WASWAN1# WASWAN1#show run Building configuration... Current configuration : 18813 bytes ! ! Last configuration change at 15:00:44 EST Fri Nov 23 2012 by mjdahm ! NVRAM config last updated at 13:54:53 EST Sat Nov 10 2012 by mjdahm ! NVRAM config last updated at 13:54:53 EST Sat Nov 10 2012 by mjdahm version 15.1 service nagle no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime service timestamps log datetime msec localtime service password-encryption service sequence-numbers ! hostname WASWAN1 ! boot-start-marker boot-end-marker ! ! ! card type command needed for slot/vwic-slot 0/0 logging buffered 1000000 no logging console enable secret 4 2e331a6dSmqNhtyBF0hTkudkXrLz/UMMzpUXX.4uYfE ! aaa new-model ! ! aaa authentication login default group tacacs+ local aaa authentication login console local ! ! ! ! ! aaa session-id common ! clock timezone EST -5 0 clock summer-time EDT recurring ! crypto pki token default removal timeout 0 ! crypto pki trustpoint TP-self-signed-135796997 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-135796997 revocation-check none rsakeypair TP-self-signed-135796997 ! ! crypto pki certificate chain TP-self-signed-135796997 certificate self-signed 01 30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 31333537 39363939 37301E17 0D313230 36323631 33343633 365A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3133 35373936 39393730 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 A66EB2FE 85E6AD6C 73ADBFE8 921A3C23 04C4B20B C0F7F531 20B91459 1C9614D0 5BD97E6C 2861F242 C92E5F82 0D10230D 5176623E 50A61455 C9D7EFCA 9A8D0A20 BAC4ED43 D8DA1A6D F5C0F809 FCF2672F 7C7E7031 AADDC392 AD5BDD2C A60D0457 5681CE07 0284C671 520ED301 A427BF4E EB437A5B FFC9E5DC 281854E2 1DC070E3 02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D 23041830 1680145C 5118C3EA F6AAA331 71DF274A 56BF2ECD 03097330 1D060355 1D0E0416 04145C51 18C3EAF6 AAA33171 DF274A56 BF2ECD03 0973300D 06092A86 4886F70D 01010505 00038181 005FEF4F F86E228B 6B8C5921 AE619A2C 052F803C A0366CF0 56FF3EC1 5843B148 8D5363D7 A2491879 D9122650 F4A6B98F 992F9988 DFDB1706 263F3BF4 293BC16D 8597447A 9A96155C 2DA6176D 350DF98A 094D38A6 F56C31DF B27C5C85 3861083C AAE405EB 39790359 EC754BBC AA7AB913 ED1C5A81 F6204C26 BF28BA4A 48307EF3 EC quit no ipv6 cef no ip source-route no ip gratuitous-arps ip cef ! ! ! ! ! no ip domain lookup ip domain name us.firm.hklaw.com ! multilink bundle-name authenticated ! ! ! ! ! voice-card 0 ! ! ! voice service voip ip address trusted list ipv4 10.0.0.0 255.0.0.0 allow-connections h323 to sip allow-connections sip to h323 allow-connections sip to sip fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none sip registrar server expires max 1200 min 300 ! ! voice register global mode cme source-address 10.146.1.11 port 5060 max-dn 20 max-pool 10 authenticate register tftp-path flash: create profile sync 0509203430811471 ! voice register dn 1 number 75389 allow watch name Biamp label 75389 ! voice register dn 2 number 75390 allow watch name Biamp 2 label 75390 ! voice register dn 3 number 75399 allow watch name Biamp label 75399 ! voice register pool 1 id mac 1111.1111.2222 number 1 dn 1 dtmf-relay sip-notify username biampll password conference1 codec g711ulaw ! voice register pool 2 id mac DEAD.FEED.B00B number 1 dn 2 dtmf-relay sip-notify username batcave password conference1 codec g711ulaw ! voice register pool 3 id mac 1111.1111.3333 number 1 dn 3 dtmf-relay sip-notify username BoardRoom password conference1 codec g711ulaw ! ! ! ! license udi pid C3900-SPE100/K9 sn