cerebrate · June 17, 2017 17:17
diff --git a/stargate-config b/stargate-config
 version 12.4
 no service pad
 service timestamps debug datetime msec
 service timestamps log datetime msec
 service password-encryption
 service linenumber
 !
 hostname stargate
 !
 boot-start-marker
 boot-end-marker
 !
 logging message-counter syslog
 logging buffered 16384 informational
 logging rate-limit 30 except warnings
 enable secret 5 <ENABLE_SECRET_GOES_HERE>
 enable password 7 <ENABLE_PASSWORD_GOES_HERE>
 !
 aaa new-model
 !
 !
 aaa authentication login default local
 !
 !
 aaa session-id common
 clock timezone cst -6
 clock summer-time CDT recurring
 !
 !
 dot11 syslog
 no ip source-route
 !
 !
 !
 !
 ip cef
 ip domain name arkane-systems.lan
 ip host stargate 172.16.0.254
 ip host calmirie 172.16.0.128
 ip host ariadne 172.16.0.72
 ip host xboxone 172.16.1.14
 ip name-server 172.16.0.128
 ip ddns update method DynDNS
 HTTP
  add http://<USERNAME_AND_PASSWORD_HERE>@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
  remove http://<USERNAME_AND_PASSWORD_HERE>@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
 interval maximum 28 0 0 0
 interval minimum 28 0 0 0
 !
 ipv6 unicast-routing
 ipv6 cef
 !
 multilink bundle-name authenticated
 !
 !
 !
 username <USERNAME_HERE> password 7 <PASSWORD_HERE>
 !
 !
 crypto isakmp policy 10
 encr 3des
 authentication pre-share
 group 2
 !
 !
 archive
 log config
  logging enable
  hidekeys
 path flash:
 maximum 3
 write-memory
 !
 !
 !
 !
 !
 interface Loopback0
 ip address 172.20.0.1 255.255.255.252
 ipv6 address FEC0:0:0:9::1/128
 !
 interface Null0
 no ip unreachables
 !
 interface FastEthernet0
 description LAN Ethernet switch connection
 hold-queue 100 out
 !
 interface FastEthernet1
 description Xbox One
 hold-queue 100 out
 !
 interface FastEthernet2
 shutdown
 !
 interface FastEthernet3
 shutdown
 !
 interface FastEthernet4
 description Internet
 bandwidth 100000
 ip dhcp client update dns server none
 ip ddns update DynDNS
 ip address dhcp hostname stargate.arkane-systems.net
 ip access-group 111 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 ipv6 address dhcp rapid-commit
 ipv6 address autoconfig default
 ipv6 enable
 ipv6 traffic-filter exterior-in6 in
 ipv6 traffic-filter exterior-out6 out
 ipv6 dhcp client pd hint ::/56
 ipv6 dhcp client pd prefix-from-provider rapid-commit
 ipv6 virtual-reassembly
 no cdp enable
 !
 interface Vlan1
 description Internal network
 ip address 172.16.0.254 255.255.0.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
 ipv6 address FDC9:B01A:9D26::FE/64
 ipv6 address prefix-from-provider ::1:0:0:0:1/64
 ipv6 enable
 ipv6 nd prefix default 3600 3600
 ipv6 nd prefix FDC9:B01A:9D26::/64 3600 3600
 ipv6 nd other-config-flag
 ipv6 virtual-reassembly
 !
 ip forward-protocol nd
 no ip http server
 ip http access-class 75
 ip http authentication local
 no ip http secure-server
 ip http timeout-policy idle 5 life 86400 requests 10000
 !
