=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2005.08.26 09:34:38 =~=~=~=~=~=~=~=~=~=~=~= config t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#ip access-list ex R3(config)#ip access-list extended Prob9 R3(config-ext-nacl)#permit ospf host 180.40.7.130 h any any R3(config-ext-nacl)#prmit ermit tcp host any host 180.40.7.129 eq tel R3(config-ext-nacl)#permit tcp any host 180.40.7.129 eq telnet R3(config-ext-nacl)#permit d R3(config-ext-nacl)#d? default deny dynamic R3(config-ext-nacl)#dy R3(config-ext-nacl)#dynamic ? WORD Name of a Dynamic list R3(config-ext-nacl)#dynamic PaulsDynamic ? deny Specify packets to reject exit Exit from access-list configuration mode permit Specify packets to forward timeout Maximum time for dynamic ACL to live R3(config-ext-nacl)#dynamic PaulsDynamic permit ? <0-255> An IP protocol number ahp Authentication Header Protocol eigrp Cisco's EIGRP routing protocol esp Encapsulation Security Payload gre Cisco's GRE tunneling icmp Internet Control Message Protocol igmp Internet Gateway Message Protocol ip Any Internet Protocol ipinip IP in IP tunneling nos KA9Q NOS compatible IP over IP tunneling ospf OSPF routing protocol pcp Payload Compression Protocol pim Protocol Independent Multicast tcp Transmission Control Protocol udp User Datagram Protocol R3(config-ext-nacl)#dynamic PaulsDynamic permit ip any any ? dscp Match packets with given dscp value fragments Check non-initial fragments log Log matches against this entry log-input Log matches against this entry, including input interface precedence Match packets with given precedence value time-range Specify a time-range tos Match packets with given TOS value R3(config-ext-nacl)#dynamic PaulsDynamic permit ip any any R3(config-ext-nacl)#deny ip any nay l any log R3(config-ext-nacl)#^Z R3# *Mar 1 00:49:01.722: %SYS-5-CONFIG_I: Configured from console by console R3#debyg ug ip pakcet cket det R3#debug ip packet detail IP packet debugging is on (detailed) R3# *Mar 1 00:49:40.569: IP: s=180.40.7.35 (Serial1/0), d=224.0.0.5, len 80, rcvd 0, proto=89 R3# *Mar 1 00:49:41.875: IP: s=180.40.7.2 (Serial1/2), d=224.0.0.5, len 80, rcvd 0, proto=89 *Mar 1 00:49:42.216: IP: s=180.40.7.130 (FastEthernet0/1), d=224.0.0.5, len 68, rcvd 0, proto=89 *Mar 1 00:49:42.440: IP: s=180.40.7.3 (local), d=224.0.0.5 (Serial1/2), len 80, sending broad/multicast, proto=89 R3# *Mar 1 00:49:43.859: IP: s=180.40.7.129 (local), d=224.0.0.5 (FastEthernet0/1), len 80, sending broad/multicast, proto=89 R3#un all All possible debugging has been turned off R3#config t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#inter fast 0/1 R3(config-if)#ip acc R3(config-if)#ip acce R3(config-if)#ip access-group Prob9 ino R3(config-if)#username George pas R3(config-if)#username George pass R3(config-if)#username George password bosco R3(config)#line vty 0 1 R3(config-line)#ling ogin local R3(config-line)#aut R3(config-line)#autocom R3(config-line)#autocommand acc R3(config-line)#autocommand acces R3(config-line)#autocommand acces-ena senable ^Z R3#acce R3#access- *Mar 1 00:52:26.401: %SYS-5-CONFIG_I: Configured from console by console R3#access-en R3#access-enable ? host Enable a specific host only timeout Maximum idle time to expire this entry R3#access-enable host ? timeout Maximum idle time to expire this entry R3#access-enable host tie me R3#access-enable host timeout 2 Command allowed from VTY connections only R3#confi t g t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#line vty 0 4 2 R3(config-line)#line vty 0 2 1 R3(config-line)#line vty 0 12ogin local R3(config-line)#autocommand access-enable host timeout 2 R3(config-line)#do show run Building configuration... Current configuration : 1838 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! logging queue-limit 100 ! username George password 0 bosco ip subnet-zero ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 mpls ldp logging neighbor-changes ! ! --More-- ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 no ip address shutdown duplex auto --More-- speed auto ! interface BRI0/0 no ip address shutdown ! interface FastEthernet0/1 ip address 180.40.7.129 255.255.255.224 ip access-group Prob9 in duplex auto speed auto ! interface Serial1/0 ip address 180.40.7.33 255.255.255.224 encapsulation frame-relay ip ospf network point-to-multipoint frame-relay map ip 180.40.7.34 301 broadcast frame-relay map ip 180.40.7.35 302 broadcast ! interface Serial1/1 no ip address shutdown ! --More-- interface Serial1/2 ip address 180.40.7.3 255.255.255.224 ! interface Serial1/3 no ip address shutdown ! interface Serial1/4 no ip address shutdown ! interface Serial1/5 no ip address shutdown ! interface Serial1/6 no ip address shutdown ! interface Serial1/7 no ip address shutdown ! --More-- router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server no ip http secure-server ip classless ! ! ! ip access-list extended Prob9 permit ospf any any permit tcp any host 180.40.7.129 eq telnet dynamic PaulsDynamic permit ip any any deny ip any any log ! ! ! call rsvp-sync ! ! mgcp profile default ! --More-- R3(config-line)#ip access-list extended Prob9 R3(config-ext-nacl)#no deny ip any any log R3(config-ext-nacl)#no dynamic PaulsDynamic permit ip any any R3(config-ext-nacl)#dynamic PaulsDynamic permit ip any anylsDynamic tpermit ip any anyipermit ip any anympermit ip any any permit ip any any R3(config-ext-nacl)#dynamic PaulsDynamic tim permit ip any anye permit ip any any permit ip any any2 permit ip any any permit ip any any 6 permit ip any any0 permit ip any any % A Dynamic access list with this name already exists R3(config-ext-nacl)#no dynamic PaulsDynamic permit ip any any R3(config-ext-nacl)#no dynamic PaulsDynamic permit ip any any dyn R3(config-ext-nacl)#dynamic ? WORD Name of a Dynamic list R3(config-ext-nacl)#dynamic PaulsDynma amic ? deny Specify packets to reject exit Exit from access-list configuration mode permit Specify packets to forward timeout Maximum time for dynamic ACL to live R3(config-ext-nacl)#dynamic PaulsDynamic time R3(config-ext-nacl)#dynamic PaulsDynamic timeout ? <1-9999> Maximum time to live R3(config-ext-nacl)#dynamic PaulsDynamic timeout 60 ? deny Specify packets to reject exit Exit from access-list configuration mode permit Specify packets to forward R3(config-ext-nacl)#dynamic PaulsDynamic timeout 60 permit ? <0-255> An IP protocol number ahp Authentication Header Protocol eigrp Cisco's EIGRP routing protocol esp Encapsulation Security Payload gre Cisco's GRE tunneling icmp Internet Control Message Protocol igmp Internet Gateway Message Protocol ip Any Internet Protocol ipinip IP in IP tunneling nos KA9Q NOS compatible IP over IP tunneling ospf OSPF routing protocol pcp Payload Compression Protocol pim Protocol Independent Multicast tcp Transmission Control Protocol udp User Datagram Protocol R3(config-ext-nacl)#dynamic PaulsDynamic timeout 60 permit ip any any % A Dynamic access list with this name already exists R3(config-ext-nacl)#dynamic PaulsDynamic timeout 60 permit ip any any 2 timeout 60 permit ip any any R3(config-ext-nacl)#do show access-list Extended IP access list Prob9 10 permit ospf any any (18 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any R3(config-ext-nacl)#show run ^ % Invalid input detected at '^' marker. R3(config-ext-nacl)#do show run Building configuration... Current configuration : 1815 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! logging queue-limit 100 ! username George password 0 bosco ip subnet-zero ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 mpls ldp logging neighbor-changes ! ! --More-- ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 no ip address shutdown duplex auto --More-- speed auto ! interface BRI0/0 no ip address shutdown ! interface FastEthernet0/1 ip address 180.40.7.129 255.255.255.224 ip access-group Prob9 in duplex auto speed auto ! interface Serial1/0 ip address 180.40.7.33 255.255.255.224 encapsulation frame-relay ip ospf network point-to-multipoint frame-relay map ip 180.40.7.34 301 broadcast frame-relay map ip 180.40.7.35 302 broadcast ! interface Serial1/1 no ip address shutdown ! --More-- interface Serial1/2 ip address 180.40.7.3 255.255.255.224 ! interface Serial1/3 no ip address shutdown ! interface Serial1/4 no ip address shutdown ! interface Serial1/5 no ip address shutdown ! interface Serial1/6 no ip address shutdown ! interface Serial1/7 no ip address shutdown ! --More-- router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server no ip http secure-server ip classless ! ! ! ip access-list extended Prob9 permit ospf any any permit tcp any host 180.40.7.129 eq telnet dynamic PaulsDynamic permit ip any any ! ! ! call rsvp-sync ! ! mgcp profile default ! ! --More-- R3(config-ext-nacl)#exit R3(config)#no ip access-list extended Prob9 R3(config)#ip access-list extended Prob9 R3(config-ext-nacl)# permit ospf any any R3(config-ext-nacl)# permit tcp any host 180.40.7.129 eq telnet R3(config-ext-nacl)#dyn R3(config-ext-nacl)#dynamic PaulsDyname amic2 p tim R3(config-ext-nacl)#dynamic PaulsDynamic timeout 60 permit ip any any R3(config-ext-nacl)#^Z R3# *Mar 1 00:55:25.130: %SYS-5-CONFIG_I: Configured from console by console R3# RACK6AS>4 [Resuming connection 4 to r4 ... ] R4> R4>180.40.7. en R4#config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#tcp syn R4(config)#tcp synw ? % Unrecognized command R4(config)#tcp sy ? % Unrecognized command R4(config)#tcp ip tcp ? async-mobility Configure async-mobility chunk-size TCP chunk size mss TCP initial maximum segment size path-mtu-discovery Enable path-MTU discovery on new TCP connections queuemax Maximum queue of outgoing TCP packets selective-ack Enable TCP selective-ACK synwait-time Set time to wait on new TCP connections timestamp Enable TCP timestamp option window-size TCP window size R4(config)#ip tcp syn R4(config)#ip tcp synwait-time 5 R4(config)#^Z R4# *Mar 1 00:58:08.891: %SYS-5-CONFIG_I: Configured from console by console R4#180.40.7.2 Trying 180.40.7.2 ... % Destination unreachable; gateway or host down R4#180.40.7.129 Trying 180.40.7.129 ... Open User Access Verification Username: George Password: [Connection to 180.40.7.129 closed by foreign host] R4# RACK6AS>3 [Resuming connection 3 to r3 ... ] R3#show access-list Extended IP access list Prob9 10 permit ospf any any (8 matches) 20 permit tcp any host 180.40.7.129 eq telnet (54 matches) 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any R3# RACK6AS>4 [Resuming connection 4 to r4 ... ] R4#180.40.7.1292 Trying 180.40.7.2 ... Open R2# RACK6AS>3 [Resuming connection 3 to r3 ... ] R3#show access-list Extended IP access list Prob9 10 permit ospf any any (13 matches) 20 permit tcp any host 180.40.7.129 eq telnet (54 matches) 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (10 matches) (time left 82) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (14 matches) 20 permit tcp any host 180.40.7.129 eq telnet (54 matches) 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (10 matches) (time left 75) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (14 matches) 20 permit tcp any host 180.40.7.129 eq telnet (54 matches) 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (10 matches) (time left 74) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (14 matches) 20 permit tcp any host 180.40.7.129 eq telnet (54 matches) 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (10 matches) (time left 72) R3# RACK6AS>4 [Resuming connection 4 to r4 ... ] R2# R2# R2# R2# R2# R2# R2# R2# RACK6AS>3 [Resuming connection 3 to r3 ... ] R3#show access-list Extended IP access list Prob9 10 permit ospf any any (15 matches) 20 permit tcp any host 180.40.7.129 eq telnet (54 matches) 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (19 matches) (time left 117) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (18 matches) 20 permit tcp any host 180.40.7.129 eq telnet (54 matches) 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (19 matches) (time left 87) R3#wr t Building configuration... Current configuration : 1826 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! logging queue-limit 100 ! username George password 0 bosco ip subnet-zero ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 mpls ldp logging neighbor-changes ! ! --More-- ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 no ip address shutdown duplex auto --More-- speed auto ! interface BRI0/0 no ip address shutdown ! interface FastEthernet0/1 ip address 180.40.7.129 255.255.255.224 ip access-group Prob9 in duplex auto speed auto ! interface Serial1/0 ip address 180.40.7.33 255.255.255.224 encapsulation frame-relay ip ospf network point-to-multipoint frame-relay map ip 180.40.7.34 301 broadcast frame-relay map ip 180.40.7.35 302 broadcast ! interface Serial1/1 no ip address shutdown ! --More-- interface Serial1/2 ip address 180.40.7.3 255.255.255.224 ! interface Serial1/3 no ip address shutdown ! interface Serial1/4 no ip address shutdown ! interface Serial1/5 no ip address shutdown ! interface Serial1/6 no ip address shutdown ! interface Serial1/7 no ip address shutdown ! --More-- router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server no ip http secure-server ip classless ! ! ! ip access-list extended Prob9 permit ospf any any permit tcp any host 180.40.7.129 eq telnet dynamic