388 lines
9.0 KiB
Plaintext
388 lines
9.0 KiB
Plaintext
!
|
|
! Last configuration change at 10:34:28 EST Wed Dec 9 2020 by cisco
|
|
! NVRAM config last updated at 10:30:19 EST Wed Dec 9 2020 by cisco
|
|
!
|
|
version 15.8
|
|
service timestamps debug datetime msec
|
|
service timestamps log datetime msec
|
|
service password-encryption
|
|
!
|
|
hostname R2
|
|
!
|
|
boot-start-marker
|
|
boot-end-marker
|
|
!
|
|
!
|
|
vrf definition VPN_A
|
|
rd 100:1
|
|
route-target export 100:1
|
|
route-target import 100:1
|
|
!
|
|
address-family ipv4
|
|
exit-address-family
|
|
!
|
|
address-family ipv6
|
|
exit-address-family
|
|
!
|
|
vrf definition VPN_B
|
|
rd 200:1
|
|
route-target export 200:1
|
|
route-target import 200:1
|
|
!
|
|
address-family ipv4
|
|
exit-address-family
|
|
!
|
|
address-family ipv6
|
|
exit-address-family
|
|
!
|
|
no logging console
|
|
enable secret 5 $1$uT.s$3pBZI88g6udTYuHpvt9lI/
|
|
!
|
|
aaa new-model
|
|
!
|
|
!
|
|
aaa authentication login default local
|
|
aaa authentication login CONSOLE none
|
|
aaa authorization exec default local
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
aaa session-id common
|
|
!
|
|
!
|
|
!
|
|
memory-size iomem 10
|
|
clock timezone EST -5 0
|
|
clock summer-time EDT recurring
|
|
mmi polling-interval 60
|
|
no mmi auto-configure
|
|
no mmi pvc
|
|
mmi snmp-timeout 180
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
no ip domain lookup
|
|
ip domain name tshoot.net
|
|
crypto key generate rsa modulus 1024
|
|
ip cef
|
|
ipv6 unicast-routing
|
|
ipv6 cef
|
|
!
|
|
multilink bundle-name authenticated
|
|
!
|
|
!
|
|
cts logging verbose
|
|
!
|
|
crypto pki trustpoint TP-self-signed-4294967295
|
|
enrollment selfsigned
|
|
subject-name cn=IOS-Self-Signed-Certificate-4294967295
|
|
revocation-check none
|
|
rsakeypair TP-self-signed-4294967295
|
|
!
|
|
!
|
|
crypto pki certificate chain TP-self-signed-4294967295
|
|
username cisco secret 5 $1$NrYE$nzkXIBUvZA/yj55JaJr/l.
|
|
!
|
|
redundancy
|
|
!
|
|
lldp run
|
|
!
|
|
track 1 interface GigabitEthernet0/0 line-protocol
|
|
delay down 30 up 30
|
|
!
|
|
track 2 interface GigabitEthernet0/1 line-protocol
|
|
delay down 30 up 30
|
|
!
|
|
track 3 list boolean or
|
|
object 1
|
|
object 2
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
interface Loopback0
|
|
description VPN_A
|
|
vrf forwarding VPN_A
|
|
ip address 2.2.2.2 255.255.255.255
|
|
ipv6 address FE80::2 link-local
|
|
ipv6 address 2001:DB8:FEED:222::2/128
|
|
!
|
|
interface Loopback1
|
|
description VPN_B
|
|
vrf forwarding VPN_B
|
|
ip address 2.2.2.2 255.255.255.255
|
|
ipv6 address FE80::2 link-local
|
|
ipv6 address 2001:DB8:FEED:222::2/128
|
|
!
|
|
interface Loopback2
|
|
description EIGRP
|
|
ip address 20.20.20.20 255.255.255.255
|
|
ipv6 address FE80::2 link-local
|
|
ipv6 address 2001:DB8:CAFE:2020::2/128
|
|
!
|
|
interface Loopback3
|
|
description Internet
|
|
ip address 22.22.22.22 255.0.0.0
|
|
ipv6 address FE80::2 link-local
|
|
ipv6 address 2001:DB8:EFAC::2/48
|
|
!
|
|
interface Loopback4
|
|
description Internet
|
|
vrf forwarding VPN_A
|
|
ip address 22.22.22.22 255.0.0.0
|
|
ipv6 address FE80::2 link-local
|
|
ipv6 address 2001:DB8:EFAC::2/48
|
|
!
