
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 1711-1
!
boot-start-marker
boot system flash:c1700-advsecurityk9-mz.123-8.T3.1.bin
boot-end-marker
!
enable secret 5 $1$dhyv$47YzFs3RPPscqWjQBlkgv0
!
username aenfield privilege 15 password 7 0103030854055E5D73
username cisco privilege 15 password 7 0822455D0A16
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
aaa new-model
!
!
aaa authentication eou default group radius
aaa accounting network default start-stop group radius
aaa session-id common
ip subnet-zero
ip cef
!
!
ip admission name NAC_DEMO eapoudp
ip dhcp excluded-address 192.168.6.1 192.168.6.10
ip dhcp excluded-address 192.168.5.1 192.168.5.11
!
ip dhcp pool ACE_19216860
   network 192.168.6.0 255.255.255.0
   default-router 192.168.6.1 
   dns-server 192.168.6.3 
   domain-name prh.com
!
!
ip ips po max-events 100
no ip domain lookup
ip domain name prh.com
ip name-server 192.168.5.11
no ftp-server write-enable
!
!
!
identity profile eapoudp
 device authorize ip-address 192.168.6.3 
 device authorize ip-address 192.168.8.5 
 device authorize ip-address 192.168.8.1 
 device authorize ip-address 192.168.8.33 
 device authorize ip-address 192.168.8.3 
eou logging
!
! 
no crypto isakmp enable
!
!
!
interface FastEthernet0
 description to VLAN7 outside network
 ip address 192.168.7.1 255.255.255.0
 speed 100
 full-duplex
!
interface FastEthernet1
 no ip address
!
interface FastEthernet2
 description to VLAN 6 (Inside Network)
 switchport access vlan 6
 no ip address
 duplex full
 speed 100
!
interface FastEthernet3
 no ip address
 shutdown
!
interface FastEthernet4
 no ip address
 shutdown
!
interface Vlan1
 no ip address
!
interface Vlan6
 ip address 192.168.6.1 255.255.255.0
 ip access-group 101 in
 ip admission NAC_DEMO
!
interface Async1
 no ip address
!
router ospf 3
 log-adjacency-changes
 network 192.168.0.0 0.0.255.255 area 0
!
ip classless
ip http server
ip http authentication aaa
no ip http secure-server
!
!
ip radius source-interface FastEthernet0 
access-list 101 permit ip any host 192.168.6.1
access-list 101 deny   ip any any log
radius-server host 192.168.8.33 auth-port 1645 acct-port 1646
radius-server key 7 070C285F4D06485744
radius-server vsa send authentication
!
control-plane
!
alias exec i sh ip int brief
alias exec rr show run brie
alias exec r show runn
alias exec c config t
alias exec srb sh run | begin
alias exec sri sh run | inc
alias exec sidb sh ip dhcp bind
alias exec sir sh ip route
!
line con 0
 password 7 104906
line 1
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 privilege level 15
 password 7 045C04
 transport input telnet ssh
line vty 5 15
 privilege level 15
 transport input telnet ssh
!
end