=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2005.11.11 10:49:04 =~=~=~=~=~=~=~=~=~=~=~= sh ip brie ^ % Invalid input detected at '^' marker. R4#sh ip brie ibrienbrietbrie brie Interface IP-Address OK? Method Status Protocol FastEthernet0/0 180.40.7.98 YES manual up up ATM1/0 192.10.32.14 YES manual up up Virtual-Access1 unassigned YES unset up up R4#config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#ntp ? access-group Control NTP access authenticate Authenticate time sources authentication-key Authentication key for trusted time sources broadcastdelay Estimated round-trip delay clock-period Length of hardware clock tick master Act as NTP master clock max-associations Set maximum number of associations peer Configure NTP peer server Configure NTP server source Configure interface for source address trusted-key Key numbers for trusted time sources R4(config)#ntp serv R4(config)#ntp server ? Hostname or A.B.C.D IP address of peer vrf VPN Routing/Forwarding Information R4(config)#ntp server 192.10.32.254 R4(config)# RACK14AS>3 [Resuming connection 3 to r3 ... ] R3#sh clocl ^ % Invalid input detected at '^' marker. R3#sh clocl  *00:10:56.628 UTC Mon Mar 1 1993 R3# RACK14AS>4 [Resuming connection 4 to r4 ... ] R4(config)#do sh clock .18:50:02.904 UTC Fri Nov 11 2005 R4(config)#do sh ntp a stat Clock is synchronized, stratum 5, reference is 192.10.32.254 nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**18 reference time is C71F6666.B4AC5C69 (18:50:14.705 UTC Fri Nov 11 2005) clock offset is 0.2010 msec, root delay is 109.95 msec root dispersion is 96.50 msec, peer dispersion is 0.11 msec R4(config)# sdo sh ntp stat    ass address ref clock st when poll reach delay offset disp *~192.10.32.254 172.16.1.20 4 7 64 377 5.0 0.20 0.0 * master (synced), # master (unsynced), + selected, - candidate, ~ configured R4(config)# R4(config)# R4(config)# R4(config)#ntp ? access-group Control NTP access authenticate Authenticate time sources authentication-key Authentication key for trusted time sources broadcastdelay Estimated round-trip delay clock-period Length of hardware clock tick master Act as NTP master clock max-associations Set maximum number of associations peer Configure NTP peer server Configure NTP server source Configure interface for source address trusted-key Key numbers for trusted time sources R4(config)#ntp auth R4(config)#ntp authenticati R4(config)#ntp authentication-key ? <1-4294967295> Key number R4(config)#ntp authentication-key 1 ? md5 MD5 authentication R4(config)#ntp authentication-key 1 md5 ? WORD Authentication key R4(config)#ntp authentication-key 1 md5 MyTime R4(config)#nt[p    p ? access-group Control NTP access authenticate Authenticate time sources authentication-key Authentication key for trusted time sources broadcastdelay Estimated round-trip delay clock-period Length of hardware clock tick master Act as NTP master clock max-associations Set maximum number of associations peer Configure NTP peer server Configure NTP server source Configure interface for source address trusted-key Key numbers for trusted time sources R4(config)#ntp a  ~  p ma R4(config)#ntp ma? master max-associations R4(config)#ntp mast ? <1-15> Stratum number R4(config)#ntp mast R4(config)# RACK14AS>3 [Resuming connection 3 to r3 ... ] R3#config t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#ntp serv      aut R3(config)#ntp authenticati R3(config)#ntp authentication-key 1 >? % Unrecognized command R3(config)#ntp authentication-key 1 >   md ? WORD Authentication key R3(config)#ntp authentication-key 1 md MyTime R3(config)#ntp au R3(config)#ntp authenticate R3(config)#ntp authenticate ? R3(config)#ntp authenticate R3(config)#ntp tru R3(config)#ntp trusted-key 1 ? R3(config)#ntp trusted-key 1 R3(config)#ntp serv 180.40.7.98 R3(config)#^Z R3#sh Nov 11 18:52:34.251: %SYS-5-CONFIG_I: Configured from console by console R3#sh ntp ass address ref clock st when poll reach delay