.216.30.7 type ipsec-l2l
tunnel-group 143.216.30.7 General-attributes
Group Policy - by default-GroupPolicy1
<--- more="" ---="">
IPSec-attributes tunnel-group 143.216.30.7
IKEv1 pre-shared-key *.
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
Overall description
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
<--- more="" ---="">
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
!
global service-policy global_policy
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:ccce9a600b491c8db30143590825c01d
: endMalaysia:
:
ASA 2.0000 Version 4
!
hostname ASA5515-SSG5-MK
activate the encrypted password of PVSASRJovmamnVkD
names of
!
interface GigabitEthernet0/0
nameif inside
security-level 100
IP 192.168.6.70 255.255.255.0
!
interface GigabitEthernet0/1
nameif DMZ
security-level 50
IP 192.168.12.2 255.255.255.0
!
interface GigabitEthernet0/2
nameif outside
security-level 0
IP 143.216.30.7 255.255.255.248
<--- more="" ---="">
!
interface GigabitEthernet0/3
Shutdown
No nameif
no level of security
no ip address
!
interface GigabitEthernet0/4
Shutdown
No nameif
no level of security
no ip address
!
interface GigabitEthernet0/5
nameif test
security-level 100
IP 192.168.168.218 255.255.255.0
!
interface Management0/0
management only
nameif management
security-level 100
IP 192.168.1.1 255.255.255.0
!
<--- more="" ---="">
Interface Port - Channel 1
No nameif
no level of security
IP 1.1.1.1 255.255.255.0
!
boot system Disk0: / asa922-4-smp - k8.bin
passive FTP mode
clock timezone GMT + 8 8
network of the SG object
192.168.15.0 subnet 255.255.255.0
network of the MK object
192.168.6.0 subnet 255.255.255.0
service of the TCP_5938 object
Service tcp destination eq 5938
Team Viewer description
service tcp_3306 object
Service tcp destination eq 3306
service tcp_465 object
tcp destination eq 465 service
service tcp_587 object
Service tcp destination eq 587
service tcp_995 object
tcp destination eq 995 service
service of the TCP_9000 object
<--- more="" ---="">
tcp destination eq 9000 service
network of the Inside_host object
Home 192.168.6.23
service tcp_1111 object
Service tcp destination eq 1111
service tcp_7878 object
Service tcp destination eq 7878
service tcp_5060 object
SIP, service tcp destination eq
service tcp_5080 object
Service tcp destination eq 5080
network of the NETWORK_OBJ_192.168.2.0_24 object
192.168.6.0 subnet 255.255.255.0
inside_access_in list extended access allowed object SG ip everything--->--->--->--->--->
VPN-INTERESTING-TRAFFIC extended access list permit ip object MK SG
OUTSIDE_IN list extended access permit tcp any newspaper EQ 9000 Inside_host object
outside_cryptomap to access extended list ip 192.168.6.0 allow 255.255.255.0 object SG
pager lines 24
Enable logging
timestamp of the record
exploitation forest-size of the buffer of 30000
debug logging in buffered memory
recording of debug trap
asdm of logging of information
<--- more="" ---="">
host test 192.168.168.231 record
host test 192.168.168.203 record
Within 1500 MTU
MTU 1500 DMZ
Outside 1500 MTU
test MTU 1500
management of MTU 1500--->
reverse IP check management interface path
no failover
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 7221.bin
don't allow no asdm history
ARP timeout 14400
no permit-nonconnected arp
NAT (inside, outside) static source MK MK static destination SG SG route no-proxy-arp-search
NAT (inside, outside) static source NETWORK_OBJ_192.168.2.0_24 NETWORK_OBJ_192.168.2.0_24 static destination SG SG route no-proxy-arp-search
!
network of the MK object
NAT dynamic interface (indoor, outdoor)
network of the Inside_host object
NAT (inside, outside) interface static 9000 9000 tcp service
inside_access_in access to the interface inside group
Access-group OUTSIDE_IN in interface outside
Route outside 0.0.0.0 0.0.0.0 143.216.30.x 1
<--- more="" ---="">
Route inside 10.2.0.0 255.255.0.0 192.168.6.200 1
Route inside 10.6.0.0 255.255.0.0 192.168.6.200 1
Route inside 192.168.254.0 255.255.255.0 192.168.6.200 1
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
identity of the user by default-domain LOCAL
AAA authentication http LOCAL console
the ssh LOCAL console AAA authentication
Enable http serverNo snmp server location
No snmp Server contact
Crypto ipsec transform-set ikev1 VPN-TRANSFORM esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-SHA aes - esp esp-sha-hmac
<--- more="" ---="">
Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-SHA-TRANS-aes - esp esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-TRANS-aes - esp esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transit
Crypto ipsec transform-set ikev1 SHA-ESP-3DES esp-3des esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-DES-SHA esp - esp-sha-hmac
<--- more="" ---="">
--->--->--->
Crypto ipsec transform-set ikev1 esp ESP-DES-MD5-esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-DES-SHA-TRANS esp - esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-DES-MD5-TRANS esp - esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transit
Crypto ipsec pmtu aging infinite - the security association
crypto CRYPTO - map 2 map corresponds to the address outside_cryptomap
card crypto CRYPTO-map 2 set peer 160.83.172.8
card crypto CRYPTO-map 2 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
CRYPTO-card interface card crypto outside
trustpool crypto ca policy
Crypto ikev1 allow outside
IKEv1 crypto policy 10
preshared authentication
aes-256 encryption
sha hash
Group 2
life 86400
SSH timeout 60
SSH group dh-Group1-sha1 key exchange
Console timeout 0
management of 192.168.1.2 - dhcpd address 192.168.1.254
enable dhcpd management
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
SSL encryption rc4-aes128-sha1 aes256-3des-sha1 sha1 sha1
attributes of Group Policy DfltGrpPolicy
Ikev1 VPN-tunnel-Protocol l2tp ipsec without ssl-client
internal GroupPolicy1 group strategy
attributes of Group Policy GroupPolicy1
Ikev1 VPN-tunnel-Protocol
username, password admin eY/fQXw7Ure8Qrz7 encrypted privilege 15
username gmsadmin password HS/VyK0jtJ/PANQT encrypted privilege 15
<--- more="" ---="">
tunnel-group MK SG type ipsec-l2l
IPSec-attributes tunnel-group MK-to-SG
IKEv1 pre-shared-key *.
tunnel-group 160.83.172.8 type ipsec-l2l
tunnel-group 160.83.172.8 General-attributes
Group Policy - by default-GroupPolicy1
IPSec-attributes tunnel-group 160.83.172.8
IKEv1 pre-shared-key *.
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
<--- more="" ---="">
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
!
global service-policy global_policy
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:d41d8cd98f00b204e9800998ecf8427e
: endGood news, that VPN has been implemented!
According to the ping problem, my suggestion is to check, if some type of firewall based on host computers on both sides block ICMP requests.
Anyway, you can still use the capture of packets on the inside of the interfaces of the two ASAs, to check if the ICMP traffic is to reach the ASA.
In addition, you can try to enable ICMP inspection:
Policy-map global_policy
class inspection_defaultinspect the icmp
inspect the icmp error
--->---> -
C240 M3 on hardware failure email alerts?
Hello
I have server-ucs240 M3.
I want to configure smtp to alert.
My MMIC version: 1.5 (4 d).
The server running VMware ESXi 5.1.
How to configure?
Greetings.
The MMIC stand alone is not an email alert function at this stage (as in worm 2.09)
In stand-alone mode, it sends alerts currently SNMP and syslog.
You get this feature if the 240M 3 Server is managed by the supervisor of the BMI, or UCSM.
Thank you
Kirk...
-
Cisco ipsec Vpn connects but cannot communicate with lan
I have a version of cisco 1921 15.2 (4) M3 I install vpn ipsec and may have customers to connect but cannot ping anything inside. A glimpse of what could be wrong with my config would be greatly appreciated. I posted the configuration as well as running a few outings of ipsec. I also tried with multiple operating systems using cisco vpn client and shrewsoft. I am able to connect to the other VPN ipsec running 1921 both of these computers by using a client.
Thanks for any assistance
SH run
!
AAA new-model
!
!
AAA authentication login radius_auth local radius group
connection of AAA VPN_AUTHEN group local RADIUS authentication
AAA authorization network_vpn_author LAN
!
!
!
!
!
AAA - the id of the joint session
clock timezone PST - 8 0
clock to summer time recurring PST
!
no ip source route
decline of the IP options
IP cef
!
!
!
!
!
!
no ip bootp Server
no ip domain search
domain IP XXX.local
inspect the high IP 3000 max-incomplete
inspect the low IP 2800 max-incomplete
IP inspect a low minute 2800
IP inspect a high minute 3000
inspect the IP icmp SDM_LOW name
inspect the IP name SDM_LOW esmtp
inspect the tcp IP SDM_LOW name
inspect the IP udp SDM_LOW name
IP inspect name SDM_LOW ssh
No ipv6 cef
!
Authenticated MultiLink bundle-name Panel
!
!
Crypto pki trustpoint TP-self-signed-2909270577
enrollment selfsigned
name of the object cn = IOS - Self - signed - certificate - 2909270577
revocation checking no
rsakeypair TP-self-signed-2909270577
!
!
TP-self-signed-2909270577 crypto pki certificate chain
certificate self-signed 01
license udi pid CISCO1921/K9 sn FTX1715818R
!
!
Archives
The config log
Enable logging
size of logging 1000
notify the contenttype in clear syslog
the ADMIN_HOSTS object-group network
71.X.X.X 71.X.X.X range
!
name of user name1 secret privilege 15 4 XXXXXXX!
redundancy
!
!
!
!
!
property intellectual ssh time 60
property intellectual ssh authentication-2 retries
property intellectual ssh event logging
property intellectual ssh version 2
!
!
crypto ISAKMP policy 1
BA 3des
preshared authentication
Group 2
!
ISAKMP crypto client configuration group roaming_vpn
key XXXXX
DNS 192.168.10.10 10.1.1.1
XXX.local field
pool VPN_POOL_1
ACL client_vpn_traffic
netmask 255.255.255.0
!
!
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
tunnel mode
!
!
!
crypto dynamic-map VPN_DYNMAP_1 1
Set the security association idle time 1800
game of transformation-ESP-3DES-SHA
market arriere-route
!
!
list of authentication of card crypto SDM_CMAP_1 client VPN_AUTHEN
map SDM_CMAP_1 isakmp authorization list network_vpn_author crypto
client configuration address map SDM_CMAP_1 crypto answer
map SDM_CMAP_1 65535-isakmp dynamic VPN_DYNMAP_1 ipsec crypto
!
!
!
!
!
the Embedded-Service-Engine0/0 interface
no ip address
Shutdown
!
interface GigabitEthernet0/0
IP 76.W.E.R 255.255.255.248
IP access-group ATT_Outside_In in
no ip redirection
no ip unreachable
no ip proxy-arp
NAT outside IP
inspect the SDM_LOW over IP
IP virtual-reassembly in
load-interval 30
automatic duplex
automatic speed
No cdp enable
No mop enabled
map SDM_CMAP_1 crypto
!
interface GigabitEthernet0/1
no ip address
load-interval 30
automatic duplex
automatic speed
!
interface GigabitEthernet0/1.10
encapsulation dot1Q 1 native
IP 192.168.10.1 255.255.255.0
no ip redirection
no ip unreachable
no ip proxy-arp
property intellectual accounting-access violations
IP nat inside
IP virtual-reassembly in
!
interface GigabitEthernet0/1.100
encapsulation dot1Q 100
10.1.1.254 IP address 255.255.255.0
no ip redirection
no ip unreachable
no ip proxy-arp
IP nat inside
IP virtual-reassembly in
!
interface GigabitEthernet0/1,200
encapsulation dot1Q 200
IP 10.1.2.254 255.255.255.0
no ip redirection
no ip unreachable
no ip proxy-arp
IP nat inside
IP virtual-reassembly in
IP tcp adjust-mss 1452
!
local IP VPN_POOL_1 192.168.168.193 pool 192.168.168.254
IP forward-Protocol ND
!
IP http server
IP http authentication aaa-authentication of connection ADMIN_AUTHEN
IP http secure server
IP http timeout policy slowed down 60 life 86400 request 10000
!
IP nat inside source map route ATT_NAT_LIST interface GigabitEthernet0/0 overload
IP nat inside source static tcp 192.168.10.10 25 expandable 25 76.W.E.R
IP nat inside source static tcp 192.168.10.10 80 76.W.E.R 80 extensible
IP nat inside source static tcp 192.168.10.10 76.W.E.R expandable 443 443
IP nat inside source static tcp 192.168.10.10 76.W.E.R expandable 987 987
IP route 0.0.0.0 0.0.0.0 76.W.E.F
!
ATT_Outside_In extended IP access list
permit tcp object-group ADMIN_HOSTS any eq 22
allow any host 76.W.E.R eq www tcp
allow any host 76.W.E.R eq 443 tcp
allow 987 tcp any host 76.W.E.R eq
allow any host 76.W.E.R eq tcp smtp
permit any any icmp echo response
allow icmp a whole
allow udp any any eq isakmp
allow an esp
allow a whole ahp
permit any any eq non500-isakmp udp
deny ip 10.0.0.0 0.255.255.255 everything
deny ip 172.16.0.0 0.15.255.255 all
deny ip 192.168.0.0 0.0.255.255 everything
deny ip 127.0.0.0 0.255.255.255 everything
refuse the ip 255.255.255.255 host everything
refuse the host ip 0.0.0.0 everything
NAT_LIST extended IP access list
IP 10.1.0.0 allow 0.0.255.255 everything
permit ip 192.168.10.0 0.0.0.255 any
deny ip 192.168.10.0 0.0.0.255 192.168.168.192 0.0.0.63
refuse the 10.1.1.0 ip 0.0.0.255 192.168.168.192 0.0.0.63
deny ip 10.1.2.0 0.0.0.255 192.168.168.192 0.0.0.63
client_vpn_traffic extended IP access list
permit ip 192.168.10.0 0.0.0.255 192.168.168.192 0.0.0.63
ip licensing 10.1.1.0 0.0.0.255 192.168.168.192 0.0.0.63
IP 10.1.2.0 allow 0.0.0.255 10.1.1.0 0.0.0.255
!
radius of the IP source-interface GigabitEthernet0/1.10
Logging trap errors
logging source hostname id
logging source-interface GigabitEthernet0/1.10
!
ATT_NAT_LIST allowed 20 route map
corresponds to the IP NAT_LIST
is the interface GigabitEthernet0/0
!
!
SNMP-server community [email protected] / * /! s RO
Server enable SNMP traps snmp authentication linkdown, linkup warmstart cold start
Server enable SNMP traps vrrp
Server SNMP enable transceiver traps all the
Server enable SNMP traps ds1
Enable SNMP-Server intercepts the message-send-call failed remote server failure
Enable SNMP-Server intercepts ATS
Server enable SNMP traps eigrp
Server enable SNMP traps ospf-change of State
Enable SNMP-Server intercepts ospf errors
SNMP Server enable ospf retransmit traps
Server enable SNMP traps ospf lsa
Server enable SNMP traps ospf nssa-trans-changes state cisco-change specific
SNMP server activate interface specific cisco-ospf traps shamlink state change
SNMP Server enable neighbor traps cisco-specific ospf to the State shamlink change
Enable SNMP-Server intercepts specific to cisco ospf errors
SNMP server activate specific cisco ospf retransmit traps
Server enable SNMP traps ospf cisco specific lsa
SNMP server activate license traps
Server enable SNMP traps envmon
traps to enable SNMP-Server ethernet cfm cc mep-top low-mep Dispatcher loop config
Enable SNMP-Server intercepts ethernet cfm overlap missing mep mep-unknown service-up
Server enable SNMP traps auth framework sec-violation
Server enable SNMP traps c3g
entity-sensor threshold traps SNMP-server enable
Server enable SNMP traps adslline
Server enable SNMP traps vdsl2line
Server enable SNMP traps icsudsu
Server enable SNMP traps ISDN call-information
Server enable SNMP traps ISDN layer2
Server enable SNMP traps ISDN chan-not-available
Server enable SNMP traps ISDN ietf
Server enable SNMP traps ds0-busyout
Server enable SNMP traps ds1-loopback
SNMP-Server enable traps energywise
Server enable SNMP traps vstack
SNMP traps enable mac-notification server
Server enable SNMP traps bgp cbgp2
Enable SNMP-Server intercepts isis
Server enable SNMP traps ospfv3-change of State
Enable SNMP-Server intercepts ospfv3 errors
Server enable SNMP traps aaa_server
Server enable SNMP traps atm subif
Server enable SNMP traps cef resources-failure-change of State peer peer-fib-state-change inconsistency
Server enable SNMP traps memory bufferpeak
Server enable SNMP traps cnpd
Server enable SNMP traps config-copy
config SNMP-server enable traps
Server enable SNMP traps config-ctid
entity of traps activate SNMP Server
Server enable SNMP traps fru-ctrl
SNMP traps-policy resources enable server
Server SNMP enable traps-Manager of event
Server enable SNMP traps frames multi-links bundle-incompatibility
SNMP traps-frame relay enable server
Server enable SNMP traps subif frame relay
Server enable SNMP traps hsrp
Server enable SNMP traps ipmulticast
Server enable SNMP traps msdp
Server enable SNMP traps mvpn
Server enable SNMP traps PNDH nhs
Server enable SNMP traps PNDH nhc
Server enable SNMP traps PNDH PSN
Server enable SNMP traps PNDH exceeded quota
Server enable SNMP traps pim neighbor-rp-mapping-change invalid-pim-message of change
Server enable SNMP traps pppoe
Enable SNMP-server holds the CPU threshold
SNMP Server enable rsvp traps
Server enable SNMP traps syslog
Server enable SNMP traps l2tun session
Server enable SNMP traps l2tun pseudowire status
Server enable SNMP traps vtp
Enable SNMP-Server intercepts waas
Server enable SNMP traps ipsla
Server enable SNMP traps bfd
Server enable SNMP traps gdoi gm-early-registration
Server enable SNMP traps gdoi full-save-gm
Server enable SNMP traps gdoi gm-re-register
Server enable SNMP traps gdoi gm - generate a new key-rcvd
Server enable SNMP traps gdoi gm - generate a new key-fail
Server enable SNMP traps gdoi ks - generate a new key-pushed
Enable SNMP traps gdoi gm-incomplete-cfg Server
Enable SNMP-Server intercepts gdoi ks-No.-rsa-keys
Server enable SNMP traps gdoi ks-new-registration
Server enable SNMP traps gdoi ks-reg-complete
Enable SNMP-Server Firewall state of traps
SNMP-Server enable traps ike policy add
Enable SNMP-Server intercepts removal of ike policy
Enable SNMP-Server intercepts start ike tunnel
Enable SNMP-Server intercepts stop ike tunnel
SNMP server activate ipsec cryptomap add traps
SNMP server activate ipsec cryptomap remove traps
SNMP server activate ipsec cryptomap attach traps
SNMP server activate ipsec cryptomap detach traps
Server SNMP traps enable ipsec tunnel beginning
SNMP-Server enable traps stop ipsec tunnel
Enable SNMP-server holds too many associations of ipsec security
Enable SNMP-Server intercepts alarm ethernet cfm
Enable SNMP-Server intercepts rf
Server enable SNMP traps vrfmib vrf - up low-vrf vnet-trunk-up low-trunk-vnet
Server RADIUS dead-criteria life 2
RADIUS-server host 192.168.10.10
Server RADIUS 2 timeout
Server RADIUS XXXXXXX key
!
