dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2455
share rss forum feed

WarBuxX9

join:2012-03-30
Livonia, MI

[Config] Help get internet connectivity on new Cisco 1921 router

I have a 1921 Sec K9 router that I am trying to connect to the internet. The WAN IP is dynamically assigned. The router does not seem to request a new IP address from the ISP. Here is my running config. I am not sure what else I can do to get this online.

Current configuration : 31410 bytes
!
! Last configuration change at 11:28:05 NewYork Fri Mar 30 2012 by dave
!
version 15.1
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Trident
!
boot-start-marker
boot system flash c1900-universalk9-mz.SPA.151-3.T.bin
boot-end-marker
!
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 warnings
logging console critical
enable secret 5 $1$/P.3$9F4NANmycL9bbmUDGcTuD1
enable password 7 07381F09471A101143
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local
!
!
!
!
!
aaa session-id common
!
clock timezone NewYork -5 0
clock summer-time NewYork date Apr 6 2003 2:00 Oct 26 2003 2:00
!
no ipv6 cef
no ip source-route
ip cef
!
!
!
ip dhcp excluded-address 187.210.210.16 187.210.210.255
ip dhcp excluded-address 187.210.210.1 187.210.210.2
ip dhcp excluded-address 192.168.1.1 192.168.1.154
ip dhcp excluded-address 187.187.1.1
!
ip dhcp pool INTERNAL
network 192.168.1.0 255.255.255.0
dns-server 65.24.0.168 65.24.0.169
default-router 192.168.1.1
lease infinite
!
ip dhcp pool ccp-pool1
network 187.187.1.0 255.255.255.0
dns-server 65.24.0.168 65.24.0.169
default-router 187.187.1.1
!
ip dhcp pool SMRHMTGO2
host 187.187.1.2 255.255.255.0
hardware-address 0030.48cd.9b06
client-name SMRHMTGO2
!
ip dhcp pool SMRWorkstation
hardware-address 0025.2207.1289
client-name JER-MLSERVE
!
!
no ip bootp server
ip domain name mymlvpd.com
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip name-server 209.18.47.61
ip port-map http port tcp 8080 description Proxys
ip port-map user-MTGO3 port tcp from 9001 to 9005
ip port-map user-MTGO2 port tcp from 8001 to 8023 description Magic Online Ports 2
ip port-map user-MTGO port tcp 7770 description Magic Online Ports
ip port-map user-OpenVPN port udp 1196
ip port-map user-rdp port tcp 3389
ip inspect log drop-pkt
ip inspect tcp reassembly queue length 25
ip ips config location flash:/IPSSIG retries 1
ip ips notify SDEE
ip ips name sdm_ips_rule
!
ip ips signature-category
category all
retired true
category ios_ips advanced
retired false
!
!
multilink bundle-name authenticated
!
parameter-map type inspect global
log dropped-packets enable
parameter-map type inspect SEO
tcp max-incomplete host 300 block-time 0

parameter-map type urlfpolicy trend cprepdenyregex1
parameter-map type urlf-glob cpaddbnwlocparapermit0
pattern www.mymlvpd.com

parameter-map type urlf-glob cpeditbnwlocparadeny1

parameter-map type urlf-glob cpaddkblocpara2
pattern rape

parameter-map type urlf-glob cpaddkblocpara3
pattern rape

parameter-map type protocol-info msn-servers
server name messenger.hotmail.com
server name gateway.messenger.hotmail.com
server name webmessenger.msn.com

parameter-map type protocol-info aol-servers
server name login.oscar.aol.com
server name toc.oscar.aol.com
server name oam-d09a.blue.aol.com

parameter-map type protocol-info yahoo-servers
server name scs.msg.yahoo.com
server name scsa.msg.yahoo.com
server name scsb.msg.yahoo.com
server name scsc.msg.yahoo.com
server name scsd.msg.yahoo.com
server name cs16.msg.dcn.yahoo.com
server name cs19.msg.dcn.yahoo.com
server name cs42.msg.dcn.yahoo.com
server name cs53.msg.dcn.yahoo.com
server name cs54.msg.dcn.yahoo.com
server name ads1.vip.scd.yahoo.com
server name radio1.launch.vip.dal.yahoo.com
server name in1.msg.vip.re2.yahoo.com
server name data1.my.vip.sc5.yahoo.com
server name address1.pim.vip.mud.yahoo.com
server name edit.messenger.yahoo.com
server name messenger.yahoo.com
server name http.pager.yahoo.com
server name privacy.yahoo.com
server name csa.yahoo.com
server name csb.yahoo.com
server name csc.yahoo.com