offset disp *~180.40.7.98 192.10.32.254 5 0 64 17 4.0 0.23 1875.1 * master (synced), # master (unsynced), + selected, - candidate, ~ configured R3#sh clock 18:52:45.858 UTC Fri Nov 11 2005 R3#sh eu    run | n b ntp ntp authentication-key 1 md5 13280E26020101 7 ntp authenticate ntp trusted-key 1 ntp server 180.40.7.98 ! end R3# RACK14AS>4 [Resuming connection 4 to r4 ... ] R4(config)#^Z R4#sh ru Nov 11 18:53:45.468: %SYS-5-CONFIG_I: Configured from console by console R4#sh run | b ntp ntp authentication-key 1 md5 080C557A001400 7 ntp clock-period 17179869 ntp master ntp server 192.10.32.254 ! end R4# R4#config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#ip in R4(config)#ip inspect ? alert-off Disable alert audit-trail Enable the logging of session information (addresses and bytes) dns-timeout Specify timeout for DNS hashtable-size Specify size of hashtable max-incomplete Specify maximum number of incomplete connections before clamping name Specify an inspection rule one-minute Specify one-minute-sample watermarks for clamping tcp Config timeout values for tcp connections udp Config timeout values for udp flows R4(config)#ip inspect name prob2 ? cuseeme CUSeeMe Protocol fragment IP fragment inspection ftp File Transfer Protocol h323 H.323 Protocol (e.g, MS NetMeeting, Intel Video Phone) http HTTP Protocol icmp ICMP Protocol netshow Microsoft NetShow Protocol rcmd R commands (r-exec, r-login, r-sh) realaudio Real Audio Protocol rpc Remote Prodedure Call Protocol rtsp Real Time Streaming Protocol sip SIP Protocol smtp Simple Mail Transfer Protocol sqlnet SQL Net Protocol streamworks StreamWorks Protocol tcp Transmission Control Protocol tftp TFTP Protocol udp User Datagram Protocol vdolive VDOLive Protocol R4(config)#ip inspect name prob2 tcp R4(config)#ip inspect name prob2 tcp   udp R4(config)#ip inspect name prob2 udp   h323 R4(config)#ip access-          access-list 100 per udp an y anyeq ntp ? % Unrecognized command R4(config)#access-list 100 per udp an y anyeq ntp  q ntp  q ntp  eq ntp ey any eq ntp  R4(config)#acces- s-list 100 den u   ip anuy  y any R4(config)#int atm 1/0 R4(config-if)#ip access-grou 100 in R4(config-if)#ip in R4(config-if)#ip inspect ? WORD Name of inspection defined R4(config-if)#ip inspect prob2 out R4(config-if)#do sh ip nat tra R4(config-if)#do sh run | b ip nat ip nat inside duplex auto speed auto ! interface ATM1/0 ip address 192.10.32.14 255.255.255.0 ip access-group 100 in ip nat outside ip inspect prob2 out no atm ilmi-keepalive pvc 0/72 protocol ip 192.10.32.254 broadcast ! ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip nat inside source list IPNAT interface ATM1/0 overload no ip http server ip classless ! ! --More--   R4(config-if)#^Z R4# RACK14AS>3 [Resuming connection 3 to r3 ... ] R3#sh ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 17.0.0.0/24 is subnetted, 2 subnets O 17.57.100.0 [110/791] via 180.40.7.34, 00:17:38, Serial1/0 O 17.57.101.0 [110/782] via 180.40.7.2, 00:17:38, Serial1/2 [110/782] via 180.40.7.35, 00:17:38, Serial1/0 O 192.10.32.0/24 [110/3] via 180.40.7.130, 00:17:38, FastEthernet0/1 180.40.0.0/16 is variably subnetted, 6 subnets, 2 masks C 180.40.7.128/27 is directly connected, FastEthernet0/1 C 180.40.7.0/27 is directly connected, Serial1/2 O 180.40.7.35/32 [110/781] via 180.40.7.2, 00:17:39, Serial1/2 [110/781] via 180.40.7.35, 00:17:39, Serial1/0 O 180.40.7.34/32 [110/781] via 180.40.7.34, 00:17:39, Serial1/0 C 180.40.7.32/27 is directly connected, Serial1/0 O 180.40.7.96/27 [110/2] via 180.40.7.130, 00:17:39, FastEthernet0/1 R3#  config t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#ip route 0./0   0 .0.0.0.  