!
!
control plan
!
!Line con 0
privilege level 15
connection of authentication radius_auth
line to 0
line 2
no activation-character
No exec
preferred no transport
transport of entry all
transport output pad rlogin lapb - your MOP v120 udptn ssh telnet
StopBits 1
line vty 0 4
privilege level 15
connection of authentication radius_auth
entry ssh transport
line vty 5 15
privilege level 15
connection of authentication radius_auth
entry ssh transport
!
Scheduler allocate 20000 1000
NTP-Calendar Update
Server NTP 192.168.10.10
NTP 64.250.229.100 Server
!
endRouter ipsec crypto #sh her
Interface: GigabitEthernet0/0
Tag crypto map: SDM_CMAP_1, local addr 76.W.E.Rprotégé of the vrf: (none)
local ident (addr, mask, prot, port): (0.0.0.0/0.0.0.0/0/0)
Remote ident (addr, mask, prot, port): (192.168.168.213/255.255.255.255/0/0)
current_peer 75.X.X.X port 2642
LICENCE, flags is {}
#pkts program: 1953, #pkts encrypt: 1953, #pkts digest: 1953
#pkts decaps: 1963, #pkts decrypt: 1963, #pkts check: 1963
compressed #pkts: 0, unzipped #pkts: 0
#pkts uncompressed: 0, #pkts compr. has failed: 0
#pkts not unpacked: 0, #pkts decompress failed: 0
Errors #send 0, #recv 0 errorslocal crypto endpt. : 76.W.E.R, remote Start crypto. : 75.X.X.X
Path mtu 1500, mtu 1500 ip, ip mtu IDB GigabitEthernet0/0
current outbound SPI: 0x5D423270 (1564619376)
PFS (Y/N): N, Diffie-Hellman group: noSAS of the esp on arrival:
SPI: 0x2A5177DD (709982173)
transform: esp-3des esp-sha-hmac.
running parameters = {Tunnel UDP-program}
Conn ID: 2115, flow_id: VPN:115 on board, sibling_flags 80000040, crypto card: SDM_CMAP_1
calendar of his: service life remaining (k/s) key: (4301748/2809)
Size IV: 8 bytes
support for replay detection: Y
Status: ACTIVE (ACTIVE)the arrival ah sas:
SAS of the CFP on arrival:
outgoing esp sas:
SPI: 0x5D423270 (1564619376)
transform: esp-3des esp-sha-hmac.
running parameters = {Tunnel UDP-program}
Conn ID: 2116, flow_id: VPN:116 on board, sibling_flags 80000040, crypto card: SDM_CMAP_1
calendar of his: service life remaining (k/s) key: (4301637/2809)
Size IV: 8 bytes
support for replay detection: Y
Status: ACTIVE (ACTIVE)outgoing ah sas:
outgoing CFP sas:
Routing crypto isakmp #sh its
IPv4 Crypto ISAKMP Security Association
DST CBC conn-State id
76.W.E.R 75.X.X.X QM_IDLE 1055 ACTIVEIPv6 Crypto ISAKMP Security Association
In your acl, nat, you will need to refuse your VPN traffic before you allow the subnet at all. Just put all the declarations of refusal before the declarations of licence.
Sent by Cisco Support technique iPhone App
-
Configure incoming calls to route to the internal unit
I have a Cisco 2921 router which has a 4 FXO inside card. I would like to configure so that ALL incoming calls on all 4 ports to be forwarded to a post internal (1001), it is a test environment and I can't seem to understand what Miss me. The config is below:
Building configuration...
Current configuration: 8500 bytes
!
! Last configuration change at 08:19:46 EST Friday, March 1, 2013 by sjones
!
version 15.1
horodateurs service debug datetime msec localtime
Log service timestamps datetime msec localtime
no password encryption service
sequence numbers service
!
hostname WH-VOIP-2900
!
boot-start-marker
boot-end-marker
!
!
logging buffered 10000000
!
AAA new-model
!
!
AAA authentication login default group Ganymede + local line
/NOAUTH AAA authentication login no
default AAA authorization exec group Ganymede + local no
/NOAUTH AAA authorization exec no
orders accounting AAA 15 by default start-stop Ganymede group.
Default connection accounting AAA power Ganymede group.
!
!
!
!
!
AAA - the id of the joint session
!
clock timezone IS - 5 0
summer time clock IS recurring
!
No ipv6 cef
IP source-route
IP cef
!
!
!
!
!
no ip domain search
IP domain name mgsd.edu
!
Authenticated MultiLink bundle-name Panel
!
!
!
!
!
!
FXO trunk group
!
Crypto pki token removal timeout default 0
!
Crypto pki trustpoint TP-self-signed-3979560690
enrollment selfsigned
name of the object cn = IOS - Self - signed - certificate - 3979560690
revocation checking no
!
!
TP-self-signed-3979560690 crypto pki certificate chain
certificate self-signed 01
308201B 6 A0030201 02020101 3082024D 300 D 0609 2A 864886 F70D0101 04050030
2 060355 04031326 494F532D 53656 C 66 2 AND 536967 6E65642D 43657274 31312F30
69666963 33393739 35363036 6174652D 3930301E 170 3130 31323232 31333533
30375A 17 0D 323030 31303130 30303030 305A 3031 06035504 03132649 312F302D
4F532D53 5369676E 656C662D 43 65727469 66696361 74652 33 39373935 65642D
36303639 3030819F 300 D 0609 2A 864886 01050003, 818, 0030, 81890281 F70D0101
8100DD47 9227149F 2D084CE5 3 D 7DBF4FCA 227595 C3519000 3F468821 D56F653A
E74FCBAD B4936598 F0C26B2B 6132ADE7 1B1BDC89 44D3C53F 63DDAF78 8E08FCA7
7044095A DBE38889 7CD 48871 94ED1CF9 F2ECC50A 8BD21AFC 5BC3B3FC B322E161
F3CE339A 88AA803B E3705349 03A7D918 C11E5844 ECF039EB FEC44CDF 52A59AE5
0C 430203 010001A 3 75307330 1 130101 FF040530 030101FF 30200603 0F060355
551 1104 19301782 1557482D 564F4950 2 D 302E6D67 323930 73642E65 6475301F
23041830 16801463 9BA90049 2F6005DC F2A35FC3 0EDB2530 0603551D 4138 329D
1 D 060355 1D0E0416 0414639B A900492F 6005DCF2 A35FC332 9D41380E DB25300D
06092A 86 01010405 00038181 005C2C45 9F687AEF 3219F567 337E55CD 4886F70D
9E524A1B 7879B3B1 F3C872F9 DFF7F014 FFE0D84B 67252EFE 3DFF8959 9565ADE2
79857E34 FFF2C3DE 667D5D62 8A4E4690 D874CF4A 8B 180832 7748D1E8 BB71543B
BC404126 02DABACB DDF24EE6 6F63F8CE F7F8494C 66115C B768BC77 DA2D5C2C 77
984DC376 A16F2B81 D1CBD44F F23B8605 D4
quit smoking
voice-card 0
DSP services dspfarm
!
!
!
voip phone service
h323 connections allow h323
allow connections h323 to SIP
allow connections sip h323
allow sip to sip connections
redirect ip2ip
Fax protocol t38 ls-redundancy version 0 0 hs-redundancy 0 help none
H323
!
voice class codec 1
g711ulaw codec preference 1
codec preference 2 g729r8
!
vocal h323 class 1
H225 timeout tcp establish 3
Call slow start
prerogative of the call
!
!
!
!
!
license udi pid CISCO2921/K9 sn FTX1448AJ6B
HW-module pvdm 0/0
!
!
!
username admin privilege 15 secret 5 $1$ iKc / $uQJli0iQG9VAu4PiFeYC8 /.
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
Description inside LAN
IP 10.40.0.51 255.255.0.0
automatic duplex
automatic speed
H323-gateway voip interface
H323-gateway voip bind port 10.40.0.51
!
interface GigabitEthernet0/1
no ip address
Shutdown
automatic duplex
automatic speed
!
interface GigabitEthernet0/2
no ip address
Shutdown
automatic duplex
automatic speed
!
IP forward-Protocol ND
!
IP http server
local IP http authentication
IP http secure server
IP http timeout policy slowed down 60 life 86400 request 10000
!
IP route 0.0.0.0 0.0.0.0 10.40.0.1
!
!
!
!
!
!
SNMP-Server RO community mgsdvoip
SNMP-Server RO community mhsswitch
location of Server SNMP "Mooresville High School"
Server enable SNMP traps snmp authentication linkdown, linkup warmstart cold start
Enable SNMP-Server intercepts ATS
Server enable SNMP traps eigrp
Enable SNMP traps envmon fan supply temperature State of the server stop
Server enable SNMP traps insertion withdrawal flash
SNMP-Server enable traps energywise
Server enable SNMP traps cef resources-failure-change of State peer peer-fib-state-change inconsistency
Server enable SNMP traps config-copy
config SNMP-server enable traps
Server enable SNMP traps config-ctid
entity of traps activate SNMP Server
Server enable SNMP traps hsrp
Enable SNMP-server holds the CPU threshold
Server enable SNMP traps syslog
Server enable SNMP traps vtp
Server enable SNMP traps srst
SNMP-Server enable traps voice
SNMP-server host 10.65.0.252 version 2 c mgsdvoip
SNMP-server host 10.10.0.252 version 2 c mhsswitch
RADIUS-server host 10.60.253.10 key Pa$ $word
RADIUS-server application made
!
!
control plan
!
!
voice-port 0/0/0
1 FXO-group of circuits
connection ÉRA 1001
Description 704-799-0516
!
voice-port 1/0/0
2 FXO-group of circuits
connection ÉRA 1001
!
voice-port 0/0/2
3 FXO trunk-group
connection ÉRA 1001
!
voice-port 0/0/3
4 FXO-group of circuits
connection ÉRA 1001
Description ==> 911
!
!
!
SCCP local GigabitEthernet0/0
SCCP ccm 10.65.0.63 identifier 1 version7.0
SCCP
!
SCCP ccm Group 1
link interface GigabitEthernet0/0
associate the profile 1 WH-2900_CFB register
the associated profile 2 registry WH-2900_MTP
!
dspfarm profile Conference 1
Codec g711ulaw
Codec g711alaw
Codec g729ar8
Codec g729abr8
Codec g729r8
Codec g729br8
maximum sessions 4
associate the PCRS application
!
dspfarm profile 2 PSG
Codec g711ulaw
maximum sessions 2 material
associate the PCRS application
!
voice POTS dial-peer 1
trunkgroup FXO
incoming called-number.
!
Dial-peer voice 2 pots
destination-model 9 [2-9] 11
Setup progress_ind allow 3
alert progress_ind activate 8
progress_ind enable progress 8
port 0/0/3
Forward-digits 3
!
Dial-peer voice 3 pots
destination-model $ 911
Setup progress_ind allow 3
alert progress_ind activate 8
progress_ind enable progress 8
port 0/0/3
Forward-digits all the
!
Dial-peer voice 4 pots
trunkgroup FXO
destination-model 9 [2-9]... [2-9]......
Setup progress_ind allow 3
alert progress_ind activate 8
progress_ind enable progress 8
Forward-digits 10
!
voice pots Dial-peer 5
trunkgroup FXO
destination-model 91 [2-9]... [2-9]......
Setup progress_ind allow 3
alert progress_ind activate 8
progress_ind enable progress 8
Forward-digit 11
!
Dial-peer voice 6 pots
trunkgroup FXO
destination-style 9011T
Setup progress_ind allow 3
alert progress_ind activate 8
progress_ind enable progress 8
prefix 011
!
Dial-peer voice 32 pots
trunkgroup FXO
composition of 4-digit SRST Description to other sites
destination-model 2...
Forward-digits all the
prefix 704658
!
Dial-peer voice 100 voip
preference 1
destination-model [2]...
Setup progress_ind allow 3
progress_ind connect enable 8
progress_ind disconnect switch 8
session target ipv4:10.65.0.23
codec voice-class 1
h323 voice-class 1
DTMF-relay h245 alphanumeric
rate of 14400 Fax
IP qos dscp cs5 signaling
No vad
!
Dial-peer voice voip 101
preference 2
destination-model [2]...
Setup progress_ind allow 3
progress_ind connect enable 8
progress_ind disconnect switch 8
session target ipv4:10.65.0.63
codec voice-class 1
h323 voice-class 1
DTMF-relay h245 alphanumeric
rate of 14400 Fax
IP qos dscp cs5 signaling
No vad
!
!
!
!
access controller
Shutdown
!
!
Call-Manager-emergency
secondary-tone 9
MAX conferences 4-6 win
transfer full-consult system
3 timeouts interdigit
IP source address 10.40.0.51 port 2000
Max-joined 50
Max - dn 100 double line
primary phone message system is offline
secondary system message standalone
1 7046582 model numbering plan... extension-length 4
transfer-model. T
KeepAlive 10
voicemail 2525
call-Park select non-auto-match
ground of appeal forwards. T
call forward availability 97046582525
timeout before call 97046582525 16 noan
aa-mm-dd date format
!
!
VM integration
direct model * GNC
peer-to-peer of nonresponse 5 FDN of mires * GNC *.
peer-to-peer busy 7 FDN of mires * GNC *.
safe-to-post non-response 4 FDN of mires * GNC *.
safe-to-position 6 FDN of mires * GNC *.
!
!
Line con 0
password V01pG8te
line to 0
line vty 0 4
access-class 23 in
privilege level 15
password V01pG8te
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
password V01pG8te
transport input telnet ssh
line vty 16 1114
transport of entry all
!
Scheduler allocate 20000 1000
NTP 129.6.15.29 Server
end
Jeff,
I guess that 100 & 101 voip dial peers point to a CuCM?
The destination model on the voip dial peer does not 1001 on the ERA and they must change to something like: -.
Dial-peer voice voip 101
voice mail Dial 100
destination-model [12]...
voice mail Dial 101
destination-model [12]...
destination-model [2]...
Hope this helps,
Craig
PLEASE EVALUATE THE MESSAGES USEFUL
-
What can I or how to turn PIX as a VPN server, to send a notification through SNMP or syslog when a client connect to it?
Of course, you can... configure your PIX to send traps to a syslog server... is the event, you need to send/get
109011: Authentic beginning of Session: user ' *', sid 254
the config on your PIX like this:
opening of session
timestamp of the record
Monitor logging warnings
logging buffered stored notifications
logging trap notifications
history of logging warnings
forest management - ipaddress device id
logging host
It will be useful... Please, write it down if she does!