crypto pki token default removal timeout 0
!
crypto pki trustpoint Equifax_Secure_CA
revocation-check none
!
crypto pki trustpoint NetworkSolutions_CA
revocation-check none
!
crypto pki trustpoint trps1_server
revocation-check none
!
crypto pki trustpoint test_trustpoint_config_created_for_sdm
subject-name e=sdmtest@sdmtest.com
revocation-check crl
!
crypto pki trustpoint TP-self-signed-4227729276
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4227729276
revocation-check none
!
!
crypto pki certificate chain Equifax_Secure_CA
certificate ca 35DEF4CF
30820320 30820289 A0030201 02020435 DEF4CF30 0D06092A 864886F7 0D010105
0500304E 310B3009 06035504 06130255 53311030 0E060355 040A1307 45717569
66617831 2D302B06 0355040B 13244571 75696661 78205365 63757265 20436572
74696669 63617465 20417574 686F7269 7479301E 170D3938 30383232 31363431
35315A17 0D313830 38323231 36343135 315A304E 310B3009 06035504 06130255
53311030 0E060355 040A1307 45717569 66617831 2D302B06 0355040B 13244571
75696661 78205365 63757265 20436572 74696669 63617465 20417574 686F7269
74793081 9F300D06 092A8648 86F70D01 01010500 03818D00 30818902 818100C1
5DB15867 0862EEA0 9A2D1F08 6D911468 980A1EFE DA046F13 846221C3 D17CCE9F
05E0B801 F04E34EC E28A9504 64ACF16B 535F05B3 CB6780BF 42028EFE DD0109EC
E100144F FCFBF00C DD43BA5B 2BE11F80 70991557 9316F10F 976AB7C2 68231CCC
4D5930AC 511E3BAF 2BD6EE63 457BC5D9 5F50D2E3 500F3A88 E7BF14FD E0C7B902
03010001 A3820109 30820105 30700603 551D1F04 69306730 65A063A0 61A45F30
5D310B30 09060355 04061302 55533110 300E0603 55040A13 07457175 69666178
312D302B 06035504 0B132445 71756966 61782053 65637572 65204365 72746966
69636174 65204175 74686F72 69747931 0D300B06 03550403 13044352 4C31301A
0603551D 10041330 11810F32 30313830 38323231 36343135 315A300B 0603551D
0F040403 02010630 1F060355 1D230418 30168014 48E668F9 2BD2B295 D747D823
20104F33 98909FD4 301D0603 551D0E04 16041448 E668F92B D2B295D7 47D82320
104F3398 909FD430 0C060355 1D130405 30030101 FF301A06 092A8648 86F67D07
4100040D 300B1B05 56332E30 63030206 C0300D06 092A8648 86F70D01 01050500
03818100 58CE29EA FCF7DEB5 CE02B917 B585D1B9 E3E095CC 25310D00 A6926E7F
B692639E 5095D19A 6FE411DE 63856E98 EEA8FF5A C8D355B2 667157DE C021EB3D
2AA72349 01048642 7BFCEE7F A21652B5 6767D340 DB3B2658 B228773D AE147761
D6FA2A66 27A00DFA A7735CEA 70F19421 65445FFA FCEF2968 A9A28779 EF79EF4F AC077738
quit
crypto pki certificate chain NetworkSolutions_CA
certificate ca 10E776E8A65A6E377E050306D43C25EA
308204A6 3082038E A0030201 02021010 E776E8A6 5A6E377E 050306D4 3C25EA30
0D06092A 864886F7 0D010105 05003081 97310B30 09060355 04061302 5553310B
30090603 55040813 02555431 17301506 03550407 130E5361 6C74204C 616B6520
43697479 311E301C 06035504 0A131554 68652055 53455254 52555354 204E6574
776F726B 3121301F 06035504 0B131868 7474703A 2F2F7777 772E7573 65727472
7573742E 636F6D31 1F301D06 03550403 13165554 4E2D5553 45524669 7273742D
48617264 77617265 301E170D 30363034 31303030 30303030 5A170D32 30303533
30313034 3833385A 3062310B 30090603 55040613 02555331 21301F06 0355040A
13184E65 74776F72 6B20536F 6C757469 6F6E7320 4C2E4C2E 432E3130 302E0603
55040313 274E6574 776F726B 20536F6C 7574696F 6E732043 65727469 66696361
74652041 7574686F 72697479 30820122 300D0609 2A864886 F70D0101 01050003
82010F00 3082010A 02820101 00C3DD36 CC83C318 55B096D9 1325D326 864838BB
167FF19F 29F6FD03 F1ED4D26 9A56F0B5 1A1ACDE6 CC855540 A4B5D00D CA22EF3D
23C67E6C CCBCA1E9 7C5046E0 BD14AD65 12C20B11 69520A07 921F736F C1BAD762
F0CE002E 34A5C8E6 2F0FEC0D EA446175 68E5E4DC 80364FDA 785D5325 9494F54F
2E3A606F 0CA6D9B3 F62A2E03 12D52642 0751B264 5771DC21 1C89C769 A3E6FBC2
7B6EEF0C 87FB5064 E84E4BEF E7719B83 6361C932 8D8CEC14 A7E489AD 3F2B2664
E48542F2 8950E13A BE15E345 25E25ACB 8C3FE033 1E35095A 84EA7E5D A1F59180
0A2806B7 CB314125 618B01E9 56A2F63E 5F2FF3C4 43F61994 75834CA1 82423AC6
BAC40930 A6E17502 51B95E64 8B020301 0001A382 01203082 011C301F 0603551D
23041830 168014A1 725F261B 28984395 5D0737D5 85969D4B D2C34530 1D060355
