hostname R3
!banner message
banner motd #Unauthorized access to this device is prohibited!#
!
!configuring aaa authentication on the router
aaa new-model
aaa authentication login default local
!
!
!setting ssh to use version 2 only
ip ssh version 2
!
!disabling dns lookup
no ip domain-lookup
!
!creating a domain name for ssh. this is used to generate the key
ip domain-name alanR3.com
!
!generating ssh keys
crypto key generate rsa
y
1024
!
!preventing messages interrupting CLI on console connection
line con 0
logging synchronous
!
! disabling aux connection
line aux 0
transport output ssh
no exec
exec-timeout 0 1
no password
!
!preventing messages interrupting CLI on all vty connections
line vty 0 15
!allowing traffic in the acl
access-class 1 in
logging synchronous
!enabling only ssh on the vty connections
transport input ssh
!
!addresses to exclude from DHCP pool
ip dhcp excluded-address 10.111.10.1 10.111.10.2
!
!creating the DHCP pool
ip dhcp pool CLIENTS
network 10.111.10.0 255.255.255.192
!assigning the default gateway
default-router 10.111.10.1
!assigning the dis-server as the default gateway
dns-server 10.111.10.1
!
!configuring int g0/0
int g0/0
ip address 10.111.10.1 255.255.255.192
ip access-group 100 in
!disabling cdp on the int
no cdp enable
no shut
!
!configuring serial interface
int s0/0/1
encapsulation hdlc 
ip address 10.111.0.17 255.255.255.252
!disabling cdp on the int
no cdp enable
no shut
!
!setting up OSPF
router ospf 1
!assigning the router an OSPF ID
router-id 3.3.3.3
!summarising the ospf area
area 2 range 10.111.10.0 255.255.255.192
!stopping advertisements being sent out on interface
passive-interface GigabitEthernet0/0
!adding networks to ospf to advertise
network 10.111.10.0 0.0.0.63 area 2
network 10.111.0.16 0.0.0.3 area 0
!
!
!stops traffic from 10.111.10.0/24 accessing web server
access-list 100 deny ip 10.111.10.0 0.0.0.63 host 10.111.1.254
!stops traffic from 10.111.10.0/24 accessing web server external ip
access-list 100 deny ip 10.111.10.0 0.0.0.63 host 202.100.37.1
!allow everything else
access-list 100 permit ip any any
!
!assigning as password and username to the router
username alan secret kelly
!configuring a password on privileged mode
enable secret kelly
!
end
!copy running config to startup config
copy r s

!