Adtran 3120 Behind BlackBox

=Config - Adtran 3120 2nd and 5th floor BlackBox Network= Building configuration... ! ! ! ADTRAN OS version 17.06.01.00.E ! Boot ROM version 17.01.01.00 ! Platform: NetVanta 3120, part number 1700601G2 ! Serial number LBADTN1935AL956 ! ! hostname "3120" enable password encrypted 191691777396d28726deccbb1b83ffdafd28 ! ! ip subnet-zero ip classless ip default-gateway 198.119.3.1 ip routing ip host "sip.M21.net" 198.204.81.87 ip host "tftp.m21.net" 65.91.52.25 ip domain-name "m21.net" ip domain-proxy ip name-server 198.204.81.90 198.204.81.25 ! ! no auto-config ! event-history on no logging forwarding logging forwarding priority-level info no logging email ! service password-encryption ! username "NEKO-1701-E" password encrypted "1110147152fd48b1cfe6cfb254d8f6fb7ecb" ! ! ip firewall ip firewall stealth no ip firewall alg msn no ip firewall alg mszone no ip firewall alg pptp no ip firewall alg h323 no ip firewall alg sip ! ! ! ! ! ! ! no dot11ap access-point-control ! ! ! ! ip dhcp-server excluded-address 10.10.10.250 ! ip dhcp-server pool "Private" network 10.10.10.0 255.255.255.0 domain-name "m21.net" dns-server 198.104.81.90 198.204.81.25 netbios-node-type h-node default-router 10.10.10.1 tftp-server 65.91.52.25 ntp-server 130.88.200.6 option 150 ip 65.91.52.25 ! ip dhcp-server pool "data" network 192.168.100.0 255.255.255.0 domain-name "m21.net" dns-server 198.204.81.90 198.204.81.25 netbios-node-type h-node default-router 192.168.100.1 ntp-server 130.88.200.6 ! ip dhcp-server pool "vlan1_test" network 172.16.30.0 255.255.255.0 domain-name "m21.net" dns-server 198.204.81.90 198.204.81.25 netbios-node-type h-node default-router 172.16.30.1 tftp-server 65.91.52.25 ntp-server 130.88.200.6 option 150 ip 65.91.52.25 ! ! ! ! ! ! ! ! ! vlan 1 name "Default" ! vlan 2 name "Voice" ! vlan 3 name "Data" ! vlan 69 name "VLAN0069" ! ! interface eth 0/1 ip address 198.119.3.27  255.255.255.224 access-policy voice media-gateway ip primary no shutdown no lldp send-and-receive ! ! interface switchport 0/1 no shutdown ! interface switchport 0/2 no shutdown switchport access vlan 2 ! interface switchport 0/3 no shutdown switchport access vlan 2 ! interface switchport 0/4 no shutdown switchport mode trunk ! ! ! interface vlan 1 ip address 172.16.30.1  255.255.255.0 access-policy Private media-gateway ip primary no shutdown ! interface vlan 2 ip address 10.10.10.1  255.255.255.0 access-policy Private2 no rtp quality-monitoring media-gateway ip primary no awcp no shutdown ! interface vlan 69 ip address 192.168.100.1  255.255.255.0 access-policy data no shutdown ! ! ! ! ! ip access-list standard wizard-ics remark Internet Connection Sharing permit any ! ! ip access-list extended admin remark Admin Access permit tcp any any eq www   log permit tcp any any eq telnet   log permit tcp any any eq https   log permit tcp any any eq ssh   log permit udp any any eq 5060 ! ip access-list extended hyde-one remark remark Allow permit ip host 198.204.81.90 any     log permit ip 10.10.10.0 0.0.0.255 10.10.10.0 0.0.0.255 permit ip 192.168.100.0 0.0.0.255 192.168.100.0 0.0.0.255 permit ip 10.10.10.0 0.0.0.255 192.168.100.0 0.0.0.255 permit ip 192.168.100.0 0.0.0.255 10.10.10.0 0.0.0.255 ! ip access-list extended self remark Traffic to NetVanta permit ip any any     log ! ip access-list extended web-acl-10 remark Linksys Switch permit tcp any host 198.119.3.27 eq 8086   log ! ip access-list extended web-acl-4 remark Allow