Cisco 837

Dave · November 24, 2006

ermm.. now you've lost me

Dave · November 24, 2006

So if i replace my current hub (with the 4 pc's connected) with this cisco switch, will i have much set up to do?

I have fixed ip addresses on all the computers.. along the lines of 192.168.1.1 and the 192.168.1.2 for another etc.

Would it be a case of attach it to one computer, complete the set up and then connect the other 3?

Mac · November 24, 2006

[ QUOTE ]

Building configuration...

Current configuration : 8338 bytes

!

version 12.4

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec

service timestamps log datetime localtime

service password-encryption

no service dhcp

!

hostname ABCDEF

!

boot-start-marker

boot-end-marker

!

memory-size iomem 5

no logging buffered

no logging console

enable secret 5 "It's a secret"

!

aaa new-model

!

aaa authentication login default local

aaa authorization auth-proxy default local

!

aaa session-id common

!

resource policy

!

clock timezone GMT 0

clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 1:00

ip subnet-zero

no ip source-route

!

ip cef

no ip domain lookup

ip domain name "It's a secret"

no ip bootp server

ip inspect udp idle-time 10

ip inspect tcp idle-time 300

ip inspect tcp synwait-time 10

ip inspect name FW-OUTSIDE tcp

ip inspect name FW-OUTSIDE udp

ip inspect name FW-OUTSIDE icmp

ip inspect name FW-OUTSIDE smtp

ip ips sdf location <a href="flash://attack-drop.sdf" target="_blank">flash://attack-drop.sdf</a>

ip ips name IDS

ip ssh authentication-retries 1

ip ssh version 2

login block-for 300 attempts 2 within 60

login quiet-mode access-class TELNET

login on-failure log

login on-success log

!

interface Null0

no ip unreachables

!

interface Loopback0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

!

interface Ethernet0

description INSIDE

bandwidth 100000

ip address 192.168.16.30 255.255.255.248

no ip redirects

ip nat inside

ip virtual-reassembly

ip route-cache flow

hold-queue 100 out

!

interface Ethernet2

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

hold-queue 100 out

!

interface ATM0

description Physical for Dialer0

bandwidth 8192

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

interface FastEthernet1

duplex auto

speed auto

!

interface FastEthernet2

shutdown

duplex auto

speed auto

!

interface FastEthernet3

shutdown

duplex auto

speed auto

!

interface FastEthernet4

shutdown

duplex auto

speed auto

!

interface Dialer0

description OUTSIDE

bandwidth 8192

ip address "It's a secret" 255.255.255.0

ip access-group OUTSIDE in

ip verify unicast source reachable-via rx

no ip redirects

no ip unreachables

no ip proxy-arp

ip accounting access-violations

ip nat outside

ip inspect FW-OUTSIDE out

ip ips IDS in

ip virtual-reassembly

rate-limit input access-group 190 512000 1500 2000 conform-action transmit exceed-action drop

rate-limit input access-group 191 128000 1500 2000 conform-action transmit exceed-action drop

rate-limit input access-group 192 128000 1500 2000 conform-action transmit exceed-action drop

encapsulation ppp

ip route-cache flow

ip policy route-map black-hole

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname "It's a secret"

ppp chap password 7 "It's a secret"

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer0

no ip http server

no ip http secure-server

ip flow-export source Ethernet0

ip flow-export version 5 peer-as

!

ip nat inside source list 10 interface Dialer0 overload

ip nat inside source static tcp 192.168.16.29 25 interface Dialer0 25

ip nat inside source static tcp 192.168.16.29 3389 interface Dialer0 3389

ip nat inside source static tcp 192.168.16.29 80 interface Dialer0 80

!

