** WARNING, putting anything other than the Sky Broadband provided router on your xDSL line will break your agreement with Sky. You do this at your own risk. **
IOS 12.4(15)T or greater
no service pad
service telnet-zeroidle
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname MAC_ADDRESS
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 16384
enable secret ENABLE_PASSWORD
!
clock timezone GMT 0
clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 1:00
!
dot11 ssid WEP
vlan 11
authentication open
mbssid guest-mode
!
dot11 ssid WPA
vlan 12
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 0 PASSWORD
!
dot11 ssid WiFi
vlan 10
authentication open
mbssid guest-mode
!
no ip source-route
no ip gratuitous-arps
ip icmp rate-limit unreachable 1
ip cef
!
ip dhcp excluded-address 172.24.0.1 172.24.0.31
ip dhcp excluded-address 172.24.1.1 172.24.1.31
ip dhcp excluded-address 172.24.2.1 172.24.2.31
ip dhcp excluded-address 172.24.3.1 172.24.3.31
!
ip dhcp pool LAN
network 172.24.0.0 255.255.255.0
domain-name netconf.co.uk
dns-server 87.86.189.16
default-router 172.24.0.254
lease 30
!
ip dhcp pool WIRELESS-CLEAR
network 172.24.1.0 255.255.255.0
domain-name yelmuch.net
dns-server 87.86.189.16
default-router 172.24.1.254
lease 30
!
ip dhcp pool WIRELESS-WEP
network 172.24.2.0 255.255.255.0
domain-name yelmuch.net
dns-server 87.86.189.16
default-router 172.24.2.254
lease 30
!
ip dhcp pool WIRELESS-WPA
network 172.24.3.0 255.255.255.0
domain-name yelmuch.net
dns-server 87.86.189.16
default-router 172.24.3.254
lease 30
!
ip domain name yelmuch.net
ip name-server 87.86.189.16
ip inspect dns-timeout 10
ip inspect name INSPECT cuseeme
ip inspect name INSPECT ftp
ip inspect name INSPECT h323
ip inspect name INSPECT icmp
ip inspect name INSPECT netshow
ip inspect name INSPECT rcmd
ip inspect name INSPECT realaudio
ip inspect name INSPECT rtsp
ip inspect name INSPECT sqlnet
ip inspect name INSPECT streamworks
ip inspect name INSPECT tftp
ip inspect name INSPECT tcp
ip inspect name INSPECT udp
ip inspect name INSPECT vdolive
ip inspect name INSPECT isakmp
ip inspect name INSPECT ipsec-msft
ip inspect name INSPECT sip audit-trail on timeout 300
ip inspect name INSPECT sip-tls audit-trail on timeout 1800
ip inspect name INSPECT smtp timeout 30
ip inspect name INSPECT ssh timeout 43200
ip inspect name INSPECT http urlfilter alert on audit-trail off
!
ip urlfilter allow-mode on
ip urlfilter exclusive-domain deny www.affiliateer.com
ip urlfilter exclusive-domain deny www.burstnet.com
ip urlfilter exclusive-domain deny .jamster.com
ip urlfilter exclusive-domain deny .googlesyndication.com
ip urlfilter exclusive-domain deny .888.com
ip urlfilter exclusive-domain deny ads.itv.com
ip urlfilter exclusive-domain deny .atdmt.com
ip urlfilter exclusive-domain permit www.google.com
ip urlfilter exclusive-domain deny adserving.cpxinteractive.com
ip urlfilter exclusive-domain deny .glispa.com
ip urlfilter exclusive-domain deny .adtech.de
ip urlfilter exclusive-domain deny .adbureau.net
ip urlfilter exclusive-domain deny .falkag.net
ip urlfilter exclusive-domain deny .fastclick.net
ip urlfilter exclusive-domain deny .doubleclick.net
ip urlfilter exclusive-domain permit www.google.co.uk
ip urlfilter exclusive-domain deny ads.trinitymirror.co.uk
ip urlfilter exclusive-domain deny fe.lea.lycos.co.uk
!