FOC16244FUF hw-module pvdm 0/0 ! ! ! archive log config hidekeys username hkuser privilege 15 password 7 1040590E040E1B05 ! redundancy ! ! ! ! ip tcp selective-ack ip tcp path-mtu-discovery ip ssh version 2 ! class-map match-any VIDEO match dscp af41 class-map match-any VOICE match dscp ef class-map match-any SCAVENGER match protocol gnutella match protocol kazaa2 match protocol fasttrack match protocol edonkey match protocol winmx class-map match-any APPLICATION-TIER-1 match dscp af31 match protocol exchange match protocol pop3 match protocol smtp match protocol ldap match protocol citrix match protocol sqlserver match access-group name adobe_connect class-map match-any APPLICATION-TIER-2 match dscp af21 match protocol telnet match protocol ssh match protocol smtp match access-group name Anti-Virus-ACL match access-group name Adobe-ACL match access-group name General_Applications-ACL class-map match-any INTERNET-MAP match access-group name INTERNET-ACL ! ! policy-map SP-WAN-OUT class VOICE priority percent 10 class VIDEO priority percent 15 class APPLICATION-TIER-1 bandwidth percent 35 class APPLICATION-TIER-2 bandwidth percent 15 class class-default fair-queue policy-map LAN-TO-WAN-IN class VOICE set ip dscp ef class VIDEO set ip dscp af41 class APPLICATION-TIER-1 set ip dscp af31 class APPLICATION-TIER-2 set ip dscp af21 class SCAVENGER set ip dscp default class class-default set ip dscp default ! ! ! ! ! ! ! ! interface Loopback0 description Management Interface ip address 10.146.255.2 255.255.255.255 ! interface Embedded-Service-Engine0/0 no ip address shutdown ! interface GigabitEthernet0/0 description To Core WASCORE1 ip address 10.146.1.11 255.255.252.0 ip flow ingress ip flow egress duplex auto speed auto h323-gateway voip interface h323-gateway voip bind srcaddr 10.146.1.11 service-policy input LAN-TO-WAN-IN ! interface GigabitEthernet0/1 description TWTC MPLS 74/KEFN/106783/TWCS bandwidth 45000 ip address 198.18.170.114 255.255.255.252 ip flow ingress ip flow egress duplex full speed 100 service-policy output SP-WAN-OUT ! interface GigabitEthernet0/2 no ip address shutdown duplex auto speed auto ! router ospf 10 router-id 10.146.255.2 network 10.146.0.0 0.0.3.255 area 0 network 10.146.4.0 0.0.3.255 area 0 network 10.146.8.0 0.0.3.255 area 0 network 10.146.12.0 0.0.3.255 area 0 network 10.146.16.0 0.0.3.255 area 0 network 10.146.20.0 0.0.3.255 area 0 network 10.146.24.0 0.0.3.255 area 0 network 10.146.32.0 0.0.3.255 area 0 network 10.146.64.0 0.0.0.255 area 0 network 10.146.65.0 0.0.0.255 area 0 network 10.146.128.0 0.0.3.255 area 0 network 10.146.136.0 0.0.3.255 area 0 network 10.146.140.0 0.0.3.255 area 0 network 10.146.144.0 0.0.3.255 area 0 network 10.146.148.0 0.0.3.255 area 0 network 10.146.152.0 0.0.3.255 area 0 network 10.146.156.0 0.0.3.255 area 0 network 10.146.160.0 0.0.3.255 area 0 network 10.146.192.0 0.0.3.255 area 0 network 10.146.232.0 0.0.3.255 area 0 network 10.146.240.0 0.0.3.255 area 0 network 10.146.248.0 0.0.3.255 area 0 network 10.146.255.2 0.0.0.0 area 0 network 10.146.255.0 0.0.0.255 area 0 network 198.18.170.112 0.0.0.3 area 0 ! ip forward-protocol nd ! ip http server ip http secure-server ip flow-export source Loopback0 ip flow-export version 9 ip flow-export destination 10.22.1.51 2055 ! ! ip access-list extended Adobe-ACL remark Communciations to/from ADOBE servers permit tcp host 10.19.40.51 host 10.22.46.91 eq www 443 1935 permit tcp 172.0.238.10 0.255.0.0 host 10.22.46.91 eq www 443 1935 permit tcp host 10.22.46.91 eq www 443 1935 host 10.19.40.51 