Updating cisco router ios

Importers, exporters, distributors and users are responsible for compliance with U. ROM: IOS-XE ROMMON INT_GW uptime is 1 day, 2 hours, 29 minutes Uptime for this control processor is 1 day, 2 hours, 29 minutes System returned to ROM by reload System image file is "bootflashackages.conf" Last reload reason: Reload Command This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. policy-map type service S_L4R 250 class type traffic TC_L4R redirect to ip 192.168.8.227 ! SSS PM [uid:11][7F70759389F0]: : Data: 000018 00 00 00 00 00 00 00 00 ........

updating cisco router ios-86updating cisco router ios-40

ip access-list extended INT_IN permit ip 172.16.1.0 0.0.0.255 any ! aaa server radius dynamic-author client *.*.128.27 server-key 7 070D282F4D06 client *.*.205.229 server-key 7 00081A150754 auth-type any ignore session-key ignore server-key ! Definition 0 In 55293 58737370 0 Match Any 1 61782972 0 Match Any 6 In 22 1395 250 Match ACL OPENGARDEN_IN 7 Out 106 14130 250 Match ACL OPENGARDEN_OUT 20 In 55060 58722263 50 Match ACL INT_IN 6 61767350 50 Match ACL INT_OUT 4294967294 In 106 6781 - Drop 4294967295 Out 29 1492 - Drop Template Id : 4 Features: Qo S Policy Map: Class-id Dir Policy Name Source 0 In SUB-QOS-IN SUB-QOS 1 Out SUB-QOS-OUT SUB-QOS Accounting: Class-id Dir Packets Bytes Source 0 In 54472 57886842 Peruser 2 60718986 Peruser Configuration Sources: Type Active Time AAA Service ID Name SVC - OPEN_GARDEN SVC - INET USR - Peruser SVC - SUB-QOS INT - Port-channel1.1634 ---- ---------- -------------- ---- --------------------------------------------------------------- | id | username | attribute | op | value | ---- ---------- -------------- ---- --------------------------------------------------------------- | 15 | INET | Cisco-AVPair | = | ip:traffic-class=input access-group name INT_IN priority 50 | | 16 | INET | Cisco-AVPair | = | ip:traffic-class=output access-group name INT_OUT priority 50 | | 17 | INET | Cisco-AVPair | = | ip:traffic-class=in default drop | | 18 | INET | Cisco-AVPair | = | ip:traffic-class=out default drop | | 19 | test | Cisco-AVPair | = | ip:sub-qos-policy-in=SUB-QOS10-IN | | 20 | test | Cisco-AVPair | = | ip:sub-qos-policy-out=SUB-QOS10-OUT | | 26 | test | Cisco-AVPair | = | subscriber:accounting-list=ISG_ACC | ---- ---------- -------------- ---- --------------------------------------------------------------- Current Subscriber Information: Total sessions 1 -------------------------------------------------- Type: DHCPv4, UID: 30, State: authen, Identity: test IPv4 Address: 1.11 Session Up-time: , Last Changed: Switch-ID: 4213 Policy information: Context 7F70759389F0: Handle 1E000086 AAA_id 00001EFB: Flow_handle 0 Authentication status: authen Downloaded User profile, excluding services: sub-qos-policy-in 0 "SUB-QOS10-IN" sub-qos-policy-out 0 "SUB-QOS10-OUT" accounting-list 0 "ISG_ACC" Downloaded User profile, including services: username 0 "OPEN_GARDEN" sub-qos-policy-in 0 "SUB-QOS10-IN" sub-qos-policy-out 0 "SUB-QOS10-OUT" accounting-list 0 "ISG_ACC" traffic-class 0 "in default drop" traffic-class 0 "out default drop" traffic-class 0 "output access-group name INT_OUT priority 50" traffic-class 0 "input access-group name INT_IN priority 50" Config history for session (recent to oldest): Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys (Service) Profile name: INET, 3 references sub-qos-policy-in 0 "SUB-QOS-IN" sub-qos-policy-out 0 "SUB-QOS-OUT" traffic-class 0 "in default drop" traffic-class 0 "out default drop" traffic-class 0 "output access-group name INT_OUT priority 50" traffic-class 0 "input access-group name INT_IN priority 50" Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys (Unapplied) (Service) Profile name: S_L4R, 4 references password 0 username 0 "S_L4R" traffic-class 0 "input access-group name ACL_IN_L4R priority 250" l4redirect 0 "redirect to ip 194.187.205.249 port 9002" Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys Profile name: test, 2 references sub-qos-policy-in 0 "SUB-QOS10-IN" sub-qos-policy-out 0 "SUB-QOS10-OUT" accounting-list 0 "ISG_ACC" Access-type: DHCP Client: SM Policy event: Service Selection Request (Service) Profile name: S_L4R, 4 references password 0 username 0 "S_L4R" traffic-class 0 "input access-group name ACL_IN_L4R priority 250" l4redirect 0 "redirect to ip 194.187.205.249 port 9002" Access-type: DHCP Client: SM Policy event: Service Selection Request (Service) Profile name: OPEN_GARDEN, 3 references password 0 username 0 "OPEN_GARDEN" traffic-class 0 "input access-group name OPENGARDEN_IN priority 250" traffic-class 0 "output access-group name OPENGARDEN_OUT priority 250" traffic-class 0 "input default drop" traffic-class 0 "output default drop" Active services associated with session: name "INET" name "OPEN_GARDEN", applied before account logon Rules, actions and conditions executed: subscriber rule-map ISG condition always event session-restart 1 service-policy type service name OPEN_GARDEN 5 set-timer UNAUTH-TIMER 5 10 service-policy type service name S_L4R subscriber rule-map ISG condition always event account-logon 10 authenticate aaa list RAD_SRV 20 service-policy type service unapply name S_L4R 30 service-policy type service name INET Classifiers: Class-id Dir Packets Bytes Pri.