|
|
interface Loopback5
|
|
description Internet
|
|
vrf forwarding VPN_B
|
|
ip address 22.22.22.22 255.0.0.0
|
|
ipv6 address FE80::2 link-local
|
|
ipv6 address 2001:DB8:EFAC::2/48
|
|
!
|
|
interface GigabitEthernet0/0
|
|
description WAN link to R1
|
|
vrf forwarding VPN_A
|
|
ip address 209.165.200.226 255.255.255.252
|
|
duplex auto
|
|
speed auto
|
|
media-type rj45
|
|
ipv6 address FE80::2 link-local
|
|
ipv6 address 2001:DB8:FEED:10::2/126
|
|
no shutdown
|
|
!
|
|
interface GigabitEthernet0/1
|
|
description WAN link to R3
|
|
vrf forwarding VPN_B
|
|
ip address 209.165.200.222 255.255.255.252
|
|
duplex auto
|
|
speed auto
|
|
media-type rj45
|
|
ipv6 address FE80::2 link-local
|
|
ipv6 address 2001:DB8:FEED:14::2/126
|
|
no shutdown
|
|
!
|
|
interface GigabitEthernet0/2
|
|
description EIGRP Link to R3
|
|
ip address 10.1.90.2 255.255.255.254
|
|
duplex auto
|
|
speed auto
|
|
media-type rj45
|
|
ipv6 address FE80::2 link-local
|
|
ipv6 address 2001:DB8:CAFE:90::2/126
|
|
no shutdown
|
|
!
|
|
interface GigabitEthernet0/3
|
|
no ip address
|
|
shutdown
|
|
duplex auto
|
|
speed auto
|
|
media-type rj45
|
|
!
|
|
!
|
|
router eigrp HQ
|
|
!
|
|
address-family ipv4 unicast autonomous-system 1
|
|
!
|
|
af-interface default
|
|
shutdown
|
|
passive-interface
|
|
exit-af-interface
|
|
!
|
|
af-interface Loopback2
|
|
no shutdown
|
|
exit-af-interface
|
|
!
|
|
af-interface GigabitEthernet0/2
|
|
no shutdown
|
|
no passive-interface
|
|
exit-af-interface
|
|
!
|
|
topology base
|
|
exit-af-topology
|
|
network 10.1.90.2 0.0.0.1
|
|
network 20.20.20.20 0.0.0.0
|
|
eigrp stub connected
|
|
exit-address-family
|
|
!
|
|
address-family ipv6 unicast autonomous-system 1
|
|
!
|
|
af-interface default
|
|
shutdown
|
|
passive-interface
|
|
exit-af-interface
|
|
!
|
|
af-interface Loopback2
|
|
no shutdown
|
|
exit-af-interface
|
|
!
|
|
af-interface GigabitEthernet0/2
|
|
no shutdown
|
|
no passive-interface
|
|
exit-af-interface
|
|
!
|
|
topology base
|
|
exit-af-topology
|
|
eigrp stub connected
|
|
exit-address-family
|
|
!
|
|
router bgp 65502
|
|
bgp router-id 2.0.0.2
|
|
bgp log-neighbor-changes
|
|
no bgp default ipv4-unicast
|
|
!
|
|
address-family ipv4 vrf VPN_A
|
|
bgp router-id 2.2.0.2
|
|
network 0.0.0.0
|
|
network 2.2.2.2 mask 255.255.255.255
|
|
neighbor 209.165.200.225 remote-as 65501
|
|
neighbor 209.165.200.225 password 7 14141B180F0B
|
|
neighbor 209.165.200.225 activate
|
|
exit-address-family
|
|
!
|
|
address-family ipv6 vrf VPN_A
|
|
bgp router-id 2.2.0.2
|
|
network ::/0
|
|
network 2001:DB8:FEED:222::2/128
|
|
neighbor 209.165.200.225 remote-as 65501
|
|
neighbor 209.165.200.225 password 7 14141B180F0B
|
|
neighbor 209.165.200.225 activate
|
|
neighbor 209.165.200.225 route-map IPv4TransportIPv6RouteA in
|
|
exit-address-family
|
|
!
|
|
address-family ipv4 vrf VPN_B
|
|
bgp router-id 2.0.2.2
|
|
network 0.0.0.0
|
|
network 2.2.2.2 mask 255.255.255.255
|
|
neighbor 209.165.200.221 remote-as 65501
|
|
neighbor 209.165.200.221 local-as 65503 no-prepend replace-as
|
|
neighbor 209.165.200.221 password 7 0822455D0A16
|
|
neighbor 209.165.200.221 activate
|
|
neighbor 209.165.200.221 allowas-in
|
|
exit-address-family
|
|
!
