Eldin'net, Configuration Routeurs Cisco 3640

Eldin'net ,Configuration Routeurs Cisco 3640

mise à jour le 25/08/2001

Configuration Routeurs Cisco 3640

Configuration pour un routeur équipé de deux accés primaire ISDN ( 60 lignes) réparties en 30 modems V90 anlogiques internes et 30 accés ISDN. L'authentification ( CHAP, POP) est déléguée à un serveur TACACS+ externe du type Ciscosecure ACS.

Necessite la version IOS 12.0

version 12.0
service timestamps debug uptime
service timestamps log datetime localtime

service password-encryption
service udp-small-servers
service tcp-small-servers

hostname access-router

no logging console
logging buffered

Authtification TACACS+ par defaut

aaa new-model
aaa authentication login default tacacs+ none
aaa authentication login no-tacacs enable
aaa authentication ppp default tacacs+ none
aaa authorization exec default tacacs+ none
aaa authorization network default tacacs+ none
aaa authorization configuration default tacacs+
aaa accounting exec default start-stop tacacs+
aaa accounting network default start-stop tacacs+
aaa accounting connection default start-stop tacacs+

Liste des comptes locaux login/mot de passe

username aaaaaa password aaaaaaaaaa
username bbbbbb password bbbbbbbbbb
....
username zzzzzz password zzzzzzzzzz

enable secret xxxxxxxxxx
enable password xxxxxxxxxxxxx

ip subnet-zero
no ip finger
no ip domain-lookup

isdn switch-type primary-net5
isdn voice-call-failure 0

controller E1 1/0
pri-group timeslots 1-31
framing NO-CRC4
description Acces ISDN primaire N. xxxxx

controller E1 1/1
pri-group timeslots 1-31
framing NO-CRC4
description Acces ISDN primaire N. xxxxxx

interface Ethernet0/0
description Lan ISP
ip address yy.jj.kk.01 255.255.255.0
no ip directed-broadcast

interface Serial1/0:15
description ISDN Primaire 1 tel : xx/xxxxxx
no ip address
no ip directed-broadcast
encapsulation ppp
ip tcp header-compression passive
dialer rotary-group 2
isdn switch-type primary-net5
isdn incoming-voice modem
no cdp enable

interface Serial1/1:15
description ISDN Primaire 2 tel : xx/xxxxxx
no ip address
no ip directed-broadcast
encapsulation ppp
ip tcp header-compression passive
dialer rotary-group 2
isdn switch-type primary-net5
isdn incoming-voice modem
no cdp enable

interface Group-Async1
ip unnumbered Ethernet0/0
encapsulation ppp
ip tcp header-compression passive

dialer-group 1
peer default ip address pool default
no cdp enable
ppp authentication chap pap
no ip directed-broadcast
dialer in-band
async mode interactive
no cdp enable
group-range 65 94

interface Dialer2
ip unnumbered Ethernet0/0
no ip directed-broadcast
encapsulation ppp
ip tcp header-compression passive
dialer in-band
dialer idle-timeout 600
dialer-group 1
peer default ip address pool default
no cdp enable
ppp authentication chap pap

router eigrp 1
redistribute static
passive-interface Serial1/0:15
passive-interface Serial1/1:15
passive-interface Group-Async1
passive-interface Dialer2
network yy.jj.kk.0
default-metric 64 2000 200 200 1500
no auto-summary

ip local pool default a.b.c.d a1.b1.c1.d1

no ip http server

access-list 101 deny eigrp any any

access-list 101 permit ip any any

dialer-list 1 protocol ip list 101

tacacs-server host <IP du serveur Tacacs+>
tacacs-server key dddddddd

snmp-server community public RO
snmp-server community xxxx RW
snmp-server host <IP du serveur de supervision> public

line con 0

line 65 94
session-timeout 30
exec-timeout 1 0
autoselect ppp
absolute-timeout 300
script dialer cisco-default
modem answer-timeout 5
modem InOut
modem autoconfigure type mica
terminal-type mon
no history
transport input telnet
transport output none
escape-character NONE
line aux 0
modem InOut
transport input telnet
transport output none
stopbits 1
speed 38400
flowcontrol hardware
line vty 0 4
password xxxxxxxxxx

ntp clock-period 17246919
ntp server <IP du serveur NTP>

Eldin'net

Pour me contacter