0.0.0.0 180.40.7.98 R3(config)#^Z R3#teln Nov 11 18:59:56.293: %SYS-5-CONFIG_I: Configured from console by console R3#telnet 192.10.32.254 Trying 192.10.32.254 ... Open CR1> RACK14AS>4 [Resuming connection 4 to r4 ... ] Nov R4#sh access-list Standard IP access list IPNAT 10 permit 180.40.7.0, wildcard bits 0.0.0.255 (1 match) 20 permit 17.0.0.0, wildcard bits 0.255.255.255 Extended IP access list 100 permit tcp host 192.10.32.254 eq telnet host 192.10.32.14 eq 11000 (9 matches) 10 permit udp any any eq ntp (4 matches) 20 deny ip any any R4# R4# R4# R4#sh ver Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-INO3S3-M), Version 12.2(15)T14, RELEASE SOFTWARE (fc4) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2004 by cisco Systems, Inc. Compiled Sat 28-Aug-04 09:28 by cmong Image text-base: 0x60008950, data-base: 0x61814000 ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) ROM: 3600 Software (C3620-INO3S3-M), Version 12.2(15)T14, RELEASE SOFTWARE (fc4) R4 uptime is 24 minutes System returned to ROM by power-on System restarted at 18:36:57 UTC Fri Nov 11 2005 System image file is "flash:c3620-ino3s3-mz.122-15.T14.bin" cisco 3620 (R4700) processor (revision 0x81) with 59392K/6144K bytes of memory. Processor board ID 20614073 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. 1 FastEthernet/IEEE 802.3 interface(s) --More--   R4# RACK14AS>3 [Resuming connection 3 to r3 ... ] CR1>q [Connection to 192.10.32.254 closed by foreign host] R3# R3# RACK14AS>4 [Resuming connection 4 to r4 ... ] R4#sh run | b interfacce ATM R4#sh run | b interfacce ATM   R4#sh run | b interfacce A  R4#sh run | b interfacce ATMe ATM  interface ATM1/0 ip address 192.10.32.14 255.255.255.0 ip access-group 100 in ip nat outside ip inspect prob2 out no atm ilmi-keepalive pvc 0/72 protocol ip 192.10.32.254 broadcast ! ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip nat inside source list IPNAT interface ATM1/0 overload no ip http server ip classless ! ! ! ip access-list standard IPNAT permit 180.40.7.0 0.0.0.255 permit 17.0.0.0 0.255.255.255 --More--  ! access-list 100 permit udp any any eq ntp access-list 100 deny ip any any ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 privilege level 15 no login ! ntp authentication-key 1 md5 080C557A001400 7 --More--   R4#sh ru n| b ip in ^ % Invalid input detected at '^' marker. R4#sh ru n| b ip in| b ip in | b ip in n| b ip in | b ip in ip inspect name prob2 tcp ip inspect name prob2 udp ip inspect name prob2 h323 ip audit notify log ip audit po max-events 100 ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! --More--  interface FastEthernet0/0 ip address 180.40.7.98 255.255.255.224 ip nat inside duplex auto speed auto ! interface ATM1/0 ip address 192.10.32.14 255.255.255.0 ip access-group 100 in ip nat outside ip inspect prob2 out no atm ilmi-keepalive pvc 0/72 protocol ip 192.10.32.254 broadcast ! ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip nat inside source list IPNAT interface ATM1/0 overload no ip http server ip classless --More--  ! ! ! ip access-list standard IPNAT permit 180.40.7.0 0.0.0.255 permit 17.0.0.0 0.255.255.255 ! access-list 100 permit udp any any eq ntp access-list 100 deny ip any any ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous --More--   R4# RACK14AS>1 [Resuming connection 1 to r1 ... ] R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#pri R1(config)#pri  R1(config)#priv R1(config)#privilege ? aaa-user AAA user definition accept-dialin VPDN group accept dialin configuration mode accept-dialout VPDN group accept dialout configuration mode address-family Address Family configuration mode aic Alarm Interface Card configuration mode alps-ascu ALPS ASCU configuration mode alps-circuit ALPS circuit configuration mode bba-group BBA Group configuration mode boomerang Boomerang configuration mode cascustom Cas custom configuration mode cause-code-list Voice Cause Code List configuration mode ces-conn CES connection configuration mode ces-vc CES VC configuration mode cgma_agent CGMA Agent Configuration Mode cm-fallback cm-fallback configuration mode cns-connect-intf-config CNS Connect Intf Info Mode config-rtr-http-rr RTR HTTP raw request Configuration configure Global configuration mode