-
Conference CME v9 SLBA Adhoc (more than 3 games) for SIP phones 99xx
HI, does anyone know if MultiPary Adhoc Conference for more than 3 parties for SIP phones (like 9951) is supported in CME v9?
I have a GUY working with CSPC and SIP phones. Conference to several ad-hoc (with more than 3 parties) works perfectly when it is generated from phone SCCP. But when he tries to do so with a SIP phone (9951) it can only do the 3 participants.
I suspect it is not supported, no one knows for sure?
I have enabled hardware Conference. Just in case, here is the config:
CUCME2951 #sh run
Building configuration...Current configuration: 57027 bytes
!
! Last configuration change to 15:09:04 UTC Tuesday, December 4, 2012 by soporteit
! NVRAM config updated 15:09:07 UTC Tuesday 4 December 2012 by soporteit
! NVRAM config updated 15:09:07 UTC Tuesday 4 December 2012 by soporteit
version 15.2
horodateurs service debug datetime localtime show-time zone
Log service timestamps datetime localtime show-time zone
encryption password service
!
hostname CUCME2951
!
boot-start-marker
boot system flash: c2951-universalk9-mz. Spa. 152 - 4.M2.bin
boot-end-marker
!
!
card type e1 0 0
logging buffered 51200 warnings
information recording console
enable secret 5 $1$ $7xNR me DIQ. LOczkp1NDnd3JpCJf1
!
AAA new-model
!
!
AAA authentication login default local
AAA authorization exec default local
start-stop radius group AAA accounting connect h323
!
!
!
!
!
AAA - the id of the joint session
network-clock-participate wic 0
network-clock-select 1 E1 0/0/0
!
!
Crypto pki trustpoint TP-self-signed-3918669469
enrollment selfsigned
name of the object cn = IOS - Self - signed - certificate - 3918669469
revocation checking no
rsakeypair TP-self-signed-3918669469
!
!
TP-self-signed-3918669469 crypto pki certificate chain
certificate self-signed 01
3082022B 30820194 02020101 300 D 0609 2A 864886 F70D0101 05050030 A0030201
2 060355 04031326 494F532D 53656 C 66 2 AND 536967 6E65642D 43657274 31312F30
69666963 33393138 36363934 6174652D 3639301E 170 3132 30313137 31383235
31375A 17 0D 323030 31303130 30303030 305A 3031 06035504 03132649 312F302D
4F532D53 5369676E 656C662D 43 65727469 66696361 74652 33 39313836 65642D
36393436 3930819F 300 D 0609 2A 864886 01050003, 818, 0030, 81890281 F70D0101
81009A 65 3CDE532D 0380E5A9 FF22F659 78F95E05 B6096B48 DBB4F8A6 29EB5D1A
9BEF4D13 A68FA41D A482FEA9 3767E9ED C1098A69 E3E212A8 43E547AB A290E1C5
D086F8E1 06BD3D57 65819C3C 9FA88C79 5B 456354 183688E9 4DEBB5BE 742BABF1
42A529E1 F5878F7B 1B321EB2 FAF91566 022AA574 F3262EFD B70703CF 32843B 44
010001A 3 53305130 1 130101 FF040530 030101FF 301F0603 0F060355 AE950203
551 2304 18301680 1453DEB0 0BBEB98D D8300234 DDB60849 08301D 06 B 66, 92262
03551D0E 04160414 53DEB00B BEB98D66 B92262D8 300234DD B6084908 300 D 0609
2A 864886 05050003 8181004 5587EC0C A2488CC2 1E347E83 B3A9EA1C F70D0101
A3D3CA96 45B9AA24 A98FEE9C 575551EA 6DCF069E FE95C35F DEA42F38 278E7133
88099A 89 ADC04F94 031CED45 1E9B3F5A D6414774 07239269 770C0D8A 6B9732E0
344AB2D8 351D 2584 3E355221 226 HAS 5254 EE6BF51E A9C8C4BD B5E4BEF5 01B4C933
7F5A05C1 8D0D3ED8 3C7E0DB5 04EE83
quit smoking
IP cef
!
!
!
DHCP excluded-address 172.16.10.1 IP 172.16.10.10
DHCP excluded-address IP 172.16.10.253 172.16.10.255
!
ToIP IP dhcp pool
network 172.16.10.0 255.255.255.0
router by default - 172.16.10.1
option 150 ip 172.16.10.1
192.168.0.1 DNS server
domain XXXX.ar
!
!
!
IP domain name xxxxx
name-server IP 192.168.0.1
8.8.8.8 IP name-server
No ipv6 cef
!
Authenticated MultiLink bundle-name Panel
!
!
stcapp ccm-Group 1
!
stcapp function-access code
!
!
!
!
!
!
Group of circuits FXOs
Description # trunk of líneas analogicas #.
hunting-schema sequential both upward
!
!
Circuit TELULARES group
Description # Telulares trunk lines #.
hunting-system round robin two
!
!
E1 circuit group
Description # trunk E1 #.
hunting-schema sequential both upward
!
voice-card 0
dspfarm
DSP services dspfarm
!
!
Send-call voice alert
voice, send rtp-received
!
voip phone service
list of approved IP addresses
IPv4 172.16.10.0 255.255.255.0
h323 connections allow h323
allow connections h323 to SIP
allow sip to sip connections
no additional service moved temporarily sip
Fax g711alaw transmission protocol
SIP
rel1xx disable
Registration Server expires max 1200 min 300
no update-callerid
!
voice class codec 1
g711ulaw codec preference 1
codec preference 2 g729r8
!
voice class codec 2
preferably 1 codec g729r8
g711ulaw codec preference 2
!
custom cptone CCAjointone class voice
Conference of two colors
frequency 600 900
300 150 300 100 300 50 Cadence
!
custom cptone CCAleavetone class voice
Conference of two colors
frequency 400 800
400 50 200 50 200 50 Cadence
!
!
Global voice registry
FMC of fashion
source-address 172.16.10.1 port 5060
timeouts interdigit 2
Max - dn 100
Max-pool 42
load 9951 sip9951.9 - 2 - 2 SR 1-9
authenticate the registry
authenticate the realm of the cisco.com
zone 21
time format 24
date format D/M/Y
voicemail 6000
Flash TFTP-path:
text file
create the profile synchronization 0339375451522449
local network ARE
the locale user ARE loading CME-local-es_ES-Spanish - 8.8.2.5.tar
conference material
camera
video
!
Register of voice dn 1
number 9009
call-b2bua occupied before 6000
call-forward noan 6000 timeout 30 b2bua
allow to watch
name Valentin Moran
No - reg
label Valentin Moran
MWI
!
Register of voice dn 2
number 9003
call-b2bua occupied before 6000
call-forward noan 6000 timeout 30 b2bua
allow to watch
all collection-call-group
Pickup-group 3
name Claudio tale
No - reg
label Claudio Conte
MWI
!
Register of voice dn 3
number 9030
call-b2bua occupied before 6000
call-forward noan 6000 timeout 30 b2bua
allow to watch
name Miguel Garelli
No - reg
tag Miguel Garelli
MWI
!
Register of voice dn 4
number 9099
call-b2bua occupied before 6000
call-forward noan 6000 timeout 30 b2bua
allow to watch
name Hugo Borelli
No - reg
label Borelli Hugo
MWI
!
Register of voice dn 5
9070 number
call-b2bua occupied before 6000
call-forward noan 6000 timeout 30 b2bua
allow to watch
name of the directory Sala
No - reg
label Sala of directory
MWI
!
Register of voice dn 6
number 9076
allow to watch
name of Seguridad Fax
No - reg
the label Seguridad fax
!
Register of voice dn 12
number 9024
allow to watch
name Semapor
No - reg
label Semapor
!
Register of voice dn 13
number 9064
allow to watch
name Oficina Gremial
No - reg
label Oficina Gremial
!
vocal range pool 1
Mac ID C40A. CB4C.5243
type of 9951
Number 1 dn 1
Horn out by default corLDI
presence-call list
SIP DTMF-relay rtp-nte-notify
codec voice-class 1
9009 9009 username password
No vad
camera
video
!
Register of voice pool 2
1 0113 short name test
Mac ID C40A. CB4C.5BB8
type of 9951
Number 1 dn 2
presence-call list
SIP DTMF-relay rtp-nte-notify
codec voice-class 1
9003 9003 username password
No vad
camera
video
!
Register of voice pool 3
Mac ID C40A. CB4C.5274
type of 9951
Number 1 dn 3
Horn out by default corLDI
presence-call list
SIP DTMF-relay rtp-nte-notify
codec voice-class 1
9030 9030 username password
No vad
Conference mode down local
fashion designer add Conference
Conference admin
camera
video
!
Register of voice pool 4
Mac ID C40A. CB4C. FBDC
type of 9951
Number 1 dn 4
Horn out by default corLDI
presence-call list
SIP DTMF-relay rtp-nte-notify
codec voice-class 1
9099 9099 username password
No vad
camera
video
!
Register of voice pool 5
Mac ID D824. BD27. BB36
type of 9951
Number 1 dn 5
Horn out by default corLDI
presence-call list
SIP DTMF-relay rtp-nte-notify
codec voice-class 1
9070 9070 user name password
No vad
camera
video
!
Register of voice pool 6
Mac ID C40A. CB4D.44D6
type of ATA - 187
Number 1 dn 6
9076 9076 username password
No vad
!
vocal range pool 7
Mac ID 0ACB.4D44.D601
Port2 ATA description
No vad
!
Register of voice pool 8
Mac ID C40A. CB4D.44D7
type of ATA - 187
No vad
!
vocal range pool 9
Mac ID 0ACB.4D44.D701
type of ATA - 187
Port2 ATA description
No vad
!
vocal range pool 10
Mac ID C40A. CB4D.4457
type of ATA - 187
No vad
!
Record pool 11 votes
Mac ID 0ACB.4D44.5701
type of ATA - 187
Port2 ATA description
No vad
!
Register of voice pool 12
Mac ID C40A. CB4D.4484
type of ATA - 187
Number 1 dn 12
9024 9024 username password
Description Semapor ATA
No vad
!
Register of voice pool 13
Mac ID 0ACB.4D44.8401
type of ATA - 187
Number 1 dn 13
9064 9064 username password
Port2 ATA description
No vad
!
voice parallel group 1
7000 final
list 9026,9061,9063
Timeout 60
pilot 7011
!
!
voice parallel group 2
7000 final
list 9015,9016
Timeout 60
7012 driver
!
!
voice parallel group 3
7000 final
list 9025,9013,9014
Timeout 60
pilot 7014
!
!
voice parallel group 4
7000 final
list 9068,9068
Timeout 60
pilot 7015
!
!
voice parallel group 5
list 9001,9002
7000 driver
!
!
parallel group 6 voices
list 9001,9002
7001 driver
!
!
voice parallel group 7
7000 final
list 9091,9093
Timeout 60
pilot 7002
!
!
voices 8 parallel group
7000 final
list 9052,9052
Timeout 60
pilot 7003
!
!
voice parallel group 9
7000 final
list 9053,9053
Timeout 60
pilot 7004
!
!
voice group 10 parallel
7000 final
list 9054,9055
Timeout 60
driver 7005
!
!
voice 11 parallel group
7000 final
list 9051,9065
Timeout 60
pilot 7006
!
!
parallel grouping 12 voices
7000 final
list 9031,9034,9032,9035
Timeout 60
pilot 7007
!
!
voice parallel group 13
7000 final
list 9033,9033
Timeout 60
pilot 7008
!
!
voice group 14 parallel
7000 final
list 9073,9075,9077
Timeout 60
pilot 7009
!
!
voice parallel grouping 15
7000 final
list 9078,9078
Timeout 60
7010 driver
!
!
parallel grouping 16 voices
list 9001,9002
7001 driver
!
!
!
the voice of type iec statistics
the voice of CSR type statistics
voice statistics periodic time-range 1 day start at 00:00 week-days every day
Statistics-voice news-line of separation display format
!
translation of the voice-rule 1
rule 1/9000 / / 6777\1 /.
!
!
voice translation-profile E1_Inbound_DID
translate 1 called
!
!
!
license udi pid CISCO2951/K9 sn FTX1603AH3H
licence start-up module c2951 technology-package securityk9
licence start-up module c2951 technology-package uck9
ISM HW-module 0
!
HW-module pvdm 0/0
!
HW-module pvdm 0/1
!
!!
redundancy
!
!
!
!
!
controller E1 0/0/0
No.-CRC4 framing
time intervals DS0-group 0 1-15, 17-31 type digital r2 r2-compelled ani
0 cases-custom
trunk-group E1
E1 description of # #.
!
controller E1 0/0/1
!
FTP IP source-interface GigabitEthernet0/0.1
IP ftp username anonymous
7 IP ftp password 12180B181C12010B3F38
synwait-time of tcp CSDB 30
CSDB tcp idle time 3600
CSDB tcp finwait-time 5
CSDB tcp reassembly max-memory 1024
CSDB tcp reassembly queue-max-length 16
CSDB udp downtime 30
CSDB icmp idle time 10
CSDB max--a session 65535
!
!
!
!
!
!
!
!
!
the Embedded-Service-Engine0/0 interface
no ip address
Shutdown
!
interface GigabitEthernet0/0
Description # trunk a 3COM 5500 Gi2/0/46 #.
no ip address
automatic duplex
automatic speed
!
interface GigabitEthernet0/0.1
Description # LAN data #.
encapsulation dot1Q 1 native
IP 192.168.0.10 255.255.0.0
!
interface GigabitEthernet0/0.10
Description # LAN Internet #.
encapsulation dot1Q 10
address 172.16.10.1 IP 255.255.255.0
!
interface ISM0/0
Description # CUE #.
IP unnumbered GigabitEthernet0/0.10
the ip address of the service module 172.16.10.2 255.255.255.0
! Application: CUE running on ISM
Service-module ip default gateway - 172.16.10.1
!
interface GigabitEthernet0/1
no ip address
Shutdown
automatic duplex
automatic speed
!
interface GigabitEthernet0/2
no ip address
Shutdown
automatic duplex
automatic speed
!
interface ISM0/1
Description interface connected to the internal Service of the switch Module internal
no ip address
!
interface Vlan1
no ip address
!
IP forward-Protocol ND
!
IP http server
23 class IP http access
local IP http authentication
IP http secure server
IP http timeout policy slowed down 60 life 86400 request 10000
IP http flash path:
!
IP route 0.0.0.0 0.0.0.0 172.16.10.254
IP route 172.16.10.2 255.255.255.255 ISM0/0
!
!
NLS RESP-timeout 1
CPD cr id 1
!Server SNMP ifindex persist
Server enable SNMP traps snmp authentication linkdown, linkup warmstart cold start
Enable SNMP-Server intercepts ATS
Server enable SNMP traps envmon
Server enable SNMP traps insertion withdrawal flash
entity-sensor threshold traps SNMP-server enable
Server enable SNMP traps config-copy
config SNMP-server enable traps
entity of traps activate SNMP Server
Server SNMP enable traps-Manager of event
Server enable SNMP traps hsrp
Enable SNMP-server holds the CPU threshold
Server enable SNMP traps syslog
Server enable SNMP traps ipsla
flash TFTP server: music-on - hold.au
Flash: Analog1.raw TFTP server
Flash: Analog2.raw TFTP server
Flash: AreYouThere.raw TFTP server
Flash: AreYouThereF.raw TFTP server
Flash: Bass.raw TFTP server
Flash: CallBack.raw TFTP server
Flash: Chime.raw TFTP server
Flash: Classic1.raw TFTP server
Flash: Classic2.raw TFTP server
Flash: ClockShop.raw TFTP server
Flash: DistinctiveRingList.xml TFTP server
Flash: Drums1.raw TFTP server
Flash: Drums2.raw TFTP server
Flash: FilmScore.raw TFTP server
Flash: HarpSynth.raw TFTP server
Flash: Jamaica.raw TFTP server
Flash: KotoEffect.raw TFTP server
Flash: MusicBox.raw TFTP server
Flash: Piano1.raw TFTP server
Flash: Piano2.raw TFTP server
Flash: Pop.raw TFTP server
Flash: Pulse1.raw TFTP server
Flash: Ring1.raw TFTP server
Flash: Ring2.raw TFTP server
Flash: Ring3.raw TFTP server
Flash: Ring4.raw TFTP server
Flash: Ring5.raw TFTP server
Flash: Ring6.raw TFTP server
Flash: Ring7.raw TFTP server
Flash: RingList.xml TFTP server
Flash: Sax1.raw TFTP server
Flash: Sax2.raw TFTP server
Flash: Vibe.raw TFTP server
Server TFTP flash: SCCP69xx.9 - 1-1 - 0.zz.sgn
Server TFTP flash: BOOT69xx.0 - 0-0 - 14.zz.sgn
Server TFTP flash: DSP69xx.0 - 0-0 - 4.zz.sgn
Server TFTP flash: SCCP69xx.9 - 1-1 - 0.loads
flash TFTP server: B016-1-0-4. SBN
Flash:/its/CME-locale-es_ES-Spanish-8.8.2.5.tar TFTP server
flash TFTP server: dkern9951.100609R2 - 9-2-2 SR 1-9.sebn
flash TFTP server: kern9951.9 - 2 - 2 SR 1-9.sebn
flash TFTP server: rootfs9951.9 - 2 - 2 SR 1-9.sebn
flash TFTP server: sboot9951.031610R1 - 9-2-2 SR 1-9.sebn
flash TFTP server: sip9951.9 - 2 - 2 SR 1-9.loads
flash TFTP server: skern9951.022809R2 - 9-2-2 SR 1-9.sebn
Server TFTP flash: SCCP69xx.9 - 2-1 - 0.loads
Server TFTP flash: SCCP69xx.9 - 2-1 - 0.zz.sgn
flash TFTP server: dkern9971.100609R2 - 9-2-2 SR 1-9.sebn
flash TFTP server: kern9971.9 - 2 - 2 SR 1-9.sebn
flash TFTP server: rootfs9971.9 - 2 - 2 SR 1-9.sebn
flash TFTP server: sboot9971.031610R1 - 9-2-2 SR 1-9.sebn
flash TFTP server: sip9971.9 - 2 - 2 SR 1-9.loads
flash TFTP server: skern9971.022809R2 - 9-2-2 SR 1-9.sebn
flash TFTP server: apps45.9 - 2-1TH1 - 13.sbn
flash TFTP server: cnu45.9 - 2-1TH1 - 13.sbn
Server TFTP flash: cvm45sccp.9 - 2-1TH1 - 13.sbn
flash TFTP server: dsp45.9 - 2-1TH1 - 13.sbn
Server TFTP flash: jar45sccp.9 - 2-1TH1 - 13.sbn
flash TFTP server: SCCP45.9 - 2 - 1 S .loads
Server TFTP flash: DSP69xx.0 - 0-0 - 8.zz.sgn
!