PaulsDynamic timeout 60 permit ip any any ! ! ! call rsvp-sync ! ! mgcp profile default ! ! --More-- ! dial-peer cor custom ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 1 privilege level 15 login local autocommand access-enable host timeout 2 line vty 2 4 privilege level 15 no login ! ! end R3#clear ? aaa Clear AAA values access-list Clear access list statistical information access-template Access-template adjacency Adjacent nodes alps Clear Alps appletalk Reset AppleTalk information arp-cache Clear the entire ARP cache backhaul-session-manager Backhaul Session Manager information bgp Clear BGP connections bridge Reset bridge forwarding cache bsc Clear counters in command bstun Clear counters displayed in show bstun call Call cdp Reset cdp information cef CEF information related to linecard clns CLNS counters Clear counters on one or all interfaces crypto Encryption subsystem decnet Reset DECnet information dialer Clear dialer statistics dlsw Data Link Switching (DLSw) drip Clear drip --More-- R3#clear acce R3#clear access-t R3#clear access-template ? <100-199> IP extended access list <2000-2699> IP extended access list (expanded range) R3#clear access-template l R3#clear access-list ? counters Clear access list counters R3#clear access-list co R3#clear access-list counters R3#clear access-list counters wr t show access-list Extended IP access list Prob9 10 permit ospf any any 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (time left 24) R3#clear dyn? % Unrecognized command R3#clear dyn ? % Unrecognized command R3#clear dy show access-list Extended IP access list Prob9 10 permit ospf any any (3 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (time left 3) R3# R3#show access-list Extended IP access list Prob9 10 permit ospf any any (3 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any R3# R3# R3# R3#show access-list Extended IP access list Prob9 10 permit ospf any any (3 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any R3#show access-list Extended IP access list Prob9 10 permit ospf any any (3 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any R3# R3#show access-list Extended IP access list Prob9 10 permit ospf any any (4 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any R3#show access-list Extended IP access list Prob9 10 permit ospf any any (4 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any R3#show access-list Extended IP access list Prob9 10 permit ospf any any (4 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any R3#show access-list Extended IP access list Prob9 10 permit ospf any any (4 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any R3#show access-list Extended IP access list Prob9 10 permit ospf any any (4 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any R3#show access-list Extended IP access list Prob9 10 permit ospf any any (4 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any R3#show access-list Extended IP access list Prob9 10 permit ospf any any (4 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any R3#show access-list Extended IP access list Prob9 10 permit ospf any any (4 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any R3# RACK6AS>4 [Resuming connection 4 to r4 ... ] R2# R2# R2# R2# R2#exit [Connection to 180.40.7.2 closed by foreign host] R4# R4# R4# RACK6AS>3 [Resuming connection 3 to r3 ... ] R3#show access-list Extended IP access list Prob9 10 permit ospf any any (5 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 116) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (6 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 109) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (6 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 108) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (6 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 107) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (6 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 107) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (6 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 106) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (6 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 105) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (13 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 35) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (13 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 34) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (14 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 33) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (14 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 32) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (14 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 31) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (14 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any permit ip host 180.40.7.98 any (14 matches) (time left 30) R3#show access-list Extended IP access list Prob9 10 permit ospf any any (19 matches) 20 permit tcp any host 180.40.7.129 eq telnet 30 Dynamic PaulsDynamic permit ip any any R3# RACK6AS>6 4 [Resuming connection 4 to r4 ... ] R4# R4# R4# R4# R4#exit RACK6AS>2 [Resuming connection 2 to r2 ... ] R2>config t en R2#config t Enter configuration commands, one per line. End with CNTL/Z. R2(config)#ip tcp ? async-mobility Configure async-mobility chunk-size TCP chunk size intercept Enable TCP intercepting mss TCP initial maximum segment size path-mtu-discovery Enable path-MTU discovery on new TCP connections queuemax Maximum queue of outgoing TCP packets selective-ack Enable TCP selective-ACK synwait-time Set time to wait on new TCP connections timestamp Enable TCP timestamp option window-size TCP window size R2(config)#ip tcp in R2(config)#ip tcp intercept ? connection-timeout Specify timeout for connection info drop-mode Specify incomplete connection drop mode finrst-timeout Specify timeout for FIN/RST list Specify access-list to use max-incomplete Specify maximum number of incomplete connections before clamping mode Specify intercepting mode one-minute Specify one-minute-sample watermarks for clamping watch-timeout Specify timeout for incomplete connections in watch mode R2(config)#ip tcp intercept list ? <100-199> Extended access list number for intercept WORD Access list name for intercept R2(config)#ip tcp intercept list Prob10 ? R2(config)#ip tcp intercept list Prob10 R2(config)#ip tcp intercept list Prob10 mo R2(config)#ip tcp intercept mode ? intercept Intercept connections watch Watch connections R2(config)#ip tcp intercept mode inter R2(config)#access-list Prob10 stan R2(config)#access-list Prob10 stan ^ % Invalid input detected at '^' marker. R2(config)#access-list Prob10 stansProb10 stantProb10 stanaProb10 stannProb10 standProb10 stanaProb10 stanrProb10 standProb10 stan Prob10 stanProb10 stan ^ % Invalid input detected at '^' marker. R2(config)#access-list standard Prob10d Prob10iaccess-list standard Prob10paccess-list standard Prob10 access-list standard Prob10 R2(config-std-nacl)#permit 17.57.101.0 0.0.0.255 R2(config-std-nacl)#^Z R2# *Mar 1 01:21:32.383: %SYS-5-CONFIG_I: Configured from console by console R2#show run Building configuration... Current configuration : 1626 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! logging queue-limit 100 ! ip subnet-zero ip tcp intercept list Prob10 ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 mpls ldp logging neighbor-changes ! ! --More-- ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 ip address 17.57.101.1 255.255.255.0 duplex auto speed auto --More-- ! interface BRI0/0 no ip address shutdown ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial1/0 no ip address encapsulation frame-relay ! interface Serial1/0.1 multipoint ip address 180.40.7.35 255.255.255.224 ip ospf network point-to-multipoint frame-relay interface-dlci 203 ! interface Serial1/1 no ip address shutdown --More-- ! interface Serial1/2 ip address 180.40.7.2 255.255.255.224 clockrate 64000 ! interface Serial1/3 no ip address shutdown ! interface Serial1/4 no ip address shutdown ! interface Serial1/5 no ip address shutdown ! interface Serial1/6 no ip address shutdown ! interface Serial1/7 no ip address --More-- shutdown ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server no ip http secure-server ip classless ! ! ! ip access-list standard Prob10 permit 17.57.101.0 0.0.0.255 ! ! ! call rsvp-sync ! ! mgcp profile default ! ! --More-- ! dial-peer cor custom ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 privilege level 15 no login ! ! end R2# RACK6AS>4 [Resuming connection 4 to r4 ... ] R4# R4#config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#ip acce R4(config)#ip access-list ex R4(config)#ip access-list extended Fr irewall R4(config-ext-nacl)#deny ev R4(config-ext-nacl)#evaluate re R4(config-ext-nacl)#evaluate re ? WORD IP reflexive access list name R4(config-ext-nacl)#evaluate PaulsReflex R4(config-ext-nacl)#deny R4(config-ext-nacl)#deny ip any nay l any log R4(config-ext-nacl)#deny ip any any logevaluate PaulsReflexip access-list extended Firewall Outbound R4(config-ext-nacl)#permit ip an y an a y any ? dscp Match packets with given dscp value fragments Check non-initial fragments log Log matches against this entry log-input Log matches against this entry, including input interface precedence Match packets with given precedence value reflect Create reflexive access list entry time-range Specify a time-range tos Match packets with given TOS value R4(config-ext-nacl)#permit ip any any re R4(config-ext-nacl)#permit ip any any reflect Paulsre Reflex R4(config-ext-nacl)#inter atm1 1/0 R4(config-if)#ip acce R4(config-if)#ip access-group Firl ewall in R4(config-if)#ip access-group Firewall in Outbound u out R4(config-if)#^Z R4#show run Building configuration... Current configuration : 1319 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R4 ! logging queue-limit 100 ! ip subnet-zero ip tcp synwait-time 5 ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 ! ! ! --More-- *Mar 1 01:59:13.595: %SYS-5-CONFIG_I: Configured from console by console --More-- ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 ip address 180.40.7.98 255.255.255.224 ip nat inside duplex auto speed auto ! interface ATM1/0 ip address 192.10.32.6 255.255.255.0 --More-- ip access-group Firewall in ip access-group Outbound out ip nat outside no atm ilmi-keepalive pvc 0/72 protocol ip 192.10.32.254 broadcast ! ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip nat inside source list IPNAT interface ATM1/0 overload no ip http server ip classless ! ! ! ip access-list standard IPNAT permit 180.40.7.0 0.0.0.255 permit 17.0.0.0 0.255.255.255 ! ip access-list extended Firewall --More-- evaluate PaulsReflex deny ip any any log ip access-list extended Outbound permit ip any any reflect PaulsReflex ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 privilege level 15 no login --More-- ! ! end R4# config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#ip ctp ty cp syn R4(config)#ip tcp synwait-time % Incomplete command. R4(config)#ip tcp synwait-time 5 R4(config)#^Z R4# *Mar 1 01:59:50.023: %SYS-5-CONFIG_I: Configured from console by console R4#192.10.32.254 Trying 192.10.32.254 ... *Mar 1 01:59:53.823: %SEC-6-IPACCESSLOGP: list Firewall denied tcp 192.10.32.254(23) -> 192.10.32.6(11003), 1 packet % Connection timed out; remote host not responding R4# RACK6AS>6 [Resuming connection 6 to r6 ... ] S6>192.10.32.254 Trying 192.10.32.254 ... Open CR1> CR1> CR1> RACK6AS>4 [Resuming connection 4 to r4 ... ] R4#show access-list Standard IP access list IPNAT 10 permit 180.40.7.0, wildcard bits 0.0.0.255 (1 match) 20 permit 17.0.0.0, wildcard bits 0.255.255.255 Extended IP access list Firewall 10 evaluate PaulsReflex 20 deny ip any any log (2 matches) Extended IP access list Outbound 10 permit ip any any reflect PaulsReflex Reflexive IP access list PaulsReflex permit tcp host 192.10.32.254 eq telnet host 192.10.32.6 eq 11000 (25 matches) (time left 294) R4# R4# R4#wr t Building configuration... Current configuration : 1319 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R4 ! logging queue-limit 100 ! ip subnet-zero ip tcp synwait-time 5 ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 ! ! ! --More-- ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 ip address 180.40.7.98 255.255.255.224 ip nat inside duplex auto speed auto ! interface ATM1/0 ip address 192.10.32.6 255.255.255.0 --More-- ip access-group Firewall in ip access-group Outbound out ip nat outside no atm ilmi-keepalive pvc 0/72 protocol ip 192.10.32.254 broadcast ! ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip nat inside source list IPNAT interface ATM1/0 overload no ip http server ip classless ! ! ! ip access-list standard IPNAT permit 180.40.7.0 0.0.0.255 permit 17.0.0.0 0.255.255.255 ! ip access-list extended Firewall --More-- evaluate PaulsReflex deny ip any any log ip access-list extended Outbound permit ip any any reflect PaulsReflex ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 privilege level 15 no login --More-- ! ! end R4# *Mar 1 02:00:47.663: %SEC-6-IPACCESSLOGP: list Firewall denied tcp 192.10.32.254(49956) -> 192.10.32.6(179), 1 packet R4# RACK6AS>6 [Resuming connection 6 to r6 ... ] CR1> CR1> CR1>exit [Connection to 192.10.32.254 closed by foreign host] S6> S6> S6> S6> S6>it wh as the nest bets st of timesest of times est of times est of times est of times est of times it woa as the worst of times S6>192.10.32.254 RACK6AS>4 [Resuming connection 4 to r4 ... ] * R4#cofn sh sow hw ow run Building configuration... Current configuration : 1319 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R4 ! logging queue-limit 100 ! ip subnet-zero ip tcp synwait-time 5 ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 ! ! ! --More-- ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 ip address 180.40.7.98 255.255.255.224 ip nat inside duplex auto speed auto ! interface ATM1/0 ip address 192.10.32.6 255.255.255.0 --More-- ip access-group Firewall in ip access-group Outbound out ip nat outside no atm ilmi-keepalive pvc 0/72 protocol ip 192.10.32.254 broadcast ! ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip nat inside source list IPNAT interface ATM1/0 overload no ip http server ip classless ! ! ! ip access-list standard IPNAT permit 180.40.7.0 0.0.0.255 permit 17.0.0.0 0.255.255.255 ! ip access-list extended Firewall --More-- evaluate PaulsReflex deny ip any any log ip access-list extended Outbound permit ip any any reflect PaulsReflex ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 privilege level 15 no login --More-- ! ! end R4# q config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#no ip access-list extended Firewall R4(config)#no ip access-list extended Outbound R4(config)#inter atm 1/0 R4(config-if)#no ip access-group Firewall in R4(config-if)#no ip access-group Outbound out R4(config-if)#config exit R4(config)#tim R4(config)#time-range cli o R4(config)#clock ? summer-time Configure summer (daylight savings) time timezone Configure time zone R4(config)#clock time R4(config)#clock timezone ? WORD name of time zone R4(config)#clock timezone edt -5 R4(config)#nti p server 192.10.32.254 R4(config)#do show clock 10:27:25.682 edt Fri Aug 26 2005 R4(config)#do show clock ntp ds status Clock is synchronized, stratum 6, reference is 192.10.32.254 nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**18 reference time is C6B9B365.E1DE7AE2 (10:27:33.882 edt Fri Aug 26 2005) clock offset is -0.0715 msec, root delay is 365.84 msec root dispersion is 151.55 msec, peer dispersion is 0.20 msec R4(config)#do show ntp statusclock ntp server 192.10.32.254clock timezone edt -5 4 R4(config)#clock timezone edt -4do show ntp status clock 11:28:04.945 edt Fri Aug 26 2005 R4(config)#do show clockclock timezone edt -4do show ntp status Clock is synchronized, stratum 6, reference is 192.10.32.254 nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**18 reference time is C6B9B36A.D7F31B9E (11:27:38.843 edt Fri Aug 26 2005) clock offset is -0.1101 msec, root delay is 365.88 msec root dispersion is 152.68 msec, peer dispersion is 0.20 msec R4(config)#ntp authen R4(config)#ntp authenticati R4(config)#ntp authentication-key 1 md R4(config)#ntp authentication-key 1 md5 MyTime R4(config)#ntp authen R4(config)#ntp authenticate R4(config)#ntp authenticate R4(config)#^Z R4# RACK6AS>c 3 [Resuming connection 3 to r3 ... ] R3# R3#config t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#ntp server R3(config)#ntp server 180.40.7.8 98 ? key Configure peer authentication key prefer Prefer this peer when possible source Interface for source address version Configure NTP version R3(config)#ntp server 180.40.7.98 key 1 m ntp authe R3(config)#ntp authenticati R3(config)#ntp authentication-key 1 md R3(config)#ntp authentication-key 1 md5 MyTime R3(config)#ntp authen R3(config)#ntp authenticat % Ambiguous command: "ntp authenticat" R3(config)#ntp authenticate R3(config)#ntp server R3(config)#ntp server 180.40.7.98 ? key Configure peer authentication key prefer Prefer this peer when possible source Interface for source address version Configure NTP version R3(config)#ntp server 180.40.7.98 key 1 ? prefer Prefer this peer when possible source Interface for source address version Configure NTP version R3(config)#ntp server 180.40.7.98 key 1 RACK6AS>3 [Resuming connection 3 to r3 ... ] R3(config)# R3(config)# R3(config)#inter afst 0 fas t0/1 t 0/1 R3(config-if)#show run inter fast 0/1 ^ % Invalid input detected at '^' marker. R3(config-if)#show run inter fast 0/1nshow run inter fast 0/1oshow run inter fast 0/1 show run inter fast 0/1show run inter fast 0/1 show run inter fast 0/1 show run inter fast 0/1 dshow run inter fast 0/1oshow run inter fast 0/1 show run inter fast 0/1 Building configuration... Current configuration : 125 bytes ! interface FastEthernet0/1 ip address 180.40.7.129 255.255.255.224 ip access-group Prob9 in duplex auto speed auto end R3(config-if)#no ip access-group Prob9 in R3(config-if)#^Z R3# *Mar 1 02:43:19.564: %SYS-5-CONFIG_I: Configured from console by console R3#show ntp status Clock is unsynchronized, stratum 16, no reference clock nominal freq is 249.5901 Hz, actual freq is 249.5901 Hz, precision is 2**18 reference time is 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1900) clock offset is 0.0000 msec, root delay is 0.00 msec root dispersion is 0.00 msec, peer dispersion is 0.00 msec R3#show run Building configuration... Current configuration : 1892 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! logging queue-limit 100 ! username George password 0 bosco ip subnet-zero ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 mpls ldp logging neighbor-changes ! ! --More-- ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 no ip address shutdown duplex auto --More-- speed auto ! interface BRI0/0 no ip address shutdown ! interface FastEthernet0/1 ip address 180.40.7.129 255.255.255.224 duplex auto speed auto ! interface Serial1/0 ip address 180.40.7.33 255.255.255.224 encapsulation frame-relay ip ospf network point-to-multipoint frame-relay map ip 180.40.7.34 301 broadcast frame-relay map ip 180.40.7.35 302 broadcast ! interface Serial1/1 no ip address shutdown ! interface Serial1/2 --More-- ip address 180.40.7.3 255.255.255.224 ! interface Serial1/3 no ip address shutdown ! interface Serial1/4 no ip address shutdown ! interface Serial1/5 no ip address shutdown ! interface Serial1/6 no ip address shutdown ! interface Serial1/7 no ip address shutdown ! router ospf 1 --More-- log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server no ip http secure-server ip classless ! ! ! ip access-list extended Prob9 permit ospf any any permit tcp any host 180.40.7.129 eq telnet dynamic PaulsDynamic timeout 60 permit ip any any ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! --More-- dial-peer cor custom ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 1 privilege level 15 login local autocommand access-enable host timeout 2 line vty 2 4 privilege level 15 no login ! ntp authentication-key 1 md5 13280E26020101 7 ntp authenticate ntp server 180.40.7.98 key 1 ! end --More-- R3#config t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#clock time R3(config)#clock timezone edt -4 R3(config)#no ntp server 180.40.7.98 key 1 R3(config)#ntp server 180.40.7.98 key 1 R3(config)#clock sum R3(config)#clock summer-time ? WORD name of time zone in summer R3(config)#clock summer-time edt ? date Configure absolute summer time recurring Configure recurring summer time R3(config)#clock summer-time edt ^Z R3#sho w w l *Mar 1 02:44:16.425: %SYS-5-CONFIG_I: Configured from console by console R3#show l nt ntp status Clock is unsynchronized, stratum 16, no reference clock nominal freq is 249.5901 Hz, actual freq is 249.5901 Hz, precision is 2**18 reference time is 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) clock offset is 0.0000 msec, root delay is 0.00 msec root dispersion is 0.00 msec, peer dispersion is 0.00 msec R3#debug ntp ? adjust NTP clock adjustments authentication NTP authentication events NTP events loopfilter NTP loop filter packets NTP packets params NTP clock parameters refclock NTP reference clocks select NTP clock selection sync NTP clock synchronization validity NTP peer clock validity R3#debug ntp events NTP events debugging is on R3#debug ntp events packet NTP packets debugging is on R3#debug ntp packet authen R3#debug ntp authentication NTP authentication debugging is on R3# RACK6AS>4 [Resuming connection 4 to r4 ... ] Aug 26 R4#show clock 11:33:30.613 edt Fri Aug 26 2005 R4# RACK6AS>3 [Resuming connection 3 to r3 ... ] *M R3# R3#show ntp status Clock is unsynchronized, stratum 16, no reference clock nominal freq is 249.5901 Hz, actual freq is 249.5901 Hz, precision is 2**18 reference time is 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) clock offset is 0.0000 msec, root delay is 0.00 msec root dispersion is 0.00 msec, peer dispersion is 0.00 msec R3#show run | include ntp ntp authentication-key 1 md5 13280E26020101 7 ntp authenticate ntp server 180.40.7.98 key 1 R3#config t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#no ntp server 180.40.7.98 key 1 R3(config)#ntp server 180.40.7.98 key 1 R3(config)#pg ing *Mar 1 02:46:23.918: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:23.918: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:23.918: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:23.918: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:23.918: org 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:23.918: rec 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:23.918: xmt AF3BF77F.EB311983 (22:46:23.918 edt Sun Feb 28 1993) *Mar 1 02:46:23.922: Authentication key 1 *Mar 1 02:46:23.922: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: R3(config)#ping *Mar 1 02:46:23.922: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:23.922: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:23.922: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:23.922: org AF3BF77F.EB311983 (22:46:23.918 edt Sun Feb 28 1993) *Mar 1 02:46:23.926: rec C6B9B50D.86F7EA07 (11:34:37.527 edt Fri Aug 26 2005) *Mar 1 02:46:23.926: xmt C6B9B50D.8714F253 (11:34:37.527 edt Fri Aug 26 2005) *Mar 1 02:46:23.926: inp AF3BF77F.EC8175A5 (22:46:23.923 edt Sun Feb 28 1993) *Mar 1 02:46:23.926: Authentication key 1 *Mar 1 02:46:24.919: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:24.919: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:24.919: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:24.919: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:24.919: org C6B9B50D.8714F253 (11:34:37.527 edt Fri Aug 26 2005) *Mar 1 02:46:24.919: rec AF3BF77F.EC8175A5 (22:46:23.923 edt Sun Feb 28 1993) *Mar 1 02:46:24.919: xmt AF3BF780.EB9F4A5A (22:46:24.920 edt Sun Feb 28 1993) *Mar 1 02:46:24.923: Authentication key 1 *Mar 1 02:46:24.923: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:24.923: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:24.923: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:24.923: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:24.923: org AF3BF780.EB9F4A5A (22:46:24.920 edt Sun Feb 28 1993) *Mar 1 02:46:24.927: rec C6B9B50E.875BD6CB (11:34:38.528 edt Fri Aug 26 2005) *Mar 1 02:46:24.927: xmt C6B9B50E.8778BA2F (11:34:38.529 edt Fri Aug 26 2005) *Mar 1 02:46:24.927: inp AF3BF780.ECEECA19 (22:46:24.925 edt Sun Feb 28 1993) *Mar 1 02:46:24.927: Authentication key 1 *Mar 1 02:46:25.921: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:25.921: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:25.921: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:25.921: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:25.921: org C6B9B50E.8778BA2F (11:34:38.529 edt Fri Aug 26 2005) *Mar 1 02:46:25.921: rec AF3BF780.ECEECA19 (22:46:24.925 edt Sun Feb 28 1993) *Mar 1 02:46:25.921: xmt AF3BF781.EBFFB4F3 (22:46:25.921 edt Sun Feb 28 1993) *Mar 1 02:46:25.925: Authentication key 1 *Mar 1 02:46:25.925: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:25.925: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:25.925: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:25.925: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:25.925: org AF3BF781.EBFFB4F3 (22:46:25.921 edt Sun Feb 28 1993) *Mar 1 02:46:25.925: rec C6B9B50F.87C572F1 (11:34:39.530 edt Fri Aug 26 2005) *Mar 1 02:46:25.929: xmt C6B9B50F.87E2A4C2 (11:34:39.530 edt Fri Aug 26 2005) *Mar 1 02:46:25.929: inp AF3BF781.ED4D7BEA (22:46:25.926 edt Sun Feb 28 1993) *Mar 1 02:46:25.929: Authentication key 1 *Mar 1 02:46:26.919: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:26.919: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:26.919: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:26.919: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:26.919: org C6B9B50F.87E2A4C2 (11:34:39.530 edt Fri Aug 26 2005) *Mar 1 02:46:26.919: rec AF3BF781.ED4D7BEA (22:46:25.926 edt Sun Feb 28 1993) *Mar 1 02:46:26.919: xmt AF3BF782.EB6D5979 (22:46:26.919 edt Sun Feb 28 1993) *Mar 1 02:46:26.923: Authentication key 1 *Mar 1 02:46:26.923: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:26.923: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:26.923: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:26.923: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:26.923: org AF3BF782.EB6D5979 (22:46:26.919 edt Sun Feb 28 1993) *Mar 1 02:46:26.927: rec C6B9B510.8728A1CB (11:34:40.527 edt Fri Aug 26 2005) *Mar 1 02:46:26.927: xmt C6B9B510.8745B717 (11:34:40.528 edt