1D0E0416 04143C41 E28F0808 A94C2589 8D6DC538 D0FC858C 6217300E 0603551D
0F0101FF 04040302 01063012 0603551D 130101FF 04083006 0101FF02 01003019
0603551D 20041230 10300E06 0C2B0601 0401860E 01020103 01304406 03551D1F
043D303B 3039A037 A0358633 68747470 3A2F2F63 726C2E75 73657274 72757374
2E636F6D 2F55544E 2D555345 52466972 73742D48 61726477 6172652E 63726C30
5506082B 06010505 07010104 49304730 4506082B 06010505 07300286 39687474
703A2F2F 7777772E 75736572 74727573 742E636F 6D2F6361 63657274 732F5554
4E416464 54727573 74536572 7665725F 43412E63 7274300D 06092A86 4886F70D
01010505 00038201 010068AB FCEF806B 18B2B0B3 A34589CB 53C5A2E6 AF08A9FD
FF0F49AC FFE49FD7 417CA3C5 A2E8AAE0 57212DC3 AA7C0C4C 280B79F4 EE4C32AD
790E7EA2 5E34184F DF54F1BD 687CE3D3 D7465E6D 64C2F76D 8882730C EF9985EA
A9EF324A F0839F73 910CA43E 2B3151A6 628F1584 F9A63A12 303FDA6E F8CCC719
920F5CF4 FE17F195 0847522C 508FE89B A5EEAE70 33899182 FE30AA76 7659D76C
18D32B12 5B1D281D 7871F6CD 36A2E907 48443BE7 576E820A ADC58ADD E853B471
AF13D206 9D376D53 3F8A3508 FAFEA216 E6B96F5C 5639D6C6 AAEF1967 CE13C5B8
9505FB0A 44C99FA9 40254B32 11AF07FE 08D54271 E9E1538B 151FDD2A 07957024
6F645ED3 B7902E8B 21D8
quit
crypto pki certificate chain trps1_server
certificate ca 00
3082029F 30820208 02010030 0D06092A 864886F7 0D010104 05003081 97310B30
09060355 04061302 55533111 300F0603 55040813 08436F6C 6F726164 6F311030
0E060355 04071307 426F756C 64657231 16301406 0355040A 130D4369 73636F20
53797374 656D7331 0C300A06 0355040B 13035354 47311D30 1B060355 04031314
74727073 312D626C 64722E63 6973636F 2E636F6D 311E301C 06092A86 4886F70D
01090116 0F777473 75694063 6973636F 2E636F6D 301E170D 30363130 32333230
32363231 5A170D30 39303731 39323032 3632315A 30819731 0B300906 03550406
13025553 3111300F 06035504 08130843 6F6C6F72 61646F31 10300E06 03550407
1307426F 756C6465 72311630 14060355 040A130D 43697363 6F205379 7374656D
73310C30 0A060355 040B1303 53544731 1D301B06 03550403 13147472 7073312D
626C6472 2E636973 636F2E63 6F6D311E 301C0609 2A864886 F70D0109 01160F77
74737569 40636973 636F2E63 6F6D3081 9F300D06 092A8648 86F70D01 01010500
03818D00 30818902 818100BF F80B7E13 19C5AA37 D7433EDC 4EC5CAD8 40BEE950
7C099395 997043C9 B9C4BCF6 DF97F091 0ECB7D06 F1B336C6 CD134A67 826B0182
09535A4B 11EB4BE8 B46187CB BBD9FECB CB03AE65 8F2C5E7E 40A66FF2 899E2FF1
CBC072B2 A9B537C0 84C9F873 8A141ED9 D8D15186 F7047400 BB8A2CA1 C59DEAD8
DA09FBB3 6E67D8BF F6811102 03010001 300D0609 2A864886 F70D0101 04050003
818100AC C6185869 1324F6BD 728A8D00 CEDF15E3 14671016 90ED8F7B 5FF72860
8F9469D2 B344641D 75E4A566 BCB06ACE 21DFC2B3 041A961C 8A23610A 284BC399
8E632BBA C734D76A 266E6A45 88DC366F C5E12E9E 087AC3AA 7FEE2089 C97821A7
882BFEC3 26425299 11700277 B9E4EBCD 15A0B388 F8D4A102 E472A398 63E0D7DA 5BFBE1
quit
crypto pki certificate chain test_trustpoint_config_created_for_sdm
crypto pki certificate chain TP-self-signed-4227729276
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34323237 37323932 3736301E 170D3132 30333330 31363039
35365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 32323737
32393237 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100EAC7 274649EA 088685FB DAFAC8EF 445ADFEC D3D3A107 C15A573B 86692067
6E2CCC8D 0488A43C 8BDF46F2 BCA45B44 B83939C7 B091C963 95D3D33F 8A5788BE
B27894AC 05F5B4BC F262D3BF 2C1EE46E 7A403106 C85061CD 3EA85F0E 585AA568
E1CF23EA 75F53B2D 7947A7FB D61AA0F5 0ED88FDC DA36751D D73CBBFE C80BA2AE
00730203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14C6C8AB DAE81AF9 DE633260 26DCB2A8 7F44CF35 9F301D06
03551D0E 04160414 C6C8ABDA E81AF9DE 63326026 DCB2A87F 44CF359F 300D0609
2A864886 F70D0101 04050003 81810081 77F46F29 A0753A05 C7207E07 D649A783
3803CA81 CC0EAA01 9B2DDA19 5E503361 C6DCBFB3 2B5AA373 F4677E41 497FCF6D
441D7061 A50B8961 2FC3B44F 6FD0F938 AA46A988 E485A37C FF8F4F4D 8A2E8BB1
A12975E8 1432975F E848875F D54789C1 6015C362 C38F4308 E6015D07 62C316F7
F3FD24EC 8BEEBC1A 9FAC4167 986EB2
quit
license udi pid CISCO1921/K9 sn FTX1448Y05L