!
!
control plan
!
!
voice-port 0/0/0:0
translation-profile entering E1_Inbound_DID
input gain - 2
mitigation of output 3
cptone AR
E1 description of # #.
!
Voice-port 1/0/0
trunk-group TELULARES
surveillance cut dualtone Mid-communication
call waiting times - disconnect 2
connection ÉRA 6777
impedance complex2
Description # Telular #.
carrier-cap 3100 Hz
activation of the caller ID
!
Voice-port 1/0/1
trunk-group TELULARES
surveillance cut dualtone Mid-communication
call waiting times - disconnect 2
connection ÉRA 6777
impedance complex2
Description # Telular ILA-activate
!
voice-port 1/0/2
trunk-group TELULARES
surveillance cut dualtone Mid-communication
call waiting times - disconnect 2
connection ÉRA 6777
impedance complex2
Description # Telular #.
carrier-cap 3100 Hz
activation of the caller ID
!
Voice-port 1/0/3
trunk-group TELULARES
surveillance cut dualtone Mid-communication
call waiting times - disconnect 2
connection ÉRA 6777
impedance complex2
Description # Telular #.
carrier-cap 3100 Hz
activation of the caller ID
!
voice-port 2/0/0
trunk-group FXOs
surveillance cut dualtone Mid-communication
call waiting times - disconnect 2
connection ÉRA 6777
impedance complex2
Description # Linea #.
carrier-cap 3100 Hz
activation of the caller ID
!
voice-port 0/2/1
trunk-group FXOs
surveillance cut dualtone Mid-communication
call waiting times - disconnect 2
connection ÉRA 6777
impedance complex2
Description # Linea #.
carrier-cap 3100 Hz
activation of the caller ID
!
voice-port 0/2/2
trunk-group FXOs
surveillance cut dualtone Mid-communication
call waiting times - disconnect 2
connection ÉRA 6777
impedance complex2
Description # Linea #.
carrier-cap 3100 Hz
activation of the caller ID
!
voice-port 0/2/3
trunk-group FXOs
surveillance cut dualtone Mid-communication
call waiting times - disconnect 2
connection ÉRA 6777
impedance complex2
Description # n/d #.
carrier-cap 3100 Hz
activation of the caller ID
!
!
!
!
!
!
profile MGCP default
!
SCCP local GigabitEthernet0/0.10
SCCP ccm 172.16.10.1 identifier 1 version7.0
SCCP
!
SCCP ccm Group 1
associate the ccm 1 priority 1
associate profile 1 registry confprof1
associate the profile registry xcode10 10
!
transcode dspfarm profile 10
Codec g711ulaw
Codec g711alaw
Codec g729ar8
Codec g729abr8
maximum sessions 10
associate the PCRS application
!
dspfarm profile Conference 1
Codec g711ulaw
Codec g711alaw
Codec g729ar8
Codec g729abr8
Codec g729r8
Codec g729br8
maximum sessions 4
Conference-join custom cptone CCAjointone
Conference-leave custom cptone CCAleavetone
associate the PCRS application
!
Dial-peer cor custom
name Acceso_FULL
name Acceso_Local
name Acceso_Moviles
name Acceso_LDN
name Acceso_LDI
name Acceso_Internos
name Acceso_ESP
!
!
Dial-peer cor list corInternos
Member Acceso_Internos
!
Dial-peer cor list corLocal
Member Acceso_Local
!
Dial-peer cor list corLocalMoviles
Member Acceso_Local
Member Acceso_Moviles
!
Dial-peer cor list corLDN
Member Acceso_Local
Member Acceso_LDN
!
Dial-peer cor list corLDI
Member Acceso_Local
Member Acceso_Moviles
Member Acceso_LDN
Member Acceso_LDI
!
Dial-peer cor list corLocalESP
Member Acceso_Local
Member Acceso_ESP
!
Dial-peer cor list corFULL
Member Acceso_FULL
Member Acceso_Local
Member Acceso_Moviles
Member Acceso_LDN
Member Acceso_LDI
Member Acceso_Internos
Member Acceso_ESP
!
Dial-peer cor list corLDNMoviles
Member Acceso_Local
Member Acceso_Moviles
Member Acceso_LDN
!
Dial-peer cor list corLDIMoviles
Member Acceso_Local
Member Acceso_Moviles
Member Acceso_LDN
Member Acceso_LDI
!
!
voice POTS dial-peer 1
Description * incoming dial peer *.
incoming called-number. %
direct line to inside
port 0/0/0:0
!
Dial-peer voice 2 pots
Description * incoming dial peer *.
incoming called-number. %
direct line to inside
!
Dial-peer voice 3 pots
Description * incoming dial peer *.
incoming called-number. %
direct line to inside
port 1/0/0
!
Dial-peer voice 4 pots
Description * incoming dial peer *.
incoming called-number. %
direct line to inside
port 0/1/1
!
voice pots Dial-peer 5
Description * incoming dial peer *.
incoming called-number. %
direct line to inside
port 0/1/2
!
Dial-peer voice 6 pots
Description * incoming dial peer *.
incoming called-number. %
direct line to inside
port 0/1/3
!
Dial-peer voice 7 pots
Description * incoming dial peer *.
incoming called-number. %
direct line to inside
port 0/2/0
!
Dial-peer voice 8 pots
Description * incoming dial peer *.
incoming called-number. %
direct line to inside
port 0/2/1
!
voice pots Dial-peer 9
Description * incoming dial peer *.
incoming called-number. %
direct line to inside
port 0/2/2
!
voice pots Dial-peer 10
Description * incoming dial peer *.
incoming called-number. %
direct line to inside
port 0/2/3
!
Dial-peer voice voip 6000
Description # CUE #.
translation-profile outgoing VoiceMail_Directo
destination-model 6...
B2BUA
session protocol sipv2
session target ipv4:172.16.10.2
SIP DTMF-relay rtp-nte-notify
Codec g711ulaw
No vad
!
voice pots Dial-peer 911
trunkgroup E1
trunkgroup FXOs
Description # EMERGENCIAS 911 #.
destination-model $ 0911
direct line to inside
Forward-digits 3
No sip record
!
Dial-peer voice 300 pots
trunkgroup E1
trunkgroup FXOs
corlist outgoing corFULL
Description # Acceso FULL #.
destination-model 0 t
direct line to inside
No sip record
!
voice pots Dial-peer 301
trunkgroup E1
trunkgroup FXOs
corlist outgoing corLocal
# Local description #.
destination-model 0 [2-8]... $
direct line to inside
Forward-digits 7
No sip record
!
voice pots Dial-peer 302
trunkgroup E1
trunkgroup FXOs
corlist outgoing corLocal
Description # Local residents special #.
preference 2
destination-model 011. $
direct line to inside
Forward-digits 3
No sip record
!
voice pots Dial-peer 303
trunkgroup E1
trunkgroup FXOs
corlist outgoing corLocal
# # 0800 Local description
destination-model 008... $
direct line to inside
Forward-digit 11
No sip record
!
voice pots Dial-peer 304
trunkgroup TELULARES 1
trunkgroup E1 2
corlist outgoing corLocalMoviles
Description # Moviles Local #.
huntstop
destination-model 015... $
direct line to inside
Forward-digit 9
No sip record
!
voice pots Dial-peer 305
trunkgroup E1
trunkgroup FXOs
corlist outgoing corLDI
Description # LDI #.
destination-model 000 t
direct line to inside
prefix 00
No sip record
!
voice pots Dial-peer 306
trunkgroup E1
trunkgroup FXOs
corlist outgoing corLocalESP
Description # 06XX Local #.
destination-model 006... $
direct line to inside
Forward-digit 11
No sip record
!
voice pots Dial-peer 307
trunkgroup TELULARES 1
trunkgroup E1 2
corlist outgoing corLDNMoviles
# Moviles NDA description #.
huntstop
preference 1
destination-model 00 [2-3]... 15.......$
direct line to inside
Forward-digit 13
No sip record
!
voice pots Dial-peer 308
trunkgroup TELULARES 1
trunkgroup E1 2
corlist outgoing corLDNMoviles
# Moviles NDA description #.
huntstop
preference 1
destination-model 00 [2-3]... 15... $
direct line to inside
Forward-digit 13
No sip record
!
voice pots Dial-peer 309
trunkgroup TELULARES 1
trunkgroup E1 2
corlist outgoing corLDNMoviles
# Moviles NDA description #.
huntstop
destination-model 001115... $
direct line to inside
Forward-digit 13
No sip record
!
voice pots Dial-peer 310
trunkgroup E1
trunkgroup FXOs
corlist outgoing corLDN
# NDA description #.
preference 2
destination-model 0011 [2-8]... $
direct line to inside
Forward-digit 11
No sip record
!
voice pots Dial-peer 311
trunkgroup E1
trunkgroup FXOs
corlist outgoing corLDN
# NDA description #.
preferably 3
destination-model 00 [2-3]... T
direct line to inside
Forward-digit 11
No sip record
!
!
No pots of checking status outbound dial-peer
presence
presence-call list
allow to subscribe
!
SIP - ua
Retry registry 3
MWI-Server ipv4:172.16.10.2 expires 3600 port udp 5060 transport unsolicited
activation of the presence
check enable ood
!
!
!
access controller
Shutdown
!
!
phone service
3 units of sdspfarm
sessions to transcode sdspfarm 1
Unregister the sdspfarm team
sdspfarm tag 1 confprof1
conference material
video
authentication credentials root xxxx
Max-joined 165
Max - dn 500
IP source-address 172.16.10.1 port 2000
Redirect Max 20
Auto assign 300 to 304
initiator of the call number
Service phone videoCapability 1
dnis overlay service
dnis dir-search service
timeouts interdigit 5
system message
URL of http://172.16.10.2/voiceview/common/login.do services
URL authentication http://172.16.10.1/CCMCIP/authenticate.asp
location of the cnf file flash:
the locale user ARE loading CME-local-es_ES-Spanish - 8.8.2.5.tar
local network ARE
load 7916-24-B016-1-0-4
load SCCP45.9 - 2-1 7945 s
load 6921 SCCP69xx.9 - 2-1-0
time format 24
aa-mm-dd date format
voicemail 6000
MAX conferences 8-6 win
ground of appeal forwards. T
before call forwarding-expanded system
The Health Department "music-on - hold.au.
multicast moh 239.10.16.4 port 2000
Web admin system name root password xxxxx
DN-webedit
time-webedit
transfer full-consult dss system
transfer-model 9.T
transfer-model. T
transfer-model 0.T
secondary-key 0
Standard AEC
create the files-cnf version-stamp 7960 4 December 2012 10:35:39
!
!
ePhone-model 1
softkeys idle recompose Newcall Cfwdall Gpickup mobility DND
softkeys connected Hold Endcall Trnsfer Confrn Mobility Park
!
!
ePhone-model 15
softkeys idle recompose Newcall Cfwdall Pickup Gpickup DND Login
softkeys seized Cfwdall Endcall recompose Pickup Meetme Gpickup reminder
softkeys connected Hold Endcall Trnsfer Confrn ConfList RmLstC Acct Park
disposal of the 2 buttons-7931
!
!
ePhone-dn 1 double line
number 9052
Pickup-group 1
label Mariana Rodriguez
name of Mariana Rodriguez
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 2 double line
number 9056
label Mauro Comisso
name Mauro Comisso
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 3 double line
number 9058
label Juan Curcio
name Juan Curcio
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 4 double line
number 9053
Pickup-group 1
label Ada Grajeda
name Ada Grajeda
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 5 double line
number 9057
Pickup-group 1
label Soledad Amici
name Soledad Amici
allow to watch
call forward all 0156431935
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 6 double line
number 9051
Pickup-group 1
label Mariana Grassi
name of Mariana Grassi
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 7 double line
number 9054
Pickup-group 2
label Eduardo Bocca
name Eduardo Bocca
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 8 double line
Number 9055
Pickup-group 2
label Graciela Rossi
name of Graciela Rossi
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 9 double line
number 9050
Pickup-group 1
label Norberto Romero
name Norberto Romero
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 10 double line
number 9062
Pickup-group 3
label Edgardo Spagnolo
name Edgardo Spagnolo
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 11 double line
number 9061
Pickup-group 3
label Jorge Allegretta
name Jorge Allegretta
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 12 double line
number 9063
Pickup-group 3
label Carlos Volonterio
name Carlos Volonterio
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 13 double line
number 9026
Pickup-group 3
Juan Carlos Conte label
name of Juan Carlos Conte
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 14 double line
number 9012
tag Cocina
name of Cocina
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLocal
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 15 double line
number 9067
label Alejandro Martinez
Name Alejandro Martinez
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 16 double line
number 9060
Pickup-group 4
label on Ricardo Amici
name Ricardo Amici
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 17 double line
number 9068
Pickup-group 4
Miguel Ayoroa label
name Miguel Ayoroa
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 18 double line
number 9034
Pickup-group 5
label Hugo Mazzello
name Hugo Mazzello
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 19 double line
number 9031
Pickup-group 5
label Carlos Gines
name Carlos Ginés
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 20 double line
number 9033
label Luis Arecco
name Luis Arecco
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 30
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 21 double line
number 9032
Pickup-group 5
Pablo Pascualetti label
name of Pablo Pascualetti
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 22 double line
number 9035
Pickup-group 5
label Francisco Weyland
name of Francisco Weyland
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 23 double line
number 9015
Pickup-group 6
label Administrativo VTS
name Administrativo VTS
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 24 double line
number 9016
Pickup-group 6
label VTS Guardia
name VTS Guardia
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 25 double line
number 9017
Pickup-group 6
label Juan Linares
name Juan Linares
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 26 double line
number 9029
Pickup-group 8
label Alejandrina Daub
name Alejandrina Daub
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 27 double line
number 9010
Pickup-group 8
label Natalia Urriza
name Natalia Urriza
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 28 double line
number 9090
Pickup-group 8
label Carlos Echeverría
name Carlos Echeverría
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 29 double line
number 9091
Pickup-group 8
label Guillermina Juarez
name Guillermina Juarez
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 30 double line
number 9013
Pickup-group 9
label Oscar Lopez
name Oscar Lopez
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 31 double line
number 9025
Pickup-group 9
Miguel Schnegelberger label
name Miguel Schnegelberger
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 32 double line
number 9014
Pickup-group 9
label Gerardo Bessone
name of Gerardo Bessone
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 33 double line
number 9074
Pickup-group 10
label Alberto Carnevali
name Alberto Carnevali
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 34 double line
number 9071
Pickup-group 10
label Jorge Mendonca
name Jorge Mendonça
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 35 double line
number 9077
Pickup-group 10
Gabriel Samanich label
name Gabriel Samanich
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 36 double line
number 9075
Pickup-group 10
Marcelo Gambarte label
name Marcelo Gambarte
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 37 dual line
number 9073
Pickup-group 10
tag Miguel Walter
name Miguel Walter
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 38 double line
Number of 9078
Pickup-group 10
label Juan Manuel Rodriguez
name Juan Manuel Rodriguez
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 39 double line
number 9073
Pickup-Group 11
tag Miguel Garelli
name Miguel Garelli
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
double line ephone-dn 40
number 9072
Pickup-Group 11
Legal label
Legal name
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 41 double line
number 9080
Pickup-group 12
label Anibal Fernandez
name Anibal Fernandez
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 42 double line
number 9081
Pickup-group 12
label Jorge Conti
name Jorge Conti
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 43 double line
number 9028
label Oficina 19 Fruticultura
name Oficina 19 Fruticultura
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDNMoviles
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 44 double line
number 9023
label Borelli Hugo
name Hugo Borelli
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDNMoviles
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 45 double line
number 9004
Pickup-Group 13
label Eugenia Tortora
name Eugenia Tortora
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 46 double line
number 9019
label Sala de Ingles
name of the Sala de Ingles
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDNMoviles
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 47 dual line
number 9092
label Centro de Contrataciones
name of Centro de Contrataciones
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDNMoviles
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 48 double line
number 9027
label Convention
name Convention
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDNMoviles
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 49 double line
number 9066
label Guincheros
name Guincheros
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDNMoviles
MWI-type visual
author of wedge-alert 30
!