Fri Aug 26 2005) *Mar 1 02:46:26.927: inp AF3BF782.ECC3BC57 (22:46:26.924 edt Sun Feb 28 1993) *Mar 1 02:46:26.927: Authentication key 1 *Mar 1 02:46:27.920: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:27.920: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:27.920: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:27.920: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:27.920: org C6B9B510.8745B717 (11:34:40.528 edt Fri Aug 26 2005) *Mar 1 02:46:27.920: rec AF3BF782.ECC3BC57 (22:46:26.924 edt Sun Feb 28 1993) *Mar 1 02:46:27.920: xmt AF3BF783.EBD8F525 (22:46:27.921 edt Sun Feb 28 1993) *Mar 1 02:46:27.924: Authentication key 1 *Mar 1 02:46:27.924: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:27.924: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:27.924: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:27.924: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:27.924: org AF3BF783.EBD8F525 (22:46:27.921 edt Sun Feb 28 1993) *Mar 1 02:46:27.928: rec C6B9B511.8798E9E4 (11:34:41.529 edt Fri Aug 26 2005) *Mar 1 02:46:27.928: xmt C6B9B511.87B5F0EE (11:34:41.530 edt Fri Aug 26 2005) *Mar 1 02:46:27.928: inp AF3BF783.ED2A2DAB (22:46:27.926 edt Sun Feb 28 1993) *Mar 1 02:46:27.928: Authentication key 1 *Mar 1 02:46:28.918: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:28.918: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:28.918: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:28.918: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:28.918: org C6B9B511.87B5F0EE (11:34:41.530 edt Fri Aug 26 2005) *Mar 1 02:46:28.918: rec AF3BF783.ED2A2DAB (22:46:27.926 edt Sun Feb 28 1993) *Mar 1 02:46:28.918: xmt AF3BF784.EB3DFDC3 (22:46:28.918 edt Sun Feb 28 1993) *Mar 1 02:46:28.922: Authentication key 1 *Mar 1 02:46:28.922: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:28.922: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:28.922: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:28.922: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:28.922: org AF3BF784.EB3DFDC3 (22:46:28.918 edt Sun Feb 28 1993) *Mar 1 02:46:28.926: rec C6B9B512.86FE66F7 (11:34:42.527 edt Fri Aug 26 2005) *Mar 1 02:46:28.926: xmt C6B9B512.871B9A0A (11:34:42.527 edt Fri Aug 26 2005) *Mar 1 02:46:28.926: inp AF3BF784.EC8E59E5 (22:46:28.924 edt Sun Feb 28 1993) *Mar 1 02:46:28.926: Authentication key 1 *Mar 1 02:46:29.920: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:29.920: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:29.920: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:29.920: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:29.920: org C6B9B512.871B9A0A (11:34:42.527 edt Fri Aug 26 2005) *Mar 1 02:46:29.920: rec AF3BF784.EC8E59E5 (22:46:28.924 edt Sun Feb 28 1993) *Mar 1 02:46:29.920: xmt AF3BF785.EBA9996F (22:46:29.920 edt Sun Feb 28 1993) *Mar 1 02:46:29.924: Authentication key 1 *Mar 1 02:46:29.924: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:29.924: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:29.924: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:29.924: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:29.924: org AF3BF785.EBA9996F (22:46:29.920 edt Sun Feb 28 1993) *Mar 1 02:46:29.928: rec C6B9B513.8761800E (11:34:43.528 edt Fri Aug 26 2005) *Mar 1 02:46:29.928: xmt C6B9B513.87830544 (11:34:43.529 edt Fri Aug 26 2005) *Mar 1 02:46:29.928: inp AF3BF785.ECFE4385 (22:46:29.925 edt Sun Feb 28 1993) *Mar 1 02:46:29.928: Authentication key 1 *Mar 1 02:46:30.921: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:30.921: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:30.921: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:30.921: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:30.921: org C6B9B513.87830544 (11:34:43.529 edt Fri Aug 26 2005) *Mar 1 02:46:30.921: rec AF3BF785.ECFE4385 (22:46:29.925 edt Sun Feb 28 1993) *Mar 1 02:46:30.921: xmt AF3BF786.EC0D7597 (22:46:30.922 edt Sun Feb 28 1993) *Mar 1 02:46:30.925: Authentication key 1 *Mar 1 02:46:30.925: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:30.925: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:30.925: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:30.925: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:30.925: org AF3BF786.EC0D7597 (22:46:30.922 edt Sun Feb 28 1993) *Mar 1 02:46:30.925: rec C6B9B514.87CCA326 (11:34:44.530 edt Fri Aug 26 2005) *Mar 1 02:46:30.929: xmt C6B9B514.87E98D40 (11:34:44.530 edt Fri Aug 26 2005) *Mar 1 02:46:30.929: inp AF3BF786.ED5A602A (22:46:30.927 edt Sun Feb 28 1993) *Mar 1 02:46:30.929: Authentication key 1 *Mar 1 02:46:31.919: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:31.919: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:31.919: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:31.919: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:31.919: org C6B9B514.87E98D40 (11:34:44.530 edt Fri Aug 26 2005) *Mar 1 02:46:31.919: rec AF3BF786.ED5A602A (22:46:30.927 edt Sun Feb 28 1993) *Mar 1 02:46:31.919: xmt AF3BF787.EB7A3DB9 (22:46:31.919 edt Sun Feb 28 1993) *Mar 1 02:46:31.923: Authentication key 1 *Mar 1 02:46:31.923: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:31.923: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:31.923: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:31.923: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:31.923: org AF3BF787.EB7A3DB9 (22:46:31.919 edt Sun Feb 28 1993) *Mar 1 02:46:31.927: rec C6B9B515.8734B5EF (11:34:45.528 edt Fri Aug 26 2005) *Mar 1 02:46:31.927: xmt C6B9B515.8751EB86 (11:34:45.528 edt Fri Aug 26 2005) *Mar 1 02:46:31.927: inp AF3BF787.ECD41226 (22:46:31.925 edt Sun Feb 28 1993) *Mar 1 02:46:31.927: Authentication key 1 *Mar 1 02:46:32.921: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:32.921: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:32.921: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:32.921: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:32.921: org C6B9B515.8751EB86 (11:34:45.528 edt Fri Aug 26 2005) *Mar 1 02:46:32.921: rec AF3BF787.ECD41226 (22:46:31.925 edt Sun Feb 28 1993) *Mar 1 02:46:32.921: xmt AF3BF788.EBE4FD01 (22:46:32.921 edt Sun Feb 28 1993) *Mar 1 02:46:32.925: Authentication key 1 *Mar 1 02:46:32.925: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:32.925: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:32.925: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:32.925: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:32.925: org AF3BF788.EBE4FD01 (22:46:32.921 edt Sun Feb 28 1993) *Mar 1 02:46:32.929: rec C6B9B516.87A42BDF (11:34:46.529 edt Fri Aug 26 2005) *Mar 1 02:46:32.929: xmt C6B9B516.87C0CEAC (11:34:46.530 edt Fri Aug 26 2005) *Mar 1 02:46:32.929: inp AF3BF788.ED355923 (22:46:32.926 edt Sun Feb 28 1993) *Mar 1 02:46:32.929: Authentication key 1 *Mar 1 02:46:33.918: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:33.918: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:33.918: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:33.918: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:33.918: org C6B9B516.87C0CEAC (11:34:46.530 edt Fri Aug 26 2005) *Mar 1 02:46:33.918: rec AF3BF788.ED355923 (22:46:32.926 edt Sun Feb 28 1993) *Mar 1 02:46:33.918: xmt AF3BF789.EB4AE203 (22:46:33.919 edt Sun Feb 28 1993) *Mar 1 02:46:33.922: Authentication key 1 *Mar 1 02:46:33.922: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:33.922: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:33.922: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:33.922: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:33.922: org AF3BF789.EB4AE203 (22:46:33.919 edt Sun Feb 28 1993) *Mar 1 02:46:33.926: rec C6B9B517.87027DF7 (11:34:47.527 edt Fri Aug 26 2005) *Mar 1 02:46:33.926: xmt C6B9B517.871F9B3C (11:34:47.527 edt Fri Aug 26 2005) *Mar 1 02:46:33.926: inp AF3BF789.EC9EAFB5 (22:46:33.924 edt Sun Feb 28 1993) *Mar 1 02:46:33.926: Authentication key 1 *Mar 1 02:46:34.920: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:34.920: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:34.920: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:34.920: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:34.920: org C6B9B517.871F9B3C (11:34:47.527 edt Fri Aug 26 2005) *Mar 1 02:46:34.920: rec AF3BF789.EC9EAFB5 (22:46:33.924 edt Sun Feb 28 1993) *Mar 1 02:46:34.920: xmt AF3BF78A.EBB67DAF (22:46:34.920 edt Sun Feb 28 1993) *Mar 1 02:46:34.924: Authentication key 1 *Mar 1 02:46:34.924: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:34.924: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:34.924: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:34.924: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:34.924: org AF3BF78A.EBB67DAF (22:46:34.920 edt Sun Feb 28 1993) *Mar 1 02:46:34.928: rec C6B9B518.876E278E (11:34:48.529 edt Fri Aug 26 2005) *Mar 1 02:46:34.928: xmt C6B9B518.878F7278 (11:34:48.529 edt Fri Aug 26 2005) *Mar 1 02:46:34.928: inp AF3BF78A.ED06D9D1 (22:46:34.925 edt Sun Feb 28 1993) *Mar 1 02:46:34.928: Authentication key 1 *Mar 1 02:46:35.921: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:35.921: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:35.921: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:35.921: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:35.921: org C6B9B518.878F7278 (11:34:48.529 edt Fri Aug 26 2005) *Mar 1 02:46:35.921: rec AF3BF78A.ED06D9D1 (22:46:34.925 edt Sun Feb 28 1993) *Mar 1 02:46:35.921: xmt AF3BF78B.EC1A59D7 (22:46:35.922 edt Sun Feb 28 1993) *Mar 1 02:46:35.925: Authentication key 1 *Mar 1 02:46:35.925: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:35.925: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:35.925: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:35.925: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:35.925: org AF3BF78B.EC1A59D7 (22:46:35.922 edt Sun Feb 28 1993) *Mar 1 02:46:35.925: rec C6B9B519.87D873BA (11:34:49.530 edt Fri Aug 26 2005) *Mar 1 02:46:35.929: xmt C6B9B519.87F57E1F (11:34:49.531 edt Fri Aug 26 2005) *Mar 1 02:46:35.929: inp AF3BF78B.ED67446A (22:46:35.927 edt Sun Feb 28 1993) *Mar 1 02:46:35.929: Authentication key 1 *Mar 1 02:46:36.919: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:36.919: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:36.919: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:36.919: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:36.919: org C6B9B519.87F57E1F (11:34:49.531 edt Fri Aug 26 2005) *Mar 1 02:46:36.919: rec AF3BF78B.ED67446A (22:46:35.927 edt Sun Feb 28 1993) *Mar 1 02:46:36.919: xmt AF3BF78C.EB96A0FF (22:46:36.920 edt Sun Feb 28 1993) *Mar 1 02:46:36.923: Authentication key 1 *Mar 1 02:46:36.923: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:36.923: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:36.923: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:36.923: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:36.923: org AF3BF78C.EB96A0FF (22:46:36.920 edt Sun Feb 28 1993) *Mar 1 02:46:36.927: rec C6B9B51A.874B5223 (11:34:50.528 edt Fri Aug 26 2005) *Mar 1 02:46:36.927: xmt C6B9B51A.87689881 (11:34:50.528 edt Fri Aug 26 2005) *Mar 1 02:46:36.927: inp AF3BF78C.ECED03DD (22:46:36.925 edt Sun Feb 28 1993) *Mar 1 02:46:36.927: Authentication key 1 *Mar 1 02:46:37.921: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:37.921: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:37.921: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:37.921: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:37.921: org C6B9B51A.87689881 (11:34:50.528 edt Fri Aug 26 2005) *Mar 1 02:46:37.921: rec AF3BF78C.ECED03DD (22:46:36.925 edt Sun Feb 28 1993) *Mar 1 02:46:37.921: xmt AF3BF78D.EBFB598C (22:46:37.921 edt Sun Feb 28 1993) *Mar 1 02:46:37.925: Authentication key 1 *Mar 1 02:46:37.925: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:37.925: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:37.925: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:37.925: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:37.925: org AF3BF78D.EBFB598C (22:46:37.921 edt Sun Feb 28 1993) *Mar 1 02:46:37.929: rec C6B9B51B.87B70B21 (11:34:51.530 edt Fri Aug 26 2005) *Mar 1 02:46:37.929: xmt C6B9B51B.87D41444 (11:34:51.530 edt Fri Aug 26 2005) *Mar 1 02:46:37.929: inp AF3BF78D.ED492083 (22:46:37.926 edt Sun Feb 28 1993) *Mar 1 02:46:37.929: Authentication key 1 *Mar 1 02:46:38.918: NTP: xmit packet to 180.40.7.98: *Mar 1 02:46:38.918: leap 3, mode 3, version 3, stratum 0, ppoll 64 *Mar 1 02:46:38.918: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0) *Mar 1 02:46:38.918: ref 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) *Mar 1 02:46:38.918: org C6B9B51B.87D41444 (11:34:51.530 edt Fri Aug 26 2005) *Mar 1 02:46:38.918: rec AF3BF78D.ED492083 (22:46:37.926 edt Sun Feb 28 1993) *Mar 1 02:46:38.918: xmt AF3BF78E.EB56E9DF (22:46:38.919 edt Sun Feb 28 1993) *Mar 1 02:46:38.922: Authentication key 1 *Mar 1 02:46:38.922: NTP: rcv packet from 180.40.7.98 to 180.40.7.129 on FastEthernet0/1: *Mar 1 02:46:38.922: leap 0, mode 4, version 3, stratum 6, ppoll 64 *Mar 1 02:46:38.922: rtdel 5DA6 (365.814), rtdsp 28F2 (159.943), refid C00A20FE (192.10.32.254) *Mar 1 02:46:38.922: ref C6B9B4EA.D7BCCCBC (11:34:02.842 edt Fri Aug 26 2005) *Mar 1 02:46:38.922: