科技行者

行者学院 转型私董会 科技行者专题报道 网红大战科技行者

知识库

知识库 安全导航

至顶网网络频道一个外资银行的路由器配置

一个外资银行的路由器配置

  • 扫一扫
    分享文章到微信

  • 扫一扫
    关注官方公众号
    至顶头条

今天终于稍微闲一点了,给大家贴个配置吧。这个路由器不是我配的,是欧洲某国的IBM配的,我们也可以看看大公司做事有什么特点,背景是这家银行暴有钱,买了两个3725,一个上了WIC-1T,一个上了WIC-1S/T,做备份。

作者:中国IT实验室 2007年8月15日

关键字: 路由器 路由器设置 路由器配置 路由器基础 路由协议 CISCO

  • 评论
  • 分享微博
  • 分享邮件

  今天终于稍微闲一点了,给大家贴个配置吧。这个路由器不是我配的,是欧洲某国的IBM配的,我们也可以看看大公司做事有什么特点,背景是这家银行暴有钱,买了两个3725,一个上了WIC-1T,一个上了WIC-1S/T,做备份。

  其中一台机器的配置如下(简其中重要的贴)

  service timestamps debug datetime localtime

  service timestamps log datetime localtime

  service password-encryption

  hostname shanghai_2

  boot system flash c3725-ik9s.mz-122-15.T1.bin

  logging buffered 4096 debug

  enable security xxx

  username Moncalieri_1 password xxx

  username Moncalieri_2 password xxx

  username settimo_2 password xxx

  no ip domain lookup

  ip host h2 10.128.208.235

  ip host h1 10.128.208.234

  ip host s1 10.131.240.150

  ...

  isdn switch-type basic-net3

  isdn voice-call-failure 0

  mta receive maximum-recipients 0

  dlsw local-peer peer-id 172.18.1.38

  dlsw remote--peer 0 tcp 172.18.1.1

  dlsw remote--peer 0 tcp 172.18.1.2 backup-peer 172.18.1.1 linger 1

  dlsw transparent switch-support

  interface loopback0

  ip addr 172.18.1.35 255.255.255.255

  interface multilink1

  no ip address

  ppp multilink

  multilink-group 1

  interface fasethernet0/0

  description connected to ETHERNET_LAN

  mac-address 4000.0000.6666

  ip address 10.128.210.235 255.255.255.0

  no ip proxy-arp

  speed auto

  half-duplex

  standby use-bia

  standby 12 ip 10.128.210.233

  standby 12 priority 90

  standby 12 preemtp

  standby 12 authentication SHANGHAI

  interface s0/0

  no ip address

  shut

  interface bri0/0

  no ip address

  encapsulation ppp

  dialer pool-member 1

  isdn switch-type basic-net3

  ppp athentication chap

  interface fastethernet 0/1

  no ip address

  shutdown

  interface dialer1

  description connect to SETTIMO_2

  ip address 10.128.211.49 255.255.255.252

  encapsulation ppp

  dialer pool 1

  dialer remote-name SETTIMO_2

  dialer load-threshold 1 either

  dialer max-call 2

  dialer-group 1

  ppp authentication chap

  ppp multilink

  ppp multilink fragment-delay 20

  ppp multilink interleave

  router eigrp 128

  passive-interface dialer1

  network 10.0.0.0

  network 172.18.0.0

  no autoo-summary

  ip classless

  ip route 10.0.0.0 255.0.0.0 10.128.211.50 200

  ip route 172.16.0.0 255.240.0.0 10.128.211.50 200

  ip route 172.18.1.0 255.255.255.0 10.128.211.50 200

  ip route 192.168.0.0 255.255.0.0 10.128.211.50 200

  no ip http server

  ip access-list extended SHANGHAI_2_LIST

  permit ip 10.128.211.0 0.0.0.255 10.128.192.0 0.0.0.255

  permit ip 10.128.211.0 0.0.0.255 10.128.209.0 0.0.0.255

  access-list 78 permit 10.254.4.2

  access-list 78 permit 10.254.4.3

  access-list 78 deny all

  access-list 79 permit 10.254.4.2

  access-list 79 permit 10.254.4.3

  access-list 79 deny all

  access-list 80 permit 10.7.30.9

  access-list 80 permit 10.7.30.40

  access-list 80 permit 10.7.30.100

  access-list 80 deny any log

  access-list 100 deny icmp any any

  access-list 100 deny eigrp any any

  access-list 100 deny udp any any eq snmp

  access-list 100 deny udp any any eq snmptrap

  access-list 100 permit ip any any

  dialer-list 1 protocol ip list 100

  snmp-server community public ro

  snmp-server community mioixx ro 80

  snmp-server community cxssi23424 rw 80

  snmp-server community r646545 ro 78

  snmp-server community c234719247 ro 79

  snmp-server ifindex persist

  snmp-server trap-source loopback0

  snmp-server packetsize 4096

  snmp-server trap-timeout 120

  snmp-server queue-length 30

  snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

  no snmp-server enable traps tty

  snmp-server enable traps isdn call-information

  snmp-server enable traps config

  snmp-server enable traps entity

  snmp-server enable traps envmon

  snmp-server enable traps dlsw tconn

  snmp-server host 10.248.0.100 csxxx

  snmp-server host 10.254.4.2 undefined

  call rsvp-sync

  mgcp profile defualt

  dialer-peer cor custom

  banner motd ^CC

  YOU HAVE ENTERED A SECURED SYSTEM

  AUTHORIZED ACCESS ONLY

  UNAUTHORIZED USE IS CONSIDERED ILLEGAL!

  router:$(hostname)

  ^c

  line con 0

  exec-timeout 0 0

  password 2034u10481290

  login

  line aux 0

  line vty 0 4

  pass q230578901247821

  login

  ntp clock-period 17180040

    • 评论
    • 分享微博
    • 分享邮件
    邮件订阅

    如果您非常迫切的想了解IT领域最新产品与技术信息,那么订阅至顶网技术邮件将是您的最佳途径之一。

    重磅专题
    往期文章
    最新文章