|
|
address-family ipv6 vrf VPN_B
|
|
bgp router-id 2.0.2.2
|
|
network ::/0
|
|
network 2001:DB8:FEED:222::2/128
|
|
neighbor 209.165.200.221 remote-as 65501
|
|
neighbor 209.165.200.221 local-as 65503 no-prepend replace-as
|
|
neighbor 209.165.200.221 password 7 0822455D0A16
|
|
neighbor 209.165.200.221 activate
|
|
neighbor 209.165.200.221 allowas-in
|
|
neighbor 209.165.200.221 route-map IPv4TransportIPv6RouteB in
|
|
exit-address-family
|
|
!
|
|
ip forward-protocol nd
|
|
!
|
|
ip flow-top-talkers
|
|
top 3
|
|
sort-by bytes
|
|
cache-timeout 600000
|
|
!
|
|
ip http server
|
|
ip http secure-server
|
|
ip route 0.0.0.0 0.0.0.0 10.1.90.3
|
|
ip route vrf VPN_A 0.0.0.0 0.0.0.0 Null0
|
|
ip route vrf VPN_B 0.0.0.0 0.0.0.0 Null0
|
|
ip ssh source-interface Loopback0
|
|
!
|
|
ip sla 3
|
|
icmp-echo 10.1.2.2
|
|
frequency 10
|
|
ip sla schedule 3 life forever start-time now
|
|
ip sla 5
|
|
icmp-echo 10.1.2.14
|
|
frequency 10
|
|
ip sla schedule 5 life forever start-time now
|
|
logging host 10.1.100.1
|
|
ipv6 route ::/0 2001:DB8:CAFE:90::3
|
|
ipv6 route vrf VPN_A ::/0 Null0
|
|
ipv6 route vrf VPN_B ::/0 Null0
|
|
ipv6 ioam timestamp
|
|
!
|
|
route-map IPv4TransportIPv6RouteA permit 10
|
|
set ipv6 next-hop 2001:DB8:FEED:10::1
|
|
!
|
|
route-map IPv4TransportIPv6RouteB permit 10
|
|
set ipv6 next-hop 2001:DB8:FEED:14::3
|
|
!
|
|
snmp-server community cisco RO
|
|
snmp-server community san-fran RW
|
|
snmp-server trap-source Loopback0
|
|
snmp-server location TSHOOT Lab Facility
|
|
snmp-server contact support@tshoot.net
|
|
snmp-server chassis-id
|
|
snmp-server enable traps eigrp
|
|
snmp-server enable traps config
|
|
snmp-server enable traps cpu threshold
|
|
snmp-server host 10.1.100.1 version 2c cisco
|
|
!
|
|
!
|
|
!
|
|
!
|
|
control-plane
|
|
!
|
|
banner exec ^C
|
|
**************************************************************************
|
|
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
|
|
* education. IOSv is provided as-is and is not supported by Cisco's *
|
|
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
|
|
* of the IOSv Software or Documentation to any third party for any *
|
|
* purposes is expressly prohibited except as otherwise authorized by *
|
|
* Cisco in writing. *
|
|
**************************************************************************^C
|
|
banner incoming ^C
|
|
**************************************************************************
|
|
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
|
|
* education. IOSv is provided as-is and is not supported by Cisco's *
|
|
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
|
|
* of the IOSv Software or Documentation to any third party for any *
|
|
* purposes is expressly prohibited except as otherwise authorized by *
|
|
* Cisco in writing. *
|
|
**************************************************************************^C
|
|
banner login ^C
|
|
**************************************************************************
|
|
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
|
|
* education. IOSv is provided as-is and is not supported by Cisco's *
|
|
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
|
|
* of the IOSv Software or Documentation to any third party for any *
|
|
* purposes is expressly prohibited except as otherwise authorized by *
|
|
* Cisco in writing. *
|
|
**************************************************************************^C
|
|
banner motd ^C*** Router R2 Skills Assessment BASE Config ***^C
|
|
!
|
|
line con 0
|
|
exec-timeout 0 0
|
|
logging synchronous
|
|
login authentication local
|
|
line aux 0
|
|
line vty 0 4
|
|
exec-timeout 0 0
|
|
logging synchronous
|
|
transport input ssh
|
|
!
|
|
scheduler allocate 20000 1000
|
|
ntp master 3
|
|
!
|
|
end |