org AF3BF78E.EB56E9DF (22:46:38.919 edt Sun Feb 28 1993) *Mar 1 02:46:38.926: rec C6B9B51C.87074091 (11:34:52.527 edt Fri Aug 26 2005) *Mar 1 02:46:38.926: xmt C6B9B51C.872470B4 (11:34:52.527 edt Fri Aug 26 2005) *Mar 1 02:46:38.926: inp AF3BF78E.ECB87DD0 (22:46:38.924 edt Sun Feb 28 1993) *Mar 1 02:46:38.926: Authentication key 1 R3(config)#ping ^Z ^ % Invalid input detected at '^' marker. R3#un all All possible debugging has been turned off R3# *Mar 1 02:46:48.815: %SYS-5-CONFIG_I: Configured from console by console R3#shot n w ow ntp status Clock is unsynchronized, stratum 16, no reference clock nominal freq is 249.5901 Hz, actual freq is 249.5901 Hz, precision is 2**18 reference time is 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) clock offset is 0.0000 msec, root delay is 0.00 msec root dispersion is 0.00 msec, peer dispersion is 0.00 msec R3#debug ntp authen NTP authentication debugging is on R3#debug ntp events NTP events debugging is on R3#debug ntp eventsauthenshow ntp status Clock is unsynchronized, stratum 16, no reference clock nominal freq is 249.5901 Hz, actual freq is 249.5901 Hz, precision is 2**18 reference time is 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) clock offset is 0.0000 msec, root delay is 0.00 msec root dispersion is 0.00 msec, peer dispersion is 0.00 msec R3#show clock *22:47:36.036 edt Sun Feb 28 1993 R3#show run | include ntp *Mar 1 02:47:42.923: Authentication key 1ntp authentication-key 1 md5 13280E26020101 7 ntp authenticate ntp server 180.40.7.98 key 1 R3#config t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#not tp authen R3(config)#ntp authenticati R3(config)#ntp authentication-key ? <1-4294967295> Key number R3(config)#ntp authentication-key 1 ? md5 MD5 authentication R3(config)#ntp authentication-key 1 md R3(config)#ntp authentication-key 1 md5 MyTime R3(config)#^Z R3# *Mar 1 02:48:05.172: %SYS-5-CONFIG_I: Configured from console by console R3#show run | include ntp ntp authentication-key 1 md5 13280E26020101 7 ntp authenticate ntp server 180.40.7.98 key 1 R3#config t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#no ntp server 180.40.7.98 key 1 R3(config)#ntp authentication-key 1 md5 13280E26020101 7 R3(config)#ntp authenticate R3(config)#ntp server 180.40.7.98 key 1 R3(config)#^Z R3# *Mar 1 02:48:33.843: %SYS-5-CONFIG_I: Configured from console by console R3# *Mar 1 02:48:34.925: Authentication key 0 *Mar 1 02:48:35.922: Authentication key 0 R3# *Mar 1 02:48:36.924: Authentication key 0 *Mar 1 02:48:37.925: Authentication key 0 R3# *Mar 1 02:48:38.923: Authentication key 0 *Mar 1 02:48:39.925: Authentication key 0 R3# *Mar 1 02:48:40.922: Authentication key 0 *Mar 1 02:48:41.924: Authentication key 0 R3# *Mar 1 02:48:42.926: Authentication key 0 *Mar 1 02:48:43.923: Authentication key 0 R3# *Mar 1 02:48:44.925: Authentication key 0 *Mar 1 02:48:45.923: Authentication key 0 R3# *Mar 1 02:48:46.924: Authentication key 0 *Mar 1 02:48:47.922: Authentication key 0 R3# *Mar 1 02:48:48.923: Authentication key 0 *Mar 1 02:48:49.925: Authentication key 0 R3#config tshow run | include ntp ntp authentication-key 1 md5 13280E26020101 7 ntp authenticate ntp server 180.40.7.98 key 1 R3#wr Building configuration... [OK] R3#wrshow run | include ntp ntp authentication-key 1 md5 13280E26020101 7 ntp authenticate ntp server 180.40.7.98 key 1 R3#show run | include ntpwr show run | include ntpconfig t show run | include ntpconfig t show run | include ntpclock *22:49:48.497 edt Sun Feb 28 1993 R3# *Mar 1 02:49:53.922: Authentication key 0 R3#config t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#no ntp server 180.40.7.98 key 1 R3(config)#no ntp authenticate R3(config)#no ntp authentication-key 1 md5 13280E26020101 7 R3(config)#ntp authentication-key 1 md5 MyK Time R3(config)#ntp authen R3(config)#ntp authenticat % Ambiguous command: "ntp authenticat" R3(config)#ntp authenticata R3(config)#ntp authenticata ic R3(config)#ntp authenticatic cate R3(config)#ntp server 180.40.7.98 key 1 R3(config)#^Z R3# *Mar 1 02:50:43.247: %SYS-5-CONFIG_I: Configured from console by console R3# *Mar 1 02:50:52.923: Authentication key 1 *Mar 1 02:50:53.924: Authentication key 1 R3# *Mar 1 02:50:54.938: Authentication key 1 *Mar 1 02:50:55.924: Authentication key 1 R3# *Mar 1 02:50:56.925: Authentication key 1 *Mar 1 02:50:57.923: Authentication key 1 R3# *Mar 1 02:50:58.925: Authentication key 1 *Mar 1 02:50:59.922: Authentication key 1 R3# *Mar 1 02:51:00.924: Authentication key 1 *Mar 1 02:51:01.926: Authentication key 1 R3# *Mar 1 02:51:02.923: Authentication key 1 *Mar 1 02:51:03.925: Authentication key 1 R3# *Mar 1 02:51:04.922: Authentication key 1 *Mar 1 02:51:05.924: Authentication key 1 R3# *Mar 1 02:51:06.922: Authentication key 1 *Mar 1 02:51:07.923: Authentication key 1 R3#show ntp status Clock is unsynchronized, stratum 16, no reference clock nominal freq is 249.5901 Hz, actual freq is 249.5901 Hz, precision is 2**18 reference time is 00000000.00000000 (20:00:00.000 edt Thu Dec 31 1899) clock offset is 0.0000 msec, root delay is 0.00 msec root dispersion is 0.00 msec, peer dispersion is 0.00 msec R3# *Mar 1 02:52:11.924: Authentication key 1 R3#config t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#ntp tru R3(config)#ntp trusted-key 1 R3(config)#^Z R3# *Mar 1 02:53:05.075: %SYS-5-CONFIG_I: Configured from console by console R3#config tshow ntp statusconfig t show clockrun | include ntp *Mar 1 02:53:16.130: Authentication key 1 *Mar 1 02:53:16.130: NTP: 180.40.7.98 reachable *Aug 26 15:41:29.635: NTP: peer stratum change *Aug 26 15:41:29.635: NTP: clock resetntp authentication-key 1 md5 080C557A001400 7 ntp authenticate ntp trusted-key 1 ntp server 180.40.7.98 key 1 R3#sho wn w npt tp status Clock is unsynchronized, stratum 16, no reference clock nominal freq is 249.5901 Hz, actual freq is 249.5901 Hz, precision is 2**18 reference time is AF3BF91C.21A102D0 (22:53:16.131 edt Sun Feb 28 1993) clock offset is 394116493505.9699 msec, root delay is 565.98 msec root dispersion is 17026534.71 msec, peer dispersion is 16000.00 msec R3#config t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#no sohw do shw ow run Building configuration... Current configuration : 1932 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! logging queue-limit 100 ! username George password 0 bosco clock timezone edt -4 ip subnet-zero ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 mpls ldp logging neighbor-changes ! --More-- ! ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 no ip address shutdown --More-- duplex auto speed auto ! interface BRI0/0 no ip address shutdown ! interface FastEthernet0/1 ip address 180.40.7.129 255.255.255.224 duplex auto speed auto ! interface Serial1/0 ip address 180.40.7.33 255.255.255.224 encapsulation frame-relay ip ospf network point-to-multipoint frame-relay map ip 180.40.7.34 301 broadcast frame-relay map ip 180.40.7.35 302 broadcast ! interface Serial1/1 no ip address shutdown ! --More-- interface Serial1/2 ip address 180.40.7.3 255.255.255.224 ! interface Serial1/3 no ip address shutdown ! interface Serial1/4 no ip address shutdown ! interface Serial1/5 no ip address shutdown ! interface Serial1/6 no ip address shutdown ! interface Serial1/7 no ip address shutdown ! --More-- router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server no ip http secure-server ip classless ! ! ! ip access-list extended Prob9 permit ospf any any permit tcp any host 180.40.7.129 eq telnet dynamic PaulsDynamic timeout 60 permit ip any any ! ! ! call rsvp-sync ! ! mgcp profile default ! ! --More-- ! dial-peer cor custom ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 1 privilege level 15 login local autocommand access-enable host timeout 2 line vty 2 4 privilege level 15 no login ! ntp authentication-key 1 md5 080C557A001400 7 ntp authenticate ntp trusted-key 1 ntp server 180.40.7.98 key 1 --More-- ! end R3(config)# R3(config)# R3(config)#no ntp server 180.40.7.98 key 1 R3(config)#ntp server 180.40.7.98 key 1 R3(config)#ntp authentication-key 1 md5 080C557A001400 7 R3(config)#ntp authenticate R3(config)#ntp trusted-key 1 R3(config)# .Aug 26 15:42:26.429: Authentication key 1 .Aug 26 15:42:26.429: NTP: 180.40.7.98 reachable Aug 26 15:42:26.429: NTP: sync change Aug 26 15:42:26.429: NTP: peer stratum change Aug 26 15:42:27.430: Authentication key 0 Aug 26 15:42:27.430: NTP: 180.40.7.98 authentication failure R3(config)# Aug 26 15:42:28.428: Authentication key 0 Aug 26 15:42:29.430: Authentication key 0 R3(config)# Aug 26 15:42:30.433: Authentication key 0 Aug 26 15:42:31.431: Authentication key 0 R3(config)#no Aug 26 15:42:32.433: Authentication key 0 Aug 26 15:42:33.431: Authentication key 0 R3(config)#no Aug 26 15:42:34.429: NTP: 180.40.7.98 unreachable Aug 26 15:42:34.429: NTP: peer stratum change .Aug 26 15:42:34.433: Authentication key 0 R3(config)#no ntp server 180.40.7.98 key 1 R3(config)# .Aug 26 15:42:35.435: Authentication key 0 .Aug 26 15:42:36.433: Authentication key 0 R3(config)#ntp authentication-key 1 md5 MyTime R3(config)#ntp authenticate R3(config)#ntp trusted-key 1 R3(config)#ntp server 180.40.7.98 key 1 R3(config)#^Z R3# .Aug 26 15:43:09.785: %SYS-5-CONFIG_I: Configured from console by console R3# .Aug 26 15:43:15.453: Authentication key 1 .Aug 26 15:43:15.453: NTP: 180.40.7.98 reachable Aug 26 15:43:15.453: NTP: sync change Aug 26 15:43:15.453: NTP: peer stratum change Aug 26 15:43:16.454: Authentication key 1 R3# Aug 26 15:43:17.452: Authentication key 1 Aug 26 15:43:18.454: Authentication key 1 R3# Aug 26 15:43:19.455: Authentication key 1 Aug 26 15:43:20.453: Authentication key 1 R3#show ntp s Aug 26 15:43:21.455: Authentication key 1 Aug 26 15:43:22.452: Authentication key 1 R3#show ntp status Clock is synchronized, stratum 7, reference is 180.40.7.98 nominal freq is 249.5901 Hz, actual freq is 249.5901 Hz, precision is 2**18 reference time is C6B9B71B.7C67621A (11:43:23.485 edt Fri Aug 26 2005) clock offset is 44.3994 msec, root delay is 368.74 msec root dispersion is 217.67 msec, peer dispersion is 0.38 msec R3# Aug 26 15:43:23.454: Authentication key 1 Aug 26 15:43:24.452: Authentication key 1 R3#un all All possible debugging has been turned off R3# Aug 26 15:43:25.453: Authentication key 1 R3# RACK6AS>4 [Resuming connection 4 to r4 ... ] R4#config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#ip acce R4(config)#ip access-list ex R4(config)#ip access-list extended Outside R4(config-ext-nacl)#permit udp any any t r eq ntp R4(config-ext-nacl)#deny ip any any log R4(config-ext-nacl)#inter inter atm 1/0 R4(config-if)#ip acce R4(config-if)#ip access-group Outside in R4(config-if)#exit R4(config)#ip ins R4(config)#ip inspect PaulsInspeti ction ? % Unrecognized command R4(config)#ip inspect PaulsInspection spect PaulsInspectionn PaulsInspectiona PaulsInspectionm PaulsInspectione PaulsInspection PaulsInspectionPaulsInspection PaulsInspection Aug 26 15:46:50.606: %SEC-6-IPACCESSLOGP: list Outside denied tcp 192.10.32.254(50136) -> 192.10.32.6(179), 1 packet R4(config)#ip inspect name PaulsInspection ? cuseeme CUSeeMe Protocol fragment IP fragment inspection ftp File Transfer Protocol h323 H.323 Protocol (e.g, MS NetMeeting, Intel Video Phone) http HTTP Protocol icmp ICMP Protocol netshow Microsoft NetShow Protocol rcmd R commands (r-exec, r-login, r-sh) realaudio Real Audio Protocol rpc Remote Prodedure Call Protocol rtsp Real Time Streaming Protocol sip SIP Protocol smtp Simple Mail Transfer Protocol sqlnet SQL Net Protocol streamworks StreamWorks Protocol tcp Transmission Control Protocol tftp TFTP Protocol udp User Datagram Protocol vdolive VDOLive Protocol R4(config)#ip inspect name PaulsInspection tcp ? alert Turn on/off alert audit-trail Turn on/off audit trail timeout Specify the inactivity timeout time R4(config)#ip inspect name PaulsInspection tcp R4(config)#ip inspect name PaulsInspection tcp udp R4(config)#inter atm 1/0 R4(config-if)#ip ins R4(config-if)#ip inspect PaulsInspection out R4(config-if)#^Z R4# RACK6AS>6 [Resuming connection 6 to r6 ... ] S6>192.10.32.254 Trying 192.10.32.254 ... Open CR1> RACK6AS>4 [Resuming connection 4 to r4 ... ] Aug 2 R4#show access-list Standard IP access list IPNAT 10 permit 180.40.7.0, wildcard bits 0.0.0.255 (2 matches) 20 permit 17.0.0.0, wildcard bits 0.255.255.255 Extended IP access list Outside permit tcp host 192.10.32.254 eq telnet host 192.10.32.6 eq 11001 (9 matches) 10 permit udp any any eq ntp (4 matches) 20 deny ip any any log (1 match) R4# Aug 26 15:48:50.614: %SEC-6-IPACCESSLOGP: list Outside denied tcp 192.10.32.254(50142) -> 192.10.32.6(179), 1 packet R4#config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#in p ins R4(config)#ip inspect ? alert-off Disable alert audit-trail Enable the logging of session information (addresses and bytes) dns-timeout Specify timeout for DNS hashtable-size Specify size of hashtable max-incomplete Specify maximum number of incomplete connections before clamping name Specify an inspection rule one-minute Specify one-minute-sample watermarks for clamping tcp Config timeout values for tcp connections udp Config timeout values for udp flows R4(config)#ip inspect name PaulsInspection ? cuseeme CUSeeMe Protocol fragment IP fragment inspection ftp File Transfer Protocol h323 H.323 Protocol (e.g, MS