Scribd
Upload
53 views

Running Configuration of Router 1

The document contains the running configurations of three routers - R1, R2, and R3. Access control lists (ACLs) have been configured on the routers to permit or deny traffic based on source and destination IP addresses in order to mitigate network attacks.

Uploaded by

Wasiq Karim
Copyright
© © All Rights Reserved
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
53 views

Running Configuration of Router 1

The document contains the running configurations of three routers - R1, R2, and R3. Access control lists (ACLs) have been configured on the routers to permit or deny traffic based on source and destination IP addresses in order to mitigate network attacks.

Uploaded by

Wasiq Karim
Copyright
© © All Rights Reserved
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 12

PT ACTIVITY: CONFIGURE IP ACLs TO MITIGATE ATTACKS

Running Configuration of Router 1

R1#sh running-config

Building configuration...

Current configuration : 1281 bytes

version 12.4

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

hostname R1

enable password ciscoenpa55

username SSHadmin

KASHIF BASHIR Page 1


PT ACTIVITY: CONFIGURE IP ACLs TO MITIGATE ATTACKS

ip name-server 0.0.0.0

interface FastEthernet0/0

no ip address

duplex auto

speed auto

shutdown

interface FastEthernet0/1

ip address 192.168.1.1 255.255.255.0

duplex auto

speed auto

interface Serial0/0/0

ip address 10.1.1.1 255.255.255.0

ip access-group 120 in

clock rate 64000

KASHIF BASHIR Page 2


PT ACTIVITY: CONFIGURE IP ACLs TO MITIGATE ATTACKS

interface Serial0/0/1

no ip address

shutdown

interface Vlan1

no ip address

shutdown

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0/0/0

access-list 10 permit host 192.168.3.3

access-list 120 permit udp any host 192.168.1.3 eq domain

access-list 120 permit tcp any host 192.168.1.3 eq smtp

access-list 120 permit tcp any host 192.168.1.3 eq ftp

access-list 120 deny tcp any host 192.168.1.3 eq 443

access-list 120 permit tcp host 192.168.3.3 host 10.1.1.1 eq 22

access-list 120 permit icmp any any echo-reply

access-list 120 permit icmp any any unreachable

access-list 120 deny icmp any any

access-list 120 permit ip any any

KASHIF BASHIR Page 3


PT ACTIVITY: CONFIGURE IP ACLs TO MITIGATE ATTACKS

line con 0

password ciscoconpa55

login

line vty 0 4

access-class 10 in

password ciscosshpa55

login

End

Running configuration of R2
R2#sh running-config

Building configuration...

Current configuration : 927 bytes

version 12.4

KASHIF BASHIR Page 4


PT ACTIVITY: CONFIGURE IP ACLs TO MITIGATE ATTACKS

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

hostname R2

enable password ciscoenpa55

username SSHadmin

ip name-server 0.0.0.0

KASHIF BASHIR Page 5


PT ACTIVITY: CONFIGURE IP ACLs TO MITIGATE ATTACKS

interface Loopback0

ip address 192.168.2.1 255.255.255.0

interface FastEthernet0/0

no ip address

duplex auto

speed auto

shutdown

interface FastEthernet0/1

no ip address

duplex auto

speed auto

shutdown

interface Serial0/0/0

ip address 10.1.1.2 255.255.255.252

interface Serial0/0/1

ip address 10.2.2.2 255.255.255.252

clock rate 64000

KASHIF BASHIR Page 6


PT ACTIVITY: CONFIGURE IP ACLs TO MITIGATE ATTACKS

interface Vlan1

no ip address

shutdown

ip classless

ip route 192.168.1.0 255.255.255.0 Serial0/0/0

ip route 192.168.3.0 255.255.255.0 Serial0/0/1

access-list 10 permit host 192.168.3.3

line con 0

password ciscoconpa55

login

line vty 0 4

access-class 10 in

password ciscosshpa55

login

KASHIF BASHIR Page 7


PT ACTIVITY: CONFIGURE IP ACLs TO MITIGATE ATTACKS

End

Running Configuration of R3
R3#sh running-config

Building configuration...

Current configuration : 1186 bytes

version 12.4

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

hostname R3

enable password ciscoenpa55

KASHIF BASHIR Page 8


PT ACTIVITY: CONFIGURE IP ACLs TO MITIGATE ATTACKS

username SSHadmin

ip name-server 0.0.0.0

interface FastEthernet0/0

no ip address

duplex auto

speed auto

shutdown

interface FastEthernet0/1

ip address 192.168.3.1 255.255.255.0

ip access-group 110 in

KASHIF BASHIR Page 9


PT ACTIVITY: CONFIGURE IP ACLs TO MITIGATE ATTACKS

duplex auto

speed auto

interface Serial0/0/0

no ip address

shutdown

interface Serial0/0/1

ip address 10.2.2.1 255.255.255.252

ip access-group 100 in

interface Vlan1

no ip address

shutdown

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0/0/1

access-list 10 permit host 192.168.3.3

access-list 100 deny ip 10.0.0.0 0.255.255.255 any

access-list 100 deny ip 172.16.0.0 0.15.255.255 any

access-list 100 deny ip 192.168.0.0 0.0.255.255 any

access-list 100 deny ip 127.0.0.0 0.255.255.255 any

KASHIF BASHIR Page 10


PT ACTIVITY: CONFIGURE IP ACLs TO MITIGATE ATTACKS

access-list 100 deny ip 224.0.0.0 15.255.255.255 any

access-list 100 permit ip any any

access-list 110 permit ip 192.168.3.0 0.0.0.255 any

line con 0

password ciscoconpa55

login

line vty 0 4

access-class 10 in

password ciscosshpa55

login

End

KASHIF BASHIR Page 11


PT ACTIVITY: CONFIGURE IP ACLs TO MITIGATE ATTACKS

KASHIF BASHIR Page 12

You might also like