My configuration, my pc ip adress is 192.2.3.199, and i like to open 4662 tcp and 4672 udp ports to emule.
Thanks.
...
service password-encryption
!
hostname cisco_lasa
!
logging rate-limit console 10 except errors
enable password 7 xxxxxxxxxxxxxxxxxxxxxx
!
memory-size iomem 25
ip subnet-zero
no ip finger
ip name-server aaa.aaa.aaa.aaa
ip name-server bbb.bbb.bbb.bbb
!
no ip bootp server
ip inspect name wall tcp timeout 3600
ip inspect name wall udp timeout 360
ip inspect name wall ftp timeout 3600
ip inspect name wall realaudio timeout 3600
ip inspect name wall h323 timeout 3600
ip inspect name wall smtp timeout 3600
ip inspect name wall http timeout 3600
ip audit notify log
ip audit po max-events 100
no ip dhcp-client network-discovery
!
!
!
interface Ethernet0
description Ligacao a DMZ
ip address xxx.yyy.zzz.qqq 255.255.255.248
no ip unreachables
no ip proxy-arp
no ip route-cache
half-duplex
no cdp enable
!
interface FastEthernet0
description Ligacao a Rede Local
ip address aaa.bbb.ccc.ddd 255.255.255.0
no ip unreachables
no ip proxy-arp
ip nat inside
no ip route-cache
speed auto
no cdp enable
!
interface Serial0
description NNA-
no ip address
no ip unreachables
no ip proxy-arp
encapsulation frame-relay
no ip route-cache
no fair-queue
!
interface Serial0.1 point-to-point
bandwidth 224
ip address qqq. 255.255.255.252
ip access-group 111 in
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect wall out
no ip route-cache
traffic-shape rate 238000 238000 0 1000
no cdp enable
frame-relay interface-dlci 500 IETF
class SHAPE-WAN500
!
interface Serial0.1000 point-to-point
ip address ccc.ddd.eee.fff 255.255.255.0
no ip route-cache
no cdp enable
frame-relay interface-dlci 1000
!
ip nat inside source list 69 interface Serial0.1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 zzz.xxx.zzz.eee
ip route xxx. 255.255.255.128 xxx.no ip http server
!
!
map-class frame-relay SHAPE-WAN500
frame-relay traffic-rate 224000 230000
frame-relay adaptive-shaping becn
frame-relay mincir 164000
access-list 1 permit 192.2.3.199
access-list 1 permit 194.65.22.19
access-list 1 permit 194.65.147.166
access-list 1 permit 194.65.14.59
access-list 1 permit 192.2.3.6
access-list 1 permit 94.65.95.183
access-list 1 permit 194.65.19.0 0.0.0.255
access-list 1 deny any log
access-list 69 permit 192.2.3.0 0.0.0.255
access-list 111 permit icmp any any echo
access-list 111 permit icmp any any echo-reply
access-list 111 permit tcp any eq domain any eq domain
access-list 111 permit udp any eq domain any eq domain
access-list 111 permit tcp any gt 1024 any eq domain
access-list 111 permit udp any gt 1024 any eq domain
access-list 111 permit tcp any any eq smtp
access-list 111 permit tcp any any eq pop3
access-list 111 permit tcp any any eq www
access-list 111 permit tcp any any eq ftp
access-list 111 permit tcp any any eq ftp-data
access-list 111 permit ip 194.65.19.0 0.0.0.255 any
access-list 111 permit ip host 194.65.22.19 any
access-list 111 permit ip host 194.65.147.166 any
access-list 111 permit ip host 194.65.95.183 any
access-list 111 permit ip host 194.65.14.59 any
access-list 111 deny ip any any log
no cdp run
!
line con 0
password 7 xxxxxxxxxxxxxxxxxxx
login
transport input none
line aux 0
line vty 0 4
access-class 1 in
password 7 xxxxxxxxxxxxxxxx
login
!
no scheduler allocate
end
Thanks.
...
service password-encryption
!
hostname cisco_lasa
!
logging rate-limit console 10 except errors
enable password 7 xxxxxxxxxxxxxxxxxxxxxx
!
memory-size iomem 25
ip subnet-zero
no ip finger
ip name-server aaa.aaa.aaa.aaa
ip name-server bbb.bbb.bbb.bbb
!
no ip bootp server
ip inspect name wall tcp timeout 3600
ip inspect name wall udp timeout 360
ip inspect name wall ftp timeout 3600
ip inspect name wall realaudio timeout 3600
ip inspect name wall h323 timeout 3600
ip inspect name wall smtp timeout 3600
ip inspect name wall http timeout 3600
ip audit notify log
ip audit po max-events 100
no ip dhcp-client network-discovery
!
!
!
interface Ethernet0
description Ligacao a DMZ
ip address xxx.yyy.zzz.qqq 255.255.255.248
no ip unreachables
no ip proxy-arp
no ip route-cache
half-duplex
no cdp enable
!
interface FastEthernet0
description Ligacao a Rede Local
ip address aaa.bbb.ccc.ddd 255.255.255.0
no ip unreachables
no ip proxy-arp
ip nat inside
no ip route-cache
speed auto
no cdp enable
!
interface Serial0
description NNA-
no ip address
no ip unreachables
no ip proxy-arp
encapsulation frame-relay
no ip route-cache
no fair-queue
!
interface Serial0.1 point-to-point
bandwidth 224
ip address qqq. 255.255.255.252
ip access-group 111 in
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect wall out
no ip route-cache
traffic-shape rate 238000 238000 0 1000
no cdp enable
frame-relay interface-dlci 500 IETF
class SHAPE-WAN500
!
interface Serial0.1000 point-to-point
ip address ccc.ddd.eee.fff 255.255.255.0
no ip route-cache
no cdp enable
frame-relay interface-dlci 1000
!
ip nat inside source list 69 interface Serial0.1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 zzz.xxx.zzz.eee
ip route xxx. 255.255.255.128 xxx.no ip http server
!
!
map-class frame-relay SHAPE-WAN500
frame-relay traffic-rate 224000 230000
frame-relay adaptive-shaping becn
frame-relay mincir 164000
access-list 1 permit 192.2.3.199
access-list 1 permit 194.65.22.19
access-list 1 permit 194.65.147.166
access-list 1 permit 194.65.14.59
access-list 1 permit 192.2.3.6
access-list 1 permit 94.65.95.183
access-list 1 permit 194.65.19.0 0.0.0.255
access-list 1 deny any log
access-list 69 permit 192.2.3.0 0.0.0.255
access-list 111 permit icmp any any echo
access-list 111 permit icmp any any echo-reply
access-list 111 permit tcp any eq domain any eq domain
access-list 111 permit udp any eq domain any eq domain
access-list 111 permit tcp any gt 1024 any eq domain
access-list 111 permit udp any gt 1024 any eq domain
access-list 111 permit tcp any any eq smtp
access-list 111 permit tcp any any eq pop3
access-list 111 permit tcp any any eq www
access-list 111 permit tcp any any eq ftp
access-list 111 permit tcp any any eq ftp-data
access-list 111 permit ip 194.65.19.0 0.0.0.255 any
access-list 111 permit ip host 194.65.22.19 any
access-list 111 permit ip host 194.65.147.166 any
access-list 111 permit ip host 194.65.95.183 any
access-list 111 permit ip host 194.65.14.59 any
access-list 111 deny ip any any log
no cdp run
!
line con 0
password 7 xxxxxxxxxxxxxxxxxxx
login
transport input none
line aux 0
line vty 0 4
access-class 1 in
password 7 xxxxxxxxxxxxxxxx
login
!
no scheduler allocate
end