NetMeeting, Intel Video Phone) http HTTP Protocol icmp ICMP Protocol netshow Microsoft NetShow Protocol rcmd R commands (r-exec, r-login, r-sh) realaudio Real Audio Protocol rpc Remote Prodedure Call Protocol rtsp Real Time Streaming Protocol sip SIP Protocol smtp Simple Mail Transfer Protocol sqlnet SQL Net Protocol streamworks StreamWorks Protocol tcp Transmission Control Protocol tftp TFTP Protocol udp User Datagram Protocol vdolive VDOLive Protocol R4(config)#ip inspect name PaulsInspection h3 R4(config)#ip inspect name PaulsInspection h323 R4(config)# Aug 26 15:50:50.617: %SEC-6-IPACCESSLOGP: list Outside denied tcp 192.10.32.254(50148) -> 192.10.32.6(179), 1 packet R4(config)#inter inter inter atm 1/0 R4(config-if)#exit R4(config)#ip ip acces R4(config)#ip access-list Outbound ext R4(config)#ip access-list Outbound ext ^ % Invalid input detected at '^' marker. R4(config)#ip access-list Outbound ext ext e Outbound R4(config-ext-nacl)#permit i p host 192.10.32.6 any R4(config-ext-nacl)#inter atm 1/0 R4(config-if)#ip acces R4(config-if)#ip access-group Outbound out R4(config-if)#^Z R4# Aug 26 15:52:07.385: %SYS-5-CONFIG_I: Configured from console by console R4# RACK6AS>6 [Resuming connection 6 to r6 ... ] CR1> CR1> CR1> CR1> CR1> CR1> CR1>\ % Unknown command or computer name, or unable to find computer address CR1> CR1> CR1> CR1> CR1> CR1> CR1> CR1> CR1> CR1> CR1> CR1> CR1> CR1> CR1> CR1> CR1> RACK6AS>2 [Resuming connection 2 to r2 ... ] R2#wr t Building configuration... Current configuration : 1626 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! logging queue-limit 100 ! ip subnet-zero ip tcp intercept list Prob10 ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 mpls ldp logging neighbor-changes ! ! --More-- ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 ip address 17.57.101.1 255.255.255.0 duplex auto speed auto --More-- ! interface BRI0/0 no ip address shutdown ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial1/0 no ip address encapsulation frame-relay ! interface Serial1/0.1 multipoint ip address 180.40.7.35 255.255.255.224 ip ospf network point-to-multipoint frame-relay interface-dlci 203 ! interface Serial1/1 no ip address shutdown --More-- ! interface Serial1/2 ip address 180.40.7.2 255.255.255.224 clockrate 64000 ! interface Serial1/3 no ip address shutdown ! interface Serial1/4 no ip address shutdown ! interface Serial1/5 no ip address shutdown ! interface Serial1/6 no ip address shutdown ! interface Serial1/7 no ip address --More-- shutdown ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server no ip http secure-server ip classless ! ! ! ip access-list standard Prob10 permit 17.57.101.0 0.0.0.255 ! ! ! call rsvp-sync ! ! mgcp profile default ! ! --More-- ! dial-peer cor custom ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 privilege level 15 no login ! ! end R2# RACK6AS>4 [Resuming connection 4 to r4 ... ] Aug R4# R4#wr t Building configuration... Current configuration : 1653 bytes ! ! Last configuration change at 11:52:07 edt Fri Aug 26 2005 ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R4 ! logging queue-limit 100 ! clock timezone edt -4 ip subnet-zero ip tcp synwait-time 5 ! ! no ip domain lookup ! ip inspect name PaulsInspection tcp ip inspect name PaulsInspection udp --More-- ip inspect name PaulsInspection h323 ip audit notify log ip audit po max-events 100 ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 ip address 180.40.7.98 255.255.255.224 --More-- ip nat inside duplex auto speed auto ! interface ATM1/0 ip address 192.10.32.6 255.255.255.0 ip access-group Outside in ip access-group Outbound out ip nat outside ip inspect PaulsInspection out no atm ilmi-keepalive pvc 0/72 protocol ip 192.10.32.254 broadcast ! ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip nat inside source list IPNAT interface ATM1/0 overload no ip http server ip classless ! --More-- ! ! ip access-list standard IPNAT permit 180.40.7.0 0.0.0.255 permit 17.0.0.0 0.255.255.255 ! ip access-list extended Outbound permit ip host 192.10.32.6 any ip access-list extended Outside permit udp any any eq ntp deny ip any any log ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! --More-- line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 privilege level 15 no login ! ntp authentication-key 1 md5 013E1F30520603 7 ntp authenticate ntp clock-period 17179861 ntp server 192.10.32.254 ! end R4# Aug 26 15:54:50.628: %SEC-6-IPACCESSLOGP: list Outside denied tcp 192.10.32.254(50160) -> 192.10.32.6(179), 1 packet R4# R4# R4#show access-list Standard IP access list IPNAT 10 permit 180.40.7.0, wildcard bits 0.0.0.255 (2 matches) 20 permit 17.0.0.0, wildcard bits 0.255.255.255 Extended IP access list Outbound 10 permit ip host 192.10.32.6 any (28 matches) Extended IP access list Outside permit tcp host 192.10.32.254 eq telnet host 192.10.32.6 eq 11001 (58 matches) 10 permit udp any any eq ntp (16 matches) 20 deny ip any any log (5 matches) R4# Aug 26 15:56:50.636: %SEC-6-IPACCESSLOGP: list Outside denied tcp 192.10.32.254(50166) -> 192.10.32.6(179), 1 packet R4#config t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#inter e0/0 f0 /0 R4(config-if)#ip ins R4(config-if)#ip inspect PaulsIns Aug 26 15:58:50.644: %SEC-6-IPACCESSLOGP: list Outside denied tcp 192.10.32.254(50172) -> 192.10.32.6(179), 1 packet R4(config-if)#ip inspect PaulsInspection in R4(config-if)#inter atm 1/0 R4(config-if)#no ip ins R4(config-if)#no ip inspect PaulsINs nspection out R4(config-if)#do show run Building configuration... Current configuration : 1652 bytes ! ! Last configuration change at 11:52:07 edt Fri Aug 26 2005 ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R4 ! logging queue-limit 100 ! clock timezone edt -4 ip subnet-zero ip tcp synwait-time 5 ! ! no ip domain lookup ! ip inspect name PaulsInspection tcp ip inspect name PaulsInspection udp --More-- ip inspect name PaulsInspection h323 ip audit notify log ip audit po max-events 100 ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 ip address 180.40.7.98 255.255.255.224 --More-- ip nat inside ip inspect PaulsInspection in duplex auto speed auto ! interface ATM1/0 ip address 192.10.32.6 255.255.255.0 ip access-group Outside in ip access-group Outbound out ip nat outside no atm ilmi-keepalive pvc 0/72 protocol ip 192.10.32.254 broadcast ! ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip nat inside source list IPNAT interface ATM1/0 overload no ip http server ip classless ! --More-- ! ! ip access-list standard IPNAT permit 180.40.7.0 0.0.0.255 permit 17.0.0.0 0.255.255.255 ! ip access-list extended Outbound permit ip host 192.10.32.6 any ip access-list extended Outside permit udp any any eq ntp deny ip any any log ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! --More-- R4(config-if)#ip access-list extended Outbound R4(config-ext-nacl)#no permit ip host 192.10.32.6 any R4(config-ext-nacl)#deny ip any any no log R4(config-ext-nacl)# RACK6AS>6 [Resuming connection 6 to r6 ... ] S6>disc Closing connection to 192.10.32.254 [confirm]y S6> S6> S6> S6> S6>disc192.10.32.254 Trying 192.10.32.254 ... % Destination unreachable; gateway or host down S6>192.10.32.254 Trying 192.10.32.254 ... % Destination unreachable; gateway or host down S6> S6>192.10.32.254 Trying 192.10.32.254 ... % Destination unreachable; gateway or host down S6>en S6# RACK6AS>4 [Resuming connection 4 to r4 ... ] A R4(config-ext-nacl)#sho ^Z R4# RACK6AS>3 [Resuming connection 3 to r3 ... ] R3#show run Building configuration... Current configuration : 2020 bytes ! ! Last configuration change at 11:43:09 edt Fri Aug 26 2005 ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! logging queue-limit 100 ! username George password 0 bosco clock timezone edt -4 ip subnet-zero ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 --More-- mpls ldp logging neighbor-changes ! ! ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 --More-- no ip address shutdown duplex auto speed auto ! interface BRI0/0 no ip address shutdown ! interface FastEthernet0/1 ip address 180.40.7.129 255.255.255.224 duplex auto speed auto ! interface Serial1/0 ip address 180.40.7.33 255.255.255.224 encapsulation frame-relay ip ospf network point-to-multipoint frame-relay map ip 180.40.7.34 301 broadcast frame-relay map ip 180.40.7.35 302 broadcast ! interface Serial1/1 no ip address --More-- shutdown ! interface Serial1/2 ip address 180.40.7.3 255.255.255.224 ! interface Serial1/3 no ip address shutdown ! interface Serial1/4 no ip address shutdown ! interface Serial1/5 no ip address shutdown ! interface Serial1/6 no ip address shutdown ! interface Serial1/7 no ip address --More-- shutdown ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server no ip http secure-server ip classless ! ! ! ip access-list extended Prob9 permit ospf any any permit tcp any host 180.40.7.129 eq telnet dynamic PaulsDynamic timeout 60 permit ip any any ! ! ! call rsvp-sync ! ! mgcp profile default --More-- ! ! ! dial-peer cor custom ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 1 privilege level 15 login local autocommand access-enable host timeout 2 line vty 2 4 privilege level 15 no login ! ntp authentication-key 1 md5 080C557A001400 7 ntp authenticate --More-- ntp trusted-key 1 ntp clock-period 17208141 ntp server 180.40.7.98 key 1 ! end R3# RACK6AS>1 [Resuming connection 1 to r1 ... ] R1> R1> R1>en R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#username P JOe oeUser pass R1(config)#username JoeUser password bosco R1(config)#username JoeUser password boscoppassword boscorpassword boscoipassword boscovpassword boscoipassword boscolpassword boscoepassword boscogpassword boscoepassword bosco password bosco5password bosco password bosco R1(config)#pri R1(config)#priv R1(config)#privilege ? aaa-user AAA user definition accept-dialin VPDN group accept dialin configuration mode accept-dialout VPDN group accept dialout configuration mode address-family Address Family configuration mode aic Alarm Interface Card configuration mode alps-ascu ALPS ASCU configuration mode alps-circuit ALPS circuit configuration mode bba-group BBA Group configuration mode boomerang Boomerang configuration mode cascustom Cas custom configuration mode cause-code-list Voice Cause Code List configuration mode ces-conn CES connection configuration mode ces-vc CES VC configuration mode cgma_agent CGMA Agent Configuration Mode cm-fallback cm-fallback configuration mode cns-connect-intf-config CNS Connect Intf Info Mode config-rtr-http-rr RTR HTTP raw request Configuration configure Global configuration mode congestion Frame Relay congestion configuration mode controller Controller configuration mode dhcp DHCP pool configuration mode enum_rule enum configuration mode --More-- R1(config)#privilege config R1(config)#privilege config fig R1(config)#privilege configu R1(config)#privilege configure ? all All suboption will be set to the samelevel level Set privilege level of command reset Reset privilege level of command R1(config)#privilege configure le R1(config)#privilege configure level 5 ? LINE Initial keywords of the command to modify R1(config)#privilege configure level 5 snmp-server community R1(config)#sn R1(config)#snp R1(config)#snp- n mp-s R1(config)#snmp-server com R1(config)#snmp-server community line vty 0 4 R1(config-line)#login local R1(config-line)#no priv R1(config-line)#no privi R1(config-line)#no privilege lev R1(config-line)#no privilege level 15 R1(config-line)# RACK6AS>5 [Resuming connection 5 to r5 ... ] S5>17.57.100.2 Trying 17.57.100.2 ... Open S5#exit [Connection to 17.57.100.2 closed by foreign host] S5>17.57.100.2 1 Trying 17.57.100.1 ... Open User Access Verification Username: JoeUser Password: R1#config t ^ % Invalid input detected at '^' marker. R1#config t ^ % Invalid input detected at '^' marker. R1# RACK6AS>1 [Resuming connection 1 to r1 ... ] R1(config-line)#exit R1(config)#priv R1(config)#privilege ? aaa-user AAA user definition accept-dialin VPDN group accept dialin configuration mode accept-dialout VPDN group accept dialout configuration mode address-family Address Family configuration mode aic Alarm Interface Card configuration mode alps-ascu ALPS ASCU configuration mode alps-circuit ALPS circuit configuration mode bba-group BBA Group configuration mode boomerang Boomerang configuration mode cascustom Cas custom configuration mode cause-code-list Voice Cause Code List configuration mode ces-conn CES connection configuration mode ces-vc CES VC configuration mode cgma_agent CGMA Agent Configuration Mode cm-fallback cm-fallback configuration mode cns-connect-intf-config CNS Connect Intf Info Mode config-rtr-http-rr RTR HTTP raw request Configuration configure Global configuration mode congestion Frame Relay congestion configuration mode controller Controller configuration mode dhcp DHCP pool configuration mode enum_rule enum configuration mode --More-- R1(config)#privilege x R1(config)#privilege x ex R1(config)#privilege exec configu ure terminal ^ % Invalid input detected at '^' marker. R1(config)#privilege exec config terminallconfig terminaleconfig terminalvconfig terminaleconfig terminallconfig terminal config terminal5config terminal config terminal R1(config)# RACK6AS>5 [Resuming connection 5 to r5 ... ] R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#? Configure