ip access-list extended INT_OUT permit ip any 172.16.1.0 0.0.0.255 ! aaa group server radius RAD_SRV server name RAD_SRV1 load-balance method least-outstanding batch-size 1 ignore-preferred-server ! Definition 0 In 12908 13220477 0 Match Any 9 13694406 0 Match Any 6 In 6 367 250 Match ACL OPENGARDEN_IN 7 Out 26 3094 250 Match ACL OPENGARDEN_OUT 20 In 12888 13217434 50 Match ACL INT_IN 7 13707574 50 Match ACL INT_OUT 4294967294 In 0 0 - Drop 4294967295 Out 1 43 - Drop Template Id : 4 Features: Qo S Policy Map: Class-id Dir Policy Name Source 0 In SUB-QOS10-IN Peruser 1 Out SUB-QOS10-OUT Peruser Accounting: Class-id Dir Packets Bytes Source 0 In 12158 12126567 Peruser 5 12461036 Peruser Configuration Sources: Type Active Time AAA Service ID Name SVC - OPEN_GARDEN SVC - INET USR - Peruser INT - Port-channel1.1634policy-map SUB-QOS-IN class class-default police cir 50000000 policy-map SUB-QOS10-OUT class class-default police cir 10000000 policy-map SUB-QOS10-IN class class-default police cir 10000000 policy-map SUB-QOS-OUT class class-default police cir 50000000 !

Compiled Wed 26-Mar-14 by mcpre Cisco IOS-XE software, Copyright (c) 2005-2014 by cisco Systems, Inc. Certain components of Cisco IOS-XE software are licensed under the GNU General Public License ("GPL") Version 2.0. ip flow-export destination *.*.205.229 5096 no ip http server no ip http secure-server ip route 0.0.0.0 0.0.0.0 *.*.204.35 ! radius server RAD_SRV1 address ipv4 *.*.128.27 auth-port 1812 acct-port 1813 key 7 06100625494114181412 ! SSS PM [uid:11][7F70759389F0]: : Data: 000008 00 00 00 00 7F 70 75 3F .....pu?

The software code licensed under GPL Version 2.0 is free software that comes with ABSOLUTELY NO WARRANTY. laws governing Cisco cryptographic products may be found at: you require further assistance please contact us by sending email to [email protected] ip access-list extended ACL_IN_L4R permit tcp any any eq www permit tcp any any eq 443 ip access-list extended INT_IN permit ip any any ip access-list extended INT_OUT permit ip any any ip access-list extended NAT_RULES deny ip 10.97.0.0 0.0.255.255 *.*.204.0 0.0.3.255 deny ip 10.97.0.0 0.0.255.255 *.*.24.0 0.0.7.255 deny ip 10.97.0.0 0.0.255.255 *.*.128.0 0.0.127.255 deny ip 10.97.0.0 0.0.255.255 10.0.0.0 0.255.255.255 deny ip 10.97.0.0 0.0.255.255 172.16.0.0 0.15.255.255 permit ip 10.97.0.0 0.0.255.255 any ip access-list extended OPENGARDEN_IN permit ip any host *.*.205.229 permit ip any host *.*.205.249 permit ip any host *.*.204.254 permit ip any host *.*.205.226 ip access-list extended OPENGARDEN_OUT permit ip host *.*.205.229 any permit ip host *.*.205.249 any permit ip host *.*.204.254 any permit ip host *.*.205.226 any ! SSS PM [uid:11][7F70759389F0]: : Data: 000010 C6 38 00 00 00 00 00 00 .8......

