version 12.

4
service nagle
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname r5418-1
!
boot-start-marker
boot system flash c3725-advipservicesk9-mz.124-4.XC1.bin
boot-end-marker
!
logging count
logging queue-limit 250
logging buffered 50000 informational
no logging rate-limit
logging console informational
logging monitor informational
enable secret 5 xxxxxxxxxxxxxxxxxxxxxx
!
aaa new-model
!
!
aaa group server radius default
!
aaa authentication login default local-case
aaa accounting system default start-stop group default
!
aaa session-id common
!
resource policy
!
clock timezone EST -5
clock summer-time EDT recurring
no ip source-route
ip cef
!
!
ip dhcp relay information policy drop
ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp excluded-address 192.168.1.250 192.168.1.255
ip dhcp excluded-address 192.168.2.1
!
ip dhcp pool Home
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
netbios-node-type h-node
domain-name thewaystation.com
dns-server 192.168.1.5
lease 30
!
ip dhcp pool Laptop
host 192.168.1.10 255.255.255.0
client-identifier 01xx.xxxx.xxxx.xx
 client-name WorkLaptop
default-router 192.168.1.1
netbios-node-type h-node
domain-name thewaystation.com
dns-server 192.168.1.5
lease infinite
!
ip dhcp pool Phones
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
option 150 ip 192.168.2.1
dns-server 192.168.1.5 4.2.2.1
domain-name thewaystation.com
lease 0 0 30
!
!
ip flow-cache timeout active 1
no ip bootp server
ip domain name thewaystation.com
ip name-server 192.168.1.5
ip multicast-routing
ip ssh time-out 30
ip ssh version 2
ip inspect max-incomplete low 100
ip inspect max-incomplete high 300
ip inspect udp idle-time 60
ip inspect dns-timeout 60
ip inspect tcp idle-time 7200
ip inspect tcp finwait-time 8
ip inspect tcp max-incomplete host 100 block-time 1
ip inspect name Internet ftp alert on audit-trail on timeout 120
ip inspect name Internet fragment maximum 250 timeout 15
ip inspect name Internet tcp alert on timeout 7200
ip inspect name Internet http alert on timeout 120
ip inspect name Internet icmp alert on timeout 10
ip inspect name Internet udp alert on timeout 60
ip inspect name firewall ftp alert on audit-trail on timeout 120
ip inspect name firewall fragment maximum 250 timeout 15
ip inspect name firewall icmp alert on audit-trail on
ip inspect name firewall http alert on timeout 120
ip inspect name firewall udp alert on timeout 60
ip inspect name firewall tcp alert on timeout 7200
ip ips name Internet
ip accounting-threshold 100
ip accounting-list 192.168.1.0 0.0.0.255
!
!
trunk group outbound
!
!
!
voice statistics time-range since-reset
!
voice translation-rule 1
rule 1 // /xxxxxxx/
!
voice translation-rule 9
 rule 1 /9\(1..........\)/ /\1/
rule 2 /9\(.......\)/ /\1/
rule 3 /9\(011.*\)/ /\1/
!
voice translation-rule 91
rule 1 /^614\(.*\)/ /9\1/
rule 2 /^\(..........\)/ /91\1/
rule 3 /^\(.*\)/ /9\1/
!
!
voice translation-profile cid_fix
translate calling 91
!
voice translation-profile default
translate called 1
!
voice translation-profile strip_9_out
translate called 9
!
!
!
!
username user privilege 15 password 7 xxxxxxxxxxxxxxxxxx
!
!
interface Loopback0
ip address 192.168.255.254 255.255.255.255
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface ATM0/0
no ip address
atm ilmi-keepalive
atm ilmi-pvc-discovery
bundle-enable
dsl operating-mode auto
!
interface ATM0/0.35 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
no snmp trap link-status
pvc 0/35
random-detect
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0/0
description Home Data Network
ip address 192.168.1.1 255.255.255.0
ip access-group inside-out in
ip access-group inside-in out
no ip redirects
no ip unreachables
no ip proxy-arp
ip pim sparse-dense-mode
 ip nat inside
no ip virtual-reassembly
ip accounting output-packets
ip accounting access-violations
ip route-cache flow
ip tcp adjust-mss 1452
no snmp trap link-status
!
interface FastEthernet0/1
description VoIP Phone Network
ip address 192.168.2.1 255.255.255.0
no ip unreachables
no ip proxy-arp
ip pim sparse-dense-mode
ip nat inside
ip virtual-reassembly
no snmp trap link-status
speed 100
full-duplex
!
interface Dialer1
mtu 1492
bandwidth 3000
ip address negotiated
ip access-group internet-in in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect Internet out
ip ips Internet in
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
ip tcp adjust-mss 1460
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin optional