commands: atm Enable ATM SLM Statistics call Configure Call parameters default Set a command to its defaults end Exit from configure mode exit Exit from configure mode help Description of the interactive help system no Negate a command or set its defaults snmp-server Modify SNMP engine parameters R1(config)#sn R1(config)#snmp-server comm R1(config)#snmp-server community SecretPassword w rw ^ % Invalid input detected at '^' marker. R1(config)#snmp-server community SecretPassword rw R1(config)#^Z R1#show run ^ % Invalid input detected at '^' marker. R1# RACK6AS>1 [Resuming connection 1 to r1 ... ] * R1(config)#priv R1(config)#privilege ex R1(config)#privilege exec level 5 show running-config R1(config)# RACK6AS>5 [Resuming connection 5 to r5 ... ] R1#show run Building configuration... Current configuration : 57 bytes ! ! ! ! ! snmp-server community SecretPassword RO ! end R1#show run Building configuration... Current configuration : 57 bytes ! ! ! ! ! snmp-server community SecretPassword RO ! end R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#snmp-server community SecretPassword rw ^ % Invalid input detected at '^' marker. R1(config)# RACK6AS>1 [Resuming connection 1 to r1 ... ] R1(config)#privilege exec level 5 show runningconfig terminalconfig terminal exit no privilege level 15login local ine vty 0 4privilege configure level 5 snmp-server community * rw R1(config)# RACK6AS>1 5 [Resuming connection 5 to r5 ... ] R1(config)#snmp-server community SecretPassword rw R1(config)#do shwo ru ow run ^ % Invalid input detected at '^' marker. R1(config)#exit R1#od do show run ^ % Invalid input detected at '^' marker. R1#sho wru w run Building configuration... Current configuration : 57 bytes ! ! ! ! ! snmp-server community SecretPassword RW ! end R1#exit [Connection to 17.57.100.1 closed by foreign host] S5> RACK6AS>21 % 21 is not an open connection RACK6AS> [Resuming connection 5 to r5 ... ] S5> S5> S5> RACK6AS>z 1 [Resuming connection 1 to r1 ... ] *M R1(config)#w end R1#wr t Building configuration... Current configuration : 1422 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! logging queue-limit 100 ! username JoeUser privilege 5 password 0 bosco memory-size iomem 10 ip subnet-zero ! ! no ip domain lookup ! mpls ldp logging neighbor-changes ! ! ! --More-- ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface Ethernet0/0 ip address 17.57.100.1 255.255.255.0 half-duplex ! interface Serial0/0 no ip address encapsulation frame-relay ! --More-- *Mar 1 04:01:30.281: %SYS-5-CONFIG_I: Configured from console by console --More-- interface Serial0/0.1 point-to-point ip address 180.40.7.34 255.255.255.224 ip ospf network point-to-multipoint frame-relay interface-dlci 103 ! interface Ethernet0/1 no ip address shutdown half-duplex ! interface Serial0/1 no ip address shutdown ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server ip classless ! ! ! --More-- ! ! snmp-server community SecretPassword RW snmp-server enable traps tty call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! privilege configure level 5 snmp-server community privilege configure level 5 snmp-server privilege exec level 5 configure terminal privilege exec level 5 configure privilege exec level 5 show running-config privilege exec level 5 show ! line con 0 exec-timeout 0 0 logging synchronous --More-- line aux 0 line vty 0 4 login local ! ! end R1# R1# R1# R1#wr t Building configuration... Current configuration : 1422 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! logging queue-limit 100 ! username JoeUser privilege 5 password 0 bosco memory-size iomem 10 ip subnet-zero ! ! no ip domain lookup ! mpls ldp logging neighbor-changes ! ! ! --More-- ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface Ethernet0/0 ip address 17.57.100.1 255.255.255.0 half-duplex ! interface Serial0/0 no ip address encapsulation frame-relay ! --More-- interface Serial0/0.1 point-to-point ip address 180.40.7.34 255.255.255.224 ip ospf network point-to-multipoint frame-relay interface-dlci 103 ! interface Ethernet0/1 no ip address shutdown half-duplex ! interface Serial0/1 no ip address shutdown ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server ip classless ! ! ! --More-- ! ! snmp-server community SecretPassword RW snmp-server enable traps tty call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! privilege configure level 5 snmp-server community privilege configure level 5 snmp-server privilege exec level 5 configure terminal privilege exec level 5 configure privilege exec level 5 show running-config privilege exec level 5 show ! line con 0 exec-timeout 0 0 logging synchronous --More-- line aux 0 line vty 0 4 login local ! ! end R1# R1# R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#priv R1(config)#privilege lenvel ? aaa-user AAA user definition accept-dialin VPDN group accept dialin configuration mode accept-dialout VPDN group accept dialout configuration mode address-family Address Family configuration mode aic Alarm Interface Card configuration mode alps-ascu ALPS ASCU configuration mode alps-circuit ALPS circuit configuration mode bba-group BBA Group configuration mode boomerang Boomerang configuration mode cascustom Cas custom configuration mode cause-code-list Voice Cause Code List configuration mode ces-conn CES connection configuration mode ces-vc CES VC configuration mode cgma_agent CGMA Agent Configuration Mode cm-fallback cm-fallback configuration mode cns-connect-intf-config CNS Connect Intf Info Mode config-rtr-http-rr RTR HTTP raw request Configuration configure Global configuration mode congestion Frame Relay congestion configuration mode controller Controller configuration mode dhcp DHCP pool configuration mode enum_rule enum configuration mode --More-- R1(config)#privilege config ex R1(config)#privilege exec ? all All suboption will be set to the samelevel level Set privilege level of command reset Reset privilege level of command R1(config)#privilege exec all ? level Set privilege level of command reset Reset privilege level of command R1(config)#privilege exec all level 5 ? LINE Initial keywords of the command to modify R1(config)#privilege exec all level 5 ^Z R1# *Mar 1 04:02:53.313: %SYS-5-CONFIG_I: Configured from console by console R1# RACK6AS>2 [Resuming connection 2 to r2 ... ] R2# R2# R2#confi g t Enter configuration commands, one per line. End with CNTL/Z. R2(config)#ntp time R2(config)#time-range PaulsTime R2(config-time-range)#? Time range configuration commands: absolute absolute time and date default Set a command to its defaults exit Exit from time-range configuration mode no Negate a command or set its defaults periodic periodic time and date R2(config-time-range)#pre R2(config-time-range)#pre er R2(config-time-range)#periodic ? Friday Friday Monday Monday Saturday Saturday Sunday Sunday Thursday Thursday Tuesday Tuesday Wednesday Wednesday daily Every day of the week weekdays Monday thru Friday weekend Saturday and Sunday R2(config-time-range)#periodic week R2(config-time-range)#periodic weekd R2(config-time-range)#periodic weekdays weekdays ? hh:mm Starting time R2(config-time-range)#periodic weekdays 8:00 tom 17:00 R2(config-time-range)# exit R2(config)#ip access- R2(config)#ip access-list Prob5 4 pre ermit eProb4 xProb4 tProb4 Prob4 R2(config-ext-nacl)#permit ip any any eq time R2(config-ext-nacl)#permit ip any any time-range PaulsTime R2(config-ext-nacl)#line vty 0 4 R2(config-line)#acce R2(config-line)#access-class Prob4 in R2(config-line)#exit R2(config)#ntp serve R2(config)#ntp server 180.40.7.3 R2(config)#^Z R2#show ntp st *Mar 1 04:04:51.194: %SYS-5-CONFIG_I: Configured from console by console R2#show ntp status Clock is unsynchronized, stratum 16, no reference clock nominal freq is 249.5901 Hz, actual freq is 249.5901 Hz, precision is 2**18 reference time is 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1900) clock offset is 0.0000 msec, root delay is 0.00 msec root dispersion is 0.00 msec, peer dispersion is 0.00 msec R2#show ntp status Clock is unsynchronized, stratum 16, no reference clock nominal freq is 249.5901 Hz, actual freq is 249.5901 Hz, precision is 2**18 reference time is 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1900) clock offset is 0.0000 msec, root delay is 0.00 msec root dispersion is 0.00 msec, peer dispersion is 0.00 msec R2#show clock *04:04:59.051 UTC Mon Mar 1 1993 R2# RACK6AS>5 [Resuming connection 5 to r5 ... ] S5>17.57.100 10 01.1 Trying 17.57.101.1 ... Open R2# R2# R2# R2#show clock 16:53:25.948 UTC Fri Aug 26 2005 R2#config t Enter configuration commands, one per line. End with CNTL/Z. R2(config)#no ntp server 180.40.7.3 R2(config)#^Z R2#clock set ? hh:mm:ss Current Time R2#clock set 4:00:00 ? <1-31> Day of the month MONTH Month of the year R2#clock set 4:00:00 1 ? MONTH Month of the year R2#clock set 4:00:00 1 26 Augu 2005 R2# RACK6AS> [Resuming connection 5 to r5 ... ] R2# R2# R2#exit [Connection to 17.57.101.1 closed by foreign host] S5>17.57.101.1 Trying 17.57.101.1 ... % Connection refused by remote host S5> RACK6AS>z2 2 [Resuming connection 2 to r2 ... ] .Aug R2# R2#wr t Building configuration... Current configuration : 1839 bytes ! ! Last configuration change at 16:53:53 UTC Fri Aug 26 2005 ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! logging queue-limit 100 ! ip subnet-zero ip tcp intercept list Prob10 ! ! no ip domain lookup ! ip audit notify log ip audit po max-events 100 mpls ldp logging neighbor-changes --More-- ! ! ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface FastEthernet0/0 ip address 17.57.101.1 255.255.255.0 --More-- duplex auto speed auto ! interface BRI0/0 no ip address shutdown ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial1/0 no ip address encapsulation frame-relay ! interface Serial1/0.1 multipoint ip address 180.40.7.35 255.255.255.224 ip ospf network point-to-multipoint frame-relay interface-dlci 203 ! interface Serial1/1 --More-- no ip address shutdown ! interface Serial1/2 ip address 180.40.7.2 255.255.255.224 clockrate 64000 ! interface Serial1/3 no ip address shutdown ! interface Serial1/4 no ip address shutdown ! interface Serial1/5 no ip address shutdown ! interface Serial1/6 no ip address shutdown ! --More-- interface Serial1/7 no ip address shutdown ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server no ip http secure-server ip classless ! ! ! ip access-list standard Prob10 permit 17.57.101.0 0.0.0.255 ! ip access-list extended Prob4 permit ip any any time-range PaulsTime ! ! ! call rsvp-sync --More-- ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 access-class Prob4 in privilege level 15 no login ! time-range PaulsTime periodic weekdays 8:00 to 17:00 --More-- ! ! end R2# R2# R2# RACK6AS>1 [Resuming connection 1 to r1 ... ] R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#aaa new R1(config)#aaa new-model R1(config)#aaa authen R1(config)#aaa authentication ? arap Set authentication lists for arap. attempts Set the maximum number of authentication attempts banner Message to use when starting login/authentication. enable Set authentication list for enable. fail-message Message to use for failed login/authentication. login Set authentication lists for logins. password-prompt Text to use when prompting for a password ppp Set authentication lists for ppp. username-prompt Text to use when prompting for a username R1(config)#aaa authentication login ? WORD Named authentication list. default The default authentication list. R1(config)#aaa authentication login PaulsLogin ? enable Use enable password for authentication. group Use Server-group krb5 Use Kerberos 5 authentication. krb5-telnet Allow logins only if already authenticated via Kerberos V Telnet. line Use line password for authentication. local Use local username authentication. local-case Use case-sensitive local username authentication. none NO authentication. R1(config)#aaa authentication login PaulsLogin gr R1(config)#aaa authentication login PaulsLogin group tac R1(config)#aaa authentication login PaulsLogin group tacacs+ loc R1(config)#aaa authentication login PaulsLogin group tacacs+ local non R1(config)#aaa authentication login PaulsLogin group tacacs+ local non lo ine R1(config)#line vy ty 0 4 R1(config-line)#log R1(config-line)#login R1(config-line)#login Au R1(config-line)#login Authentication PaulsLogin R1(config-line)#^Z R1# *Mar 1 04:14:31.950: %SYS-5-CONFIG_I: Configured from console by console R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#ta R1(config)#tac R1(config)#tacacs-server ? administration Start tacacs+ deamon handling administrative messages directed-request Allow user to specify tacacs server to use with `@server' dns-alias-lookup Enable IP Domain Name System Alias lookup for TACACS servers host Specify a TACACS server key Set TACACS+ encryption key. packet Modify TACACS+ packet options timeout Time to wait for a TACACS server to reply R1(config)#tacacs-server key host 17.57.100.99 R1(config)#tacacs-server host 17.57.100.99 login Authentication PaulsLogintacacs-server host 17.57.100.99 key R1(config)#tacacs-server host 17.57.100.99 key MyKey R1(config)#^Z R1# *Mar 1 04:15:07.541: %SYS-5- RACK6AS>5 [Resuming connection 5 to r5 ... ] S5>17.57.101.1 0.1 Trying 17.57.100.1 ... Open Username: JOeUs oeUser Password: R1>exit [Connection to 17.57.100.1 closed