Use this config to catch up with some of the features/functions used on day 1. Review the lab thus far and add anything that is missing.

 

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
! Service Configs
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!
! Service that should be turned off
!
no service udp-small-servers
no service tcp-small-servers
no service pad
no service finger
!
! Services that should be turned on
!
service password-encryption
service nagle
service timestamps debug datetime msec
service timestamps log datetime msec
service compress-config
service tcp-keepalives-in
service sequence-numbers
!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!
! DNS Config
!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!
ip domain-name ispbook.com
no ip domain-lookup
!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!
! Process Overload Commands
!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!
scheduler allocate 30000 2000
process-max-time 200
!
!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
! Misc commands
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
no ip bootp server
ip subnet-zero
no ip source-route
ip classless
ip bgp new-format
no cdp run
!
ip icmp rate-limit unreachable 2000
ip icmp rate-limit unreachable DF 2000
!
ip spd mode aggressive
spd headroom 1000
!
!
ip tcp selective-ack
ip tcp mss 1460
ip tcp window-size 65535
ip tcp queuemax 50
ip tcp path-mtu-discovery
ip ftp source-interface Loopback0
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
! Router's console Connection
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!
line con 0
session-timeout 90 output
history size 256
exec-timeout 1000 0
!
!!!!!!!!!!!!!!!!!!!!!!!!!!
! Router VTY Config
!!!!!!!!!!!!!!!!!!!!!!!!!!
!
line vty 0 4
session-timeout 10 output
transport input telnet
exec-timeout 1000 0
history size 256
access-class 199 in
!
!!!!!!!!!!!!!!!!!!!!!!!!!
! VTY Access-List
!!!!!!!!!!!!!!!!!!!!!!!!!
!
access-list 199 permit tcp 10.0.0.0 0.255.255.255 any eq 22 log-input
access-list 199 permit tcp 10.0.0.0 0.255.255.255 any eq telnet log-input
access-list 199 permit   tcp any any log-input
access-list 199 permit   udp any any log-input
access-list 199 permit   ip any any log-input
!!!!!!!!!!
! AAA
!!!!!!!!!!!
aaa new-model
aaa authentication login default local
aaa authentication enable default enable
!
username cisco privilege 1 secret lab-PW
username tech privilege 5 secret lab-PW
username noc privilege 10 secret lab-PW
username neteng privilege 15 secret lab-PW
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
! Logging and Syslog Commands
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
no logging console
logging buffered 16384
logging trap debugging
logging rate-limit all 10
logging source-interface loopback 0
Risky Business
All security professionals should listen to this podcast every week!