permit tcp host 10.22.46.91 eq www 443 1935 172.0.238.10 0.255.0.0 permit tcp any host 10.22.46.91 eq www 443 1935 ip access-list extended Anti-Virus-ACL remark Communications to/from Anti-Virus Servers in QCO/QFL permit tcp any host 10.22.42.99 eq www 9090 139 1433 permit tcp any host 10.26.42.99 eq www 9090 139 1433 permit tcp host 10.22.42.99 eq www 9090 139 1433 any permit tcp host 10.26.42.99 eq www 9090 139 1433 any permit tcp host 10.22.42.99 eq 8443 any permit tcp host 10.26.42.99 eq 8443 any remark Communications to/from remote office (General Statement) permit tcp any 172.0.235.131 0.255.0.0 eq www 2967 permit tcp 172.0.235.131 0.255.0.0 eq www 2967 any remark Specific communications to/from remote office (Lakeland - ADM) permit tcp any host 172.15.235.75 eq www 2967 permit tcp host 172.15.235.75 eq www 2967 any remark Specific Communications to/from remote office (Tampa - FRM) permit ip any host 10.26.44.40 permit ip host 10.26.44.40 any ip access-list extended General_Applications-ACL remark TFTP (Match TFTP) permit udp any any eq tftp remark FTP (Match FTP) permit tcp any any eq ftp remark HP SIMS permit tcp any any eq 2301 2381 5989 permit tcp any eq 2301 2381 5989 any deny ip any host 10.26.42.41 remark Communications to Application Subnet permit ip any 10.22.42.0 0.0.0.255 permit ip any 10.22.45.0 0.0.0.255 permit ip any 10.22.47.0 0.0.0.255 permit ip any 10.22.48.0 0.0.0.255 permit ip 10.22.42.0 0.0.0.255 any permit ip 10.22.45.0 0.0.0.255 any permit ip 10.22.47.0 0.0.0.255 any permit ip 10.22.48.0 0.0.0.255 any remark ICMP messages permit icmp any any echo permit icmp any any echo-reply permit icmp any any time-exceeded remark SNMP permit ip 172.0.3.0 0.255.0.255 10.0.232.0 0.255.0.255 permit ip 172.0.3.0 0.255.0.255 10.0.3.0 0.255.0.255 permit ip 172.0.3.0 0.255.0.255 172.0.232.0 0.255.0.255 permit ip 172.0.3.0 0.255.0.255 172.0.3.0 0.255.0.255 ip access-list extended adobe_connect remark QFLWEBINARS Servers permit ip host 10.22.42.90 any permit ip host 10.22.42.92 any ! logging trap debugging logging 10.22.42.71 access-list 23 permit 10.10.10.0 0.0.0.7 ! ! ! ! nls resp-timeout 1 cpd cr-id 1 ! snmp-server community HKITNET RW snmp-server community HKpublic RO snmp-server location Washington DC snmp-server contact Networks Group,it-networks@hklaw.com tftp-server flash:apps37sccp.1-4-4-0.bin tacacs-server host 10.26.43.60 key 7 011913174F00030A315F590014081E1C0C tacacs-server directed-request ! ! ! control-plane ! ! voice-port 0/1/0 ! voice-port 0/1/1 ! voice-port 0/1/2 ! voice-port 0/1/3 ! ! ! mgcp profile default ! ! dial-peer voice 10 voip destination-pattern 9T session target ipv4:10.146.128.50 dtmf-relay h245-alphanumeric codec g711ulaw clid network-number 2029553000 ! dial-peer voice 20 voip destination-pattern [1-8].... session target ipv4:10.146.128.50 dtmf-relay h245-alphanumeric codec g711ulaw ! dial-peer voice 1 voip incoming called-number . dtmf-relay rtp-nte codec g711ulaw ! dial-peer voice 11 voip destination-pattern 91[2-9]......... session target ipv4:10.146.128.50 dtmf-relay h245-alphanumeric codec g711ulaw clid network-number 2029553000 ! dial-peer voice 12 voip destination-pattern 9[2-9]......... session target ipv4:10.146.128.50 dtmf-relay h245-alphanumeric codec g711ulaw clid network-number 2029553000 ! ! ! ! gatekeeper shutdown ! ! telephony-service no auto-reg-ephone max-ephones 32 max-dn 64 ip source-address 10.146.1.11 port 2000 timeouts interdigit 6 load 7937 apps37sccp.1-4-4-0 max-conferences 8 gain -6 transfer-system full-consult