by foreign host] S5> S5> S5> RACK6AS>1 [Resuming connection 1 to r1 ... ] CONFIG_I: Configured from console by console R1# R1#debug aaa authen R1#debug aaa authentication AAA Authentication debugging is on R1# RACK6AS>3 5 [Resuming connection 5 to r5 ... ] S5>17.57.100.1 Trying 17.57.100.1 ... Open Username: RACK6AS>1 [Resuming connection 1 to r1 ... ] R1# *Mar 1 04:15:53.528: AAA/BIND(00000006): Bind i/f *Mar 1 04:15:53.528: AAA/AUTHEN/LOGIN (00000006): Pick method list 'PaulsLogin' *Mar 1 04:15:53.532: %TAC+: no address for get_server R1#^x5 % Unknown command or computer name, or unable to find computer address R1# RACK6AS>4 5 [Resuming connection 5 to r5 ... ] Username: user JOe oeUser Password: R1> RACK6AS>1 [Resuming connection 1 to r1 ... ] R1# R1#un all All possible debugging has been turned off R1#wr t Building configuration... Current configuration : 1672 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! logging queue-limit 100 ! username JoeUser privilege 5 password 0 bosco memory-size iomem 10 aaa new-model ! ! aaa authentication login PaulsLogin group tacacs+ local line aaa session-id common ip subnet-zero ! ! no ip domain lookup --More-- ! mpls ldp logging neighbor-changes ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface Ethernet0/0 ip address 17.57.100.1 255.255.255.0 half-duplex --More-- ! interface Serial0/0 no ip address encapsulation frame-relay ! interface Serial0/0.1 point-to-point ip address 180.40.7.34 255.255.255.224 ip ospf network point-to-multipoint frame-relay interface-dlci 103 ! interface Ethernet0/1 no ip address shutdown half-duplex ! interface Serial0/1 no ip address shutdown ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! --More-- no ip http server ip classless ! ! ! ! ! tacacs-server host 17.57.100.99 key MyKey tacacs-server directed-request snmp-server community SecretPassword RW snmp-server enable traps tty radius-server authorization permit missing Service-Type call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! privilege configure level 5 snmp-server community privilege configure level 5 snmp-server --More-- privilege exec level 5 configure terminal privilege exec level 5 configure privilege exec level 5 show running-config privilege exec level 5 show ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login authentication PaulsLogin ! ! end R1# R1# R1# R1# R1# R1#exit R1 con0 is now available Press RETURN to get started. R1> R1> R1> R1> R1> R1> R1>en R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#usern R1(config)#username pauls pa pr R1(config)#username pauls privilege 15 pass R1(config)#username pauls privilege 15 password a paul R1(config)#username pauls privilege 15 password paul privilege 15 password paul R1(config)#aaa au auth R1(config)#aaa author R1(config)#aaa authorization def R1(config)#aaa authorization defa R1(config)#aaa authorization defa ? auth-proxy For Authentication Proxy Services cache For AAA cache configuration commands For exec (shell) commands. config-commands For configuration mode commands. configuration For downloading configurations from AAA server exec For starting an exec (shell). ipmobile For Mobile IP services. network For network services. (PPP, SLIP, ARAP) reverse-access For reverse access connections template Enable template authorization R1(config)#aaa authorization authen R1(config)#aaa authentication ? arap Set authentication lists for arap. attempts Set the maximum number of authentication attempts banner Message to use when starting login/authentication. enable Set authentication list for enable. fail-message Message to use for failed login/authentication. login Set authentication lists for logins. password-prompt Text to use when prompting for a password ppp Set authentication lists for ppp. username-prompt Text to use when prompting for a username R1(config)#aaa authentication login ? WORD Named authentication list. default The default authentication list. R1(config)#aaa authentication login default ? enable Use enable password for authentication. group Use Server-group krb5 Use Kerberos 5 authentication. krb5-telnet Allow logins only if already authenticated via Kerberos V Telnet. line Use line password for authentication. local Use local username authentication. local-case Use case-sensitive local username authentication. none NO authentication. R1(config)#aaa authentication login default tac R1(config)#aaa authentication login default taca R1(config)#aaa authentication login default taca gr R1(config)#aaa authentication login default group tac R1(config)#aaa authentication login default group tacacs+ local enable R1(config)#^Z R1# *Mar 1 04:19:22.863: %SYS-5-CONFIG_I: Configured from console by console R1#exit R1 con0 is now available Press RETURN to get started. Username: *Mar 1 04:19:32.299: %TAC+: no address for get_server Username: paul Password: R1>en R1#sho wru ow run Building configuration... Current configuration : 1819 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! logging queue-limit 100 ! username JoeUser privilege 5 password 0 bosco username pauls privilege 15 password 0 paul username paul privilege 15 password 0 paul memory-size iomem 10 aaa new-model ! ! aaa authentication login default group tacacs+ local enable aaa authentication login PaulsLogin group tacacs+ local line aaa session-id common ip subnet-zero --More-- ! ! no ip domain lookup ! mpls ldp logging neighbor-changes ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! --More-- interface Ethernet0/0 ip address 17.57.100.1 255.255.255.0 half-duplex ! interface Serial0/0 no ip address encapsulation frame-relay ! interface Serial0/0.1 point-to-point ip address 180.40.7.34 255.255.255.224 ip ospf network point-to-multipoint frame-relay interface-dlci 103 ! interface Ethernet0/1 no ip address shutdown half-duplex ! interface Serial0/1 no ip address shutdown ! router ospf 1 --More-- log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server ip classless ! ! ! ! ! tacacs-server host 17.57.100.99 key MyKey tacacs-server directed-request snmp-server community SecretPassword RW snmp-server enable traps tty radius-server authorization permit missing Service-Type call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! --More-- ! privilege configure level 5 snmp-server community privilege configure level 5 snmp-server privilege exec level 5 configure terminal privilege exec level 5 configure privilege exec level 5 show running-config privilege exec level 5 show ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login authentication PaulsLogin ! ! end R1# config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#aaa tueh authen R1(config)#aaa authentication ? arap Set authentication lists for arap. attempts Set the maximum number of authentication attempts banner Message to use when starting login/authentication. enable Set authentication list for enable. fail-message Message to use for failed login/authentication. login Set authentication lists for logins. password-prompt Text to use when prompting for a password ppp Set authentication lists for ppp. username-prompt Text to use when prompting for a username R1(config)#aaa authentication user R1(config)#aaa authentication username-prompt "CCIEClass- .com-Username" R1(config)#aaa authentication username-prompt "CCIEClass.com-Username" Pasw sword"-prompt "CCIEClass.com-Password" -prompt "CCIEClass.com-Password" -prompt "CCIEClass.com-Password" -prompt "CCIEClass.com-Password" -prompt "CCIEClass.com-Password" -prompt "CCIEClass.com-Password" -prompt "CCIEClass.com-Password" -prompt "CCIEClass.com-Password" p-prompt "CCIEClass.com-Password"a-prompt "CCIEClass.com-Password"s-prompt "CCIEClass.com-Password"s-prompt "CCIEClass.com-Password"w-prompt "CCIEClass.com-Password"o-prompt "CCIEClass.com-Password"r-prompt "CCIEClass.com-Password"d-prompt "CCIEClass.com-Password" R1(config)#x5 RACK6AS>5 [Resuming connection 5 to r5 ... ] R1>exit [Connection to 17.57.100.1 closed by foreign host] S5>17.57.100.1 Trying 17.57.100.1 ... Open CCIEClass.com-UsernameJoeuser User CCIEClass.com-Password R1> RACK6AS>1 [Resuming connection 1 to r1 ... ] *Mar R1(config)# R1(config)# R1(config)#exit R1#exit R1 con0 is now available Press RETURN to get started. *Mar 1 04:21:58.102: %SYS-5-CONFIG_I: Configured from console by paul on console CCIEClass.com-Username *Mar 1 04:22:06.331: %TAC+: no address for get_server CCIEClass.com-Usernamepaul CCIEClass.com-Password R1>en R1#den bug aaa authentic AAA Authentication debugging is on R1#exit R1 con0 is now available Press RETURN to get started. CCIEClass.com-Usernamepau *Mar 1 04:22:21.480: AAA/BIND(0000000B): Bind i/f *Mar 1 04:22:21.480: AAA/AUTHEN/LOGIN (0000000B): Pick method list 'default' *Mar 1 04:22:21.484: %TAC+: no address for get_server CCIEClass.com-Usernamepaul CCIEClass.com-Password R1>en R1# *Mar 1 04:22:31.492: AAA: parse name=tty0 idb type=-1 tty=-1 *Mar 1 04:22:31.492: AAA: name=tty0 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=0 channel=0 *Mar 1 04:22:31.492: AAA/MEMORY: create_user (0x82569520) user='paul' ruser='NULL' ds0=0 port='tty0' rem_addr='async' authen_type=ASCII service=ENABLE priv=15 initial_task_id='0', vrf= (id=0) *Mar 1 04:22:31.492: AAA/AUTHEN/START (2854096931): port='tty0' list='' action=LOGIN service=ENABLE *Mar 1 04:22:31.492: AAA/AUTHEN/START (2854096931): console enable - default to enable password (if any) *Mar 1 04:22:31.496: AAA/AUTHEN/START (2854096931): Method=ENABLE R1#un all *Mar 1 04:22:31.496: AAA/AUTHEN(2854096931): can't find any passwords *Mar 1 04:22:31.496: AAA/AUTHEN(2854096931): Status=ERROR *Mar 1 04:22:31.496: AAA/AUTHEN/START (2854096931): Method=NONE *Mar 1 04:22:31.496: AAA/AUTHEN(2854096931): Status=PASS *Mar 1 04:22:31.496: AAA/MEMORY: free_user (0x82569520) user='paul' ruser='NULL' port='tty0' rem_addr='async' authen_type=ASCII service=ENABLE priv=15 vrf= (id=0) R1#un all All possible debugging has been turned off R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#mot R1(config)#mot banner mot R1(config)#banner motd ? LINE c banner-text c, where 'c' is a delimiting character R1(config)#banner motd % Ambiguous command: "banner motd " R1(config)#banner motd * Enter TEXT message. End with the character '*'. --------------------------------------------------------- This is a private website do not o Do not h enter I sa Is said do not ender ---------------------------------------------------------- * R1(config)# RACK6AS>5 [Resuming connection 5 to r5 ... ] R1>exit [Connection to 17.57.100.1 closed by foreign host] S5>17.57.100.1 Trying 17.57.100.1 ... Open --------------------------------------------------------- This is a private website Do not enter I said do not ender ---------------------------------------------------------- CCIEClass.com-Username RACK6AS>1 [Resuming connection 1 to r1 ... ] *Ma R1(config)#^Z R1# *Mar 1 04:24:34.142: %SYS-5-CONFIG_I: Configured from console by paul on console R1#wr t Building configuration... Current configuration : 2141 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! logging queue-limit 100 ! username JoeUser privilege 5 password 0 bosco username pauls privilege 15 password 0 paul username paul privilege 15 password 0 paul memory-size iomem 10 aaa new-model ! ! aaa authentication password-prompt CCIEClass.com-Password aaa authentication username-prompt CCIEClass.com-Username aaa authentication login default group tacacs+ local enable aaa authentication login PaulsLogin group tacacs+ local line --More-- aaa session-id common ip subnet-zero ! ! no ip domain lookup ! mpls ldp logging neighbor-changes ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! --More-- ! ! interface Ethernet0/0 ip address 17.57.100.1 255.255.255.0 half-duplex ! interface Serial0/0 no ip address encapsulation frame-relay ! interface Serial0/0.1 point-to-point ip address 180.40.7.34 255.255.255.224 ip ospf network point-to-multipoint frame-relay interface-dlci 103 ! interface Ethernet0/1 no ip address shutdown half-duplex ! interface Serial0/1 no ip address shutdown --More-- ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server ip classless ! ! ! ! ! tacacs-server host 17.57.100.99 key MyKey tacacs-server directed-request snmp-server community SecretPassword RW snmp-server enable traps tty radius-server authorization permit missing Service-Type call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom --More-- ! ! ! banner motd ^C --------------------------------------------------------- This is a private website Do not enter I said do not ender ---------------------------------------------------------- ^C privilege configure level 5 snmp-server community privilege configure level 5 snmp-server privilege exec level 5 configure terminal privilege exec level 5 configure privilege exec level 5 show running-config privilege exec level 5 show ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 --More-- line vty 0 4 login authentication PaulsLogin ! ! end R1# exit R1 con0 is now available Press RETURN to get started. --------------------------------------------------------- This is a private website Do not enter I said do not ender ---------------------------------------------------------- CCIEClass.com-Usernamepaul *Mar 1 04:25:42.674: %TAC+: no address for get_server CCIEClass.com-Usernamepaul CCIEClass.com-Password R1>en R1#e