ppp chap hostname user@static.sbcglobal.net
ppp chap password 7 xxxxxxxxxxxxxxxx
ppp pap sent-username user@static.sbcglobal.net password 7 xxxxxxxxxxxxxx
!
ip route 0.0.0.0 0.0.0.0 70.142.143.254
ip route 0.0.0.0 0.0.0.0 Dialer1 5 permanent
!
ip flow-export version 5 origin-as
ip flow-export destination 192.168.1.5 2055
!
ip http server
ip http authentication local
no ip http secure-server
ip http path flash:
ip nat translation tcp-timeout 7200
ip nat translation finrst-timeout 5
ip nat translation syn-timeout 15
ip nat translation icmp-timeout 360
ip nat pool HIDE 70.142.142.118 70.142.142.118 prefix-length 29
ip nat inside source route-map NAT pool HIDE overload
!
ip access-list extended NAT
permit ip 192.168.0.0 0.0.255.255 any
ip access-list extended inside-in
deny icmp any any fragments
permit icmp any any net-unreachable
permit icmp any any host-unreachable
permit icmp any any port-unreachable
permit icmp any any parameter-problem
permit icmp any any packet-too-big
permit icmp any any administratively-prohibited
permit icmp any any source-quench
permit icmp any any echo-reply
permit icmp any any ttl-exceeded
deny icmp any any
permit tcp any gt 1023 host 192.168.1.5 eq www
permit tcp any gt 1023 host 192.168.1.5 eq 443
permit tcp any gt 1023 host 192.168.1.5 eq 22
permit tcp any gt 1023 host 192.168.1.5 eq smtp
permit tcp any gt 1023 host 192.168.1.5 eq ftp
permit tcp any gt 1023 host 192.168.1.5 eq ftp-data
permit udp any eq domain host 192.168.1.5 eq domain
permit udp any eq domain host 192.168.1.2 eq domain
permit udp any gt 1023 host 192.168.1.5 eq domain
permit udp any gt 1023 host 192.168.1.2 eq domain
permit tcp host 151.164.1.1 host 192.168.1.5 eq domain
permit tcp host 151.164.11.218 host 192.168.1.5 eq domain
permit tcp host 206.141.251.2 host 192.168.1.5 eq domain
permit tcp host 206.141.193.168 host 192.168.1.5 eq domain
deny tcp any range 0 65535 any range 0 65535 log-input
deny udp any range 0 65535 any range 0 65535 log-input
deny ip any any log-input
ip access-list extended inside-out
permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
permit ip 192.168.1.0 0.0.0.255 host 192.168.1.1
permit ip 192.168.1.0 0.0.0.255 host 192.168.255.254
permit udp host 0.0.0.0 eq bootpc host 255.255.255.255 eq bootps
log-input
deny ip any 0.0.0.0 0.255.255.255 log-input
deny ip any 10.0.0.0 0.255.255.255 log-input
deny ip any 127.0.0.0 0.255.255.255 log-input
deny ip any 169.254.0.0 0.0.255.255 log-input
deny ip any 172.16.0.0 0.15.255.255 log-input
deny ip any 192.168.0.0 0.0.255.255
deny ip any 224.0.0.0 15.255.255.255 log-input
deny udp any any eq netbios-ns
deny udp any any eq netbios-dgm
deny udp any any eq netbios-ss
permit ip 192.168.1.0 0.0.0.255 any
ip access-list extended internet-in
deny 53 any any log-input
deny 55 any any log-input
deny 77 any any log-input
deny pim any any log-input
deny ip 0.0.0.0 0.255.255.255 any log-input
 deny ip 10.0.0.0 0.255.255.255 any log-input
deny ip 127.0.0.0 0.255.255.255 any log-input
deny ip 169.254.0.0 0.0.255.255 any log-input
deny ip 172.16.0.0 0.15.255.255 any log-input
deny ip 192.168.0.0 0.0.255.255 any log-input
deny ip host 255.255.255.255 any log-input
deny ip 224.0.0.0 15.255.255.255 any log-input
deny icmp any any fragments
permit icmp any any net-unreachable
permit icmp any any host-unreachable
permit icmp any any port-unreachable
permit icmp any any parameter-problem
permit icmp any any packet-too-big
permit icmp any any administratively-prohibited
permit icmp any any source-quench
permit icmp any any echo-reply
permit icmp any any ttl-exceeded
deny icmp any any
deny udp any any eq netbios-ns log
deny udp any any eq netbios-dgm log
deny udp any any eq netbios-ss log
permit ip any any
!
logging history informational
logging origin-id hostname
logging facility local0
logging 192.168.1.5
access-list 10 permit 192.168.1.3
access-list 10 permit 192.168.1.2
access-list 10 permit 192.168.1.5
access-list 10 permit 128.46.154.76
access-list 10 permit 192.168.1.254
access-list 11 permit 192.168.1.0 0.0.0.255
access-list 13 permit 192.168.1.5
access-list 50 permit 192.168.1.0 0.0.0.255 log
access-list 110 deny tcp any any eq 135
access-list 110 deny tcp any any eq 137
access-list 110 deny tcp any any eq 139
access-list 110 deny tcp any any eq 445
access-list 110 permit ip any any
access-list 111 permit ip 192.168.1.0 0.0.0.255 any
access-list compiled
dialer-list 1 protocol ip permit