secondary-dialtone 9 create cnf-files version-stamp 7960 Aug 06 2012 09:21:20 ! ! ephone-dn 1 dual-line number 75375 label Conference Room A - 75375 name Conference Room A ! ! ephone-dn 2 dual-line number 75376 label A8 - 75376 name A8 ! ! ephone-dn 3 dual-line number 75377 label Conference Room C - 75377 name Conference Room C ! ! ephone-dn 4 dual-line number 75378 label SR7060 - 75378 name SR7060 ! ! ephone-dn 5 dual-line number 75379 label SR9 - 75379 name SR9 ! ! ephone-dn 6 dual-line number 75380 label Conference Room F - 75380 name Conference Room F ! ! ephone-dn 7 dual-line number 75381 label SR10 - 75381 name SR10 ! ! ephone-dn 8 dual-line number 75382 label Conference Room H - 75382 name Conference Room H ! ! ephone-dn 9 dual-line number 75383 label Boardroom - 75383 name Boardroom ! ! ephone-dn 10 dual-line number 75384 label Conference Room J - 75384 name Conference Room J ! ! ephone-dn 11 dual-line number 75385 label Conference Room K - 75385 name Conference Room K ! ! ephone-dn 12 dual-line number 75386 label Conference Room E - 75386 name Conference Room E ! ! ephone-dn 13 dual-line number 75387 label VTC - 75387 name VTC ! ! ephone-dn 14 dual-line number 75388 label Conference Room D - 75388 name Conference Room D ! ! ephone-dn 17 dual-line number 75391 label Conference Room Q - 75391 name Conference Room Q ! ! ephone-dn 18 dual-line number 75392 label Conference Room R - 75392 name Conference Room R ! ! ephone-dn 19 dual-line number 75393 label Conference Room S - 75393 name Conference Room S ! ! ephone-dn 20 dual-line number 75394 label Conference Room T - 75394 name Conference Room T ! ! ephone-dn 21 dual-line number 75395 label Conference Room U - 75395 name Conference Room U ! ! ephone-dn 22 dual-line number 75396 label Conference Room V - 75396 name Conference Room V ! ! ephone-dn 23 dual-line number 75397 label Conference Room W - 75397 name Conference Room W ! ! ephone-dn 24 dual-line number 75398 label Conference Room X - 75398 name Conference Room X ! ! ephone 1 device-security-mode none description Conference Room A mac-address 0004.F2F0.EF6F busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:1 ! ! ! ephone 2 device-security-mode none description A8 mac-address 0004.F2F0.F03A busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:2 ! ! ! ephone 3 device-security-mode none description Conference Room C mac-address 0004.F2F0.F1F2 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:3 ! ! ! ephone 4 device-security-mode none description SR7060 mac-address 0004.F2F0.EF75 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:4 ! ! ! ephone 5 device-security-mode none description SR9 mac-address 0004.F2F0.EE7C busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:5 ! ! ! ephone 6 device-security-mode none description Conference Room F mac-address 0004.F2F0.EC9F busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:6 ! ! ! ephone 7 device-security-mode none description SR10 mac-address 0004.F2F0.F337 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:7 ! ! ! ephone 8 device-security-mode none description Conference Room H mac-address 0004.F2F0.EDDB busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:8 ! ! ! ephone 9 device-security-mode none description Boardroom mac-address 0004.F2F0.F151 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:9 ! ! ! ephone 10 device-security-mode none description Conference Room J mac-address 0004.F2F0.EDDE type 7937 keep-conference endcall button 1:10 ! ! ! ephone 11 device-security-mode none description