Scribd Logo
Upload

Welcome to Scribd!

  • Beenet Conf Script

    Uploaded by

    Ravali Kamboji
    41 views4 pages
    The document configures a Cisco firewall with two interfaces - an outside interface with an IP address of 36.255.3.129 and an inside interface with an IP address of 10.58.81.0. Network address translation is enabled to allow traffic from the inside network to access the internet. Access control lists are configured to allow appropriate traffic between the interfaces and remote monitoring servers.

    Original Description:

    Original Title

    BEENET CONF SCRIPT

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document configures a Cisco firewall with two interfaces - an outside interface with an IP address of 36.255.3.129 and an inside interface with an IP address of 10.58.81.0. Network address translation is enabled to allow traffic from the inside network to access the internet. Access control lists are configured to allow appropriate traffic between the interfaces and remote monitoring servers.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    41 views4 pages

    Beenet Conf Script

    Uploaded by

    Ravali Kamboji
    The document configures a Cisco firewall with two interfaces - an outside interface with an IP address of 36.255.3.129 and an inside interface with an IP address of 10.58.81.0. Network address translation is enabled to allow traffic from the inside network to access the internet. Access control lists are configured to allow appropriate traffic between the interfaces and remote monitoring servers.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 4

    interface GigabitEthernet0/0

    nameif OUTSIDE
    ip address 36.255.3.129 255.255.255.0
    no shut
    !
    route OUTSIDE 0.0.0.0 0.0.0.0 36.255.3.1
    !
    username ************ password ****** privilege 15
    enable password *******
    !
    domain-name Ctrls.in
    !
    aaa authentication ssh console LOCAL
    ssh stricthostkeycheck
    ssh 182.18.148.101 255.255.255.255 OUTSIDE
    ssh 103.13.98.245 255.255.255.255 OUTSIDE
    ssh timeout 5
    ssh key-exchange group dh-group1-sha1
    !
    interface GigabitEthernet0/1
    nameif INSIDE
    security-level 0
    ip address 10.58.81.1 255.255.255.0
    no shut
    exit

    object network OBJ-ANY


    subnet 10.58.81.0 255.255.255.0
    nat (INSIDE,OUTSIDE) dynamic interface
    exit
    !
    banner login ***********************************************************************
    banner login * Warning Notice: *
    banner login * This system is restricted solely to authorized users for *
    banner login * legitimate business purposes only. The actual or attempted *
    banner login * unauthorized access, use, or modification of this system is *
    banner login * strictly prohibited . Unauthorized users are subject to *
    banner login * Company disciplinary proceedings and/or criminal and civil *
    banner login * penalties under state, federal, or other applicable domestic and *
    banner login * foreign laws. The use of this system may be monitored and *
    banner login * recorded for administrative and security reasons. Anyone *
    banner login * accessing this system expressly consents to such monitoring and *
    banner login * is advised that if monitoring reveals possible evidence of *
    banner login * criminal activity, company may provide the evidence of such *
    banner login * activity to law enforcement officials. All users must comply *
    banner login * with company policies regarding the protection of *
    banner login * information assets. *
    banner login ***********************************************************************

    Cloud4c Services Pvt Ltd


    clock timezone IST 5 30
    dns domain-lookup OUTSIDE
    dns server-group DefaultDNS
    name-server 202.65.156.10
    name-server 103.1.113.3
    name-server 103.8.124.108
    name-server 8.8.8.8
    exit
    !
    logging enable
    logging timestamp
    logging buffered debugging
    logging trap debugging
    logging asdm informational
    logging device-id hostname
    logging host OUTSIDE 103.1.113.5

    mtu OUTSIDE 1500


    mtu INSIDE 1500
    !
    no aaa authentication ssh console LOCAL
    !
    aaa-server ACS protocol tacacs+
    aaa-server ACS (OUTSIDE) host 103.241.139.66
    key D0ntknow123
    aaa authentication ssh console ACS LOCAL
    aaa authentication http console ACS LOCAL
    aaa authentication enable console ACS LOCAL
    aaa authorization command LOCAL
    aaa accounting ssh console ACS
    !
    http server enable
    http server idle-timeout 5
    http 182.18.148.101 255.255.255.255 OUTSIDE
    !
    object-group service WEB-ACCESS
    service-object tcp destination eq www
    service-object tcp destination eq https
    service-object tcp destination eq domain
    service-object udp destination eq domain
    service-object icmp
    service-object tcp destination eq ssh
    !

    object-group service Zabbix-Ports


    service-object tcp destination eq 10050
    service-object tcp destination eq 10051
    service-object icmp
    !
    object-group network LOCAL-LAN

    Cloud4c Services Pvt Ltd


    network-object 10.58.81.0 255.255.255.0
    !
    object-group network CtrlS_LLF
    network-object 182.18.148.96 255.255.255.240
    !
    object-group network CtrlS-Monitoring-SRV
    network-object host 198.19.4.231
    !
    access-list INSIDE_IN extended permit object-group WEB-ACCESS object-group LOCAL-LAN any
    access-group INSIDE_IN in interface INSIDE
    !
    access-list OUTSIDE_IN extended permit ip object-group CtrlS_LLF any
    access-group OUTSIDE_IN in interface OUTSIDE
    !
    access-list OUTSIDE_IN extended permit object-group Zabbix-Ports object-group CtrlS-Monitoring-SRV object-group LOCAL-LAN
    !
    same-security-traffic permit inter-interface
    same-security-traffic permit intra-interface
    !
    policy-map global_policy
    class inspection_default
    inspect icmp
    exit
    exit

    snmp-server host outside 103.8.127.180 poll community redindian version 2c


    snmp-server location ***Mumbai***
    snmp-server contact 4cnet@ctrls.in
    snmp-server community redindian

    ntp server 103.233.127.198 source OUTSIDE prefer


    ntp server 103.233.127.194 source OUTSIDE prefer
    -------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    (config)#
    call-home
    profile License
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    exit
    exit
    !
    (config)#
    license smart
    feature tier standard
    throughput level 100m
    exit
    !
    crypto ca trustpool import url http://www.cisco.com/security/pki/trs/ios_core.p7b
    !

    license smart register idtoken NGU1ZDRkODItZTVhOC00YTRmLTg5ZDctMzY1YzI2NWYxZGJkLTE2Njg1ODUx


    %0AOTEyNTF8WEF5WDV4TkZOcXd4d1htaVIwSm40MlkvNjJOUkZQZEwzanlQdFJu%0AOGU0TT0%3D%0A force

    Cloud4c Services Pvt Ltd


    Cloud4c Services Pvt Ltd

    You might also like