** WARNING, putting anything other than the Sky Broadband provided router on your xDSL line will break your agreement with Sky. You do this at your own risk. **https://www.cm9.net/skypass/
older example (IOS 12.4(15)T)
no service pad
service telnet-zeroidle
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname MAC_ADDRESS
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 16384
enable secret ENABLE_PASSWORD
!
clock timezone GMT 0
clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 1:00
!
dot11 ssid WPA2
vlan 10
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 0 PASSWORD
!
no ip source-route
no ip gratuitous-arps
ip icmp rate-limit unreachable 1
ip cef
!
ip dhcp excluded-address 172.24.0.1 172.24.0.31
ip dhcp excluded-address 172.24.1.1 172.24.1.31
ip dhcp excluded-address 172.24.2.1 172.24.2.31
ip dhcp excluded-address 172.24.3.1 172.24.3.31
!
ip dhcp pool LAN
network 172.24.0.0 255.255.255.0
domain-name netconf.co.uk
dns-server 90.207.238.97 90.207.238.99
default-router 172.24.0.254
lease 30
!
ip dhcp pool WIRELESS-WPA2
network 172.24.1.0 255.255.255.0
domain-name yelmuch.net
dns-server 90.207.238.97 90.207.238.99
default-router 172.24.1.254
lease 30
!
ip domain name yelmuch.net
ip name-server 90.207.238.97
ip name-server 90.207.238.99
ip inspect dns-timeout 10
ip inspect name INSPECT cuseeme
ip inspect name INSPECT ftp
ip inspect name INSPECT h323
ip inspect name INSPECT icmp
ip inspect name INSPECT netshow
ip inspect name INSPECT rcmd
ip inspect name INSPECT realaudio
ip inspect name INSPECT rtsp
ip inspect name INSPECT sqlnet
ip inspect name INSPECT streamworks
ip inspect name INSPECT tftp
ip inspect name INSPECT tcp
ip inspect name INSPECT udp
ip inspect name INSPECT vdolive
ip inspect name INSPECT isakmp
ip inspect name INSPECT ipsec-msft
ip inspect name INSPECT sip audit-trail on timeout 300
ip inspect name INSPECT sip-tls audit-trail on timeout 1800
ip inspect name INSPECT smtp timeout 30
ip inspect name INSPECT ssh timeout 43200
ip inspect name INSPECT http urlfilter alert on audit-trail off
!
ip urlfilter allow-mode on
ip urlfilter exclusive-domain deny www.affiliateer.com
ip urlfilter exclusive-domain deny www.burstnet.com
ip urlfilter exclusive-domain deny .jamster.com
ip urlfilter exclusive-domain deny .googlesyndication.com
ip urlfilter exclusive-domain deny .888.com
ip urlfilter exclusive-domain deny ads.itv.com
ip urlfilter exclusive-domain deny .atdmt.com
ip urlfilter exclusive-domain permit www.google.com
ip urlfilter exclusive-domain deny adserving.cpxinteractive.com
ip urlfilter exclusive-domain deny .glispa.com
ip urlfilter exclusive-domain deny .adtech.de
ip urlfilter exclusive-domain deny .adbureau.net
ip urlfilter exclusive-domain deny .falkag.net
ip urlfilter exclusive-domain deny .fastclick.net
ip urlfilter exclusive-domain deny .doubleclick.net
ip urlfilter exclusive-domain permit www.google.co.uk
ip urlfilter exclusive-domain deny ads.trinitymirror.co.uk
ip urlfilter exclusive-domain deny fe.lea.lycos.co.uk
!
