hostname Router logging buffered no ip dhcp excluded-address 10.10.10.1 no ip dhcp pool ccp-pool no ip domain name no ip http server no ip http access-class 23 no ip http authentication local no ip http secure-server no ip http timeout-policy idle 60 life 86400 requests 10000 no username cisco no access-list 23 no banner exec no banner login default interface Gig0/0 interface Gig0/0 shut line con 0 no login local line vty 0 4 no access-class 23 in no privilege level 15 no login local login transport input all no line vty 5 15 CONFIGURACION FINAL no service pad service timestamps debug datetime msec localtime service timestamps log datetime msec localtime service password-encryption ! hostname SCZ_COLONIAPIRAI_HAMACAS_CISCO (cambiar por nombre cliente) ! ! logging buffered 40960 enable secret tigoenable ! username noctigo secret noctigo username tigobo privilege 15 secret tigobo ! aaa new-model aaa authentication login default local aaa authorization console aaa authorization exec default local aaa authorization commands 15 default local ! ! aaa session-id common clock timezone Bolivia -4 0 ! no ip source-route ip cef ! ! no ip domain lookup ip domain name tigo.net.bo login block-for 90 attempts 5 within 30 login delay 2 login on-failure log login on-success log ! ! crypto key generate rsa modulus 1024 ! ip ssh version 2 ! class-map match-all CLASS_VPN match access-group name QoS_VPN ! policy-map POLICY_VPN class CLASS_VPN set dscp af13 police cir 1024k (cambiar de acuerdo al ancho de banda adquirido) ! !
CONFIGURACION VPN interface GigabitEthernet0/0 description VPN ip address 172.21.21.49 255.255.255.248 (cambiar por Ip service network) duplex auto speed auto no shut ! CONFIGURACION SDSL interface GigabitEthernet0/1 description VPN ip address 181.114.96.162 255.255.255.252 (cambiar por Ip service network) duplex auto speed auto no shut ! interface GigabitEthernet0/0/0 description Iface Fisica Acceso no shut media-type sfp ! interface GigabitEthernet0/0/0.500 description Iface O&M encapsulation dot1Q 500 ip address 172.24.78.58 255.255.255.252 (cambiar por Ip O&M CPE) ! ! interface GigabitEthernet0/0/0.1000 description Iface VPN encapsulation dot1Q 1000 ip address 172.21.21.46 255.255.255.252 (cambiar por Access IP CPE) service-policy output POLICY_VPN service-policy input POLICY_VPN ! CONFIGURACION SDSL ! interface GigabitEthernet0/0/0.2000 description Iface SDSL encapsulation dot1Q 2000 ip address 172.21.30.26 255.255.255.252 (cambiar por Access IP CPE) service-policy output POLICY_VPN service-policy input POLICY_VPN ! no ip http server no ip http secure-server ! ! CONFIGURACION DE SALIDA INTERNET ip route 0.0.0.0 0.0.0.0 172.21.21.45 (Cambiar por Access Ip Cx600) CONFIGURACION DE RUTAS ESTATICAS ip route 172.21.224.252 255.255.255.248 172.21.224.233 (cambiar por IP destination LAn CPE) (Cambiar por Access Ip Cx600) ! ip access-list standard QoS_VPN permit any ip access-list standard SNMP_PRIME permit 172.16.56.250 ! ! logging source-interface GigabitEthernet0/0/0.500 logging host 172.16.56.250 no cdp run ! ! snmp-server ifindex persist snmp-server view ReadView iso included snmp-server view WriteView iso included snmp-server group TIGO_GROUP v3 priv read ReadView write WriteView access SNMP_PRIME snmp-server user USER_BO TIGO_GROUP v3 auth sha TIGO_PASS priv aes 128 TIGO_KEY_128 snmp-server host 172.16.56.250 trap version 3 priv USER_BO snmp-server trap-source GigabitEthernet0/0/0.500 snmp-server enable traps ! ! banner motd ^CAcceso a este dispositivo solo es permitido a personal autorizado.Favor utilize sus credenciales en caso de contar con uno.Todo acceso esta siendo monitoreado!!^C ! line con 0 exec-timeout 5 0 logging synchronous line vty 0 4 exec-timeout 5 0 privilege level 15 logging synchronous transport input telnet ssh ! ntp update-calendar ntp server 172.24.22.17 ! ip route 172.16.56.250 255.255.255.255 172.24.100.29 (cambiar por Ip O&M Cx) ip route 172.16.56.251 255.255.255.255 172.24.100.29 ip route 172.24.22.17 255.255.255.255 172.24.100.29 ip host Cisco-PnP.tigo.net.bo 172.16.56.251 ip host Cisco-PnP 172.16.56.251 ip route 172.24.22.6 255.255.255.255 172.24.100.109 ip access-list Standard SNMP_PRIME Permit 172.24.22.6
cns trusted-server all-agents Cisco-PnP.tigo.net.bo cns trusted-server all-agents Cisco-PnP cns trusted-server all-agents 172.16.56.251 cns id hardware-serial cns id hardware-serial event cns id hardware-serial image cns event Cisco-PnP.tigo.net.bo 11011 keepalive 120 2 reconnect 10 cns exec 80 cns image server http://Cisco-PnP.tigo.net.bo/cns/HttpMsgDispatcher status http://Cisco- PnP.tigo.net.bo/cns/HttpMsgDispatcher cns config partial Cisco-PnP.tigo.net.bo 80
CONFIGURACION SIP class-map match-all CLASS_SIP match access-group name QoS_SIP ! policy-map POLICY_SIP class CLASS_SIP set dscp af13 police cir $CPE_Bandwidth_Acquired_SIP ! ! interface GigabitEthernet0/0 description SIP ip address $CPE_Service_Network_IP_SIP $CPE_Service_Network_Mask_SIP duplex auto speed auto no shut ! ! interface GigabitEthernet0/0/0.4000 description $CPE_Description_Subiface_4000 encapsulation dot1Q 4000 ip address $CPE_Access_IP_VPN 255.255.255.252 service-policy output POLICY_VPN service-policy input POLICY_VPN ! ! no ip http server no ip http secure-server ! ip route 172.16.64.128 255.255.255.192 $CX_Access_IP_SIP !