interface Gigabit Ethernet1 description host ip address 172.16.1.254 255.255.255.0 ip helper-address 192.168.8.228 service-policy type control ISG ip subscriber l2-connected initiator unclassified mac-address ! *Aug 12 .394: SSF[uid:17:0.1]: L2HW Activate features returned: Success *Aug 12 .394: SSF[S_L4R/uid:.27]: Unbind flow segment notify. 502 Bad Gateway - PHP 502 Bad Gateway The server returned an invalid or incomplete response.

interface Gigabit Ethernet2 description server-dhcp-int_gw ip address dhcp ! IETF 0/0 ASCEND 0/0 cause *Aug 12 .394: SSF[S_L4R/uid:.27/L4 Redirect]: Removing feature on segment *Aug 12 .394: L4 Redirect: Remove inbound direction from Service Profile configuration *Aug 12 .394: L4 Redirect: Updating (remove) L4R feature context *Aug 12 .394: SSF[uid:.27/L4 Redirect]: L2HW IC bind feature returned: Success *Aug 12 .394: SSF[uid:17:0.1/L4 Redirect]: L2HW In Q Update feature info request returned: Success *Aug 12 .394: SSF[uid:17/L4 Redirect]: Stop timer *Aug 12 .394: L4 Redirect: Deleted L4R rule context *Aug 12 .394: L4 Redirect: Removing L4R feature context with no remaining rules *Aug 12 .394: SSF[uid:17/L4 Redirect]: Removing inbound direction feature context from segment *Aug 12 .394: L4 Redirect: Deleted L4R feature context *Aug 12 .394: SSF[uid:17/L4 Redirect]: Removing outbound direction feature context from segment *Aug 12 .394: L4 Redirect: Deleted L4R feature context *Aug 12 .394: L4 Redirect: Templated session L4R freeing parent outbound *Aug 12 .394: SSF: Removed feature in inbound direction: Success *Aug 12 .394: SSF[S_L4R/uid:.27/L4 Redirect]: Successfully removed feature on segment *Aug 12 .394: SSF[S_L4R/uid:.27]: Disassociated segment from Service Profile configuration source, Success *Aug 12 .394: SSF[S_L4R/uid:.27]: Unbind flow segment from configuration source, Success *Aug 12 .394: SSF[uid:17:0.1/L4 Redirect]: L2HW Queued feature info free. vps apache nginx AMD Opteron Dual Core 1218 5200 2 x 300 GB HDD SATA2 (software RAID1) 4...

ROM: IOS-XE ROMMON DHCP_SERVER uptime is 1 week, 5 days, 1 hour, 49 minutes Uptime for this control processor is 1 week, 5 days, 1 hour, 50 minutes System returned to ROM by reload System restarted at FET Thu May 22 2014 System image file is "bootflashackages.conf" Last reload reason: Unknown reason This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. You can redistribute and/or modify such GPL code under the terms of GPL Version 2.0. username a.ivanov privilege 15 secret 5