congestion Frame Relay congestion configuration mode controller Controller configuration mode dhcp DHCP pool configuration mode enum_rule enum configuration mode --More--   R1(config)#privilege config R1(config)#privilege configure level ? <0-15> Privilege level R1(config)#privilege configure level 4 ? LINE Initial keywords of the command to modify R1(config)#privilege configure level 4 snmp community R1(config)#privilege configure level 4 snmp community * wr R1(config)#priv R1(config)#privilege exec level 2 confiu g t R1(config)#privilege exec level 2 config t  R1(config)#privilege exec level 2 config term R1(config)#privilege exec level 2 config term     ure term R1(config)#privilege exec level 2 configure term R1(config)#privilege exec level 2 configure term              shou w run R1(config)#privilege exec level 2 show run run  run  R1(config)#user R1(config)#username JoeUser pri R1(config)#username JoeUser privilege 2 3 2 2 R1(config)#username JoeUser privilege 2privilege exec level 2 sh runow runconfigure term term  tconfigure level 4 snmp community * wr  snmp community 2 snmp community R1(config)#privilege configure level 2 snmp communityusername JoeUser privilege 2 privilege exec level 2 sh runow runconfigure term term  tconfigure level 4 snmp community * wr 4 s4 snmp community * wr snmp community * wr 2 snmp community * wr R1(config)#line vty 0 4 R1(config-line)#login loca R1(config-line)#exit R1(config)#user jb priv R1(config)#user jb privilege 15 R1(config)# RACK14AS>5 [Resuming connection 5 to r5 ... ] S5#17.57.100.1 Trying 17.57.100.1 ... Open User Access Verification Username: JoeUser Password: R1# R1# R1# R1# R1#? Exec commands: <1-99> Session number to resume access-enable Create a temporary Access-List entry access-profile Apply user-profile to interface clear Reset functions configure Enter configuration mode connect Open a terminal connection disable Turn off privileged commands disconnect Disconnect an existing network connection enable Turn on privileged commands exit Exit from the EXEC help Description of the interactive help system lock Lock the terminal login Log in as a particular user logout Exit from the EXEC modemui Start a modem-like user interface mrinfo Request neighbor and version information from a multicast router mstat Show statistics after multiple multicast traceroutes mtrace Trace reverse multicast path from destination to source name-connection Name an existing network connection pad Open a X.29 PAD connection --More--   R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#? Configure commands: atm Enable ATM SLM Statistics call Configure Call parameters default Set a command to its defaults end Exit from configure mode exit Exit from configure mode help Description of the interactive help system no Negate a command or set its defaults snmp Modify non engine SNMP parameters R1(config)#snmn p ? % Unrecognized command R1(config)#snmp     snmp community A snmp community snmp community ? % Unrecognized command R1(config)#snmp community ^ % Invalid input detected at '^' marker. R1(config)#^Z R1#q [Connection to 17.57.100.1 closed by foreign host] S5#17.57.100.1 Trying 17.57.100.1 ... Open User Access Verification Username: jb Password: R1# R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#sn? sna snmp snmp-server R1(config)#sn   R1(config)#snm R1(config)#snmp ? ifmib mib MIB commands R1(config)#snmp      p  RACK14AS>1 [Resuming connection 1 to r1 ... ] *Ma R1(config)#user jb privilege 15exit login locaine vty 0 4privilege configure level 2 snmp community * wr- community * wrs community * wre community * wrr community * wrv community * wre community * wrr community * wr R1(config)#privilege configure level 2 snmp-server community * wr      R1(config)# RACK14AS>5 [Resuming connection 5 to r5 ... ] R1(config)#q ^Z R1#q [Connection to 17.57.100.1 closed by foreign host] S5#17.57.100.1 Trying 17.57.100.1 ... Open User Access Verification Username: Je oeUser Password: R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#/ >? % Unrecognized command R1(config)#> ? Configure commands: atm Enable ATM SLM Statistics call Configure Call parameters default Set a command to its defaults end Exit from configure mode exit Exit from configure mode help Description of the interactive help system no Negate a command or set its defaults snmp Modify non engine SNMP parameters snmp-server Modify SNMP engine parameters R1(config)#snm R1(config)#snmp- R1(config)#snmp-server ? community Enable SNMP; set community string and access privs R1(config)#snmp-server com R1(config)#snmp-server community ? WORD SNMP community string R1(config)#snmp-server community test ? <1-99> Std IP accesslist allowing access with this community string <1300-1999> Expanded IP accesslist allowing access with this community string R1(config)#snmp-server community test R1(config)#snmp-server community test ? <1-99> Std IP accesslist allowing access with this community string <1300-1999> Expanded IP accesslist allowing access with this community string R1(config)#snmp-server community test                            ^Z R1#sh run Building configuration... Current configuration : 47 bytes ! ! ! ! ! snmp-server community test RO ! end R1# R1# R1# R1# R1# R1# R1#q [Connection to 17.57.100.1 closed by foreign host] S5# RACK14AS>1 [Resuming connection 1 to r1 ... ] *Mar R1(config)#^Z R1#sh run | *Mar 1 00:32:09.218: %SYS-5-CONFIG_I: Configured from console by console R1#sh run | b user username JoeUser privilege 2 username jb privilege 15 memory-size iomem 10 ip subnet-zero ! ! no ip domain lookup ! mpls ldp logging neighbor-changes ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 --More--  ! ! ! ! interface Ethernet0/0 ip address 17.57.100.1 255.255.255.0 half-duplex ! interface Serial0/0 no ip address encapsulation frame-relay ! interface Serial0/0.1 point-to-point ip address 180.40.7.34 255.255.255.224 ip ospf network point-to-multipoint frame-relay interface-dlci 103 ! interface Ethernet0/1 no ip address shutdown half-duplex ! interface Serial0/1 --More--   no ip address shutdown ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server ip classless ! ! ! ! ! snmp-server community test RO snmp-server enable traps tty call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! --More--  ! ! privilege configure level 2 snmp privilege configure level 2 snmp-server community privilege configure level 2 snmp-server privilege exec level 2 configure terminal privilege exec level 2 configure privilege exec level 2 show running-config privilege exec level 2 show ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 privilege level 15 login local ! ! end R1# R1# RACK14AS>2 [Resuming connection 2 to r2 ... ] R2#config t Enter configuration commands, one per line. End with CNTL/Z. R2(config)#tim R2(config)#time-range ? WORD Time range name R2(config)#time-range prob4 R2(config-time-range)#per R2(config-time-range)#periodic ? Friday Friday Monday Monday Saturday Saturday Sunday Sunday Thursday Thursday Tuesday Tuesday Wednesday Wednesday daily Every day of the week weekdays Monday thru Friday weekend Saturday and Sunday R2(config-time-range)#periodic dai R2(config-time-range)#periodic daily ? hh:mm Starting time R2(config-time-range)#periodic daily 07:00 to ? hh:mm Ending time - stays valid until beginning of next minute R2(config-time-range)#periodic daily 07:00 to 20:00 ? R2(config-time-range)#periodic daily 07:00 to 20:00 R2(config-time-range)#exit R2(config)#access-list 100 per ip any any tim R2(config)#access-list 100 per ip any any time-range prob4 R2(config)#line vty 0 43  R2(config-line)#acc R2(config-line)#access-class 100 in R2(config-line)#^Z R2# *Mar 1 00:33:36.192: %SYS-5-CONFIG_I: Configured from console by console R2#sh access R2#sh access-li R2#sh access-lists Extended IP access list 100 10 permit ip any any time-range prob4 (inactive) R2#sh clock *00:33:51.590 