!
!
object-group network MYMLVPD
description mymlvpd.com related traffic
74.219.79.0 255.255.255.240
74.219.79.16 255.255.255.240
74.219.79.32 255.255.255.240
74.219.79.48 255.255.255.240
!
username Gatekeeper secret 5 $1$42ln$/xBWaoJlLOJpKwHctEawX.
username WarBux privilege 15 view root secret 5 $1$mGV6$5rDiZAMJZhxxEsVb/XwqH0
username dave privilege 15 secret 5 $1$o7qR$YUcd9RNfTTeV0h/JwNCe01
!
redundancy
!
crypto key pubkey-chain rsa
named-key realm-cisco.pub
key-string
30820122 300D0609 2A864886 F70D0101 01050003 82010F00 3082010A 02820101
00C19E93 A8AF124A D6CC7A24 5097A975 206BE3A2 06FBA13F 6F12CB5B 4E441F16
17E630D5 C02AC252 912BE27F 37FDD9C8 11FC7AF7 DCDD81D9 43CDABC3 6007D128
B199ABCB D34ED0F9 085FADC1 359C189E F30AF10A C0EFB624 7E0764BF 3E53053E
5B2146A9 D7A5EDE3 0298AF03 DED7A5B8 9479039D 20F30663 9AC64B93 C0112A35
FE3F0C87 89BCB7BB 994AE74C FA9E481D F65875D6 85EAF974 6D9CC8E3 F0B08B85
50437722 FFBE85B9 5E4189FF CC189CB9 69C46F9C A84DFBA5 7A0AF99E AD768C36
006CF498 079F88F8 A3B3FB1F 9FB7B3CB 5539E1D1 9693CCBB 551F78D2 892356AE
2F56D826 8918EF3C 80CA4F4D 87BFCA3B BFF668E9 689782A5 CF31CB6E B4B094D3
F3020301 0001
quit
!
!
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
class-map type inspect match-any SDM_BOOTPC
match access-group name SDM_BOOTPC
class-map type inspect match-all sdm-cls-http-2
match access-group name MyMLVPD.com
match protocol http
class-map type inspect imap match-any ccp-app-imap
match invalid-command
class-map type inspect match-any ccp-cls-protocol-p2p
match protocol edonkey signature
match protocol gnutella signature
match protocol kazaa2 signature
match protocol fasttrack signature
match protocol bittorrent signature
class-map type inspect match-any SDM_DHCP_CLIENT_PT
match class-map SDM_BOOTPC
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect match-any IN_TO_OUT_PROTOCOLS
match protocol http
match protocol dns
match protocol tcp
match protocol udp
match protocol sip
match protocol skinny
match protocol h323
match protocol h323-annexe
match protocol h323-nxg
class-map type inspect match-all IN_TO_OUT_CMAP
match access-group name IN_TO_OUT_ACL
match class-map IN_TO_OUT_PROTOCOLS
class-map type inspect match-any sdm-cls-bootps
match protocol bootps
class-map type inspect match-any ccp-cls-insp-traffic
match protocol dns
match protocol ftp
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-any SDM_HTTP
match access-group name SDM_HTTP
class-map type inspect gnutella match-any ccp-app-gnutella
match file-transfer
class-map type inspect match-all sdm-cls-http
match access-group name MyMLVPD.com
match protocol http
class-map type urlfilter match-any cpaddbnwlocclasspermit0
match server-domain urlf-glob cpaddbnwlocparapermit0
class-map type inspect msnmsgr match-any ccp-app-msn-otherservices
match service any
class-map type inspect ymsgr match-any ccp-app-yahoo-otherservices
match service any
class-map match-any CCP-Transactional-1
class-map match-any CCP-Transactional-3
match protocol citrix
match protocol notes
match protocol novadigm
match protocol pcanywhere
match protocol sap
match protocol sqlnet
match protocol sqlserver
match protocol xwindows
class-map match-any CCP-Transactional-2
match dscp af21
match dscp af22
match dscp af23
class-map type urlfilter trend match-any cpcatdenyclass1
match url category Abortion
match url category Adult-Mature-Content
match url category Pornography
match url category Spam
match url category Violence-hate-racism
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-any ccp-cls-protocol-im
match protocol ymsgr yahoo-servers
match protocol msnmsgr msn-servers
match protocol aol aol-servers
class-map match-any CCP-Voice-2
match dscp ef
class-map type inspect aol match-any ccp-app-aol-otherservices
match service any
class-map match-any CCP-Voice-3
match protocol rtp audio
class-map match-any CCP-Voice-1
match protocol rtp audio
class-map match-any A/V
match protocol rtp video
match protocol rtp audio
