!
no service finger
no service pad
service password-encryption
no service udp-small-servers
no service tcp-small-servers
no cdp run
!
enable secret XXXX
!
ip subnet-zero
no ip source-route
ip name-server 193.162.159.194
ip name-server 193.162.145.130
!
! DHCP server, only in IOS 12.0T, 12.1 or later
!
ip dhcp excluded-address 192.168.1.1 192.168.1.5
!
ip dhcp pool rfc1918
network 192.168.1.1 255.255.255.0
default-router 192.168.1.1
dns-server 194.239.134.83 193.162.153.164
!
ip nat inside source list 40 interface Loopback0 overload
!
ip nat inside source static tcp 192.168.1.4 21 <Customer IP> 21 extendable
ip nat inside source static tcp 192.168.1.4 53 <Customer IP> 53 extendable
ip nat inside source static udp 192.168.1.4 53 <Customer IP> 53 extendable
ip nat inside source static tcp 192.168.1.2 25 <Customer IP> 25 extendable
ip nat inside source static tcp 192.168.1.3 80 <Customer IP> 80 extendable
!
! Default mapping, unknown traffic mapped to 192.168.1.5, can be
! used for services on non-standard ports, eg. netgames etc.
!
ip nat inside source static 192.168.1.5 <Customer IP> extendable
!
interface Loopback0
ip address <Customer IP> 255.255.255.255
ip nat outside
!
interface Ethernet0
no shutdown
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip access-group 101 in
no ip directed-broadcast
no ip proxy-arp
no ip redirect
ntp disable
!
interface ATM0
no shutdown
!
interface ATM0.101 point
no shutdown
ip unnumbered Loopback0
ip nat outside
ip access-group 121 in
ntp disable
pvc 0/101
encapsulation aal5mux ip
!
ip classless
!
ip route 0.0.0.0 0.0.0.0 atm0.101
!
access-list 40 permit 192.168.1.0 0.0.0.255
!
access-list 121 deny ip 0.0.0.0 0.255.255.255 any
access-list 121 deny ip 127.0.0.0 0.255.255.255 any
access-list 121 deny ip 255.0.0.0 0.255.255.255 any
access-list 121 deny ip host <Customer IP> any
access-list 121 permit ip any any
!
access-list 101 permit udp host 0.0.0.0 any eq bootps
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
!
access-list 10 permit 192.168.1.0 0.0.0.255
!
line con 0
password XXXX
line vty 0 4
access-class 10 in
password XXXX
!
end
copy running-config startup-config
Reload
y