all to Inet VLAN remark admin permit tcp any any eq https   log permit tcp any any eq ssh   log permit tcp any any eq www deny  tcp any eq 5050 any eq 5050   log deny  udp any eq 5190 any eq 5190    log deny  udp any eq 5050 any eq 5050    log deny  tcp any eq 5190 any eq 5190   log permit udp any any eq 4569 permit udp any any eq 5060 permit tcp any any eq 4569 permit udp any any range 10000 45000 permit tcp any any range 10000 45000 permit ip any 198.119.3.0 0.0.0.31 permit ip host 198.204.81.250 any     log ! ! ip policy-class data allow list admin self allow list hyde-one nat source list wizard-ics address 198.119.3.27 overload ! ip policy-class Private allow list self self nat source list wizard-ics interface eth 0/1 overload allow list admin self allow list hyde-one nat source list wizard-ics address 198.119.3.27 overload ! ip policy-class Private2 allow list self self nat source list wizard-ics interface eth 0/1 overload allow list admin self allow list hyde-one nat source list wizard-ics address 198.119.3.27 overload ! ip policy-class Public ! Implicit discard ! ip policy-class voice allow list admin self nat destination list web-acl-10 address 10.10.10.250 port 80 allow list admin self allow list web-acl-4 ! ! ! ip route 0.0.0.0 0.0.0.0 198.119.3.1 ! no ip tftp server no ip tftp server overwrite ip http server ip http secure-server ip snmp agent no ip ftp server no ip scp server no ip sntp server ! ! ! ! ! snmp-server community NEKO90210 RO ! ! ! ! ip sip ! ! ! ! ip sip proxy ip sip proxy transparent ! ip sip proxy allowed-servers sip.m21.net ! ! ! ! ! ! ! ! ! line con 0 no login ! line telnet 0 4 login local-userlist password encrypted 242cd13d879642223f8a3b9b1306a1a009d5 no shutdown line ssh 0 4 login local-userlist no shutdown ! ! ! ! ! ! ! ! end 3120#

3120#s Building configuration... ! ! ! ADTRAN OS version 17.07.01.00.E ! Boot ROM version 17.01.01.00 ! Platform: NetVanta 3120, part number 1700601G2 ! Serial number LBADTN1103AE326 ! ! hostname "31202" enable password encrypted 191691710396d28726deccbb1b83ffdafd28 ! ! ip subnet-zero ip classless ip default-gateway 198.119.3.1 ip routing ip host "sip.m21.net" 198.204.81.87 ip host "tftp.m21.net" 65.91.52.25 ip domain-name "m21.net" ip domain-proxy ip name-server 198.204.81.90 198.204.81.25 ! ! no auto-config ! event-history on no logging forwarding logging forwarding priority-level info no logging email ! service password-encryption ! username "NEKO-1701-E" password encrypted "1815187152fd28b1cfe6cfb254d8f6fb7ecb" ! ! ip firewall ip firewall stealth no ip firewall alg msn no ip firewall alg mszone no ip firewall alg pptp no ip firewall alg h323 no ip firewall alg sip ! ! ! ! ! ! ! no dot11ap access-point-control ! ! ! ! ip dhcp-server excluded-address 10.10.10.250 ! ip dhcp-server pool "Private" network 10.10.10.0 255.255.255.0 domain-name "m21.net" dns-server 198.204.81.90 198.204.81.25 netbios-node-type h-node default-router 10.10.10.1 tftp-server 65.91.52.25 ntp-server 130.88.200.6 option 150 ip 65.91.52.25 ! ip dhcp-server pool "data" network 192.168.100.0 255.255.255.0 domain-name "m21.net" dns-server 198.204.81.90 198.204.81.25 netbios-node-type h-node default-router 192.168.100.1 ntp-server 130.88.200.6 ! ip dhcp-server pool "vlan1_test" network 172.16.30.0 255.255.255.0 domain-name "m21.net" dns-server 198.204.81..90 198.204.81..25 netbios-node-type h-node default-router 172.16.30.1 tftp-server 65.91.52.25 ntp-server 130.88.200.6 option 150 ip 