!
double line ephone-dn 50
number 9020
label Balanza White
name Balanza White
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDNMoviles
MWI-type visual
author of wedge-alert 30
!
!
double line ephone-dn 51
number 9002
Pickup-Group 13
label Laura Trapani
name Laura Trapani
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 52 double line
number 9001
Pickup-Group 13
label Juan Ignacio Fernandez
name Juan Ignacio Fernandez
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 53 double line
number 9005
Pickup-Group 13
label Rosana Pastizzo
name Rosana Pastizzo
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDI
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 54 double line
number 9022
label Guardia ANP
name Guardia ANP
allow to watch
call-forward busy 6000
call-forward noan 6000 timeout 20
corlist incoming corLDNMoviles
MWI-type visual
author of wedge-alert 30
!
!
ePhone-dn 300
number 8800
!
!
ePhone-dn 301
number 8801
!
!
ePhone-dn 302
number 8803
!
!
ePhone-dn 304
number 8804
!
!
ePhone-dn 490
number A801... No. - reg primary
MWI off
!
!
ePhone-dn 491
number A800... No. - reg primary
MWI on
!
!
ePhone-dn 492 double line
A001 number
Description # AdHoc Conf #.
Ad hoc Conference
No huntstop
!
!
ePhone-dn 493 double line
A001 number
Description # AdHoc Conf #.
Ad hoc Conference
No huntstop
!
!
ePhone-dn 494 double line
A001 number
Description # AdHoc Conf #.
Ad hoc Conference
No huntstop
!
!
ePhone-dn 495 double line
A001 number
Description # AdHoc Conf #.
Ad hoc Conference
No huntstop
!
!
ePhone-dn 496 double line
A001 number
Description # AdHoc Conf #.
Ad hoc Conference
No huntstop
!
!
ePhone-dn 497 double line
A001 number
Description # AdHoc Conf #.
Ad hoc Conference
No huntstop
!
!
ePhone-dn 498 double line
A001 number
Description # AdHoc Conf #.
Ad hoc Conference
No huntstop
!
!
ePhone-dn 499 double line
A001 number
Description # AdHoc Conf #.
Ad hoc Conference
No huntstop
!
!
ePhone 1
security-mode device no
video
address Mac C40A. CBE0.2694
user name "mrodriguez".
presence-call list
type 7945
button 1:1
!
!
!
ePhone 2
security-mode device no
video
address Mac C40A. CBE1.1553
user name "mcomisso".
presence-call list
type 7945
key 1:2
!
!
!
ePhone 3
security-mode device no
video
address Mac C40A. CBE0.268E
user name "jcurcio".
presence-call list
type 7945
key 1:3
!
!
!
ePhone 4
security-mode device no
video
address Mac C40A. CBE0.2306
user name "agrajeda".
presence-call list
type 7945
key 1:4
!
!
!
ePhone 5
security-mode device no
video
address Mac C40A. CBE1.13E2
user name "samici".
presence-call list
type 7945
key 1:5
!
!
!
ePhone 6
security-mode device no
video
address Mac C40A. CBE0.23F3
user name "mgrassi".
presence-call list
type 7945
button 1:6
!
!
!
ePhone 7
security-mode device no
video
address Mac C40A. CBE0.5494
user name "ebocca".
presence-call list
type 7945
key 1:7
!
!
!
ePhone 8
security-mode device no
video
address Mac C40A. CBE0.2622
«grossi» user name
presence-call list
type 7945
key 1:8
!
!
!
ePhone 9
security-mode device no
video
address Mac C40A. CBE0.275D
user name "nromero".
presence-call list
type 7945
key 1:9
!
!
!
ePhone 10
security-mode device no
video
address Mac C40A. CBE0. D5BE
user name "espagnolo".
presence-call list
type 7945
button 01:10
!
!
!
ePhone 11
security-mode device no
video
address Mac C40A. CBE0.2308
user name "jallegretta".
presence-call list
short name 1 04570359 have
2 04571755 Agencia Martin short name
3 04571676 Aduana short name
abbreviated name 4 04572700 Agencia sea white
5 04573100 Agencia Helenica short name
6 04573212 Agencia friend short name
7 04571745 Agencia Austral short name
shortname 8 04573080 Agencia Walsh
9 0154754638 Capataz short name
10 0154680277 Operaciones short name
11 0154294269 Spagnolo short name
12 0154630447 J.M. Rodriguez short name
13 0154294278 Carnevali short name
14 0156440300 Semaport Maxi short name
15 0154611610 Alejandro Martinez short name
16 0156434709 Mazzello Ruben short name
17 0156465751 Gomez Omar short name
short name 18 04580041 Agencia Fertimport
type 7945
button 01:11
!
!
!
ePhone 12
security-mode device no
video
address Mac C40A. CBE0. D51D
user name "cvolonterio".
presence-call list
1 04571566 short name Casa
2 0156428310 Carli short name
3 04571755 Martin short name
4 04523179 Rebollo short name
5 04556988 HelenicaBahia short name
6 04512869 Flanders short name
7 04520427 Ingraphica short name
0154680277 8 name Oper guardia abstract
9 04580041 Fertimport short name
10 0154297404 Velovich short name
11 0155757554 Fabian short name
type 7945
button 01:12
!
!
!
ePhone 13
security-mode device no
video
address Mac C40A. CBE0.2690
user name "jconte".
presence-call list
type 7945
button 01:13
!
!
!
ePhone 14
security-mode device no
video
address Mac C40A. CBE0.556A
presence-call list
type 7945
button 01:14
!
!
!
ePhone 15
security-mode device no
video
address Mac C40A. CBE0.4FF2
user name "amartinez" password 1234
presence-call list
type 7945
button 01:15
!
!
!
ePhone 16
security-mode device no
video
address Mac C40A. CBE0.24BA
user name "ramici".
presence-call list
type 7945
button 01:16
!
!
!
ePhone 17
security-mode device no
video
address Mac C40A. CBE0. D603
user name "mayoroa".
presence-call list
1 0154060261 Carmen short name
2 0154197765 Guille short name
3 0154360390 Mika short name
4 0156438757 MiMovistar short name
5 0156428310 Volonterio short name
6 001149318458 U.Ferroviaria short name
7 0154294274 Romero short name
shortname 8 0154294270 Amici
9 0154754618 Bocca short name
10 0154637810 Echeverría short name
type 7945
button 01:17
!
!
!
ePhone 18
security-mode device no
video
address Mac C40A. CBE0.525A
username 'hmazzello' password 1234
presence-call list
type 7945
button 01:18
!
!
!
ePhone 19
security-mode device no
video
address Mac C40A. CBE0. D54B
username 'cgines' password 1234
presence-call list
type 7945
button 01:19
!
!
!
ePhone 20
security-mode device no
video
address Mac C40A. CBE0.2508
user name "areccola".
presence-call list
1 04522898 short name Casa
2 002214295075 Geodesia short name
type 7945
button 01:20
!
!
!
ePhone 21
security-mode device no
video
address Mac C40A. CBE0.24B3
user name "ppascualetti".
presence-call list
type 7945
button at 01:21
!
!
!
ePhone 22
security-mode device no
video
address Mac C40A. CBE0.22FA
user name "fweyland".
presence-call list
type 7945
button 01:22
!
!
!
ePhone 23
security-mode device no
video
address Mac C40A. CBE0.232B
user name "vts".
presence-call list
type 7945
button at 01:23
!
!
!
ePhone 24
security-mode device no
video
address Mac C40A. CBE0.526C
presence-call list
type 7945
button 01:24
!
!
!
ePhone 25
security-mode device no
video
address Mac C40A. CBE0. D4AD
user name "jlinares".
presence-call list
type 7945
button 01:25
!
!
!
ePhone 26
security-mode device no
video
address Mac C40A. CBE1.0FAD
username 'adaub' password 1234
presence-call list
type 7945
button 01:26
!
!
!
ePhone 27
security-mode device no
video
address Mac C40A. CBE1.12FB
user name "nurriza".
presence-call list
type 7945
button 01:27
!
!
!
ePhone 28
security-mode device no
video
address Mac C40A. CBE1.1587
user name "cecheverria".
presence-call list
type 7945
button 01:28
!
!
!
ePhone 29
security-mode device no
video
address Mac C40A. CBE1.1535
user name "gjuarez".
presence-call list
type 7945
button 01:29
!
!
!
ePhone 30
security-mode device no
video
address Mac C40A. CBE0.231A
username 'olopez' password 1234
presence-call list
type 7945
button of 01:30
!
!
!
ePhone 31
security-mode device no
video
address Mac C40A. CBE0.232E
user name "mschnegelberger".
presence-call list
type 7945
button 01:31
!
!
!
ePhone 32
security-mode device no
video
address Mac C40A. CBE0.24A8
user name "gbessone".
presence-call list
1 015472688 Lore short name
UTE 2 04573029 short name
type 7945
button 01:32
!
!
!
ePhone 33
security-mode device no
video
address Mac C40A. CBE0.2625
user name "acarnevali".
presence-call list
type 7945
button at 01:33
!
!
!
ePhone 34
security-mode device no
video
address Mac C40A. CBE0.4FE0
user name "jmendonca".
presence-call list
type 7945
button 01:34
!
!
!
ePhone 35
security-mode device no
video
address Mac C40A. CBE0.52E6
user name "gsamanich".
presence-call list
type 7945
button 01:35
!
!
!
ePhone 36
security-mode device no
video
address Mac C40A. CBE0.25EC
user name "mgambarte".
presence-call list
type 7945
button 01:36
!
!
!
ePhone 37
security-mode device no
video
address Mac C40A. CBE0.5474
user name "mwalter".
presence-call list
type 7945
button 01:37
!
!
!
ePhone 38
security-mode device no
video
address Mac C40A. CBE1.15A8
user name "jmrodriguez".
presence-call list
type 7945
button 01:38
!
!
!
ePhone 39
security-mode device no
video
address Mac C40A. CBE0.5495
user name "mgarelli".
presence-call list
type 7945
button 01:39
!
!
!
ePhone 40
security-mode device no
video
address Mac C40A. CBE0.24C5
user name "vcolace".
presence-call list
type 7945
button at 01:40
!
!
!
ePhone 41
security-mode device no
video
address Mac C40A. CBE0.5215
user name "afernandez.
presence-call list
type 7945
button 01:41
!
!
!
ePhone 42
security-mode device no
video
address Mac C40A. CBE0.2512
user name "jconti".
presence-call list
type 7945
button at 01:42
!
!
!
ePhone 43
security-mode device no
video
address Mac C40A. CBE0. D573
presence-call list
type 7945
button 01:43
!
!
!
ePhone 44
security-mode device no
video
address Mac C40A. CBE0.530C
presence-call list
type 7945
button 01:44
!
!
!
ePhone 45
security-mode device no
video
address Mac C40A. CBE0.24D1
user name "etortora".
presence-call list
Casa 1 04533543 short name
type 7945
button 01:45
!
!
!
ePhone 46
security-mode device no
video
Mac C464.1300.5AED address
Max-calls-by button-2
presence-call list
type of 6921
button 01:46
!
!
!
ePhone 47
security-mode device no
video
Mac C464.1300.5B3B address
Max-calls-by button-2
presence-call list
type of 6921
button at 01:47
!
!
!
ePhone 48
security-mode device no
video
Mac C464.1300.5C51 address
Max-calls-by button-2
user name "Convention."
presence-call list
type of 6921
button 01:48
!
!
!
ePhone 49
security-mode device no
video
Mac C464.1300.5B59 address
Max-calls-by button-2
user name "guincheros".
presence-call list
type of 6921
button 01:49
!
!
!
ePhone 50
security-mode device no
video
Mac C464.1300.5B36 address
Max-calls-by button-2
presence-call list
type of 6921
button 01:50
!
!
!
ePhone 51
security-mode device no
video
address Mac D824. BDBB.9B10
Max-calls-by button-2
user name "ltrapani".
presence-call list
BLF-numbering 1 9009 label "Valentine Moran"
BLF-numbering 2 9003 tag "Claudio tale"
BLF-speed-dial 3 9030 label "Miguel Garelli"
BLF-speed-dial 4 9099 label "Hugo Borelli"
BLF-abstracts 5 9070 label "Sala of directory"
BLF-abstracts 6 9052 label "Mariana Rodriguez"
BLF-numbering 7 9056 label "Mauro Comisso"
BLF-abstracts 8 9058 label 'Juan Curcio'
BLF-speed-dial 9 9053 label "Ada Grajeda"
BLF-speed-dial 10 9057 label "Soledad Amici"
BLF-abstracts 11 9051 label "Mariana Grassi"
BLF-speed-dial 12 9054 tag 'Eduardo Bocca'
BLF-abstracts 13 9055 label "Graciela Rossi"
BLF-abstracts 14 9050 label "Norberto Romero"
BLF-speed-dial 15 9062 label "Edgardo Spagnolo"
BLF-speed-dial 16 9061 label "Jorge Allegretta"
BLF-abstracts 17 9063 label "Carlos Volonterio"
BLF-abstracts 18 9026 label 'Juan Carlos tale'
BLF-abstracts 19 9012 label "Cocina".
BLF-abstracts 20 9067 label "Alejandro Martinez"
BLF-numbering 21 9060 tag "Ricardo Amici"
BLF-abstracts 22 9068 label "Miguel Ayoroa"
BLF-abstracts 23 9034 label "Hugo Mazzello"
BLF-speed-dial 24 9031 label 'Carlos Ginés'
BLF-abstracts 25 9033 label "Luis Arecco"
BLF-numbering 26 9032 label 'Pablo Pascualetti'
BLF-abstracts 27 9035 label "Francisco Weyland"
BLF-abstracts 28 9015 label "VTS Administrativo"
BLF-abstracts 29 9016 label "Guardia VTS"
BLF-abstracts 30 9017 label 'Juan Linares Linares'
BLF-abstracts 31 9029 label 'Alejandrina Daub'
BLF-speed-dial 32 9010 tag "Natalia Urriza"
BLF-abstracts 33 9090 label "Carlos Echeverria"
BLF-speed-dial 34 9091 label "Guillermina Juarez"
BLF-abstracts 35 9013 label "Oscar Lopez"
BLF-abstracts 36 9025 label "Miguel Schnegelberger"
BLF-abstracts 37 9014 label "Bessone Gerardo"
BLF-speed-dial 38 9074 tag "Alberto Carnevali"
BLF-abstracts 39 9071 label "Jorge Mendonça"
BLF-speed-dial 40 9077 tag 'Gabriel Samanich'
BLF-abstracts 41 9075 label "Marcelo Gambarte"
BLF-abstracts 42 9073 label "Miguel Walter"
BLF-speed-dial 43 9078 label 'Juan Manuel Rodriguez'
BLF-abstracts 44 9072 label "Monica Blanco"
BLF-speed-dial 45 9073 label "Victor Colace"
BLF-abstracts 46 9080 label "Anibal Fernandez"
BLF-abstracts 47 9081 label "Jorge Conti"
BLF-abstracts 48 9028 label "Oficina 19 Fruticultura"
BLF-abstracts 49 9023 label "Oficina 28 Fruticultura"
BLF-speed-dial 50 9091 label "Eugenia Tortora"
BLF-abstracts 51 9019 label "Sala of Ingles"
BLF-numbering 52 9092 tag "Centro de Contrataciones"
BLF-abstracts 53 9027 label "Convention".
BLF-abstracts 54 9066 label "Guincheros".
BLF-abstracts 55 9020 label "Balanza White"
BLF-abstracts 56 9022 label 'Guardia PNA'
BLF-abstracts 57 9002 label 'Laura Trapani'
9001 58 BLF-abstracts label 'Juan Ignacio Fernandez'
BLF-abstracts 59 9093 label "Rosana Pastizzo"
7965 addon type 1 7916 - 24 2 7916 - 24
button 01:51
!
!