interface Gigabit Ethernet2 description server-dhcp-int_gw ip address dhcp ! IETF 0/0 ASCEND 0/0 cause *Aug 12 .394: SSF[S_L4R/uid:.27/L4 Redirect]: Removing feature on segment *Aug 12 .394: L4 Redirect: Remove inbound direction from Service Profile configuration *Aug 12 .394: L4 Redirect: Updating (remove) L4R feature context *Aug 12 .394: SSF[uid:.27/L4 Redirect]: L2HW IC bind feature returned: Success *Aug 12 .394: SSF[uid:17:0.1/L4 Redirect]: L2HW In Q Update feature info request returned: Success *Aug 12 .394: SSF[uid:17/L4 Redirect]: Stop timer *Aug 12 .394: L4 Redirect: Deleted L4R rule context *Aug 12 .394: L4 Redirect: Removing L4R feature context with no remaining rules *Aug 12 .394: SSF[uid:17/L4 Redirect]: Removing inbound direction feature context from segment *Aug 12 .394: L4 Redirect: Deleted L4R feature context *Aug 12 .394: SSF[uid:17/L4 Redirect]: Removing outbound direction feature context from segment *Aug 12 .394: L4 Redirect: Deleted L4R feature context *Aug 12 .394: L4 Redirect: Templated session L4R freeing parent outbound *Aug 12 .394: SSF: Removed feature in inbound direction: Success *Aug 12 .394: SSF[S_L4R/uid:.27/L4 Redirect]: Successfully removed feature on segment *Aug 12 .394: SSF[S_L4R/uid:.27]: Disassociated segment from Service Profile configuration source, Success *Aug 12 .394: SSF[S_L4R/uid:.27]: Unbind flow segment from configuration source, Success *Aug 12 .394: SSF[uid:17:0.1/L4 Redirect]: L2HW Queued feature info free. vps apache nginx AMD Opteron Dual Core 1218 5200 2 x 300 GB HDD SATA2 (software RAID1) 4... ROM: IOS-XE ROMMON DHCP_SERVER uptime is 1 week, 5 days, 1 hour, 49 minutes Uptime for this control processor is 1 week, 5 days, 1 hour, 50 minutes System returned to ROM by reload System restarted at FET Thu May 22 2014 System image file is "bootflashackages.conf" Last reload reason: Unknown reason This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. You can redistribute and/or modify such GPL code under the terms of GPL Version 2.0. username a.ivanov privilege 15 secret 5 $1$Ya Al$OVACRX6v0tr I3Ms/4RDwm/ ! class-map type traffic match-any OPEN_GARDEN match access-group input name OPENGARDEN_IN match access-group output name OPENGARDEN_OUT ! subscriber redundancy dynamic periodic-update interval 15 subscriber service multiple-accept subscriber service session-accounting subscriber service accounting interim-interval 1 subscriber templating subscriber authorization enable ! SSS PM [uid:11][7F70759389F0]: : Data: 000008 00 00 00 00 7F 70 75 3F .....pu?Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. By using this product you agree to comply with applicable laws and regulations. For more details, see the documentation or "License Notice" file accompanying the IOS-XE software, or the applicable URL provided on the flyer accompanying the IOS-XE software. class-map type control match-all ISG-IP-UNAUTH match timer UNAUTH-TIMER match authen-status unauthenticated ! SSS PM [uid:11][7F70759389F0]: : Data: 000010 C6 38 00 00 00 00 00 00 .8......ip route 0.0.0.0 0.0.0.0 192.168.8.226 ip route 192.168.0.0 255.255.0.0 192.168.8.1 ! *Aug 12 .394: SSF[uid:17:0.1]: L2HW Clear queued feature events returned: Success *Aug 12 .394: SSF[uid:.27]: Request flow segment context to be released *Aug 12 .394: SSF[uid:.27]: Deleting flow segment context *Aug 12 .394: SSF[Peruser/uid:17:0.1]: Apply Per-user configured features from source(EE00000A) *Aug 12 .394: SSF[Peruser/uid:17:0.1/Accounting]: Applying feature on segment ... ip access-list extended ACL_IN_L4R permit tcp any any eq www permit tcp any any eq 443 ! Current Subscriber Information: Total sessions 1 -------------------------------------------------- Type: DHCPv4, UID: 17, State: authen, Identity: test IPv4 Address: 1.11 Session Up-time: , Last Changed: Switch-ID: 4158 Policy information: Context 7F70759389F0: Handle 1B000046 AAA_id 00001C9A: Flow_handle 0 Authentication status: authen Downloaded User profile, excluding services: accounting-list 0 "ISG_ACC" Downloaded User profile, including services: accounting-list 0 "ISG_ACC" sub-qos-policy-in 0 "SUB-QOS-IN" sub-qos-policy-out 0 "SUB-QOS-OUT" traffic-class 0 "in default drop" traffic-class 0 "out default drop" traffic-class 0 "output access-group name INT_OUT priority 50" traffic-class 0 "input access-group name INT_IN priority 50" username 0 "SUB-QOS" sub-policy-In 0 "SUB-QOS-IN" sub-policy-Out 0 "SUB-QOS-OUT" Config history for session (recent to oldest): Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys (Service) Profile name: SUB-QOS, 3 references password 0 username 0 "SUB-QOS" sub-policy-In 0 "SUB-QOS-IN" sub-policy-Out 0 "SUB-QOS-OUT" Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys (Service) Profile name: INET, 3 references sub-qos-policy-in 0 "SUB-QOS-IN" sub-qos-policy-out 0 "SUB-QOS-OUT" traffic-class 0 "in default drop" traffic-class 0 "out default drop" traffic-class 0 "output access-group name INT_OUT priority 50" traffic-class 0 "input access-group name INT_IN priority 50" Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys (Unapplied) (Service) Profile name: S_L4R, 4 references password 0 username 0 "S_L4R" traffic-class 0 "input access-group name ACL_IN_L4R priority 250" l4redirect 0 "redirect to ip 194.187.205.249 port 9002" Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys Profile name: test, 2 references accounting-list 0 "ISG_ACC" Access-type: DHCP Client: SM Policy event: Service Selection Request (Service) Profile name: S_L4R, 4 references password 0 username 0 "S_L4R" traffic-class 0 "input access-group name ACL_IN_L4R priority 250" l4redirect 0 "redirect to ip 194.187.205.249 port 9002" Access-type: DHCP Client: SM Policy event: Service Selection Request (Service) Profile name: OPEN_GARDEN, 3 references password 0 username 0 "OPEN_GARDEN" traffic-class 0 "input access-group name OPENGARDEN_IN priority 250" traffic-class 0 "output access-group name OPENGARDEN_OUT priority 250" traffic-class 0 "input default drop" traffic-class 0 "output default drop" Active services associated with session: name "SUB-QOS" name "INET" name "OPEN_GARDEN", applied before account logon Rules, actions and conditions executed: subscriber rule-map ISG condition always event session-restart 1 service-policy type service name OPEN_GARDEN 5 set-timer UNAUTH-TIMER 5 10 service-policy type service name S_L4R subscriber rule-map ISG condition always event account-logon 10 authenticate aaa list RAD_SRV 20 service-policy type service unapply name S_L4R 30 service-policy type service name INET 40 service-policy type service name SUB-QOS subscriber condition-map match-all ISG-IP-UNAUTH match identifier timer UNAUTH-TIMER [TRUE] match identifier authen-status unauthenticated [FALSE] subscriber rule-map ISG condition ISG-IP-UNAUTH event timed-policy-expiry subscriber condition-map match-all ISG-IP-UNAUTH match identifier timer UNAUTH-TIMER [TRUE] match identifier authen-status unauthenticated [FALSE] subscriber rule-map ISG condition ISG-IP-UNAUTH event timed-policy-expiry subscriber condition-map match-all ISG-IP-UNAUTH match identifier timer UNAUTH-TIMER [TRUE] match identifier authen-status unauthenticated [FALSE] subscriber rule-map ISG condition ISG-IP-UNAUTH event timed-policy-expiry Classifiers: Class-id Dir Packets Bytes Pri. policy-map SUB-QOS-IN class class-default police cir 100000 ! ip domain name ip name-server *.*.205.226 ip name-server *.*.205.254 ip dhcp relay information policy keep ip dhcp relay information trust-all ! *Aug 12 .394: SSF[uid:17:0.1/Qo S Policy Map]: Feature apply continue: pending mask = 0x0 *Aug 12 .394: SSF[INET/uid:17:0.1]: Apply Service Profile configured features from source(BC00000A) *Aug 12 .394: SSF[INET/uid:.21]: Config source Service Profile is already applied to this session, ignoring apply request *Aug 12 .394: SSF[SUB-QOS/uid:17:0.1]: Config source Service Profile is already applied to this session, ignoring apply request *Aug 12 .394: SSF[uid:17:0.1/Qo S Policy Map]: L2HW Update feature returned: Ready *Aug 12 .394: SSF[uid:17:0.1/Qo S Policy Map]: L2HW Queued feature info free.

