How to check site-2-site VPN tunnel status:
pix# sh vpn-sessiondb l2l filter name 93.184.54.25
Connection : 93.184.54.25
Index : 9753 IP Addr : 192.168.109.0
Protocol : IKE IPsec
Encryption : 3DES Hashing : MD5
Bytes Tx : 794573 Bytes Rx : 734544
Login Time : 14:15:32 EET Tue Nov 16 2010
Duration : 0h:13m:00s
2010 m. lapkričio 16 d., antradienis
2010 m. kovo 26 d., penktadienis
Example HOW TO use Basic Authorization with PHP cURL
Example HOW TO use Basic Authorization with PHP cURL:
$username ='useri';
$password = 'pass';
//Contains encoded string to pass along for basic authentication purposes
$auth_token = base64_encode($username . '-' . $password);
// echo "
$auth_token";
//Target URL - the URL you want to submit a form to
$target_url = 'https://www.site_with_basic_auth.com';
//Create a new cURL handle
//Passing the target URL to curl_init allows you to bypass the call curl_setopt($ch, CURLOPT_URL, $target_url);
$ch = curl_init($target_url);
//Tell the handler that the info is to be sent using an HTTP POST request
//curl_setopt($ch, CURLOPT_POST, true);
//Set other relevant headers. Place each header as an array element
curl_setopt($ch, CURLOPT_USERPWD, $username . ':' . $password);
//An alternative to building the Authorization header is to use :
//$headers = array('Authorization=Basic ' . $auth_token,
// 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3');
//curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
//Pass the POST fields - be sure to urlencode your value strings (hint: http_build_query() will do this for you; PHP5)
//Below we assume values have already been posted to this script and kept in $_POST. We have validated the submission and
// are now posting the same values to a remote URL
//curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($_GET));
//When we execute the handle, we want curl_exec() to return to a string rather than directly outputting it
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, 1);
//Don't use a cached connection - explicitly create a new one
curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
//Fail if cannot connect to the target server within 5 seconds
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
//If the target server returns a redirect request using the "Location:" header directive, then follow it.
//To prevent recursive redirects, only do a max of 5 follows
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
//Let's now execute the handler
//Because CURLOPT_RETURNTRANSFER is true, we need to capture the return value of curl_exec()
$response_data = curl_exec($ch);
//pokazyvaem response data. echo $response_data;
//Ili obrabatyvaem respons datupri pomoshi raneje sozdanoj funkciji
echo processData($response_data);
//Was there an error?
//curl_errno() returns the error code
//curl_error() returns a clear text message for the last cURL operation
if (curl_errno($ch)> 0){
die('There was a cURL error: ' . curl_error($ch));
} else {
//Close the handler and release resources
curl_close($ch);
}
$username ='useri';
$password = 'pass';
//Contains encoded string to pass along for basic authentication purposes
$auth_token = base64_encode($username . '-' . $password);
// echo "
$auth_token";
//Target URL - the URL you want to submit a form to
$target_url = 'https://www.site_with_basic_auth.com';
//Create a new cURL handle
//Passing the target URL to curl_init allows you to bypass the call curl_setopt($ch, CURLOPT_URL, $target_url);
$ch = curl_init($target_url);
//Tell the handler that the info is to be sent using an HTTP POST request
//curl_setopt($ch, CURLOPT_POST, true);
//Set other relevant headers. Place each header as an array element
curl_setopt($ch, CURLOPT_USERPWD, $username . ':' . $password);
//An alternative to building the Authorization header is to use :
//$headers = array('Authorization=Basic ' . $auth_token,
// 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3');
//curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
//Pass the POST fields - be sure to urlencode your value strings (hint: http_build_query() will do this for you; PHP5)
//Below we assume values have already been posted to this script and kept in $_POST. We have validated the submission and
// are now posting the same values to a remote URL
//curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($_GET));
//When we execute the handle, we want curl_exec() to return to a string rather than directly outputting it
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, 1);
//Don't use a cached connection - explicitly create a new one
curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
//Fail if cannot connect to the target server within 5 seconds
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
//If the target server returns a redirect request using the "Location:" header directive, then follow it.
//To prevent recursive redirects, only do a max of 5 follows
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
//Let's now execute the handler
//Because CURLOPT_RETURNTRANSFER is true, we need to capture the return value of curl_exec()
$response_data = curl_exec($ch);
//pokazyvaem response data. echo $response_data;
//Ili obrabatyvaem respons datupri pomoshi raneje sozdanoj funkciji
echo processData($response_data);
//Was there an error?
//curl_errno() returns the error code
//curl_error() returns a clear text message for the last cURL operation
if (curl_errno($ch)> 0){
die('There was a cURL error: ' . curl_error($ch));
} else {
//Close the handler and release resources
curl_close($ch);
}
Cisco 850 example
Example with NAT, RIP and ACL
no service pad
service tcp-keepalives-in
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
service password-encryption
service compress-config
!
hostname EXAMPLE
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 4096
no logging console
no logging monitor
enable secret 5 $1$Ozot$UGYGbhkdhuhuohjss
!
aaa new-model
!