!
ePhone 52
security-mode device no
video
address Mac D824. BDBA. D185
user name "jfernandez.
presence-call list
BLF-numbering 1 9009 label "Valentine Moran"
BLF-numbering 2 9003 tag "Claudio tale"
BLF-speed-dial 3 9030 label "Miguel Garelli"
BLF-speed-dial 4 9099 label "Hugo Borelli"
BLF-abstracts 5 9070 label "Sala of directory"
BLF-abstracts 6 9052 label "Mariana Rodriguez"
BLF-numbering 7 9056 label "Mauro Comisso"
BLF-abstracts 8 9058 label 'Juan Curcio'
BLF-speed-dial 9 9053 label "Ada Grajeda"
BLF-speed-dial 10 9057 label "Soledad Amici"
BLF-abstracts 11 9051 label "Mariana Grassi"
BLF-speed-dial 12 9054 tag 'Eduardo Bocca'
BLF-abstracts 13 9055 label "Graciela Rossi"
BLF-abstracts 14 9050 label "Norberto Romero"
BLF-speed-dial 15 9062 label "Edgardo Spagnolo"
BLF-speed-dial 16 9061 label "Jorge Allegretta"
BLF-abstracts 17 9063 label "Carlos Volonterio"
BLF-abstracts 18 9026 label 'Juan Carlos tale'
BLF-abstracts 19 9012 label "Cocina".
BLF-abstracts 20 9067 label "Alejandro Martinez"
BLF-numbering 21 9060 tag "Ricardo Amici"
BLF-abstracts 22 9068 label "Miguel Ayoroa"
BLF-abstracts 23 9034 label "Hugo Mazzello"
BLF-speed-dial 24 9031 label 'Carlos Ginés'
BLF-abstracts 25 9033 label "Luis Arecco"
BLF-numbering 26 9032 label 'Pablo Pascualetti'
BLF-abstracts 27 9035 label "Francisco Weyland"
BLF-abstracts 28 9015 label "VTS Administrativo"
BLF-abstracts 29 9016 label "Guardia VTS"
BLF-abstracts 30 9017 label 'Juan Linares Linares'
BLF-abstracts 31 9029 label 'Alejandrina Daub'
BLF-speed-dial 32 9010 tag "Natalia Urriza"
BLF-abstracts 33 9090 label "Carlos Echeverria"
BLF-speed-dial 34 9091 label "Guillermina Juarez"
BLF-abstracts 35 9013 label "Oscar Lopez"
BLF-abstracts 36 9025 label "Miguel Schnegelberger"
BLF-abstracts 37 9014 label "Bessone Gerardo"
BLF-speed-dial 38 9074 tag "Alberto Carnevali"
BLF-abstracts 39 9071 label "Jorge Mendonça"
BLF-speed-dial 40 9077 tag 'Gabriel Samanich'
BLF-abstracts 41 9075 label "Marcelo Gambarte"
BLF-abstracts 42 9073 label "Miguel Walter"
BLF-speed-dial 43 9078 label 'Juan Manuel Rodriguez'
BLF-abstracts 44 9072 label "Monica Blanco"
BLF-speed-dial 45 9073 label "Victor Colace"
BLF-abstracts 46 9080 label "Anibal Fernandez"
BLF-abstracts 47 9081 label "Jorge Conti"
BLF-abstracts 48 9028 label "Oficina 19 Fruticultura"
BLF-abstracts 49 9023 label "Oficina 28 Fruticultura"
BLF-speed-dial 50 9091 label "Eugenia Tortora"
BLF-abstracts 51 9019 label "Sala of Ingles"
BLF-numbering 52 9092 tag "Centro de Contrataciones"
BLF-abstracts 53 9027 label "Convention".
BLF-abstracts 54 9066 label "Guincheros".
BLF-abstracts 55 9020 label "Balanza White"
BLF-abstracts 56 9022 label 'Guardia PNA'
BLF-abstracts 57 9002 label 'Laura Trapani'
9001 58 BLF-abstracts label 'Juan Ignacio Fernandez'
BLF-abstracts 59 9093 label "Rosana Pastizzo"
7965 addon type 1 7916 - 24 2 7916 - 24
button at 01:52
!
!
!
ePhone 53
security-mode device no
video
address Mac D824. BDBB.9C27
user name "rpastizzo".
presence-call list
BLF-numbering 1 9009 label "Valentine Moran"
BLF-numbering 2 9003 tag "Claudio tale"
BLF-speed-dial 3 9030 label "Miguel Garelli"
BLF-speed-dial 4 9099 label "Hugo Borelli"
BLF-abstracts 5 9070 label "Sala of directory"
BLF-abstracts 6 9052 label "Mariana Rodriguez"
BLF-numbering 7 9056 label "Mauro Comisso"
BLF-abstracts 8 9058 label 'Juan Curcio'
BLF-speed-dial 9 9053 label "Ada Grajeda"
BLF-speed-dial 10 9057 label "Soledad Amici"
BLF-abstracts 11 9051 label "Mariana Grassi"
BLF-speed-dial 12 9054 tag 'Eduardo Bocca'
BLF-abstracts 13 9055 label "Graciela Rossi"
BLF-abstracts 14 9050 label "Norberto Romero"
BLF-speed-dial 15 9062 label "Edgardo Spagnolo"
BLF-speed-dial 16 9061 label "Jorge Allegretta"
BLF-abstracts 17 9063 label "Carlos Volonterio"
BLF-abstracts 18 9026 label 'Juan Carlos tale'
BLF-abstracts 19 9012 label "Cocina".
BLF-abstracts 20 9067 label "Alejandro Martinez"
BLF-numbering 21 9060 tag "Ricardo Amici"
BLF-abstracts 22 9068 label "Miguel Ayoroa"
BLF-abstracts 23 9034 label "Hugo Mazzello"
BLF-speed-dial 24 9031 label 'Carlos Ginés'
BLF-abstracts 25 9033 label "Luis Arecco"
BLF-numbering 26 9032 label 'Pablo Pascualetti'
BLF-abstracts 27 9035 label "Francisco Weyland"
BLF-abstracts 28 9015 label "VTS Administrativo"
BLF-abstracts 29 9016 label "Guardia VTS"
BLF-abstracts 30 9017 label 'Juan Linares Linares'
BLF-abstracts 31 9029 label 'Alejandrina Daub'
BLF-speed-dial 32 9010 tag "Natalia Urriza"
BLF-abstracts 33 9090 label "Carlos Echeverria"
BLF-speed-dial 34 9091 label "Guillermina Juarez"
BLF-abstracts 35 9013 label "Oscar Lopez"
BLF-abstracts 36 9025 label "Miguel Schnegelberger"
BLF-abstracts 37 9014 label "Bessone Gerardo"
BLF-speed-dial 38 9074 tag "Alberto Carnevali"
BLF-abstracts 39 9071 label "Jorge Mendonça"
BLF-speed-dial 40 9077 tag 'Gabriel Samanich'
BLF-abstracts 41 9075 label "Marcelo Gambarte"
BLF-abstracts 42 9073 label "Miguel Walter"
BLF-speed-dial 43 9078 label 'Juan Manuel Rodriguez'
BLF-abstracts 44 9072 label "Monica Blanco"
BLF-speed-dial 45 9073 label "Victor Colace"
BLF-abstracts 46 9080 label "Anibal Fernandez"
BLF-abstracts 47 9081 label "Jorge Conti"
BLF-abstracts 48 9028 label "Oficina 19 Fruticultura"
BLF-abstracts 49 9023 label "Oficina 28 Fruticultura"
BLF-speed-dial 50 9091 label "Eugenia Tortora"
BLF-abstracts 51 9019 label "Sala of Ingles"
BLF-numbering 52 9092 tag "Centro de Contrataciones"
BLF-abstracts 53 9027 label "Convention".
BLF-abstracts 54 9066 label "Guincheros".
BLF-abstracts 55 9020 label "Balanza White"
BLF-abstracts 56 9022 label 'Guardia PNA'
BLF-abstracts 57 9002 label 'Laura Trapani'
9001 58 BLF-abstracts label 'Juan Ignacio Fernandez'
BLF-abstracts 59 9093 label "Rosana Pastizzo"
7965 addon type 1 7916 - 24 2 7916 - 24
button at 01:53
!
!
!
ePhone 54
security-mode device no
video
Mac C464.1300.5B42 address
Max-calls-by button-2
presence-call list
type of 6921
button at 01:54
!
!
!
ePhone 1200
security-mode device no
001D.60F0.6FA5 Mac address
button 01:10
!
!
!
!
Line con 0
line to 0
line 2
no activation-character
No exec
preferred no transport
transport of entry all
transport output pad rlogin lapb - your MOP v120 udptn ssh telnet
StopBits 1
line 195
no activation-character
No exec
preferred no transport
transport of entry all
transport output pad rlogin lapb - your MOP v120 udptn ssh telnet
StopBits 1
line vty 0 4
access-class 23 in
privilege level 15
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
transport input telnet ssh
!
Scheduler allocate 20000 1000
Master of NTP
NTP-Calendar Update
!
endCUCME2951 #.
Any help will be really appreciated!
"" Material special multi Conference for more than three parts is not supported on Cisco Unified IP SIP phones running. ".
of the CMF administration guide:
http://www.Cisco.com/en/us/docs/voice_ip_comm/cucme/Admin/Configuration/Guide/cmeconf.html#wp1020601
HTH,
Chris
-
Hello I know theres a lot of topics on this subject, but I've been reading for the past 2 weeks and I can not find my solution.
My Cisco VPN client connects to the ASA 5510 and everything looks good but when I try to send traffic (RDP) nevers connects and logs shows a timeout syn. Here is my setup, I really appreciated all the help
ASA Version 8.2 (1)
!
xxx host name
domain xxxx
activate g.wfzl577L4IVnRL encrypted password
2KFQnbNIdI.2KYOU encrypted passwd
!
interface Ethernet0/0
nameif outside
security-level 0
IP 201.199.135.x 255.255.255.248
!
interface Ethernet0/1
nameif inside
security-level 100
10.1.1.x 255.255.255.0 IP address
!
interface Ethernet0/2
No nameif
security-level 100
IP 192.168.30.x 255.255.255.0
!
interface Ethernet0/3
Shutdown
No nameif
no level of security
no ip address
!
interface Management0/0
nameif management
security-level 100
IP 192.168.1.1 255.255.255.0
management only
!
boot system Disk0: / asa821 - k8.bin
passive FTP mode
DNS domain-lookup outside
DNS server-group DefaultDNS
xx server name
xx server name
domain xxxxx
permit same-security-traffic inter-interface
permit same-security-traffic intra-interface
list incoming extended access deny ip object-group DENY_ACCESS does everything
list of allowed inbound tcp extended access any object-group object-group web-servers web-ports
access list entering extended permitted tcp 209.200.128.0 255.255.192.0 201.199.135.x object-group web-host ports
access-list outgoing extended permitted ip object-group have no doubt
access-list extended outgoing allow tcp object-group-servers web any object-group web-ports
access-list extended outgoing allow tcp 10.1.1.0 255.255.255.0 any general-access object-group
outgoing access-list extended permit tcp host 201.199.135.xx any object-group web-ports
inside_access_in allowed extended access list ip object-group trust all disable Journal
inside_access_in to access extensive ip list allow object-group-servers DNS all disable Journal
inside_access_in list extended access allowed host WEB3 udp any eq inactive ntp
inside_access_in to access extended list ip 192.168.3.0 allow 255.255.255.0 10.1.1.0 255.255.255.0
ISA_access_in list extended access allowed object-group Ports host 192.168.30.7 all
permit inside_nat0_outbound to access extended list ip 10.1.1.0 255.255.255.0 192.168.3.0 255.255.255.0
Split_Tunnel_List list standard access allowed 10.1.1.0 255.255.255.0
pager lines 24
Enable logging
list configLog level Debug class registration auth
list configLog level Debug class config record
Class of information of record list system-IDSLog-level ID
list of logging system-IDSLog class level sys information
exploitation forest buffer-size 10000
asdm of logging of information
xxxx address record
xxxxx the delivery address logging level notifications
No message logging 111008
No message logging 111007
Outside 1500 MTU
Within 1500 MTU
MTU 1500 ISA
management of MTU 1500
192.168.3.2 mask - 192.168.3.254 local pool POOL VPN IP 255.255.255.0
fall of IP audit name attackPolicy attack action alarm
IP audit name antiSnifferPolicy action fall info
IP check outside the attackPolicy interface
no failover
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 641.bin
don't allow no asdm history
ARP timeout 14400
Global 1 interface (outside)
Global (ISA) 1 201.199.135.xx netmask 255.255.255.248
NAT (inside) 0-list of access inside_nat0_outbound
NAT (inside) 1 10.1.1.0 255.255.255.0
NAT (ISA) 1 192.168.30.0 255.255.255.0
public static 201.199.xxx.xx (inside, outside) WEB3 netmask 255.255.255.255
inside_access_in access to the interface inside group
Access-group ISA_access_in in ISA interface
Route outside 0.0.0.0 0.0.0.0 201.199.135.113 1
Route inside 0.0.0.0 0.0.0.0 10.1.1.3 in tunnel
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-registration DfltAccessPolicy
the ssh LOCAL console AAA authentication
LOCAL AAA authentication serial console
Enable http server
http 192.168.1.0 255.255.255.0 management
http 10.1.1.0 255.255.255.0 inside
SNMP-server host within the 10.1.1.56 community
SNMP-server host within the 10.1.1.18 community
No snmp server location
No snmp Server contact
Community SNMP-server
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Server enable SNMP traps syslog
service resetinbound ISA interface
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
Crypto ca trustpoint ASDM_TrustPoint0
registration auto
name of the object CN = xxx.xxxxxx
sslvpnkeypair key pair
Configure CRL
string encryption ca ASDM_TrustPoint0 certificates
certificate 6ef8fc4f
308201f3 3082015c a0030201 0202046e f8fc4f30 0d06092a 864886f7 0d 010105
0500303e 311a 3018 06035504 03131149 4345332e 646f746e 65742e63 6f2e6372
3120301e 06092 has 86 01090216 11494345 332e646f 746e6574 2e636f2e 4886f70d
3132 30393035 31333435 35345a 17 323230 39303331 33343535 0d 6372301e 170d
311a 3018 06035504 03131149 345a303e 4345332e 646f746e 65742e63 6f2e6372
3120301e 06092 has 86 01090216 11494345 332e646f 746e6574 2e636f2e 4886f70d
63723081 9f300d06 092 has 8648 86f70d01 01010500 03818d 30818902 00 818100e4
52687fe4 bc46d95c bb14cb51 c9ba2757 692683e2 315fb2cb 585c 9785 295e9090
88dea89d 5a1497f5 49107a1f ea35d71b fd05d9ff 652f1ff9 68766519 d19dc584
310312b 2 b369673f 70db355a 8d1e0a5e 4c825c27 7ad5e4f6 d36cbda7 b4ad77a5
f490d942 2ef2488a bcb97b3f 5795bbcd 5f5b5c5a ff965272 2c8deaa5 2aa78902
03010001 300 d 0609 2a 864886 f70d0101 05050003 818100aa c1a3301a ec3898ac
9aa26005 18699233 ad6c326f 51228c6b ba6a91e8 2ac79a0c 2af687c1 17bce83f
bbf94b0e e6f09977 fad72c47 96d206ed c1157e67 79862e20 9f28cfa1 739c0fa2
81272d5d a7124fc0 f95904db 72eacc9a 772208e2 1edba72b 618ed8dc d3c1b8f7
5047604e f767eaf1 7ee5ed95 79ef9184 db62bcfb b71e6f
quit smoking
No vpn-addr-assign aaa
No dhcp vpn-addr-assign
Telnet timeout 5
SSH 10.1.1.0 255.255.255.0 inside
SSH timeout 5
SSH version 2
Console timeout 0
dhcpd address 192.168.30.5 - 192.168.30.20 ISA
dhcpd dns 4.2.2.2 200.91.75.5 ISA interface
dhcpd enable ISA
!
management of 192.168.1.2 - dhcpd address 192.168.1.254
enable dhcpd management
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
SSL-trust outside ASDM_TrustPoint0 point
WebVPN
allow outside
allow inside
SVC disk0:/anyconnect-win-2.5.2019-k9.pkg 1 image
enable SVC
tunnel-group-list activate
attributes of Group Policy DfltGrpPolicy
Protocol-tunnel-VPN IPSec l2tp ipsec
internal VPNGP group policy
VPNGP group policy attributes
WINS server no
Server DNS 10.1.1.11 value 10.1.1.16
VPN-tunnel-Protocol svc webvpn
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list Split_Tunnel_List
dotnet.co.CR value by default-field
the address value VPN-POOL pools
xxxx gsUajqpee0ffkhsw encrypted password username
xx Wl5xhq9rOjTEyzHN encrypted privilege 15 password username
xxvpn 9tblNqPJ2.cWaLSD encrypted password username
username xxvpn attributes
type of remote access service
tunnel-group AnyConnect type remote access
tunnel-group AnyConnect General attributes
Group Policy - by default-VPNGP
tunnel-group AnyConnect webvpn-attributes
enable VPN group-alias
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
type of policy-card inspect dns migrated_dns_map_1
parameters
message-length maximum 512
!
global service-policy global_policy
10.1.1.20 SMTP server
context of prompt hostname
Cryptochecksum:9720306792f52eac533976d69f0f3daa
: end
Thank you
Hi Oscar,.
The configuration seems to be well.
At this point to troubleshoot VPN communication.
SYN timeout period means that the server does not respond, or the SYN ACK never reached the ASA.
We need to put a screenshot of the packages inside the interface as follows:
capture capin interface inside the match ip 10.1.1.0 255.255.255.0 192.168.3.0 255.255.255.0
Then you try to access the server via RDP and run the command 'see capture capin.