class-map type inspect match-all ccp-protocol-pop3
match protocol pop3
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map match-any CCP-Signaling-2
match dscp cs3
match dscp af31
class-map match-any CCP-Routing-1
class-map match-any CCP-Signaling-3
match protocol h323
match protocol rtcp
match protocol sip
class-map match-any CCP-Routing-2
match dscp cs6
class-map match-any CCP-Signaling-1
class-map match-any CCP-Routing-3
match protocol rsvp
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type urlfilter match-any cpaddkblocclass3
match url-keyword urlf-glob cpaddkblocpara3
class-map type urlfilter match-any cpaddkblocclass2
match url-keyword urlf-glob cpaddkblocpara2
class-map type inspect pop3 match-any ccp-app-pop3
match invalid-command
class-map type inspect match-any SDM_HTTPS
match access-group name SDM_HTTPS
class-map match-any CCP-Management-3
match protocol dns
match protocol imap
match protocol socks
class-map type inspect match-any rdp
match protocol user-rdp
class-map type inspect match-any ML-NOC-MGMT
match class-map rdp
match protocol https
match protocol ssh
match protocol icmp
match protocol snmp
class-map match-any CCP-Management-2
match dscp cs2
class-map match-any CCP-Management-1
class-map type inspect kazaa2 match-any ccp-app-kazaa2
match file-transfer
class-map type inspect match-all ccp-protocol-p2p
match class-map ccp-cls-protocol-p2p
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type urlfilter match-any cpeditbnwlocclassdeny1
match server-domain urlf-glob cpeditbnwlocparadeny1
class-map type inspect match-any SDM_CA_SERVER
match class-map SDM_HTTPS
match class-map SDM_HTTP
class-map type inspect msnmsgr match-any ccp-app-msn
match service text-chat
class-map type inspect ymsgr match-any ccp-app-yahoo
match service text-chat
class-map type inspect match-all ccp-protocol-im
match class-map ccp-cls-protocol-im
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect http match-any ccp-app-httpmethods
match request method bcopy
match request method bdelete
match request method bmove
match request method bpropfind
match request method bproppatch
match request method connect
match request method copy
match request method delete
match request method edit
match request method getattribute
match request method getattributenames
match request method getproperties
match request method index
match request method lock
match request method mkcol
match request method mkdir
match request method move
match request method notify
match request method options
match request method poll
match request method propfind
match request method proppatch
match request method put
match request method revadd
match request method revlabel
match request method revlog
match request method revnum
match request method save
match request method search
match request method setattribute
match request method startrev
match request method stoprev
match request method subscribe
match request method trace
match request method unedit
match request method unlock
match request method unsubscribe
class-map type inspect edonkey match-any ccp-app-edonkey
match file-transfer
match text-chat
match search-file-name
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect http match-any ccp-http-blockparam
match request port-misuse im
match request port-misuse p2p
match req-resp protocol-violation
class-map type inspect edonkey match-any ccp-app-edonkeydownload
match file-transfer
class-map type inspect match-all ccp-protocol-imap
match protocol imap
class-map type inspect aol match-any ccp-app-aol
match service text-chat
class-map type inspect match-any HTTP-FTP
match protocol http
match protocol ftp
match protocol ftps
match protocol https
class-map type inspect edonkey match-any ccp-app-edonkeychat
match search-file-name
match text-chat
class-map type inspect match-all ccp-protocol-http
match protocol http
class-map type inspect http match-any ccp-http-allowparam
match request port-misuse tunneling
class-map type inspect fasttrack match-any ccp-app-fasttrack