!
!
!
aaa session-id common
memory-size iomem 20
clock timezone EET 2
clock summer-time EEST recurring last Sun Mar 2:00 last Sun Oct 2:00
!
!
dot11 syslog
no ip source-route
!
!
!
ip dhcp pool local_pool
network 192.168.2.0 255.255.255.0
domain-name EXAMPLE
dns-server 212.59.64.13 212.59.68.66
default-router 192.168.2.254
!
!
ip cef
ip domain name EXAMPLE.lt
ip name-server 212.59.64.13
ip name-server 212.59.68.66
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
memory reserve critical 512
vtp mode transparent
username example privilege 0 secret 5 $1$M3LR$/EFuihjY6HHKDjskjlk;c
!
!
!
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address dhcp
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface Dot11Radio0
no ip address
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
ip address 212.59.67.30 255.255.255.248 secondary
ip address 192.168.2.254 255.255.255.0 secondary
ip address 212.59.77.54 255.255.255.248
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
!
router rip
version 2
redistribute connected
passive-interface default
no passive-interface FastEthernet4
network 212.59.75.0
network 212.59.76.0
network 212.59.77.0
distribute-list prefix RIPOUT out
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 212.59.75.254
ip route 0.0.0.0 0.0.0.0 dhcp
no ip http server
no ip http secure-server
!
!
ip nat translation timeout 300
ip nat translation max-entries 2048
ip nat inside source list 10 interface Vlan1 overload
!
!
ip prefix-list RIPOUT seq 5 permit 212.59.67.24/29
ip prefix-list RIPOUT seq 10 permit 212.59.77.48/29
logging source-interface FastEthernet4
logging 10.1.0.126
access-list 10 permit 192.168.2.0 0.0.0.255
access-list 20 permit 84.250.0.2
access-list 20 permit 212.59.65.8
access-list 20 permit 212.59.75.0 0.0.0.31
access-list 20 deny any
!
!
!
!
snmp-server community monitor RO
!
control-plane
!
!
line con 0
no modem enable
stopbits 1
line aux 0
line vty 0 4
session-timeout 60
access-class 20 in
exec-timeout 180 0
transport input ssh
transport output ssh
!
scheduler max-task-time 5000
sntp server 212.59.65.1
sntp source-interface FastEthernet4
end
no service pad
service tcp-keepalives-in
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
service password-encryption
service compress-config
!
hostname EXAMPLE
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 4096
no logging console
no logging monitor
enable secret 5 $1$Ozot$UGYGbhkdhuhuohjss
!
aaa new-model
!
!
!
!
aaa session-id common
memory-size iomem 20
clock timezone EET 2
clock summer-time EEST recurring last Sun Mar 2:00 last Sun Oct 2:00
!
!
dot11 syslog
no ip source-route
!
!
!
ip dhcp pool local_pool
network 192.168.2.0 255.255.255.0
domain-name EXAMPLE
dns-server 212.59.64.13 212.59.68.66
default-router 192.168.2.254
!
!
ip cef
ip domain name EXAMPLE.lt
ip name-server 212.59.64.13
ip name-server 212.59.68.66
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
memory reserve critical 512
vtp mode transparent
username example privilege 0 secret 5 $1$M3LR$/EFuihjY6HHKDjskjlk;c
!
!
!
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address dhcp
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface Dot11Radio0
no ip address
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
ip address 212.59.67.30 255.255.255.248 secondary
ip address 192.168.2.254 255.255.255.0 secondary
ip address 212.59.77.54 255.255.255.248
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
!
router rip
version 2
redistribute connected
passive-interface default
no passive-interface FastEthernet4
network 212.59.75.0
network 212.59.76.0
network 212.59.77.0
distribute-list prefix RIPOUT out
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 212.59.75.254
ip route 0.0.0.0 0.0.0.0 dhcp
no ip http server
no ip http secure-server
!
!
ip nat translation timeout 300
ip nat translation max-entries 2048
ip nat inside source list 10 interface Vlan1 overload
!
!
ip prefix-list RIPOUT seq 5 permit 212.59.67.24/29
ip prefix-list RIPOUT seq 10 permit 212.59.77.48/29
logging source-interface FastEthernet4
logging 10.1.0.126
access-list 10 permit 192.168.2.0 0.0.0.255
access-list 20 permit 84.250.0.2
access-list 20 permit 212.59.65.8
access-list 20 permit 212.59.75.0 0.0.0.31
access-list 20 deny any
!
!
!
!
snmp-server community monitor RO
!
control-plane
!
!
line con 0
no modem enable
stopbits 1
line aux 0
line vty 0 4
session-timeout 60
access-class 20 in
exec-timeout 180 0
transport input ssh
transport output ssh
!
scheduler max-task-time 5000
sntp server 212.59.65.1
sntp source-interface FastEthernet4
end
Užsisakykite:
Pranešimai (Atom)