||

interface Gigabit Ethernet2 description server-dhcp-int_gw ip address dhcp ! IETF 0/0 ASCEND 0/0 cause *Aug 12 .394: SSF[S_L4R/uid:.27/L4 Redirect]: Removing feature on segment *Aug 12 .394: L4 Redirect: Remove inbound direction from Service Profile configuration *Aug 12 .394: L4 Redirect: Updating (remove) L4R feature context *Aug 12 .394: SSF[uid:.27/L4 Redirect]: L2HW IC bind feature returned: Success *Aug 12 .394: SSF[uid:17:0.1/L4 Redirect]: L2HW In Q Update feature info request returned: Success *Aug 12 .394: SSF[uid:17/L4 Redirect]: Stop timer *Aug 12 .394: L4 Redirect: Deleted L4R rule context *Aug 12 .394: L4 Redirect: Removing L4R feature context with no remaining rules *Aug 12 .394: SSF[uid:17/L4 Redirect]: Removing inbound direction feature context from segment *Aug 12 .394: L4 Redirect: Deleted L4R feature context *Aug 12 .394: SSF[uid:17/L4 Redirect]: Removing outbound direction feature context from segment *Aug 12 .394: L4 Redirect: Deleted L4R feature context *Aug 12 .394: L4 Redirect: Templated session L4R freeing parent outbound *Aug 12 .394: SSF: Removed feature in inbound direction: Success *Aug 12 .394: SSF[S_L4R/uid:.27/L4 Redirect]: Successfully removed feature on segment *Aug 12 .394: SSF[S_L4R/uid:.27]: Disassociated segment from Service Profile configuration source, Success *Aug 12 .394: SSF[S_L4R/uid:.27]: Unbind flow segment from configuration source, Success *Aug 12 .394: SSF[uid:17:0.1/L4 Redirect]: L2HW Queued feature info free. vps apache nginx AMD Opteron Dual Core 1218 5200 2 x 300 GB HDD SATA2 (software RAID1) 4...

ROM: IOS-XE ROMMON DHCP_SERVER uptime is 1 week, 5 days, 1 hour, 49 minutes Uptime for this control processor is 1 week, 5 days, 1 hour, 50 minutes System returned to ROM by reload System restarted at FET Thu May 22 2014 System image file is "bootflashackages.conf" Last reload reason: Unknown reason This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. You can redistribute and/or modify such GPL code under the terms of GPL Version 2.0. username a.ivanov privilege 15 secret 5 $1$Ya Al$OVACRX6v0tr I3Ms/4RDwm/ ! class-map type traffic match-any OPEN_GARDEN match access-group input name OPENGARDEN_IN match access-group output name OPENGARDEN_OUT ! subscriber redundancy dynamic periodic-update interval 15 subscriber service multiple-accept subscriber service session-accounting subscriber service accounting interim-interval 1 subscriber templating subscriber authorization enable ! SSS PM [uid:11][7F70759389F0]: : Data: 000008 00 00 00 00 7F 70 75 3F .....pu?

Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. By using this product you agree to comply with applicable laws and regulations. For more details, see the documentation or "License Notice" file accompanying the IOS-XE software, or the applicable URL provided on the flyer accompanying the IOS-XE software. class-map type control match-all ISG-IP-UNAUTH match timer UNAUTH-TIMER match authen-status unauthenticated ! SSS PM [uid:11][7F70759389F0]: : Data: 000010 C6 38 00 00 00 00 00 00 .8......

ip route 0.0.0.0 0.0.0.0 192.168.8.226 ip route 192.168.0.0 255.255.0.0 192.168.8.1 ! *Aug 12 .394: SSF[uid:17:0.1]: L2HW Clear queued feature events returned: Success *Aug 12 .394: SSF[uid:.27]: Request flow segment context to be released *Aug 12 .394: SSF[uid:.27]: Deleting flow segment context *Aug 12 .394: SSF[Peruser/uid:17:0.1]: Apply Per-user configured features from source(EE00000A) *Aug 12 .394: SSF[Peruser/uid:17:0.1/Accounting]: Applying feature on segment ...