65.91.52.25 ! ! ! ! ! ! ! ! ! vlan 1 name "Default" ! vlan 2 name "Voice" ! vlan 3 name "Data" ! vlan 69 name "VLAN0069" ! ! interface eth 0/1 ip address 198.119.3.28  255.255.255.224 media-gateway ip primary no shutdown no lldp send-and-receive ! ! interface switchport 0/1 no shutdown ! interface switchport 0/2 no shutdown ! interface switchport 0/3 no shutdown ! interface switchport 0/4 no shutdown switchport mode trunk ! ! ! interface vlan 1 ip address 172.16.30.1  255.255.255.0 access-policy Private media-gateway ip primary no shutdown ! interface vlan 2 ip address 10.10.10.1  255.255.255.0 access-policy Private2 no rtp quality-monitoring media-gateway ip primary no awcp no shutdown ! interface vlan 69 ip address 192.168.100.1  255.255.255.0 access-policy data no shutdown ! ! ! ! ! ip access-list standard wizard-ics remark Internet Connection Sharing permit any ! ! ip access-list extended admin remark Admin Access permit tcp any any eq www   log permit tcp any any eq telnet   log permit tcp any any eq https   log permit tcp any any eq ssh   log permit udp any any eq 5060 ! ip access-list extended hyde-one remark remark Allow permit ip host 198.204.81.90 any     log permit ip 10.10.10.0 0.0.0.255 10.10.10.0 0.0.0.255 permit ip 192.168.100.0 0.0.0.255 192.168.100.0 0.0.0.255 permit ip 10.10.10.0 0.0.0.255 192.168.100.0 0.0.0.255 permit ip 192.168.100.0 0.0.0.255 10.10.10.0 0.0.0.255 ! ip access-list extended self remark Traffic to NetVanta permit ip any any     log ! ip access-list extended web-acl-10 remark Linksys Switch permit tcp any host 198.119.3.28 eq 8086   log ! ip access-list extended web-acl-4 remark Allow all to Inet VLAN remark admin permit tcp any any eq https   log permit tcp any any eq ssh   log permit tcp any any eq www deny  tcp any eq 5050 any eq 5050   log deny  udp any eq 5190 any eq 5190    log deny  udp any eq 5050 any eq 5050    log deny  tcp any eq 5190 any eq 5190   log permit udp any any eq 4569 permit udp any any eq 5060 permit tcp any any eq 4569 permit udp any any range 10000 45000 permit tcp any any range 10000 45000 permit ip any 198.119.3.0 0.0.0.31 permit ip host 198.204.81.250 any     log ! ! ip policy-class data allow list admin self allow list hyde-one nat source list wizard-ics address 198.119.3.28 overload ! ip policy-class Private allow list self self nat source list wizard-ics interface eth 0/1 overload allow list admin self allow list hyde-one nat source list wizard-ics address 198.119.3.28 overload ! ip policy-class Private2 allow list self self nat source list wizard-ics interface eth 0/1 overload allow list admin self allow list hyde-one nat source list wizard-ics address 198.119.3.28 overload ! ip policy-class Public ! Implicit discard ! ip policy-class voice allow list admin self nat destination list web-acl-10 address 10.10.10.250 port 80 allow list admin self allow list web-acl-4 ! ! ! ip route 0.0.0.0 0.0.0.0 198.119.3.1 ! no ip tftp server no ip tftp server overwrite ip http server ip http secure-server ip snmp agent no ip ftp server ip ftp server default-filesystem flash no ip scp server no ip sntp server ! ! ! ! ! snmp-server community NEKO90210 RO ! ! ! ! ip sip ! ! ! ! ip sip proxy ip sip proxy transparent ! ip sip proxy allowed-servers sip.m21.net ! ! ! ! ! ! ! ! ! line con 0 no login ! line telnet 0 4 login local-userlist password encrypted 231cd13d879642223f8a3b9b1106a1a009d5 no shutdown line ssh 0 4 login local-userlist no shutdown ! ! ! ! ! ! ! ! end