Another good test would be the following:
entry Packet-trace within the icmp 10.1.1.250 8 0 192.168.3.1 retail---> where the 192.168.3.1 must be the IP address of the VPN client
Set the output of the 'see capture capin' and the output of "packet - trace.
Let me know.
Portu.
Please note any workstation that will be useful.
-
Site to site vpn errors.
When you configure a site to tunnles, I get errors in logging of ASA of gall.
I've included the two configs on the walls of ASA file.
any one see what Miss me?
small site
: Saved
: Written by usiadmin at 15:22:08.143 UTC Monday, March 19, 2012
!
ASA Version 7.2 (3)
!
hostname smallASA
domain.com domain name
activate awSQhSsotCzGWRMo encrypted password
names of
!
interface Vlan1
nameif inside
security-level 100
IP 10.16.4.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP 116.12.211.66 255.255.255.240
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
L0Wjs4eA25R/befo encrypted passwd
passive FTP mode
DNS lookup field inside
DNS server-group DefaultDNS
Server name 10.10.20.1
domain.com domain name
access extensive list ip 10.16.4.0 outside_1_cryptomap allow 255.255.255.0 any
access extensive list ip 10.16.4.0 inside_nat0_outbound allow 255.255.255.0 any
pager lines 24
Enable logging
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 523.bin
don't allow no asdm history
ARP timeout 14400
NAT-control
Global 1 interface (outside)
NAT (inside) 0-list of access inside_nat0_outbound
NAT (inside) 1 0.0.0.0 0.0.0.0
Route outside 0.0.0.0 0.0.0.0 116.12.211.65 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout, uauth 0:05:00 absolute
Enable http server
http 0.0.0.0 0.0.0.0 outdoors
http 10.16.4.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
card crypto outside_map 1 match address outside_1_cryptomap
card crypto outside_map 1 set pfs
peer set card crypto outside_map 1 12.69.103.226
card crypto outside_map 1 set of transformation-ESP-3DES-SHA
outside_map interface card crypto outside
crypto ISAKMP allow outside
crypto ISAKMP policy 10
preshared authentication
3des encryption
sha hash
Group 2
life 86400
Crypto isakmp nat-traversal 20
Telnet 10.16.4.0 255.255.255.0 inside
Telnet timeout 5
SSH 10.16.4.0 255.255.255.0 inside
SSH 0.0.0.0 0.0.0.0 outdoors
SSH timeout 5
Console timeout 0
dhcpd dns 165.21.83.88 10.10.2.1
dhcpd domain domain.com
dhcpd outside auto_config
!
dhcpd address 10.16.4.100 - 10.16.4.131 inside
dhcpd allow inside
!
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
!
global service-policy global_policy
usiadmin encrypted DI5M5NnQfLzGHaw1 privilege 15 password username
initech encrypted ENDpqoooBPsmGFZP privilege 15 password username
tunnel-group 12.69.103.226 type ipsec-l2l
IPSec-attributes tunnel-group 12.69.103.226
pre-shared key, PSK
context of prompt hostname
Cryptochecksum:e6bf95f3c25574bfed2adafb3283e882
: end
large site
: Saved
: Written by usiadmin to the 22:57:30.549 CDT Monday, March 19, 2012
!
ASA Version 8.0 (3)
!
hostname STO-ASA-5510-FW
domain.com domain name
enable the password... Ge0JnvJlk/gAiB encrypted
names of
192.168.255.0 BGP-Transit_Network description name Transit BGP
name 10.10.99.0 VPN
name 10.10.2.80 BB
DNS-guard
!
interface Ethernet0/0
Inside the Interface Description
nameif inside
security-level 100
IP 10.10.200.29 255.255.255.240
OSPF cost 10
!
interface Ethernet0/1
Description external Interface facing the Rotuer for Internet.
nameif outside
security-level 0
IP 12.69.103.226 255.255.255.240
OSPF cost 10
!
interface Ethernet0/2
Description physical interface trunk - do not use
No nameif
no level of security
no ip address
!
interface Ethernet0/2.900
Description Interface DMZ 12.69.103.0 / 26 (usable hotes.1 a.62)
VLAN 900
nameif DMZ1-VLAN900
security-level 50
IP 12.69.103.1 255.255.255.192
OSPF cost 10
!
interface Ethernet0/3
Shutdown
No nameif
no level of security
no ip address
!
interface Management0/0
nameif management
security-level 100
IP 10.10.5.250 255.255.254.0
OSPF cost 10
management only
!
L0Wjs4eA25R/befo encrypted passwd
banner exec **********************************************************************
exec banner STO-ASA-5510-FW
exec banner ASA5510 - 10.10.200.29
exec banner configured for data use only
banner exec **********************************************************************
banner login **********************************************************************
connection of the banner caveat: this system is for the use of only authorized customers.
banner of individuals to connect using the system of computer network without permission.
banner login or exceeding their authority, are subject with all their
activity of connection banner on this system monitored and recorded by computer network
staff of the login banner system. To protect the computer network system of
banner of the connection of unauthorized use and to ensure that computer network systems is
connection of banner works properly, system administrators monitor this system.
banner connect anyone using this computer network system expressly consents to such a
banner of the connection monitoring and is advised that if such monitoring reveals possible
conduct of connection banner of criminal activity, system personnel may provide the
evidence of connection banner of such activity to the police.
connection banner that access is restricted to the authorized users only. Unauthorized access is
connection banner, a violation of State and federal, civil and criminal.
banner login **********************************************************************
passive FTP mode
clock timezone CST - 6
clock to summer time recurring CDT
DNS server-group DefaultDNS
domain universalsilencer.com
permit same-security-traffic intra-interface
object-group service SAP tcp - udp
Description SAP updates
port-object eq 3299
object-group Protocol TCPUDP
object-protocol udp
object-tcp protocol
object-group service HUMANLand tcp
port-object eq citrix-ica
DM_INLINE_TCP_1 tcp service object-group
EQ port 5061 object
port-object eq www
EQ object of the https port
DM_INLINE_TCP_2 tcp service object-group
EQ port 5061 object
port-object eq www
EQ object of the https port
DM_INLINE_UDP_1 udp service object-group
EQ port-object snmp
port-object eq snmptrap
object-group service DM_INLINE_SERVICE_1
ICMP service object
the purpose of the service tcp - udp eq www
the purpose of the udp eq snmp service
the purpose of the udp eq snmptrap service
the eq syslog udp service object
the eq 2055 tcp service object
the eq 2055 udp service object
EQ-3389 tcp service object
object-group service human tcp - udp
port-object eq 8100
object-group service grove tcp
port-object eq 2492
netflowTcp tcp service object-group
port-object eq 2055
object-group service 6144 tcp - udp
6144 description
port-object eq 6144
object-group service 1536-DMPA-inter-tcp - udp
1536-DMPA-inter description
port-object eq 1536
the DM_INLINE_NETWORK_1 object-group network
network-object 198.78.0.0 255.255.0.0
network-object 207.152.0.0 255.255.0.0
network-object 69.31.0.0 255.255.0.0
the DM_INLINE_NETWORK_2 object-group network
network-object 198.78.0.0 255.255.0.0
network-object 207.152.0.0 255.255.0.0
network-object 69.31.0.0 255.255.0.0
the DM_INLINE_NETWORK_3 object-group network
network-object 198.78.0.0 255.255.0.0
network-object 207.152.0.0 255.255.0.0
network-object 69.31.0.0 255.255.0.0
the DM_INLINE_NETWORK_4 object-group network
network-object 198.78.0.0 255.255.0.0
network-object 207.152.0.0 255.255.0.0
network-object 69.31.0.0 255.255.0.0
object-group service rdp tcp
RDP description
EQ port 3389 object
the DM_INLINE_NETWORK_5 object-group network
network-object 10.16.0.0 255.255.0.0
object-network 10.16.0.0 255.255.255.0
the DM_INLINE_NETWORK_6 object-group network
network-object 10.16.0.0 255.255.0.0
object-network 10.16.0.0 255.255.255.0
the DM_INLINE_NETWORK_7 object-group network
network-object 10.16.0.0 255.255.0.0
object-network 10.16.0.0 255.255.255.0
the DM_INLINE_NETWORK_8 object-group network
network-object 10.16.0.0 255.255.0.0
object-network 10.16.0.0 255.255.255.0
access outside the 207.152.125.136 note list
extended access list to refuse any newspaper outdoors the object-group objects DM_INLINE_NETWORK_1 TCPUDP-group
scope of list of outdoor access to refuse the object-group objects DM_INLINE_NETWORK_2 host 12.69.103.129 TCPUDP-group
extended access list to refuse the object-group TCPUDP outdoors any object-group DM_INLINE_NETWORK_3
scope of list of outdoor access to refuse the subject-TCPUDP 12.69.103.129 host object group DM_INLINE_NETWORK_4
access outside the note list * in Bound SAP traffic by Ron Odom update *.
list of access outside the scope permitted tcp host 194.39.131.34 host 12.69.103.155 3200 3300 Journal range
access outside the note list * router SAP *.
list of access outside the permitted range tcp host 10.10.2.110 host 194.39.131.34 3200 3300
extended access list permits object-group DM_INLINE_SERVICE_1 outside any host 12.69.103.154
access outside the note list * entrants to the mail server to 10.10.2.10 Peter K *.
list of extended outside access permit tcp any host 12.69.103.147 eq smtp
access outside the note list * incoming to the OCS EDGE on DMZ Peter K *.
access list outside extended permit tcp any host 12.69.103.2 object - group DM_INLINE_TCP_1
list of external extended ip access permits any host 12.69.103.6
list of access outside the comment flagged for malware activity
scope of list of outdoor access to deny the host ip 77.78.247.86 all
list of external extended ip access permits any host 12.69.103.156 inactive
list of extended outside access permit tcp any host 12.69.103.147 eq www
list of extended outside access permit tcp any host 12.69.103.147 eq https
access outside the note list * incoming hosting 10.10.3.200 - Dan K *.
list of extended outside access permit tcp any host 12.69.103.145 eq www
list of extended outside access permit tcp any host 12.69.103.145 eq https
access outside the note list * journey to host 10.10.2.30 USIFAXBACK - Dan K *.
list of extended outside access permit tcp any host 12.69.103.146 eq www
list of extended outside access permit tcp any host 12.69.103.146 eq https
access outside the note list * incoming hosting 10.10.8.5 - Mitel 7100 BOB M 4/4-2008 - BV *.
list of extended outside access permit tcp any host 12.69.103.152 eq pptp
access list outside extended permit tcp any host 200.56.251.118 object - group HUMANLand
list of extended outside access permit tcp any host 200.56.251.121 eq 8100
outdoor access list note allow all return ICMP traffic off in order to help the attacks of hidden form
extended the list of outdoor access to deny icmp everything no matter what newspaper
list of allowed outside access extended ip 10.14.0.0 255.255.0.0 all open a debug session
list of allowed outside access extended ip 10.15.0.0 255.255.0.0 any
list of allowed outside access extended ip object-group DM_INLINE_NETWORK_7 all
outdoor access list extended permits all ip 10.14.0.0 255.255.0.0 debug log
outdoor access list extended permits all ip 10.15.0.0 255.255.0.0
list of external extended ip access permits any object-group DM_INLINE_NETWORK_6
list of access outside the scope permitted udp host 12.88.249.62 any DM_INLINE_UDP_1 object-group
Note added to pervent bocking human outside access list
list of access outside the permitted scope object-TCPUDP host 10.12.2.250 host 200.56.251.121 human group object
Note added to pervent bocking human outside access list
list of access outside the permitted scope object-TCPUDP host 200.56.251.121 host 10.12.2.250 human group object
outside the permitted scope of access tcp list any any eq log pptp
extended access list to refuse the object-group TCPUDP outdoors everything any object-group 6144
VPN-SplitTunnel extended 10.10.0.0 ip access list allow 255.255.0.0 VPN 255.255.255.192
extensive list of access VPN-SplitTunnel ip 10.11.0.0 255.255.0.0 VPN 255.255.255.192 allow
extended VPN-SplitTunnel access list ip 10.12.0.0 allow 255.255.0.0 VPN 255.255.255.192
extended VPN-SplitTunnel access list ip 10.13.0.0 allow 255.255.0.0 VPN 255.255.255.192
list of access VPN-SplitTunnel extended permitted ip VPN BGP-Transit_Network 255.255.255.0 255.255.255.192
list of access VPN-SplitTunnel extended permitted ip 10.0.0.0 255.0.0.0 192.168.10.0 255.255.255.0
VPN-SplitTunnel extended 10.10.0.0 ip access list allow 255.255.0.0 10.14.4.0 255.255.254.0
VPN-SplitTunnel extended 10.10.0.0 ip access list allow 255.255.0.0 10.15.4.0 255.255.254.0
VPN-SplitTunnel extended 10.10.0.0 ip access list allow 255.255.0.0 10.14.8.0 255.255.254.0
Note DMZ1_in access-list * OCS - 2nd interface to inside EDGE welcomes Peter K *.
DMZ1_in list extended access permit tcp host 12.69.103.3 host 10.10.2.15 DM_INLINE_TCP_2 object-group
Note DMZ1_in of access list permit all ICMP traffic
DMZ1_in access list extended icmp permitted any any newspaper
DMZ1_in deny ip extended access list all 207.152.0.0 255.255.0.0
DMZ1_in list extended access deny ip 207.152.0.0 255.255.0.0 any
Note DMZ1_in access-list * explicitly block access to all domestic networks *.
Note access-list DMZ1_in * no need allowed inside networks *.
Note DMZ1_in access-list * to do above this section *.
DMZ1_in list extended access deny ip any 10.0.0.0 255.0.0.0
DMZ1_in list extended access deny ip any 172.16.0.0 255.240.0.0
DMZ1_in list extended access deny ip any 192.168.0.0 255.255.0.0
Note DMZ1_in access-list * IP Allow - this will be the internet *.
DMZ1_in list of allowed ip extended access all any debug log
ezvpn1 list standard access allowed 10.0.0.0 255.0.0.0
access-list DMZ1-VLAN900_cryptomap extended ip allowed any one
access-list sheep extended ip 10.10.0.0 allow 255.255.0.0 VPN 255.255.255.192
IP 10.11.0.0 allow Access-list extended sheep 255.255.0.0 VPN 255.255.255.192
IP 10.12.0.0 allow Access-list extended sheep 255.255.0.0 VPN 255.255.255.192
access-list extended sheep ip 10.13.0.0 allow 255.255.0.0 VPN 255.255.255.192
access-list sheep extended ip VPN BGP-Transit_Network 255.255.255.0 allow 255.255.255.192
access-list extended sheep allowed ip 10.0.0.0 255.0.0.0 192.168.10.0 255.255.255.0
access-list sheep extended ip 10.10.0.0 allow 255.255.0.0 10.14.4.0 255.255.254.0
access-list sheep extended ip 10.10.0.0 allow 255.255.0.0 10.14.8.0 255.255.254.0
access-list extended sheep allowed ip 10.0.0.0 255.0.0.0 10.14.0.0 255.255.0.0
access-list sheep extended ip 10.10.0.0 allow 255.255.0.0 10.15.4.0 255.255.254.0
access-list extended sheep allowed ip 10.0.0.0 255.0.0.0 10.15.0.0 255.255.0.0
permit traffic to access extended list ip 10.0.0.0 255.0.0.0 10.14.0.0 inactive 255.255.0.0
outside_cryptomap to access ip 10.0.0.0 scope list allow 255.0.0.0 10.15.0.0 255.255.0.0
access extensive list ip 10.14.0.0 outside_nat0_outbound allow 255.255.0.0 VPN 255.255.255.192
access extensive list ip 10.15.0.0 outside_nat0_outbound allow 255.255.0.0 VPN 255.255.255.192
outside_nat0_outbound list extended access allowed object-group ip VPN DM_INLINE_NETWORK_8 255.255.255.192
outside_cryptomap_1 to access ip 10.0.0.0 scope list allow 255.0.0.0 DM_INLINE_NETWORK_5 object-group
pager lines 24
Enable logging
timestamp of the record
logging list VPN informational level class auth
logging list class VPN config level criticism
VPN vpn list logging level notification class
notification of log list VPN vpnc level class
VPN list logging level notifications class webvpn
logging alerts list any level
exploitation forest-size of the buffer of 256000
logging buffered all
logging VPN trap
asdm of logging of information
host of inside the 10.10.2.41 logging format emblem
logging ftp-bufferwrap
connection server ftp 10.10.2.41 \logs usi\administrator 178US1SIL3 ~.