UTC Mon Mar 1 1993 R2#config t'     ig t Enter configuration commands, one per line. End with CNTL/Z. R2(config)#ntp serv 180.40.7.98 R2(config)#^Z R2# *Mar 1 00:34:09.311: %SYS-5-CONFIG_I: Configured from console by console R2#sh clock 19:13:31.597 UTC Fri Nov 11 2005 R2#sh clockconfig tsh clockaccess-lists Extended IP access list 100 10 permit ip any any time-range prob4 (active) R2# R2# R2# R2# R2# R2#sh run | b tim R2#sh run | b time service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! logging queue-limit 100 ! memory-size iomem 10 ip subnet-zero ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 mpls ldp logging neighbor-changes ! ! ! ! ! ! --More--  ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 ip address 17.57.101.1 255.255.255.0 duplex auto speed auto ! interface BRI0/0 no ip address shutdown --More--  ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial1/0 no ip address encapsulation frame-relay ! interface Serial1/0.1 multipoint ip address 180.40.7.35 255.255.255.224 ip ospf network point-to-multipoint frame-relay interface-dlci 203 ! interface Serial1/1 no ip address shutdown ! interface Serial1/2 ip address 180.40.7.2 255.255.255.224 clockrate 64000 --More--  ! interface Serial1/3 no ip address shutdown ! interface Serial1/4 no ip address shutdown ! interface Serial1/5 no ip address shutdown ! interface Serial1/6 no ip address shutdown ! interface Serial1/7 no ip address shutdown ! router ospf 1 log-adjacency-changes --More--   network 0.0.0.0 255.255.255.255 area 0 ! no ip http server no ip http secure-server ip classless ! ! ! access-list 100 permit ip any any time-range prob4 ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! --More--  ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 access-class 100 in privilege level 15 no login ! ntp server 180.40.7.98 time-range prob4 periodic daily 7:00 to 20:00 ! ! end R2# R2# RACK14AS>4 [Resuming connection 4 to r4 ... ] R4#config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#ip access-lui  ist ? extended Extended Access List log-update Control access list log updates logging Control access list logging resequence Resequence Access List standard Standard Access List R4(config)#ip access-list ex R4(config)#ip access-list extended prob5 out ^ % Invalid input detected at '^' marker. R4(config)#ip access-list extended prob5 outout  R4(config-ext-nacl)#ip    per ip any any ? dscp Match packets with given dscp value fragments Check non-initial fragments log Log matches against this entry log-input Log matches against this entry, including input interface precedence Match packets with given precedence value reflect Create reflexive access list entry time-range Specify a time-range tos Match packets with given TOS value R4(config-ext-nacl)#per ip any any ref R4(config-ext-nacl)#per ip any any reflect ? WORD Access-list name R4(config-ext-nacl)#per ip any any reflect Prob5 R4(config-ext-nacl)#exit R4(config)#exitper ip any any reflect Prob5ip access-list extended prob5out   in R4(config-ext-nacl)#per udp any any eq ntp R4(config-ext-nacl)#per   ev R4(config-ext-nacl)#evaluate ? WORD IP reflexive access list name R4(config-ext-nacl)#evaluate Prob5 R4(config-ext-nacl)#den ip any any R4(config-ext-nacl)#int atm 1/0 R4(config-if)#do sh run int atm 1/0 Building configuration... Current configuration : 200 bytes ! interface ATM1/0 ip address 192.10.32.14 255.255.255.0 ip access-group 100 in ip nat outside ip inspect prob2 out no atm ilmi-keepalive pvc 0/72 protocol ip 192.10.32.254 broadcast ! end R4(config-if)#no ip inspect prob2 out R4(config-if)#ip access R4(config-if)#ip access-group prob5in % Incomplete command. R4(config-if)#ip access-group prob5in in R4(config-if)#ip access-group prob5in in   out out R4(config-if)#^Z R4# Nov 11 19:19:25.246: %SYS-5-CONFIG_I: Configured from console by console R4# RACK14AS>3 [Resuming connection 3 to r3 ... ] R3#telnet 192.10.32.254 Trying 192.10.32.254 ... Open