Cisco 3825路由器的基本配置如下:(NAT、https、telnet、ssh)
!
! Last configuration change at 02:16:24 UTC Fri Mar 14 2014 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption 开启密码加密服务
!
hostname changsha
!
boot-start-marker
boot-end-marker
!
!
enable secret 4 ts3RV1CBTbIZMydO.QfSZ.79fn0AWqGCoE4hSlRAWZo 配置进入特权模式的密码
!
no aaa new-model
!
dot11 syslog
ip source-route
!
ip cef
!
ip name-server 58.20.*.*
ip name-server 58.20.*.*
ip name-server 8.8.8.8
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-762801541
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-762801541
revocation-check none
rsakeypair TP-self-signed-762801541
!
crypto pki certificate chain TP-self-signed-762801541
certificate self-signed 01 nvram:IOS-Self-Sig#1.cer
!
license udi pid CISCO3825 sn FHK1205F536
username admin privilege 15 password 7 1101180B0E132B1E0B3F3F21 创建的本地用户
!
interface GigabitEthernet0/0
ip address 172.22.*.* 255.255.*.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
ip address 58.20.*.* 255.255.*.*
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
media-type rj45
!
ip forward-protocol nd
!
!
no ip http server
ip http authentication local 登陆https管理需要本地用户认证
ip http secure-server 开启https服务
ip nat inside source list 10 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 58.20.*.*
!
access-list 10 permit 172.22.*.0 0.0.0.255
!
control-plane
!
line con 0
password 7 104608171C16321903113E2E 设置登陆密码
logging synchronous 日志同步
login local 本地用户认证
line aux 0
line vty 0 4
password 7 09444F07000437000419102F 设置登陆密码
login local 本地用户认证
transport input telnet ssh 开启telnet、ssh登陆服务
line vty 5 924
password 7 09444F07000437000419102F
login local 本地用户认证
transport input telnet ssh 开启telnet、ssh登陆服务
!
scheduler allocate 20000 1000
end
转载于:https://blog.51cto.com/chenshengang/1376274
582
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