 !
 ip nat inside source list 1 interface FastEthernet4 overload
 ip nat inside source static udp 172.16.1.14 3074 interface FastEthernet4 3074
 ip nat inside source static udp 172.16.1.14 88 interface FastEthernet4 88
 ip nat inside source static udp 172.16.1.14 5060 interface FastEthernet4 5060
 ip nat inside source static udp 172.16.1.14 5061 interface FastEthernet4 5061
 ip nat inside source static tcp 172.16.0.72 880 interface FastEthernet4 443
 !
 access-list 1 permit 172.16.0.0 0.0.255.255
 access-list 1 remark NAT-enabled addresses
 access-list 75 permit 172.16.0.0 0.0.255.255 log
 access-list 75 deny   any log
 access-list 75 remark Access to router TTYs
 access-list 111 deny   ip 172.16.0.0 0.0.255.255 any
 access-list 111 permit ip any any
 access-list 111 remark prevent spoofing - block external inbounds with local source addrs
 ipv6 route 100::/64 Null0
 ipv6 route 2001:10::/28 Null0
 ipv6 route 2001:DB8::/32 Null0
 !
 !
 !
 !
 !
 ipv6 access-list exterior-in6
 sequence 5 permit icmp any any
 sequence 10 permit udp any any eq 546
 evaluate exterior-reflect
 sequence 100 deny ipv6 any any
 !
 ipv6 access-list exterior-out6
 sequence 20 permit ipv6 any any reflect exterior-reflect
 !
 ipv6 access-list console
 permit ipv6 FDC9:B01A:9D26::/48 any
 !
 control-plane
 !
 banner exec ^C
 Welcome, you have connected to router $(hostname).$(domain)
 on line $(line).
 ^C
 banner login ^C
 +--------------------------------------------------------------------+
 |                              WARNING                               |
 |                              -------                               |
 | This is a secure system. Do not log in without proper              |
 | authorisation.                                                     |
 |                                                                    |
 | All users of this system consent to having all of their activities |
 | monitored and recorded. Unauthorised use will be prosecuted to the |
 | full extent permitted by law.                                      |
 +--------------------------------------------------------------------+
 ^C
 !
 line con 0
 location Living room
 no modem enable
 transport preferred none
 transport output all
 speed 115200
 line aux 0
 transport output all
 line vty 0 4
 access-class 75 in
 privilege level 15
 ipv6 access-class console in
 transport preferred none
 transport input all
 transport output all
 !
 scheduler max-task-time 5000
 ntp server 172.16.0.128
 end
	version 12.4
	no service pad
	service timestamps debug datetime msec
	service timestamps log datetime msec
	service password-encryption
	service linenumber
	!
	hostname stargate
	!
	boot-start-marker
	boot-end-marker
	!
	logging message-counter syslog
	logging buffered 16384 informational
	logging rate-limit 30 except warnings
	enable secret 5 <ENABLE_SECRET_GOES_HERE>
	enable password 7 <ENABLE_PASSWORD_GOES_HERE>
	!
	aaa new-model
	!
	!
	aaa authentication login default local
	!
	!
	aaa session-id common
	clock timezone cst -6
	clock summer-time CDT recurring
	!
	!
	dot11 syslog
	no ip source-route
	!
	!
	!
	!
	ip cef
	ip domain name arkane-systems.lan
	ip host stargate 172.16.0.254
	ip host calmirie 172.16.0.128
	ip host ariadne 172.16.0.72
	ip host xboxone 172.16.1.14
	ip name-server 172.16.0.128
	ip ddns update method DynDNS
	HTTP
	add http://<USERNAME_AND_PASSWORD_HERE>@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
	remove http://<USERNAME_AND_PASSWORD_HERE>@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
	interval maximum 28 0 0 0
	interval minimum 28 0 0 0
	!
	ipv6 unicast-routing
	ipv6 cef
	!
	multilink bundle-name authenticated
	!
	!
	!
	username <USERNAME_HERE> password 7 <PASSWORD_HERE>
	!
	!
	crypto isakmp policy 10
	encr 3des
	authentication pre-share
	group 2
	!
	!
	archive
	log config
	logging enable
	hidekeys
	path flash:
	maximum 3
	write-memory
	!
	!
	!
	!