Conference Room K mac-address 0004.F2F0.EF04 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:11 ! ! ! ephone 12 device-security-mode none description Conference Room E mac-address 0004.F2F0.E8DE busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:12 ! ! ! ephone 13 device-security-mode none description VTC mac-address 0004.F2F0.ED9A busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:13 ! ! ! ephone 14 device-security-mode none description Conference Room D mac-address 0004.F2F0.EF70 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:14 ! ! ! ephone 16 device-security-mode none description Conference Room P mac-address 0000.0000.0016 busy-trigger-per-button 8 type 7937 keep-conference endcall ! ! ! ephone 17 device-security-mode none description Conference Room Q mac-address 0000.0000.0017 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:17 ! ! ! ephone 18 device-security-mode none description Conference Room R mac-address 0000.0000.0018 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:18 ! ! ! ephone 19 device-security-mode none description Conference Room S mac-address 0000.0000.0019 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:19 ! ! ! ephone 20 device-security-mode none description Conference Room T mac-address 0000.0000.0020 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:20 ! ! ! ephone 21 device-security-mode none description Conference Room U mac-address 0000.0000.0021 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:21 ! ! ! ephone 22 device-security-mode none description Conference Room V mac-address 0000.0000.0022 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:22 ! ! ! ephone 23 device-security-mode none description Conference Room W mac-address 0000.0000.0023 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:23 ! ! ! ephone 24 device-security-mode none description Conference Room X mac-address 0000.0000.0024 busy-trigger-per-button 8 type 7937 keep-conference endcall button 1:24 ! ! ! ephone 25 device-security-mode none description Conference Room Y mac-address 0000.0000.0025 busy-trigger-per-button 8 type 7937 keep-conference endcall ! ! ! ephone 40 device-security-mode none ! ! ! banner login ^C ************************************************************************************ This network and its resources are the proprietary property of Holland & Knight and may be used only by authorized personnel for conducting Holland & Knight business. Anyone using this system expressly consents to monitoring and is advised that if such monitoring reveals potential criminal activity, system personnel may provide evidence of that activity to law enforcement officials. Unauthorized use may result in disciplinary action and/or legal prosecution. If you have any questions with regards to accessing this system please contact the IT Helpdesk at x 36789 or 813-227-6789 or 866-757-6789 or email ithelpdesk@hklaw.com. ************************************************************************************ ^C ! line con 0 line aux 0 exec-timeout 0 0 password 7 09421E1E181C1E1C no exec transport input all transport output none stopbits 1 flowcontrol hardware line 2 no activation-character no exec transport preferred none transport input all transport output pad telnet rlogin lapb-ta mop udptn v120 ssh stopbits 1 line vty 0 4 logging synchronous transport input telnet ssh line vty 5 15 logging synchronous transport input telnet ssh ! scheduler allocate 20000 1000 ntp server 10.22.40.26 end WASWAN1# WASWAN1# WASWAN1# WASWAN1# WASWAN1#