CCM with Cisco 2811 – Sample Config

!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname XXXXXX!
boot-start-marker
boot system flash:c2800nm-adventerprisek9_ivs-mz.124-11.T.bin
boot-end-marker
!
card type e1 0 0
logging buffered 4096
enable secret 5 $1$VdPI$tzsy5DOhx0gMjS4XXXX
!
aaa new-model


!
!
aaa authentication login XXXXX local
aaa authorization network XXX_XXXXXX_XXXXXX local
!
!
aaa session-id common
network-clock-participate wic 0
network-clock-select 1 E1 0/0/0
!
!
ip cef
!
!
ip domain name yourdomain.com
ip name-server 202.xxx.xxx.xxx
ip name-server 202.xxx.xxx.xxx
!
multilink bundle-name authenticated
!
!
voice-card 0
dspfarm
dsp services dspfarm
!
!
crypto pki trustpoint TP-self-signed-1129180050
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1129180050
revocation-check none
rsakeypair TP-self-signed-1129180050
!
!
crypto pki certificate chain TP-self-signed-1129180050
certificate self-signed 01
30820257 308201C0 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31313239 31383030 3530301E 170D3037 31313238 31313031
31365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 31323931
38303035 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100CA2B ECD26F61 6FDECDEF 2E6C69A4 2FDE0C27 63166030 D4A4F613 583023B1
E92604B4 9D43D90C 1D6F5D09 C10A6519 CAF2C21E D5969B95 09D53002 4DCC9134
D954FA6F 2C99591F 7AA4209D A2642820 CE14036A 51ED439C AA9FB24C 6D6FF0F4
948B1CB8 96977DD1 26E2D647 47A66364 DDFFB698 ED37B24A 7780900A 76F39F9F
72350203 010001A3 7F307D30 0F060355 1D130101 FF040530 030101FF 302A0603
551D1104 23302182 1F504F4C 44412D56 504E2D52 4F555445 522E796F 7572646F
6D61696E 2E636F6D 301F0603 551D2304 18301680 1444793C 7F3C50D5 B7EB8D14
4CA2F7C7 A2C08C87 1E301D06 03551D0E 04160414 44793C7F 3C50D5B7 EB8D144C
A2F7C7A2 C08C871E 300D0609 2A864886 F70D0101 04050003 8181008C 8AA2750D
3A2BF626 AE5D83FC 2AE0BA8F 7204FEE7 0A225A20 4C8EB595 A64B185C EC5A2A07
71E40013 33737CA0 0823BCD2 186F96C3 1D3ECF03 847B2114 74065821 DC26E523
DA504F79 5C17652E 34ECF951 F69F9AAB D16D18E4 5E06DEDC BCB1F89C 26F622F2
8675DC8B A3A8A81A DC1F8379 9FB0DDA0 06E643B6 0A1432E3 DEA7F7
quit
!
!
username cisco privilege 15 secret 5 $1$YmTa$RPY93o.P55d.UYIXXXXXX
username admin password 7 131400171918XXXXXXX
!
!
controller E1 0/0/0
ds0-group 0 timeslots 1-15,17 type r2-digital r2-semi-compelled ani
cas-custom 0
country indonesia use-defaults
category 2
answer-signal group-b 1
!
controller E1 0/0/1
shutdown
framing NO-CRC4
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp keepalive 20 10
crypto isakmp xauth timeout 20

!
crypto isakmp client configuration group XXXXXXXXXXXXXXXX
key XXX
dns XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
pool XXXXXXX
!
!
crypto ipsec transform-set VPNTRANSFORM esp-3des esp-sha-hmac
!
crypto dynamic-map DYNMAP 1
set transform-set VPNTRANSFORM
!
!
crypto map CLIENTMAP client authentication list XXXXXXXX
crypto map CLIENTMAP isakmp authorization list XXX_XXXXXX_XXXXXX
crypto map CLIENTMAP client configuration address respond
crypto map CLIENTMAP 65535 ipsec-isakmp dynamic DYNMAP
!
!
!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0/0$
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
no ip address
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1.1
encapsulation dot1Q 1 native
ip address XXX.XXX.XXX.XXX 255.255.255.0
ip nat inside
ip virtual-reassembly
h323-gateway voip interface
h323-gateway voip bind srcaddr XXX.XXX.XXX.XXX
!
interface FastEthernet0/1.2
encapsulation dot1Q 2
ip address XXX.XXX.XXX.XXX 255.255.255.0
ip helper-address XXX.XXX.XXX.XXX
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/1.3
encapsulation dot1Q 3
ip address XXX.XXX.XXX.XXX 255.255.255.0
ip helper-address XXX.XXX.XXX.XXX
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/1.5
encapsulation dot1Q 5
ip nat inside
ip virtual-reassembly
!
ip local pool VPNPOOL XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip route 0.0.0.0 0.0.0.0 XXX.XXX.XXX.XXX
!
!
ip http server
ip http access-class 23
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool public XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX netmask XXX.XXX.XXX.XXX
ip nat inside source list 1 pool public overload
ip nat inside source static XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip nat inside source static XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip nat inside source static XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip nat inside source static XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
!
access-list 1 permit 10.0.0.0 0.255.255.255
!
!
!
!
!
!
control-plane
!
!
!
voice-port 0/0/0:0
cptone ID
timeouts interdigit 0
timeouts call-disconnect 1
timeouts wait-release 1
!
!
!
!
!
dial-peer voice XXX pots
incoming called-number XXX
direct-inward-dial
port 0/0/0:0
!
dial-peer voice XXXX voip
destination-pattern XXX
session target ipv4:XXX.XXX.XXX.XXX
no vad
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
password 7 12081212001F15557878
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end

2 responses to “CCM with Cisco 2811 – Sample Config

  1. Dude… do you think i can use this sample config in Malaysia to configure a PRI line? I have been searching the internet for the past 1 week now on how to configure this. Any help much appricated.

  2. Hi, you think i can use the sample config in Sierra Leone?? We are using a VSAT (EMC) ISP with
    E1 connection between two routers (1. VSAT provider, 2. CCM router). but we are having problem in recieving incomming on-net call fom other agencies connected to the same VSAT ISP. Is there any solution????

    Thanks

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s