CR1> RACK14AS>4 [Resuming connection 4 to r4 ... ] R4#sh access % Ambiguous command: "sh access" R4#sh access-list Standard IP access list IPNAT 10 permit 180.40.7.0, wildcard bits 0.0.0.255 (2 matches) 20 permit 17.0.0.0, wildcard bits 0.255.255.255 Extended IP access list 100 10 permit udp any any eq ntp (40 matches) 20 deny ip any any (10 matches) Reflexive IP access list Prob5 permit tcp host 192.10.32.254 eq telnet host 192.10.32.14 eq 11001 (18 matches) (time left 291) Extended IP access list prob5in 10 permit udp any any eq ntp 20 evaluate Prob5 30 deny ip any any Extended IP access list prob5out 10 permit ip any any reflect Prob5 R4#sh run | b inet  terface A interface ATM1/0 ip address 192.10.32.14 255.255.255.0 ip access-group prob5in in ip access-group prob5out out ip nat outside no atm ilmi-keepalive pvc 0/72 protocol ip 192.10.32.254 broadcast ! ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip nat inside source list IPNAT interface ATM1/0 overload no ip http server ip classless ! ! ! ip access-list standard IPNAT permit 180.40.7.0 0.0.0.255 permit 17.0.0.0 0.255.255.255 --More--  ! ip access-list extended prob5in permit udp any any eq ntp evaluate Prob5 deny ip any any ip access-list extended prob5out permit ip any any reflect Prob5 ! access-list 100 permit udp any any eq ntp access-list 100 deny ip any any ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 --More--   R4#sh trun      run int atm % Incomplete command. R4#sh run int atm   atm 1/0 Building configuration... Current configuration : 212 bytes ! interface ATM1/0 ip address 192.10.32.14 255.255.255.0 ip access-group prob5in in ip access-group prob5out out ip nat outside no atm ilmi-keepalive pvc 0/72 protocol ip 192.10.32.254 broadcast ! end R4# R4# RACK14AS>1 [Resuming connection 1 to r1 ... ] R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#tac R1(config)#tacacs-server 17.57.100.99 ? % Unrecognized command R1(config)#tacacs-server 17.57.100.99                ? administration Start tacacs+ deamon handling administrative messages directed-request Allow user to specify tacacs server to use with `@server' dns-alias-lookup Enable IP Domain Name System Alias lookup for TACACS servers extended Enable extended TACACS host Specify a TACACS server key Set TACACS+ encryption key. last-resort Define TACACS action if no server responds optional-passwords The first TACACS request can be made without password verification packet Modify TACACS+ packet options retransmit Search iterations of the TACACS server list timeout Time to wait for a TACACS server to reply R1(config)#tacacs-server hj ost ? Hostname or A.B.C.D IP address of TACACS server R1(config)#tacacs-server host 17.57.100.99b  ? R1(config)#tacacs-server host 17.57.100.99 R1(config)#tacacs-server host 17.57.100.99                   key ? LINE Encryption key string R1(config)#tacacs-server key MyKe R1(config)#tacacs-server key MyKey R1(config)#aaa new R1(config)#aaa new-model R1(config)#aaa authenc R1(config)#aaa authenc  R1(config)#aaa authentication ? arap Set authentication lists for arap. attempts Set the maximum number of authentication attempts banner Message to use when starting login/authentication. enable Set authentication list for enable. fail-message Message to use for failed login/authentication. login Set authentication lists for logins. password-prompt Text to use when prompting for a password ppp Set authentication lists for ppp. username-prompt Text to use when prompting for a username R1(config)#aaa authentication login ? WORD Named authentication list. default The default authentication list. R1(config)#aaa authentication login prob6 ? enable Use enable password for authentication. group Use Server-group krb5 Use Kerberos 5 authentication. krb5-telnet Allow logins only if already authenticated via Kerberos V Telnet. line Use line password for authentication. local Use local username authentication. local-case Use case-sensitive local