config_file_router_1

version 17.9
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service call-home
service unsupported-transceiver
platform qfp utilization monitor load 80
platform punt-keepalive disable-kernel-core
!
hostname ROUTER_1
!
boot-start-marker
boot system flash c8000be-universalk9.17.09.04a.SPA.bin
boot-end-marker
!
no aaa new-model
clock timezone PST -8 0
clock summer-time PDT recurring
!
ip name-server 8.8.8.8 8.8.4.4
ip domain lookup source-interface TenGigabitEthernet0/0/5
ip domain name event.tech
!
login block-for 60 attempts 3 within 10
login delay 3
login on-success log
!
subscriber templating
! 
vtp version 1
!
multilink bundle-name authenticated
!
crypto pki trustpoint SLA-TrustPoint
 enrollment terminal
 revocation-check crl
!
crypto pki certificate chain SLA-TrustPoint
!
crypto pki certificate pool
!
license feature hseck9
license udi pid C8300-1N1S-4T2X sn FLM2722116L
license boot level network-advantage addon dna-advantage
license smart url https://smartreceiver.cisco.com/licservice/license
license smart url smart https://smartreceiver.cisco.com/licservice/license
!
archive
 path bootflash:config
 write-memory
memory free low-watermark processor 69075
!
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
username siteadmin privilege 15 secret 9 $9$8BxcXuyWur86w.$cNQlzKnWV8hxAc0yAITmD.5Zf4ruzOSMpDbKok/2ZbM
!
redundancy
 mode none
!
track 1 ip sla 1 reachability
 delay down 3 up 30
!
track 2 ip sla 2 reachability
 delay down 3 up 30
!
track 3 ip sla 3 reachability
 delay down 3 up 30
!
track 10 list boolean or
 object 1
 object 2
 object 3
!
interface Loopback1
 description 1.1
 ip address 169.254.1.1 255.255.255.255
!
interface GigabitEthernet0/0/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet0/0/1
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet0/0/2
 no ip address
 shutdown
 negotiation auto
!         
interface GigabitEthernet0/0/3
 no ip address
 shutdown 
 negotiation auto
!         
interface TenGigabitEthernet0/0/4
 description ISP_1
 ip address 12.13.232.162 255.255.255.248
 ip nat outside
 load-interval 30
 negotiation auto
 no cdp enable
!         
interface TenGigabitEthernet0/0/5
 description CORE_SWITCH
 ip address 192.168.254.1 255.255.255.252
 ip nat inside
 ip ospf network point-to-point
 negotiation auto
!
interface TenGigabitEthernet0/1/0
 description ROUTER_2
 ip address 192.168.254.13 255.255.255.252
 ip nat inside
 ip ospf network point-to-point
 negotiation auto
!         
router ospf 1
 router-id 169.254.1.1
 passive-interface default
 no passive-interface TenGigabitEthernet0/0/5
 no passive-interface TenGigabitEthernet0/1/0
 network 192.168.254.1 0.0.0.0 area 0
 network 192.168.254.13 0.0.0.0 area 0
 default-information originate
!
no ip http server
ip http authentication local
no ip http secure-server
ip http client source-interface TenGigabitEthernet0/0/5
ip forward-protocol nd
ip tftp source-interface TenGigabitEthernet0/0/5
!
ip nat inside source list NAT_ACL interface TenGigabitEthernet0/0/4 overload
!
ip route 0.0.0.0 0.0.0.0 12.13.232.161 track 10
ip route 4.2.2.2 255.255.255.255 12.13.232.161
ip route 8.8.8.8 255.255.255.255 12.13.232.161
ip route 9.9.9.9 255.255.255.255 12.13.232.161
!
ip ssh time-out 30
ip ssh authentication-retries 2
ip ssh version 2
ip ssh client algorithm mac hmac-sha2-256 hmac-sha2-256-etm@openssh.com hmac-sha2-512 hmac-sha2-512-etm@openssh.com
ip ssh client algorithm encryption aes128-cbc aes128-ctr aes128-gcm aes192-cbc aes192-ctr aes256-cbc aes256-ctr aes256-gcm
ip ssh client algorithm kex diffie-hellman-group14-sha1 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521
!
ip access-list standard SSH
 10 permit 192.168.255.0 0.0.0.255
!
ip access-list extended NAT_ACL
 10 permit ip 10.10.240.0 0.0.15.255 any
 20 permit ip 10.20.240.0 0.0.15.255 any
 25 deny ip host 192.168.255.5 10.10.8.0 0.0.7.255
 30 permit ip 192.168.255.0 0.0.0.255 any
 40 permit ip 192.168.254.0 0.0.0.255 any
!
ip sla 1
 icmp-echo 4.2.2.2 source-ip 192.168.254.1
  frequency 5
ip sla schedule 1 life forever start-time now
ip sla 2
 icmp-echo 8.8.8.8 source-ip 192.168.254.1
  frequency 5
ip sla schedule 2 life forever start-time now
ip sla 3
 icmp-echo 9.9.9.9 source-ip 192.168.254.1
  frequency 5
ip sla schedule 3 life forever start-time now
!
control-plane
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
mgcp profile default
!
line con 0
 session-timeout 20 
 exec-timeout 20 0
 logging synchronous
 login local
 transport preferred none
 transport output ssh
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 session-timeout 20 
 access-class SSH in
 exec-timeout 20 0
 logging synchronous
 login local
 transport preferred ssh
 transport input ssh
 transport output ssh
line vty 5 15
 session-timeout 20 
 access-class SSH in
 exec-timeout 20 0
 logging synchronous
 login local
 transport preferred ssh
 transport input ssh
 transport output ssh
!
call-home
 ! If contact email address in call-home is configured as sch-smart-licensing@cisco.com
 ! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications.
 contact-email-addr sch-smart-licensing@cisco.com
 source-interface TenGigabitEthernet0/0/5
 profile "CiscoTAC-1"
  active
  anonymous-reporting-only
  destination transport-method http
!
ntp server ip time.cloudflare.com source TenGigabitEthernet0/0/5
!
end