match file-transfer
!
!
policy-map CCP-QoS-Policy-1
class CCP-Voice-3
set dscp ef
priority percent 33
class CCP-Signaling-3
set dscp cs3
bandwidth percent 5
class CCP-Routing-3
set dscp cs6
bandwidth percent 5
class CCP-Management-3
set dscp cs2
bandwidth percent 5
class CCP-Transactional-3
set dscp af21
bandwidth percent 5
class class-default
fair-queue
random-detect
policy-map type inspect IN_TO_OUT_PMAP
class type inspect IN_TO_OUT_CMAP
pass
class class-default
drop
policy-map type inspect ccp-permit-icmpreply
class type inspect sdm-cls-bootps
pass
class type inspect ccp-icmp-access
inspect
class class-default
pass
policy-map CCP-QoS-Policy-2
policy-map type inspect p2p ccp-action-app-p2p
class type inspect edonkey ccp-app-edonkeychat
log
allow
class type inspect edonkey ccp-app-edonkeydownload
log
allow
class type inspect fasttrack ccp-app-fasttrack
log
allow
class type inspect gnutella ccp-app-gnutella
log
allow
class type inspect kazaa2 ccp-app-kazaa2
log
allow
policy-map type inspect ccp-policy-ML-NOC-MGMT
class type inspect ML-NOC-MGMT
inspect
class class-default
drop
policy-map type inspect im ccp-action-app-im
class type inspect aol ccp-app-aol
log
allow
class type inspect msnmsgr ccp-app-msn
log
allow
class type inspect ymsgr ccp-app-yahoo
log
allow
class type inspect aol ccp-app-aol-otherservices
log
reset
class type inspect msnmsgr ccp-app-msn-otherservices
log
reset
class type inspect ymsgr ccp-app-yahoo-otherservices
log
reset
policy-map type inspect http ccp-action-app-http
class type inspect http ccp-http-blockparam
log
reset
class type inspect http ccp-app-httpmethods
log
reset
class type inspect http ccp-http-allowparam
log
allow
policy-map type inspect imap ccp-action-imap
class type inspect imap ccp-app-imap
log
policy-map type inspect pop3 ccp-action-pop3
class type inspect pop3 ccp-app-pop3
log
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
service-policy http ccp-action-app-http
class type inspect ccp-protocol-imap
inspect
service-policy imap ccp-action-imap
class type inspect ccp-protocol-pop3
inspect
service-policy pop3 ccp-action-pop3
class type inspect ccp-protocol-p2p
inspect
service-policy p2p ccp-action-app-p2p
class type inspect ccp-protocol-im
inspect
service-policy im ccp-action-app-im
class type inspect ccp-insp-traffic
inspect
class type inspect ccp-sip-inspect
inspect
class type inspect ccp-h323-inspect
inspect
class type inspect ccp-h323annexe-inspect
inspect
class type inspect ccp-h225ras-inspect
inspect
class type inspect ccp-h323nxg-inspect
inspect
class type inspect ccp-skinny-inspect
inspect
class class-default
drop
policy-map type inspect ccp-permit
class type inspect SDM_DHCP_CLIENT_PT
pass
class class-default
drop
!
zone security out-zone
zone security in-zone
zone security ML-VPS
zone security ML-AD
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security sdm-zp-in-zone-ML-AD source in-zone destination ML-AD
service-policy type inspect ccp-policy-ML-NOC-MGMT
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
!
!
!
!
!
!
!
interface Null0
no ip unreachables
!
interface GigabitEthernet0/0
description WAN Link$ETH-WAN$$FW_OUTSIDE$
ip address dhcp client-id GigabitEthernet0/0
no ip redirects
no ip unreachables
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat outside
ip ips sdm_ips_rule in
ip virtual-reassembly in
ip verify unicast reverse-path
zone-member security out-zone
duplex auto
speed auto
no mop enabled
service-policy output CCP-QoS-Policy-2
!
interface GigabitEthernet0/1
description NOC Link$ETH-LAN$$FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip flow egress
ip nat inside
ip ips sdm_ips_rule in
ip virtual-reassembly in
zone-member security in-zone
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/0/0
description MLVPDCore
switchport trunk native vlan 5
switchport mode trunk
!
interface GigabitEthernet0/0/1
description ML Desktop
switchport access vlan 30
switchport trunk native vlan 5
!