ip access-list extended BLACK-HOLE

permit ip 0.0.0.0 1.255.255.255 any

permit ip 2.0.0.0 0.255.255.255 any

permit ip 5.0.0.0 0.255.255.255 any

permit ip 7.0.0.0 0.255.255.255 any

permit ip 10.0.0.0 0.255.255.255 any

permit ip 23.0.0.0 0.255.255.255 any

permit ip 27.0.0.0 0.255.255.255 any

permit ip 31.0.0.0 0.255.255.255 any

permit ip 36.0.0.0 1.255.255.255 any

permit ip 39.0.0.0 0.255.255.255 any

permit ip 42.0.0.0 0.255.255.255 any

permit ip 49.0.0.0 0.255.255.255 any

permit ip 50.0.0.0 0.255.255.255 any

permit ip 77.0.0.0 0.255.255.255 any

permit ip 78.0.0.0 1.255.255.255 any

permit ip 92.0.0.0 3.255.255.255 any

permit ip 96.0.0.0 15.255.255.255 any

permit ip 112.0.0.0 7.255.255.255 any

permit ip 120.0.0.0 0.255.255.255 any

permit ip 127.0.0.0 0.255.255.255 any

permit ip 169.254.0.0 0.0.255.255 any

permit ip 172.16.0.0 0.15.255.255 any

permit ip 173.0.0.0 0.255.255.255 any

permit ip 174.0.0.0 1.255.255.255 any

permit ip 176.0.0.0 7.255.255.255 any

permit ip 184.0.0.0 3.255.255.255 any

permit ip 192.0.2.0 0.0.0.255 any

permit ip 192.168.0.0 0.0.255.255 any

permit ip 197.0.0.0 0.255.255.255 any

permit ip 198.18.0.0 0.1.255.255 any

permit ip 223.0.0.0 0.255.255.255 any

permit ip 224.0.0.0 31.255.255.255 any

deny ip any any

ip access-list extended OUTSIDE

deny ip 0.0.0.0 1.255.255.255 any log-input

deny ip 2.0.0.0 0.255.255.255 any log-input

deny ip 5.0.0.0 0.255.255.255 any log-input

deny ip 7.0.0.0 0.255.255.255 any log-input

deny ip 10.0.0.0 0.255.255.255 any log-input

deny ip 23.0.0.0 0.255.255.255 any log-input

deny ip 27.0.0.0 0.255.255.255 any log-input

deny ip 31.0.0.0 0.255.255.255 any log-input

deny ip 36.0.0.0 1.255.255.255 any log-input

deny ip 39.0.0.0 0.255.255.255 any log-input

deny ip 42.0.0.0 0.255.255.255 any log-input

deny ip 49.0.0.0 0.255.255.255 any log-input

deny ip 50.0.0.0 0.255.255.255 any log-input

deny ip 77.0.0.0 0.255.255.255 any log-input

deny ip 78.0.0.0 1.255.255.255 any log-input

deny ip 92.0.0.0 3.255.255.255 any log-input

deny ip 96.0.0.0 15.255.255.255 any log-input

deny ip 112.0.0.0 7.255.255.255 any log-input

deny ip 120.0.0.0 0.255.255.255 any log-input

deny ip 127.0.0.0 0.255.255.255 any log-input

deny ip 169.254.0.0 0.0.255.255 any log-input

deny ip 172.16.0.0 0.15.255.255 any log-input

deny ip 173.0.0.0 0.255.255.255 any log-input

deny ip 174.0.0.0 1.255.255.255 any log-input

deny ip 176.0.0.0 7.255.255.255 any log-input

deny ip 184.0.0.0 3.255.255.255 any log-input

deny ip 192.0.2.0 0.0.0.255 any log-input

deny ip 192.168.0.0 0.0.255.255 any log-input

deny ip 197.0.0.0 0.255.255.255 any log-input

deny ip 198.18.0.0 0.1.255.255 any log-input

deny ip 223.0.0.0 0.255.255.255 any log-input

deny ip 224.0.0.0 31.255.255.255 any log-input

deny icmp any any log-input fragments

permit tcp any host "It's a secret" eq 22 log-input

permit tcp any host "It's a secret" eq smtp

permit tcp 16.8.0.0 0.0.255.255 host "It's a secret" eq 3389

deny ip any any log-input

ip access-list extended TELNET

permit ip host 192.168.16.29 any

deny ip any any log-input

logging trap notifications

logging source-interface Ethernet0

logging 192.168.16.29

access-list 10 permit 192.168.16.24 0.0.0.7

access-list 190 remark CAR-UDP

access-list 190 permit udp any any

access-list 191 remark CAR-ICMP

access-list 191 permit icmp any any

access-list 192 remark CAR-Multicast

access-list 192 permit ip any 224.0.0.0 15.255.255.255

dialer-list 1 protocol ip permit

no cdp run

route-map black-hole permit 1

match ip address BLACK-HOLE

set interface Null0

!

control-plane

!

banner motd ^CC

******************************************************************

* THIS COMPUTER SYSTEM IS FOR AUTHORISED OFFICIAL USE ONLY. *

* *

* The use of this computer system will be subject to monitoring *

* and recording without further notice. Auditing may include the *

* use of keystroke monitoring. *

* *

* Any individual who uses this system expressly consents to such *

* monitoring and is advised that information about their use of *

* this system may be provided to the relevant authorities if *

* evidence of criminal or other unauthorised activity is found. *

******************************************************************

^C

!

line con 0

exec-timeout 0 0

no modem enable

line aux 0

transport output none

line vty 0

exec-timeout 2 0

logging synchronous

transport input ssh

transport output ssh

line vty 1

access-class TELNET in

exec-timeout 3 0

logging synchronous

transport input ssh

transport output ssh

line vty 2 4

transport input none

transport output none

!

scheduler max-task-time 5000

scheduler interval 500

sntp server 129.132.2.21

sntp server 130.149.17.8

end

[/ QUOTE ]

Exactly

Sell it and get a Netgear

mb · November 24, 2006

[ QUOTE ]

complete the set up

[/ QUOTE ]

Have a go, when you have had enough of International phone calls & found you don't have a support contract, do as Mac says & buy a Linksys.

Seriously a Linksys/ASDL modem/router will do all you want to do, take about 10 minutes to set up & give you a wireless option too - its just not worth the pain !

Dave · November 24, 2006

thanks guys,

anyone want to buy a Cisco 837?

Dave · November 24, 2006

Too complex for me:

Hence my e-bay listing

Markpaq · November 24, 2006

I did say it wasn't for the faint hearted, good luck with the auction. You might want to include the "Show Version" information I mentioned, it'll help any potential purchaser know what feature set it has installed.

Dave · December 4, 2006

got £90 for it at the end.. better than sitting on my desk

Markpaq · December 5, 2006

Result.

Sign In

Cisco 837

Recommended Posts

Dave

Link to comment

Share on other sites

Dave

Link to comment

Share on other sites

Mac

Link to comment

Share on other sites

mb

Link to comment

Share on other sites

Dave

Link to comment

Share on other sites

Dave

Link to comment

Share on other sites

Markpaq

Link to comment

Share on other sites

Dave

Link to comment

Share on other sites

Markpaq

Link to comment

Share on other sites

Please sign in to comment

Browse

Activity