edgeRunners_startup-config.txt

!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname edgeRunner
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
username dima password 0 cisco
!
!
license udi pid CISCO2911/K9 sn FTX1524IRTZ-
!
!
!
!
!
!
!
!
!
ip ssh version 1
ip domain-name dima
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
 ip address 87.7.25.2 255.255.255.0
 ip access-group from_out in
 ip nat outside
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 no ip address
 ip access-group from_in in
 duplex auto
 speed auto
!
interface GigabitEthernet0/1.1
 no ip address
!
interface GigabitEthernet0/1.2
 encapsulation dot1Q 2
 ip address 192.27.25.1 255.255.255.0
 ip access-group from_in in
 ip nat inside
!
interface GigabitEthernet0/1.3
 encapsulation dot1Q 3
 ip address 192.7.25.1 255.255.255.0
 ip access-group from_in in
 ip nat inside
!
interface GigabitEthernet0/1.4
 encapsulation dot1Q 4
 ip address 192.17.25.1 255.255.255.0
 ip access-group from_in in
 ip nat inside
!
interface GigabitEthernet0/1.5
 encapsulation dot1Q 5
 ip address 192.37.25.1 255.255.255.0
 ip helper-address 192.27.25.2
 ip access-group from_in in
 ip nat inside
!
interface GigabitEthernet0/2
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
ip nat inside source list FOR-NAT interface GigabitEthernet0/0 overload
ip nat inside source static tcp 192.27.25.2 80 87.7.25.2 80 
ip classless
ip route 0.0.0.0 0.0.0.0 87.7.25.1 
!
ip flow-export version 9
!
!
ip access-list standard FOR-NAT
 permit any
ip access-list extended from_out
 deny ip any 192.0.0.0 0.255.255.255
 permit ip any host 87.7.25.2
 permit tcp host 89.7.25.2 host 87.7.25.2 eq 22
ip access-list extended from_in
 deny ip 192.27.25.0 0.0.0.255 host 89.7.25.2
 permit ip host 192.17.25.3 host 88.7.25.2
 permit ip 192.7.25.0 0.0.0.255 host 88.7.25.2
 permit ip any host 89.7.25.2
 permit ip 192.7.25.0 0.0.0.255 host 192.27.25.3
 permit ip host 192.27.25.3 192.7.25.0 0.0.0.255
 permit ip 192.17.25.0 0.0.0.255 host 192.27.25.3
 permit ip host 192.27.25.3 192.17.25.0 0.0.0.255
 deny ip any host 192.27.25.3
 deny ip any host 88.7.25.2
 permit tcp 192.7.25.0 0.0.0.255 host 192.7.25.1 eq 22
 permit ip any any
ip access-list standard to_ssh
 permit host 89.7.25.2
 permit 192.7.25.0 0.0.0.255
 deny any
!
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
 access-class to_ssh in
 ipv6 access-class to_ssh in
 login local
 transport input ssh
!
!
!
end