interface GigabitEthernet0/0/2
description MLDedicated
switchport access vlan 10
switchport trunk native vlan 5
!
interface GigabitEthernet0/0/3
description Notinuse
switchport trunk native vlan 5
switchport mode trunk
!
interface Vlan1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
!
interface Vlan5
description $FW_INSIDE$
ip address 74.219.79.9 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat inside
ip ips sdm_ips_rule in
ip ips sdm_ips_rule out
ip virtual-reassembly in
ip verify unicast reverse-path
zone-member security in-zone
!
interface Vlan10
description $FW_INSIDE$
ip address 74.219.79.17 255.255.255.240
no ip redirects
no ip unreachables
ip flow ingress
ip nat inside
ip ips sdm_ips_rule in
ip ips sdm_ips_rule out
ip virtual-reassembly in
zone-member security in-zone
!
interface Vlan20
description $FW_INSIDE$
ip address 74.219.79.33 255.255.255.224
no ip redirects
no ip unreachables
ip flow ingress
ip nat inside
ip ips sdm_ips_rule in
ip ips sdm_ips_rule out
ip virtual-reassembly in
zone-member security in-zone
!
interface Vlan30
description $FW_INSIDE$
ip address 187.187.1.1 255.255.255.0
no ip redirects
no ip unreachables
ip flow ingress
ip nat inside
ip ips sdm_ips_rule in
ip ips sdm_ips_rule out
ip virtual-reassembly in
zone-member security in-zone
!
ip forward-protocol nd
!
ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip flow-top-talkers
top 40
sort-by bytes
cache-timeout 360000
!
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip nat inside source list 3 interface GigabitEthernet0/0 overload
ip nat inside source list 4 interface GigabitEthernet0/0 overload
ip route 74.219.79.8 255.255.255.248 74.219.79.10
ip route 74.219.79.16 255.255.255.240 74.219.79.10
ip route 74.219.79.32 255.255.255.224 74.219.79.10
!
ip access-list extended IN_TO_OUT_ACL
permit ip 74.219.79.0 0.0.0.255 any
ip access-list extended MyMLVPD.com
remark CCP_ACL Category=128
permit ip any host 74.219.79.18
permit ip any host 74.219.79.24
ip access-list extended SDM_BOOTPC
remark CCP_ACL Category=0
permit udp any any eq bootpc
ip access-list extended SDM_HTTP
remark CCP_ACL Category=1
permit tcp any any eq telnet
permit tcp any any eq www
ip access-list extended SDM_HTTPS
remark CCP_ACL Category=1
permit tcp any any eq 443
ip access-list extended SDM_SSH
remark CCP_ACL Category=0
permit tcp any any eq 22
!
logging 192.168.1.159
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 deny any
access-list 3 remark CCP_ACL Category=2
access-list 3 permit 187.187.1.0 0.0.0.255
access-list 4 remark CCP_ACL Category=2
access-list 4 permit 74.219.79.32 0.0.0.31
access-list 4 permit 74.219.79.8 0.0.0.7
access-list 4 permit 74.219.79.16 0.0.0.15
access-list 5 permit 74.219.79.18
access-list 5 permit 74.219.79.43
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 101 remark Auto generated by SDM Management Access feature
access-list 101 remark CCP_ACL Category=1
access-list 101 permit tcp any host 192.168.1.1 eq www
access-list 101 permit tcp 192.168.1.0 0.0.0.255 host 192.168.1.1 eq 22
access-list 101 permit tcp 192.168.1.0 0.0.0.255 host 192.168.1.1 eq 443
access-list 101 permit tcp 192.168.1.0 0.0.0.255 host 192.168.1.1 eq cmd
access-list 101 deny tcp any host 192.168.1.1 eq telnet
access-list 101 deny tcp any host 192.168.1.1 eq 22
access-list 101 deny tcp any host 192.168.1.1 eq www
access-list 101 deny tcp any host 192.168.1.1 eq 443
access-list 101 deny tcp any host 192.168.1.1 eq cmd
access-list 101 deny udp any host 192.168.1.1 eq snmp
access-list 101 permit ip any any
access-list 102 remark Auto generated by SDM Management Access feature
access-list 102 remark CCP_ACL Category=1
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
access-list 103 remark Auto generated by SDM Management Access feature
access-list 103 remark CCP_ACL Category=1
access-list 103 permit ip 192.168.1.0 0.0.0.255 any
access-list 122 permit ip host 74.219.79.43 any
access-list 122 permit ip any host 74.219.79.43
!
no cdp run