	!
	interface Loopback0
	ip address 172.20.0.1 255.255.255.252
	ipv6 address FEC0:0:0:9::1/128
	!
	interface Null0
	no ip unreachables
	!
	interface FastEthernet0
	description LAN Ethernet switch connection
	hold-queue 100 out
	!
	interface FastEthernet1
	description Xbox One
	hold-queue 100 out
	!
	interface FastEthernet2
	shutdown
	!
	interface FastEthernet3
	shutdown
	!
	interface FastEthernet4
	description Internet
	bandwidth 100000
	ip dhcp client update dns server none
	ip ddns update DynDNS
	ip address dhcp hostname stargate.arkane-systems.net
	ip access-group 111 in
	no ip redirects
	no ip unreachables
	no ip proxy-arp
	ip nat outside
	ip virtual-reassembly
	duplex auto
	speed auto
	ipv6 address dhcp rapid-commit
	ipv6 address autoconfig default
	ipv6 enable
	ipv6 traffic-filter exterior-in6 in
	ipv6 traffic-filter exterior-out6 out
	ipv6 dhcp client pd hint ::/56
	ipv6 dhcp client pd prefix-from-provider rapid-commit
	ipv6 virtual-reassembly
	no cdp enable
	!
	interface Vlan1
	description Internal network
	ip address 172.16.0.254 255.255.0.0
	ip nat inside
	ip virtual-reassembly
	ip tcp adjust-mss 1452
	ipv6 address FDC9:B01A:9D26::FE/64
	ipv6 address prefix-from-provider ::1:0:0:0:1/64
	ipv6 enable
	ipv6 nd prefix default 3600 3600
	ipv6 nd prefix FDC9:B01A:9D26::/64 3600 3600
	ipv6 nd other-config-flag
	ipv6 virtual-reassembly
	!
	ip forward-protocol nd
	no ip http server
	ip http access-class 75
	ip http authentication local
	no ip http secure-server
	ip http timeout-policy idle 5 life 86400 requests 10000
	!
	!
	ip nat inside source list 1 interface FastEthernet4 overload
	ip nat inside source static udp 172.16.1.14 3074 interface FastEthernet4 3074
	ip nat inside source static udp 172.16.1.14 88 interface FastEthernet4 88
	ip nat inside source static udp 172.16.1.14 5060 interface FastEthernet4 5060
	ip nat inside source static udp 172.16.1.14 5061 interface FastEthernet4 5061
	ip nat inside source static tcp 172.16.0.72 880 interface FastEthernet4 443
	!
	access-list 1 permit 172.16.0.0 0.0.255.255
	access-list 1 remark NAT-enabled addresses
	access-list 75 permit 172.16.0.0 0.0.255.255 log
	access-list 75 deny any log
	access-list 75 remark Access to router TTYs
	access-list 111 deny ip 172.16.0.0 0.0.255.255 any
	access-list 111 permit ip any any
	access-list 111 remark prevent spoofing - block external inbounds with local source addrs
	ipv6 route 100::/64 Null0
	ipv6 route 2001:10::/28 Null0
	ipv6 route 2001:DB8::/32 Null0
	!
	!
	!
	!
	!
	ipv6 access-list exterior-in6
	sequence 5 permit icmp any any
	sequence 10 permit udp any any eq 546
	evaluate exterior-reflect
	sequence 100 deny ipv6 any any
	!
	ipv6 access-list exterior-out6
	sequence 20 permit ipv6 any any reflect exterior-reflect
	!
	ipv6 access-list console
	permit ipv6 FDC9:B01A:9D26::/48 any
	!
	control-plane
	!
	banner exec ^C
	Welcome, you have connected to router $(hostname).$(domain)
	on line $(line).
	^C
	banner login ^C
	+--------------------------------------------------------------------+
	\| WARNING \|
	\| ------- \|
	\| This is a secure system. Do not log in without proper \|
	\| authorisation. \|
	\| \|
	\| All users of this system consent to having all of their activities \|
	\| monitored and recorded. Unauthorised use will be prosecuted to the \|
	\| full extent permitted by law. \|
	+--------------------------------------------------------------------+
	^C
	!
	line con 0
	location Living room
	no modem enable
	transport preferred none
	transport output all
	speed 115200
	line aux 0
	transport output all
	line vty 0 4
	access-class 75 in
	privilege level 15
	ipv6 access-class console in
	transport preferred none
	transport input all
	transport output all
	!
	scheduler max-task-time 5000
	ntp server 172.16.0.128
	end