ip access-list extended ACL_IN_L4R permit tcp any any eq www permit tcp any any eq 443 ! Current Subscriber Information: Total sessions 1 -------------------------------------------------- Type: DHCPv4, UID: 17, State: authen, Identity: test IPv4 Address: 1.11 Session Up-time: , Last Changed: Switch-ID: 4158 Policy information: Context 7F70759389F0: Handle 1B000046 AAA_id 00001C9A: Flow_handle 0 Authentication status: authen Downloaded User profile, excluding services: accounting-list 0 "ISG_ACC" Downloaded User profile, including services: accounting-list 0 "ISG_ACC" sub-qos-policy-in 0 "SUB-QOS-IN" sub-qos-policy-out 0 "SUB-QOS-OUT" traffic-class 0 "in default drop" traffic-class 0 "out default drop" traffic-class 0 "output access-group name INT_OUT priority 50" traffic-class 0 "input access-group name INT_IN priority 50" username 0 "SUB-QOS" sub-policy-In 0 "SUB-QOS-IN" sub-policy-Out 0 "SUB-QOS-OUT" Config history for session (recent to oldest): Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys (Service) Profile name: SUB-QOS, 3 references password 0 username 0 "SUB-QOS" sub-policy-In 0 "SUB-QOS-IN" sub-policy-Out 0 "SUB-QOS-OUT" Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys (Service) Profile name: INET, 3 references sub-qos-policy-in 0 "SUB-QOS-IN" sub-qos-policy-out 0 "SUB-QOS-OUT" traffic-class 0 "in default drop" traffic-class 0 "out default drop" traffic-class 0 "output access-group name INT_OUT priority 50" traffic-class 0 "input access-group name INT_IN priority 50" Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys (Unapplied) (Service) Profile name: S_L4R, 4 references password 0 username 0 "S_L4R" traffic-class 0 "input access-group name ACL_IN_L4R priority 250" l4redirect 0 "redirect to ip 194.187.205.249 port 9002" Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys Profile name: test, 2 references accounting-list 0 "ISG_ACC" Access-type: DHCP Client: SM Policy event: Service Selection Request (Service) Profile name: S_L4R, 4 references password 0 username 0 "S_L4R" traffic-class 0 "input access-group name ACL_IN_L4R priority 250" l4redirect 0 "redirect to ip 194.187.205.249 port 9002" Access-type: DHCP Client: SM Policy event: Service Selection Request (Service) Profile name: OPEN_GARDEN, 3 references password 0 username 0 "OPEN_GARDEN" traffic-class 0 "input access-group name OPENGARDEN_IN priority 250" traffic-class 0 "output access-group name OPENGARDEN_OUT priority 250" traffic-class 0 "input default drop" traffic-class 0 "output default drop" Active services associated with session: name "SUB-QOS" name "INET" name "OPEN_GARDEN", applied before account logon Rules, actions and conditions executed: subscriber rule-map ISG condition always event session-restart 1 service-policy type service name OPEN_GARDEN 5 set-timer UNAUTH-TIMER 5 10 service-policy type service name S_L4R subscriber rule-map ISG condition always event account-logon 10 authenticate aaa list RAD_SRV 20 service-policy type service unapply name S_L4R 30 service-policy type service name INET 40 service-policy type service name SUB-QOS subscriber condition-map match-all ISG-IP-UNAUTH match identifier timer UNAUTH-TIMER [TRUE] match identifier authen-status unauthenticated [FALSE] subscriber rule-map ISG condition ISG-IP-UNAUTH event timed-policy-expiry subscriber condition-map match-all ISG-IP-UNAUTH match identifier timer UNAUTH-TIMER [TRUE] match identifier authen-status unauthenticated [FALSE] subscriber rule-map ISG condition ISG-IP-UNAUTH event timed-policy-expiry subscriber condition-map match-all ISG-IP-UNAUTH match identifier timer UNAUTH-TIMER [TRUE] match identifier authen-status unauthenticated [FALSE] subscriber rule-map ISG condition ISG-IP-UNAUTH event timed-policy-expiry Classifiers: Class-id Dir Packets Bytes Pri.

policy-map SUB-QOS-IN class class-default police cir 100000 ! ip domain name ip name-server *.*.205.226 ip name-server *.*.205.254 ip dhcp relay information policy keep ip dhcp relay information trust-all ! *Aug 12 .394: SSF[uid:17:0.1/Qo S Policy Map]: Feature apply continue: pending mask = 0x0 *Aug 12 .394: SSF[INET/uid:17:0.1]: Apply Service Profile configured features from source(BC00000A) *Aug 12 .394: SSF[INET/uid:.21]: Config source Service Profile is already applied to this session, ignoring apply request *Aug 12 .394: SSF[SUB-QOS/uid:17:0.1]: Config source Service Profile is already applied to this session, ignoring apply request *Aug 12 .394: SSF[uid:17:0.1/Qo S Policy Map]: L2HW Update feature returned: Ready *Aug 12 .394: SSF[uid:17:0.1/Qo S Policy Map]: L2HW Queued feature info free.

