version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname AS2511
!
aaa new-model
aaa authentication ppp default none
aaa authentication ppp isputil group radius local
aaa authorization network default none
aaa authorization network isputil group radius local
aaa accounting update newinfo
aaa accounting network default none
aaa accounting network isputil start-stop group radius
enable passwordxxxxxx
!
username admin password 0 xxxxxx
!
ip subnet-zero
ip name-server 217.218.127.104
ip name-server 217.218.127.105
ip name-server 4.2.2.4
ip name-server 192.9.9.3
!
ip address-pool local
modemcap entry sam:AA=S0=1
!
!
!
interface Ethernet0
ip address 192.168.0.1 255.255.255.0 secondary
ip address
ip valid
ip access-group 135 in
ip access-group 135 out
no ip mroute-cache
ip policy route-map cache
no keepalive
no cdp enable
!
interface Serial0
no ip address
shutdown
no fair-queue
no cdp enable
!
interface Serial1
no ip address
shutdown
no cdp enable
!
interface Group-Async0
physical-layer async
ip unnumbered Ethernet0
no group-range
!
interface Group-Async1
ip unnumbered Ethernet0
encapsulation ppp
ip tcp header-compression
no ip mroute-cache
ip policy route-map cache
async mode interactive
peer default ip address pool dial-in
no cdp enable
ppp authentication pap chap isputil
ppp authorization isputil
ppp accounting isputil
group-range 1 16
!
ip local pool dial-in 192.168.0.10 192.168.0.100
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0
no ip http server
ip http port 27936
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 10 permit
IP NTTAC
access-list 110 deny ip host
IP isa server any
access-list 110 permit tcp any any eq www
access-list 111 deny ip host 192.168.0.3 any
access-list 111 deny ip any host
IP NTTAC
access-list 111 permit tcp any any eq www
access-list 135 deny tcp any any range 135 139
access-list 135 deny tcp any any eq 4444
access-list 135 deny tcp any any eq 1434
access-list 135 deny udp any any eq 1434
access-list 135 deny tcp any any eq 593
access-list 135 deny udp any any range 135 netbios-ss
access-list 135 deny tcp any any eq 445
access-list 135 deny udp any any eq netbios-ns
access-list 135 deny udp any any eq netbios-dgm
access-list 135 deny udp any any range 995 999
access-list 135 deny udp any any eq ntp
access-list 135 deny tcp any any eq finger
access-list 135 permit ip any any
no cdp run
route-map cache permit 1
match ip address 1
set ip next-hop 192.168.0.3(
IP isa server)
!
snmp-server community 3376 RW 10
snmp-server community public RW 10
radius-server host
IP NTTAC auth-port 1645 acct-port 1646
radius-server retransmit 5
radius-server key 123376
line con 0
exec-timeout 0 0
line 1 16
session-timeout 10
no flush-at-activation
modem answer-timeout 10
modem InOut
modem autoconfigure discovery
transport input all
autoselect during-login
autoselect ppp
autohangup
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
line vty 0 4
!
end
فقط اینم بگم من از آیزا واسه کش استفاده میکنم
از همه دوستان و همکاران محترم صمیمانه متشکرم