snmp-server community xxxxxx RO 13
snmp-server enable traps tty
!
!
!
route-map NAT permit 10
match ip address NAT
!
!
!
tftp-server flash:P00308000100.bin
tftp-server flash:P00308000100.sbn
tftp-server flash:ringer1.pcm
tftp-server flash:P00308000100.sb2
tftp-server flash:P00308000100.loads
tftp-server flash:music-on-hold.au
tftp-server flash:NyukNyuk.raw
tftp-server flash:RingList.xml
tftp-server flash:Piano1.raw
tftp-server flash:Piano2.raw
tftp-server flash:Sax1.raw
tftp-server flash:Sax2.raw
!
control-plane
!
!
!
voice-port 1/0/0
ren 5
timeouts ringing infinity
station-id name POTS
station-id number 299
caller-id enable
!
voice-port 1/0/1
!
voice-port 1/1/0
trunk-group outbound 1
translation-profile incoming default
translate calling 91
pre-dial-delay 0
no vad
timeouts ringing infinity
timeouts wait-release 5
timing hookflash-out 250
description SBC xxx-xxx-xxxx
station-id number xxxxxxxxxx
!
voice-port 1/1/1
!
ccm-manager config server r5418-1.thewaystation.com
ccm-manager download-tones
!
!
!
dial-peer cor custom
!
!
!
dial-peer voice 901 pots
trunkgroup outbound
description dial 9 for outside line LD
destination-pattern 91..........$
prefix 1
!
dial-peer voice 902 pots
trunkgroup outbound
description local calls
destination-pattern 9[2-9]......$
forward-digits 7
!
dial-peer voice 903 pots
description dial 0 for local operator
destination-pattern 90$
port 1/1/0
prefix 0
!
dial-peer voice 904 pots
description any 3 digit service ending in 11, ie 611, 411
destination-pattern 9[2-8]11
port 1/1/0
forward-digits 3
!
dial-peer voice 911 pots
description dial 911 for 911 emergency service
destination-pattern 911
port 1/1/0
prefix 911
!
dial-peer voice 298 pots
incoming called-number 299
direct-inward-dial
port 1/1/0
!
dial-peer voice 299 pots
description House POTS
destination-pattern 299
port 1/0/0
!
!
sip-ua
retry invite 4
retry response 3
retry bye 2
retry cancel 2
!
!
!
!
telephony-service
load 7960-7940 P00308000100
max-ephones 48
max-dn 192
ip source-address 192.168.2.1 port 2000
auto assign 1 to 1
service phone displayIdleTimeout 00:30
service phone displayOnDuration 1:00
timeouts interdigit 3
system message CME 4.0
url services http://phone-xml.berbee.com/menu.xml
time-zone 13
time-format 24
max-conferences 8 gain -6
moh music-on-hold.au
web admin system name user secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxx
transfer-system full-consult
after-hours block pattern 1 1900 7-24
after-hours block pattern 2 1976 7-24
 directory entry 1 xxxxxxx name "Scott"
directory entry 2 xxxxxxx name "Kristi"
create cnf-files version-stamp 7960 Apr 18 2006 08:29:50
!
!
ephone-dn 21 dual-line
number 201
label Den: 201
name Den
!
!
ephone-dn 23 dual-line
number 202
label Kitchen: 202
name Kitchen
!
!
ephone-dn 25 dual-line
number 203
label MBR: 203
name Master Bedroom
!
!
ephone-dn 29 dual-line
number 299
label 614-xxx-xxxx
!
!
ephone-dn 31
number 311
description Paging
paging ip 225.54.18.211 port 5418
!
!
ephone 1
device-security-mode none
description Den
username "user" password password
mac-address XXXX.XXXX.XXXX
paging-dn 31
type 7960
button 1:21 2:29
!
!
!
ephone 2
device-security-mode none
description Kitchen
username "user" password password
mac-address XXXX.XXXX.XXXX
paging-dn 31
type 7960
button 1:23 2:29
!
!
!
ephone 3
 device-security-mode none
description Master Bedroom
username "user" password password
mac-address XXXX.XXXX.XXXX
paging-dn 31
type 7960
button 1:25 2:29
!
!
banner login ^C

Unauthorized Use Is Prohibited

Access to this device or attached networks is expressly

prohibited without express written permission.
Violators will be prosecuted to the fullest extent
of both civil and criminal law.

^C
banner motd ^C

Welcome to r5418-1.thewaystation.com!
All activity is logged and audited.

^C
!
line con 0
exec-timeout 0 0
password 7 xxxxxxxxxxxxxxxx
logging synchronous
transport preferred none
line 1
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
exec-timeout 5 0
password 7 xxxxxxxxxxx
logging synchronous
modem InOut
no exec
stopbits 1
speed 19200
flowcontrol hardware
line vty 0 4
access-class 50 in
exec-timeout 0 0
password 7 xxxxxxxxxxxxxxxx
logging synchronous
transport preferred ssh
transport input telnet ssh
!
ntp access-group peer 10
ntp access-group serve-only 11
ntp peer 192.168.1.3
ntp peer 192.168.1.2
ntp peer 192.168.1.5
ntp server 128.46.154.76 prefer
ntp peer 192.168.1.254
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
!
end