! Press Control-V before entering ? in URL below
ip ddns update method DYNDNS
HTTP
add http://USERNAME:PASSWORD@members.dyndns.org/nic/update?system=dyndns&hostname=SITENAME.homedns.org&myip=<a>
interval maximum 20 0 0 0
interval minimum 15 0 0 0
!
vtp domain SKYBB
vtp mode transparent
!
interface ATM0
description SKYBB-ADSL-LLU
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
load-interval 30
snmp ifindex persist
class-int class-default
no atm ilmi-keepalive
dsl operating-mode auto
dsl enable-training-log
dsl lom 250
max-reserved-bandwidth 100
hold-queue 224 in
!
interface ATM0.1 point-to-point
description PVC 0/38 - 448kbps
bandwidth 360
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
no snmp trap link-status
pvc DATA 0/38
vbr-nrt 448 448 1
tx-ring-limit 3
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
interface FastEthernet0
spanning-tree portfast
!
interface FastEthernet1
spanning-tree portfast
!
interface FastEthernet2
spanning-tree portfast
!
interface FastEthernet3
spanning-tree portfast
!
interface Dot11Radio0
description 802.11B/G interface
no ip address
no ip redirect
ip nat inside
ip virtual-reassembly
!
encryption vlan 10 mode ciphers tkip
!
ssid WPA2
!
mbssid
speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
packet retries 128 drop-packet
station-role root
world-mode dot11d country GB indoor
no cdp enable
!
interface Dot11Radio0.10
description WiFi - WPA2 TKIP$FW_INSIDE$
encapsulation dot1Q 10 native
ip address 172.24.1.254 255.255.255.0
no ip redirect
ip nat inside
ip inspect INSPECT in
!
interface Vlan1
description LAN$FW_INSIDE$
ip address 172.24.0.254 255.255.255.0
ip nat inside
ip virtual-reassembly
ip inspect INSPECT in
!
interface Dialer1
description OUTSIDE$FW_OUTSIDE$
bandwidth 360
ip ddns update DYNDNS
ip address negotiated previous
ip access-group 111 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting output-packets
ip accounting precedence input
ip accounting precedence output
ip accounting access-violations
ip nbar protocol-discovery
ip pim sparse-dense-mode
ip nat outside
ip inspect INSPECT out
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
ip tcp adjust-mss 1400
load-interval 30
dialer pool 1
snmp ifindex persist
no fair-queue
no cdp enable
ppp max-bad-auth 3
ppp lcp predictive
ppp lcp delay 1
ppp authentication chap callin
ppp chap hostname MAC_ADDRESS@skydsl
ppp chap password PPPOA_PASSWORD
ppp ipcp predictive
ppp multilink
ppp multilink interleave
ppp multilink fragment delay 20
max-reserved-bandwidth 100
!
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip route 10.0.0.0 255.0.0.0 Null0 name "RFC1918 Drop"
ip route 127.0.0.0 255.0.0.0 Null0 name "Loopback Drop"
ip route 169.254.0.0 255.255.0.0 Null0 name "Autoconfiguration IP Addresses"
ip route 172.16.0.0 255.240.0.0 Null0 name "RFC1918 Drop"
ip route 192.168.0.0 255.255.0.0 Null0 name "RFC1918 Drop"
!
no ip http server
ip http access-class 99
no ip http secure-server
ip nat inside source list 100 interface Dialer1 overload
!
access-list 99 permit 172.24.0.0 0.0.255.255
!
access-list 100 permit ip 10.0.0.0 0.255.255.255 any
access-list 100 permit ip 172.16.0.0 0.15.255.255 any
access-list 100 permit ip 192.168.0.0 0.0.255.255 any
!
access-list 111 permit udp host 195.40.0.250 eq ntp any eq ntp
access-list 111 permit udp host 195.40.1.250 eq ntp any eq ntp
access-list 111 permit tcp host 63.208.196.95 eq www any
access-list 111 permit udp host 87.86.189.16 eq domain any
access-list 111 deny ip any any log
!
control-plane
!
line con 0
no modem enable
line aux 0
access-class 99 in
line vty 0 4
access-class 99 in
password PASSWORD
login
!
ntp server 195.40.0.250
ntp server 195.40.1.250
Any errors or comments, Please email yelmuch@hotmail.com |
|