Within 1500 MTU
Outside 1500 MTU
MTU 1500 DMZ1-VLAN900
management of MTU 1500
mask 10.10.99.1 - 10.10.99.63 255.255.255.192 IP local pool Clients_vpn
no failover
ICMP unreachable rate-limit 1 burst-size 1
ICMP allow any inside
ICMP allow all outside
ICMP allow any DMZ1-VLAN900
ASDM image disk0: / asdm - 611.bin
ASDM location VPN 255.255.255.192 inside
ASDM location BGP-Transit_Network 255.255.255.0 inside
ASDM location 10.10.4.60 255.255.254.255 inside
ASDM location 255.255.255.255 inside BB
ASDM location 10.16.0.0 255.255.0.0 inside
ASDM location 69.31.0.0 255.255.0.0 inside
ASDM location 198.78.0.0 255.255.0.0 inside
ASDM location 10.16.0.0 255.255.255.0 inside
enable ASDM history
ARP timeout 14400
Global (inside) 1 10.10.2.4 netmask 255.0.0.0
Global (outside) 10 12.69.103.129 netmask 255.255.255.255
Global (outside) 11 12.69.103.130 netmask 255.255.255.255
Global (outside) 12 12.69.103.131 netmask 255.255.255.255
Global (outside) 13 12.69.103.132 netmask 255.255.255.255
Global (outside) 14 12.69.103.133 netmask 255.0.0.0
NAT (inside) 0 access-list sheep
NAT (inside) 11 192.168.255.4 255.255.255.252
NAT (inside) 12 192.168.255.8 255.255.255.252
NAT (inside) 13 192.168.255.12 255.255.255.252
NAT (inside) 10 10.10.0.0 255.255.0.0
NAT (inside) 11 10.11.0.0 255.255.0.0
NAT (inside) 12 10.12.0.0 255.255.0.0
NAT (inside) 13 10.13.0.0 255.255.0.0
NAT (inside) 10 10.14.0.0 255.255.0.0
NAT (outside) 0-list of access outside_nat0_outbound
NAT (outside) 10 10.16.0.0 255.255.255.0
NAT (outside) 10 10.14.0.0 255.255.0.0
NAT (outside) 10 10.15.0.0 255.255.0.0
NAT (outside) 10 10.16.0.0 255.255.0.0
static (DMZ1-VLAN900, external) 12.69.103.0 12.69.103.0 subnet mask 255.255.255.192
public static 12.69.103.154 (Interior, exterior) 10.10.2.41 netmask 255.255.255.255
static (inside, DMZ1-VLAN900) 10.0.0.0 10.0.0.0 netmask 255.0.0.0
static (inside, DMZ1-VLAN900) 192.168.0.0 192.168.0.0 netmask 255.255.0.0
static (inside, DMZ1-VLAN900) 172.16.0.0 subnet 255.240.0.0 172.16.0.0 mask
public static 12.69.103.147 (Interior, exterior) 10.10.2.10 netmask 255.255.255.255
public static 12.69.103.152 (Interior, exterior) 10.10.8.5 netmask 255.255.255.255
public static 12.69.103.155 (Interior, exterior) 10.10.2.110 netmask 255.255.255.255
outside access-group in external interface
Access-group DMZ1_in in interface DMZ1-VLAN900
!
Router eigrp 100
Network 10.0.0.0 255.0.0.0
!
Route outside 0.0.0.0 0.0.0.0 12.69.103.225 1
Route inside 10.0.0.0 255.0.0.0 10.10.200.30 1
Route inside 10.10.98.0 255.255.255.0 10.10.200.30 1
Route outside 10.14.0.0 255.255.0.0 12.69.103.225 1
Route outside 10.15.0.0 255.255.0.0 12.69.103.225 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout, uauth 0:05:00 absolute
dynamic-access-policy-registration DfltAccessPolicy
AAA-server Microsoft radius Protocol
simultaneous accounting mode
reactivation mode impoverishment deadtime 30
AAA-server Microsoft host 10.10.2.1
key cisco123
the ssh LOCAL console AAA authentication
AAA authentication LOCAL telnet console
AAA authentication enable LOCAL console
AAA authentication http LOCAL console
Enable http server
http 10.10.0.0 255.255.0.0 management
http 10.10.0.0 255.255.0.0 inside
SNMP-server host within the 10.10.2.41 community UNISNMP version 2 c-port udp 161
location of Server SNMP STODATDROOM
contact SNMP SYS Admin Server
UNISNMP SNMP-server community
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Server enable SNMP traps syslog
Server SNMP traps enable ipsec works stop
Server enable SNMP traps entity config - change insert-fru fru - remove
Server SNMP enable doors remote access has exceeded the threshold of session
Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 value transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
card crypto outside_map 1 match address outside_cryptomap
peer set card crypto outside_map 1 115.111.107.226
card crypto outside_map 1 set of transformation-ESP-3DES-SHA
card crypto outside_map 2 match address outside_cryptomap_1
peer set card crypto outside_map 2 116.12.211.66
card crypto outside_map 2 the value transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
address card crypto outside_map 10 game traffic
peer set card crypto outside_map 10 212.185.51.242
outside_map crypto 10 card value transform-set ESP-3DES-SHA
outside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
outside_map interface card crypto outside
inside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
inside crypto map inside_map interface
card crypto DMZ1-VLAN900_map0 1 the value transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
crypto isakmp identity address
crypto ISAKMP allow inside
crypto ISAKMP allow outside
crypto ISAKMP policy 5
preshared authentication
3des encryption
sha hash
Group 2
life no
crypto ISAKMP policy 10
preshared authentication
the Encryption
sha hash
Group 2
life no
Crypto isakmp nat-traversal 33
No vpn-addr-assign aaa
No dhcp vpn-addr-assign
VPN-addr-assign local reuse-delay 10
Telnet 10.10.0.0 255.255.0.0 inside
Telnet 10.10.0.0 255.255.0.0 management
Telnet timeout 29
SSH timeout 29
SSH version 2
Console timeout 1
management-access inside
dhcprelay Server 10.10.2.1 outside
a basic threat threat detection
threat scan-threat shun except ip 10.14.0.0 address detection 255.255.0.0
threat scan-threat shun except ip 10.15.0.0 address detection 255.255.0.0
threat detection statistics
Web cache WCCP
WCCP interface within web in cache redirection
NTP 192.5.41.41 Server
NTP 192.5.41.40 Server
Server NTP 192.43.244.18
TFTP server inside 10.10.2.2 \asa
attributes of Group Policy DfltGrpPolicy
banner of value WARNING: this system is for the use of only authorized customers.
value of server WINS 10.10.2.1
value of 10.10.2.1 DNS server 10.10.2.2
Protocol-tunnel-VPN IPSec svc webvpn
Split-tunnel-policy tunnelspecified
Split-tunnel-network-list value VPN-SplitTunnel
universalsilencer.com value by default-field
Server proxy Internet Explorer 00.00.00.00 value
the address value Clients_vpn pools
internal CHINAPH group policy
CHINAPH group policy attributes
Protocol-tunnel-VPN IPSec svc webvpn
Split-tunnel-policy tunnelall
enable dhcp Intercept 255.255.0.0
the address value Clients_vpn pools
internal ezGROUP1 group policy
attributes of the strategy of group ezGROUP1
VPN-tunnel-Protocol svc webvpn
allow password-storage
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list ezvpn1
allow to NEM
deleted users
IPSec-attributes tunnel-group DefaultL2LGroup
pre-shared-key germanysilence
type tunnel-group USISplitTunnelRemoteAccess remote access
attributes global-tunnel-group USISplitTunnelRemoteAccess
address pool Clients_vpn
IPSec-attributes tunnel-group USISplitTunnelRemoteAccess
pre-shared-key z2LNoioYVCTyJlX
type tunnel-group USISplitTunnelRADIUS remote access
attributes global-tunnel-group USISplitTunnelRADIUS
address pool Clients_vpn
Group-Microsoft LOCAL authentication server
IPSec-attributes tunnel-group USISplitTunnelRADIUS
pre-shared-key fLFO2p5KSS8Ic2y
type tunnel-group ezVPN1 remote access
tunnel-group ezVPN1 General-attributes
Group Policy - by default-ezGROUP1
ezVPN1 group of tunnel ipsec-attributes
pre-shared key, PSK
tunnel-group 212.185.51.242 type ipsec-l2l
IPSec-attributes tunnel-group 212.185.51.242
pre-shared key, PSK
NOCHECK Peer-id-validate
tunnel-group 115.111.107.226 type ipsec-l2l
IPSec-attributes tunnel-group 115.111.107.226
pre-shared key PSJ
tunnel-Group China type remote access
attributes global-tunnel-Group China
address pool Clients_vpn
Group Policy - by default-CHINAPH
tunnel-group 116.12.211.66 type ipsec-l2l
IPSec-attributes tunnel-group 116.12.211.66
pre-shared key, PSK
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns migrated_dns_map_1
parameters
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the migrated_dns_map_1 dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
inspect the icmp
!
global service-policy global_policy
context of prompt hostname
Cryptochecksum:834976612f8f76e1b088326516362975
: end
Hello Ronald.
You use PFS on a site and not on the other.
Allows to remove from the site that has it and give it a try.
Change this:
card crypto outside_map 1 match address outside_1_cryptomap
card crypto outside_map 1 set pfs
peer set card crypto outside_map 1 12.69.103.226
card crypto outside_map 1 set of transformation-ESP-3DES-SHA
outside_map interface card crypto outside
To do this:
card crypto outside_map 1 match address outside_1_cryptomap
peer set card crypto outside_map 1 12.69.103.226
card crypto outside_map 1 set of transformation-ESP-3DES-SHA
outside_map interface card crypto outside
So just do a
NO card crypto outside_map 1 set pfs
Kind regards
Julio
Note all useful posts
-
Site to another with RVS4000 and 2621
Hey people. I had originally a vpn site-to site between my pix 515e and RVS4000, but I wanted to put my router on the edge of my network for greater control of the quality of Service. I have managed to set up the tunnel, but can not pass all traffic to the tunnel. The RVS4000 said the tunnel is mounted, and when I do a "isakmp crypto to show his" on the 2621, I see a QM_IDLE which I think it's good.
My architecture is:
LAN - RVS4000 (public static ip) - internet - 2621 (public dynamic IP (dhcp ()) - LAN
Here's a copy of my config 2621. My guess is I left something, but can't put my finger on. Any help is appreciated. Thank you!
version 12.3
horodateurs service debug datetime msec
Log service timestamps datetime msec
encryption password service
!
hostname core_router
!
boot-start-marker
boot-end-marker
!
!
No aaa new-model
IP subnet zero
IP cef
!
!
IP domain name craig.net
8.8.8.8 IP name-server
IP-server names 8.8.4.4
!
IP multicast routing
Max-events of po verification IP 100
!
!
!
!
voip phone service
Fax transmission protocol g711ulaw
H323
SIP
!
!
!
!
!
!
!
!
!
password username privilege 15 7 XXXXXXXXXXX craigrobertlee
--More-- !
!
property intellectual ssh time 60
property intellectual ssh source interface FastEthernet0/1
property intellectual ssh craigkey name of the rsa key pair
!
class-map correspondence-everything VOIP_TRAFFIC
game group-access 101
!
!
Policy-map VOIP_POLICY
class VOIP_TRAFFIC
bandwidth 1000
class class by default
Fair/fair-queue
!
!
!
crypto ISAKMP policy 10
BA 3des
md5 hash
preshared authentication
Group 2
ISAKMP crypto key XXXXXXXX address 174.79.X.X no.-xauth
ISAKMP crypto keepalive 2800
!
!
Crypto ipsec transform-set esp-3des esp-md5-hmac SET1
!
Crypto map ROGERS 10-isakmp ipsec
set of peer 174.79.X.X
set the 60 security association idle time
game of transformation-SET1
match address 102
!
!
!
!
Null0 interface
no ip unreachable
!
interface FastEthernet0/0
DHCP IP address
NAT outside IP
Speed 100
full-duplex
card crypto ROGERS
out of service-policy VOIP_POLICY
!
interface FastEthernet0/1
the IP 192.168.0.1 255.255.255.252
IP nat inside
automatic duplex
automatic speed
!
interface Dialer1
no ip address
No cdp enable
!
overload of IP nat inside source list 100 interface FastEthernet0/0
no ip address of the http server
no ip http secure server
IP classless
IP route 192.168.1.0 255.255.255.0 192.168.0.2
IP route 192.168.2.0 255.255.255.0 192.168.0.2
IP route 192.168.3.0 255.255.255.0 192.168.0.2
!
!
access-list 10 permit 192.168.1.254
access-list 11 allow 192.168.1.10
access-list 12 allow 192.168.0.0 0.0.255.255
Note access-list 12 SSH_ACL
access-list 100 permit ip 192.168.0.0 0.0.255.255 everything
Access-list 100 Craig_Home_IP_Network note
access-list 101 permit udp any eq 5060 any eq 5060
Note access-list 101 VOIP_ACL
access-list 102 permit ip 192.168.0.0 0.0.3.255 192.168.15.0 0.0.0.255
Note access-list 102 ROGERS_IP_NETWORK
access-list 110 deny ip 192.168.0.0 0.0.3.255 192.168.15.0 0.0.0.255
access-list 110 permit ip 192.168.0.0 0.0.3.255 all
not run cdp
!
sheep allowed 10 route map
corresponds to the IP 110
!
craighome1 RO 11 SNMP-server community
location of Server SNMP Gear closet
Server enable SNMP traps snmp authentication linkdown, linkup warmstart cold start
Enable SNMP-Server intercepts ATS
Server enable SNMP traps xgcp
Server enable SNMP traps ISDN call-information
Server enable SNMP traps ISDN layer2
-More - Server enable snmp traps ISDN chan-not-available
Server enable SNMP traps ISDN ietf
Server enable SNMP traps hsrp
config SNMP-server enable traps
entity of traps activate SNMP Server
Server enable SNMP traps config-copy
Server enable SNMP traps envmon
Server enable SNMP traps bgp
Server enable SNMP traps pim neighbor-rp-mapping-change invalid-pim-message of change
Server enable SNMP traps ipmulticast
Server enable SNMP traps msdp
SNMP Server enable rsvp traps
SNMP traps-frame relay enable server
Server enable SNMP traps subif frame relay
Server enable SNMP traps rtr
Server enable SNMP traps syslog
SNMP enable traps stun Server
Server enable SNMP traps dlsw
Server enable SNMP traps bstun
SNMP-Server enable traps dial
Server enable SNMP traps dsp registered card
Server enable SNMP traps atm subif
-More - Server enable snmp traps pppoe
Server enable SNMP traps ipmobile
SNMP-Server enable traps isakmp policy add
Server enable SNMP traps isakmp policy delete
Server enable SNMP traps isakmp tunnel beginning
Server enable SNMP traps isakmp tunnel stop
SNMP server activate ipsec cryptomap add traps
SNMP server activate ipsec cryptomap remove traps
SNMP server activate ipsec cryptomap attach traps
SNMP server activate ipsec cryptomap detach traps
Server SNMP traps enable ipsec tunnel beginning
SNMP-Server enable traps stop ipsec tunnel
Enable SNMP-server holds too many associations of ipsec security
traps to enable SNMP-server voice poor-qov
Enable SNMP-Server intercepts dnis
SNMP-server host 192.168.1.10 version 2 c craighome1
!
!
!
!
!
Line con 0
local connection
-More - line to 0
line vty 0 4
access-class 12
exec-timeout 0 0
local connection
entry ssh transport
line vty 5 15
access-class 12
exec-timeout 0 0
local connection
entry ssh transport
!
NTP-period clock 17180394
Server NTP 192.43.244.18
!
end
Hi Robert,.
You use the ACL 100 to NAT when you use ACL 110 or route card sheep, it seems that you wanted to work around NAT, but I forgot to apply it.
That's what you have:
overload of IP nat inside source list 100 interface FastEthernet0/0
That's what you should get instead:
overload of IP nat inside source list 110 interface FastEthernet0/0
or
IP nat inside source map route sheep interface FastEthernet0/0 overload
Have fun
Raga
-
I work with the client with MARCH and
never had a lot of support for the product. I have configure syslog trap snmp on a router ios, I made a discovery on and activation on MARS. But when I go to query and set the ip address of the gateway and ask all the raw messages. I get nothing. No idea what I'm doing wrong or it can be obtained ths way
You don't need SNMP traps configured No. router, configuring syslogging and other details on your router using the following guide:
Concerning
Farrukh
Maybe you are looking for
-
How to remove the symbol of a note
If I placed a symbol in a note on the score, for example a symbol staccato or legato, how can I remove it much later, once the cancellation is no longer a realistic option? I tried selecting the symbol staccato in the box part and then using the gum,
-
Satellite M30X-165 - broken HDD, need to be replaced
Hello 2 years and a few months after I bought the M30X 165, the hard drive has some corruptions (it's a Hitachi drive) and the tool manufacturer for consistency checking shows some errors. Hitachi offers a three-year guarantee for these hard drives (
-
Say that it has been correctly downloaded and the system. But when I look at the most recent dowloads it taking a computer.
-
Updated my screenmagnifies when I turn on my Z10, since the blackBerry Z10
When I opened my Z10 or programs, I get 10-20% magnification on my screen. What a pain in the * ss. Someone else has the same problem? What is the solution?
-
How to automatically set the keyboard backlight depending on the outdoor light?
Original title: how to change the rear body of the keyboard and do adjust automatically according to outdoor lighting How can I change the rear body of the keyboard and automatically adjusted according to exterior lighting