!
!
!
!
!
!
control-plane
!
!
banner login ^CUnauthorized access is strictly forbidden!^C
!
line con 0
login authentication local_authen
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line vty 0 4
access-class 102 in
password 7 060506324F415A4B54
authorization exec local_author
login authentication local_authen
transport input telnet ssh
line vty 5 15
access-class 103 in
authorization exec local_author
login authentication local_authen
transport input telnet ssh
!
scheduler allocate 20000 1000
ntp update-calendar
ntp server 173.14.55.9 prefer source GigabitEthernet0/0
end


OVERKILL

join:2010-04-05
Peterborough, ON

Re: [Config] Help get internet connectivity on new Cisco 1921 ro

My good God, that is one busy config!

WarBuxX9

join:2012-03-30
Livonia, MI
Yea I had a lot of stuff setup before. The config is much more simple this time. I might just restart from factory defaults. My only problem is it took me forever to get the router working with the network.


OVERKILL

join:2010-04-05
Peterborough, ON
reply to WarBuxX9
That isn't a bad idea. Try it with a naked config and then start bringing things back in until you break it. Then at least you'll know what caused it.

WarBuxX9

join:2012-03-30
Livonia, MI
The link below seems to be the only article I can find on how to restore factory defaults. I don't think this has all the steps. Do you know where I can find better instructions?

»www.cisco.com/en/US/products/sw/···a1.shtml

ladino

join:2001-02-24
USA
kudos:1

1 recommendation

Remove the following commands if the WAN interface is not getting an IP address from the ISP

interface GigabitEthernet0/0
 ip ips sdm_ips_rule in
 zone-member security out-zone
 service-policy output CCP-QoS-Policy-2
!
 

nosx

join:2004-12-27
00000
kudos:5

1 recommendation

I agree with ladino, is some of that BS blocking the DHCP process?
Remove "ip verify unicast reverse-path" as well.

WarBuxX9

join:2012-03-30
Livonia, MI
I am not sure what the problem was. It is functional now. Thanks

WarBuxX9

join:2012-03-30
Livonia, MI
reply to ladino
said by ladino:

Remove the following commands if the WAN interface is not getting an IP address from the ISP

interface GigabitEthernet0/0
 ip ips sdm_ips_rule in
 zone-member security out-zone
 service-policy output CCP-QoS-Policy-2
!
 

Thanks this worked.


OVERKILL

join:2010-04-05
Peterborough, ON
reply to WarBuxX9
You should really try to clean that config up. Looks like part of it was generated through SDM?