! Press Control-V before entering ? in URL below
ip ddns update method DYNDNS
HTTP
add http://USERNAME:PASSWORD@members.dyndns.org/nic/update?system=dyndns&hostname=SITENAME.homedns.org&myip=<a>
interval maximum 20 0 0 0
interval minimum 15 0 0 0
!
vtp domain SKYBB
vtp mode transparent
!
interface ATM0
description SKYBB-ADSL-LLU
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
load-interval 30
snmp ifindex persist
class-int class-default
no atm ilmi-keepalive
dsl operating-mode auto
dsl enable-training-log
dsl lom 250
max-reserved-bandwidth 100
hold-queue 224 in
!
interface ATM0.1 point-to-point
description PVC 0/38 - 320kbps
bandwidth 285
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
no snmp trap link-status
pvc DATA 0/38
vbr-nrt 320 320 1
tx-ring-limit 3
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
interface FastEthernet0
spanning-tree portfast
!
interface FastEthernet1
spanning-tree portfast
!
interface FastEthernet2
spanning-tree portfast
!
interface FastEthernet3
spanning-tree portfast
!
interface Dot11Radio0
description 802.11B/G interface
no ip address
no ip redirect
ip nat inside
ip virtual-reassembly
!
encryption vlan 12 mode ciphers tkip
!
encryption vlan 11 key 1 size 40bit 0 FFFFFFFFFF transmit-key
encryption vlan 11 mode ciphers wep40
!
broadcast-key vlan 11 change 10
!
ssid WiFi
!
ssid WEP
!
ssid WPA
!
mbssid
speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
channel 2462
station-role root
world-mode dot11d country GB indoor
no cdp enable
!
interface Dot11Radio0.10
description WiFi - CLEAR
encapsulation dot1Q 10 native
ip address 172.24.1.254 255.255.255.0
no ip redirect
ip nat inside
ip inspect INSPECT in
!
interface Dot11Radio0.11
description WiFi - WEP
encapsulation dot1Q 11
ip address 172.24.2.254 255.255.255.0
no ip redirect
ip nat inside
ip inspect INSPECT in
!
interface Dot11Radio0.12
description WiFi - WPA
encapsulation dot1Q 12
ip address 172.24.3.254 255.255.255.0
no ip redirect
ip nat inside
ip inspect INSPECT in
!
interface Vlan1
ip address 172.24.0.254 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Dialer1
description OUTSIDE$FW_OUTSIDE$
bandwidth 256
ip ddns update hostname hostname.homedns.org
ip ddns update DYNDNS host members.dyndns.org
ip address negotiated previous
ip access-group 111 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting output-packets
ip accounting precedence input
ip accounting precedence output
ip accounting access-violations
ip nbar protocol-discovery
ip pim sparse-dense-mode
ip nat outside
ip inspect INSPECT out
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
ip tcp adjust-mss 1400
load-interval 30
dialer pool 1
snmp ifindex persist
no fair-queue
no cdp enable
ppp max-bad-auth 3
ppp lcp predictive
ppp lcp delay 1
ppp authentication chap callin
ppp chap hostname MAC_ADDRESS@skydsl
ppp chap password PPPOA_PASSWORD
ppp ipcp predictive
ppp multilink
ppp multilink interleave
ppp multilink fragment delay 20
max-reserved-bandwidth 100
!
ip route 0.0.0.0 0.0.0.0 Dialer1
!
no ip http server
ip http access-class 99
no ip http secure-server
ip nat inside source list 100 interface Dialer1 overload
!
access-list 99 permit 172.24.0.0 0.0.255.255
access-list 100 permit ip 172.24.0.0 0.0.1.255 any
access-list 111 permit udp host 195.40.0.250 eq ntp any eq ntp
access-list 111 permit udp host 195.40.1.250 eq ntp any eq ntp
access-list 111 permit tcp host 63.208.196.95 eq www any
access-list 111 permit udp host 87.86.189.16 eq domain any
access-list 111 deny ip any any log
!
control-plane
!
line con 0
no modem enable
line aux 0
access-class 99 in
line vty 0 4
access-class 99 in
password PASSWORD
login
!
ntp server 195.40.0.250
ntp server 195.40.1.250
Any errors or comments, Please email yelmuch@hotmail.com |
|