-
1
- #1
Hello peopl, hopefully someone out there can help me out!!!
I have a Cisco ISDN router which us programmers use to access and give support to our customers. It has become increasingly slow recently as other people on our internal network have been using the very same line as us!!!
My question is simple. How do I deny these guys access to the router???
With this post is a copy of the config. Let me know what you think, any help wuold be appreciated.
Moxen
Current configuration : 1762 bytes
!
version 12.2
no service single-slot-reload-enable
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname OASIS
!
logging rate-limit console 10 except errors
enable password vamp1re
!
ip subnet-zero
!
no ip finger
no ip dhcp-client network-discovery
isdn switch-type basic-net3
!
!
!
interface Ethernet0
ip address 10.0.0.200 255.255.0.0
ip nat inside
!
interface BRI0
no ip address
encapsulation ppp
timeout absolute 500 0
dialer pool-member 1
isdn switch-type basic-net3
cdapi buffers regular 0
cdapi buffers raw 0
cdapi buffers large 0
ppp authentication chap callin
!
interface Dialer1
description oasis connection
ip address negotiated
ip nat outside
encapsulation ppp
dialer pool 1
dialer remote-name oasis
dialer string *******
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname *******
ppp chap password 7 *******
!
ip default-gateway 10.0.0.1
ip nat inside source list 1 interface Dialer1 overload
ip http server
no ip classless
ip route 10.1.0.0 255.255.255.0 Dialer1
ip route 10.10.1.100 255.255.255.255 Dialer1
ip route 10.44.13.239 255.255.255.255 Dialer1
ip route 10.44.15.86 255.255.255.255 Dialer1
ip route 192.168.25.2 255.255.255.255 Dialer1
ip route 192.168.109.30 255.255.255.255 Dialer1
ip route 192.168.208.30 255.255.255.255 Dialer1
!
access-list 1 permit 10.0.0.186
access-list 1 permit 10.0.0.188
access-list 1 permit 10.0.0.189
access-list 1 deny 10.0.0.0 0.255.255.185
dialer-list 1 protocol ip permit
snmp-server community public RO
snmp-server chassis-id JAD05380B2X
!
line con 0
exec-timeout 0 0
transport input none
stopbits 1
line vty 0 4
password *****
login
!
no rcapi server
!
!
end
I have a Cisco ISDN router which us programmers use to access and give support to our customers. It has become increasingly slow recently as other people on our internal network have been using the very same line as us!!!
My question is simple. How do I deny these guys access to the router???
With this post is a copy of the config. Let me know what you think, any help wuold be appreciated.
Moxen
Current configuration : 1762 bytes
!
version 12.2
no service single-slot-reload-enable
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname OASIS
!
logging rate-limit console 10 except errors
enable password vamp1re
!
ip subnet-zero
!
no ip finger
no ip dhcp-client network-discovery
isdn switch-type basic-net3
!
!
!
interface Ethernet0
ip address 10.0.0.200 255.255.0.0
ip nat inside
!
interface BRI0
no ip address
encapsulation ppp
timeout absolute 500 0
dialer pool-member 1
isdn switch-type basic-net3
cdapi buffers regular 0
cdapi buffers raw 0
cdapi buffers large 0
ppp authentication chap callin
!
interface Dialer1
description oasis connection
ip address negotiated
ip nat outside
encapsulation ppp
dialer pool 1
dialer remote-name oasis
dialer string *******
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname *******
ppp chap password 7 *******
!
ip default-gateway 10.0.0.1
ip nat inside source list 1 interface Dialer1 overload
ip http server
no ip classless
ip route 10.1.0.0 255.255.255.0 Dialer1
ip route 10.10.1.100 255.255.255.255 Dialer1
ip route 10.44.13.239 255.255.255.255 Dialer1
ip route 10.44.15.86 255.255.255.255 Dialer1
ip route 192.168.25.2 255.255.255.255 Dialer1
ip route 192.168.109.30 255.255.255.255 Dialer1
ip route 192.168.208.30 255.255.255.255 Dialer1
!
access-list 1 permit 10.0.0.186
access-list 1 permit 10.0.0.188
access-list 1 permit 10.0.0.189
access-list 1 deny 10.0.0.0 0.255.255.185
dialer-list 1 protocol ip permit
snmp-server community public RO
snmp-server chassis-id JAD05380B2X
!
line con 0
exec-timeout 0 0
transport input none
stopbits 1
line vty 0 4
password *****
login
!
no rcapi server
!
!
end