username authentication. none NO authentication. R1(config)#aaa authentication login prob6 grou ? radius Use list of all Radius hosts. tacacs+ Use list of all Tacacs+ hosts. R1(config)#aaa authentication login prob6 grou > ta R1(config)#aaa authentication login prob6 grou tacacs+ ? enable Use enable password for authentication. group Use Server-group krb5 Use Kerberos 5 authentication. line Use line password for authentication. local Use local username authentication. local-case Use case-sensitive local username authentication. none NO authentication. R1(config)#aaa authentication login prob6 grou tacacs+ local ? enable Use enable password for authentication. group Use Server-group krb5 Use Kerberos 5 authentication. line Use line password for authentication. none NO authentication. R1(config)#aaa authentication login prob6 grou tacacs+ local R1(config)#linbt    e vty 0 4 R1(config-line)#login ? authentication Authentication parameters. R1(config-line)#login auth R1(config-line)#login authentication ? WORD Use an authentication list with this name. default Use the default authentication list. R1(config-line)#login authentication prob6 ? R1(config-line)#login authentication prob6   R1(config-line)#^Z R1# RACK14AS>5 [Resuming connection 5 to r5 ... ] S5#17.57.100.1 Trying 17.57.100.1 ... Open Username: jb Password: R1# RACK14AS>1 [Resuming connection 1 to r1 ... ] *Mar R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#aa   R1(config)#aaa R1(config)#aaa authen R1(config)#aaa authentication ? arap Set authentication lists for arap. attempts Set the maximum number of authentication attempts banner Message to use when starting login/authentication. enable Set authentication list for enable. fail-message Message to use for failed login/authentication. login Set authentication lists for logins. password-prompt Text to use when prompting for a password ppp Set authentication lists for ppp. username-prompt Text to use when prompting for a username R1(config)#aaa authentication us R1(config)#aaa authentication username-prompt ? WORD Text of prompt R1(config)#aaa authentication username-prompt CCIE_User: R1(config)#aaa authen pas R1(config)#aaa authen password-prompt CCIE_Passwordd:  "  R1(config)# RACK14AS>5 [Resuming connection 5 to r5 ... ] R1#q [Connection to 17.57.100.1 closed by foreign host] S5#17.57.100.1 Trying 17.57.100.1 ... Open CCIE_User:JB CCIE_Password R1# RACK14AS> [Resuming connection 5 to r5 ... ] R1#q [Connection to 17.57.100.1 closed by foreign host] S5# RACK14AS>1 [Resuming connection 1 to r1 ... ] *Ma R1(config)#^Z R1#sh run *Mar 1 00:49:13.777: %SYS-5-CONFIG_I: Configured from console by console R1#sh run | b aaa aaa new-model ! ! aaa authentication password-prompt CCIE_Password aaa authentication username-prompt CCIE_User: aaa authentication login prob6 group tacacs+ local aaa session-id common ip subnet-zero ! ! no ip domain lookup ! mpls ldp logging neighbor-changes ! ! ! ! ! ! ! ! ! no voice hpi capture buffer --More--   R1#sh run | nb  b line vty line vty 0 4 privilege level 15 login authentication prob6 ! ! end R1# R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#bann motd ^C Enter TEXT message. End with the character '^C'. Private Keep Out Yo Momma ^C R1(config)#^Z R1# *Mar 1 00:50:37.407: %SYS-5-CONFIG_I: Configured from console by console R1# RACK14AS>5 [Resuming connection 5 to r5 ... ] S5#17.57.100.1 Trying 17.57.100.1 ... Open Private Keep Out Yo Momma CCIE_User: RACK14AS>1 [Resuming connection 1 to r1 ... ] *Mar R1#sh run | b bas nn banner motd ^C Private Keep Out Yo Momma ^C privilege configure level 2 snmp privilege configure level 2 snmp-server community privilege configure level 2 snmp-server privilege exec level 2 configure terminal privilege exec level 2 configure privilege exec level 2 show running-config privilege exec level 2 show ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 privilege level 15 login authentication prob6 --More--