||

interface Gigabit Ethernet2 description server-dhcp-int_gw ip address dhcp ! IETF 0/0 ASCEND 0/0 cause *Aug 12 .394: SSF[S_L4R/uid:.27/L4 Redirect]: Removing feature on segment *Aug 12 .394: L4 Redirect: Remove inbound direction from Service Profile configuration *Aug 12 .394: L4 Redirect: Updating (remove) L4R feature context *Aug 12 .394: SSF[uid:.27/L4 Redirect]: L2HW IC bind feature returned: Success *Aug 12 .394: SSF[uid:17:0.1/L4 Redirect]: L2HW In Q Update feature info request returned: Success *Aug 12 .394: SSF[uid:17/L4 Redirect]: Stop timer *Aug 12 .394: L4 Redirect: Deleted L4R rule context *Aug 12 .394: L4 Redirect: Removing L4R feature context with no remaining rules *Aug 12 .394: SSF[uid:17/L4 Redirect]: Removing inbound direction feature context from segment *Aug 12 .394: L4 Redirect: Deleted L4R feature context *Aug 12 .394: SSF[uid:17/L4 Redirect]: Removing outbound direction feature context from segment *Aug 12 .394: L4 Redirect: Deleted L4R feature context *Aug 12 .394: L4 Redirect: Templated session L4R freeing parent outbound *Aug 12 .394: SSF: Removed feature in inbound direction: Success *Aug 12 .394: SSF[S_L4R/uid:.27/L4 Redirect]: Successfully removed feature on segment *Aug 12 .394: SSF[S_L4R/uid:.27]: Disassociated segment from Service Profile configuration source, Success *Aug 12 .394: SSF[S_L4R/uid:.27]: Unbind flow segment from configuration source, Success *Aug 12 .394: SSF[uid:17:0.1/L4 Redirect]: L2HW Queued feature info free. vps apache nginx AMD Opteron Dual Core 1218 5200 2 x 300 GB HDD SATA2 (software RAID1) 4...

ROM: IOS-XE ROMMON DHCP_SERVER uptime is 1 week, 5 days, 1 hour, 49 minutes Uptime for this control processor is 1 week, 5 days, 1 hour, 50 minutes System returned to ROM by reload System restarted at FET Thu May 22 2014 System image file is "bootflashackages.conf" Last reload reason: Unknown reason This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. You can redistribute and/or modify such GPL code under the terms of GPL Version 2.0. username a.ivanov privilege 15 secret 5 $1$Ya Al$OVACRX6v0tr I3Ms/4RDwm/ ! class-map type traffic match-any OPEN_GARDEN match access-group input name OPENGARDEN_IN match access-group output name OPENGARDEN_OUT ! subscriber redundancy dynamic periodic-update interval 15 subscriber service multiple-accept subscriber service session-accounting subscriber service accounting interim-interval 1 subscriber templating subscriber authorization enable ! SSS PM [uid:11][7F70759389F0]: : Data: 000008 00 00 00 00 7F 70 75 3F .....pu?

Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. By using this product you agree to comply with applicable laws and regulations. For more details, see the documentation or "License Notice" file accompanying the IOS-XE software, or the applicable URL provided on the flyer accompanying the IOS-XE software. class-map type control match-all ISG-IP-UNAUTH match timer UNAUTH-TIMER match authen-status unauthenticated ! SSS PM [uid:11][7F70759389F0]: : Data: 000010 C6 38 00 00 00 00 00 00 .8......

ip route 0.0.0.0 0.0.0.0 192.168.8.226 ip route 192.168.0.0 255.255.0.0 192.168.8.1 ! *Aug 12 .394: SSF[uid:17:0.1]: L2HW Clear queued feature events returned: Success *Aug 12 .394: SSF[uid:.27]: Request flow segment context to be released *Aug 12 .394: SSF[uid:.27]: Deleting flow segment context *Aug 12 .394: SSF[Peruser/uid:17:0.1]: Apply Per-user configured features from source(EE00000A) *Aug 12 .394: SSF[Peruser/uid:17:0.1/Accounting]: Applying feature on segment ...

$Ya Al$OVACRX6v0tr I3Ms/4RDwm/ ! class-map type traffic match-any OPEN_GARDEN match access-group input name OPENGARDEN_IN match access-group output name OPENGARDEN_OUT ! subscriber redundancy dynamic periodic-update interval 15 subscriber service multiple-accept subscriber service session-accounting subscriber service accounting interim-interval 1 subscriber templating subscriber authorization enable ! SSS PM [uid:11][7F70759389F0]: : Data: 000008 00 00 00 00 7F 70 75 3F .....pu?

Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. By using this product you agree to comply with applicable laws and regulations. For more details, see the documentation or "License Notice" file accompanying the IOS-XE software, or the applicable URL provided on the flyer accompanying the IOS-XE software. class-map type control match-all ISG-IP-UNAUTH match timer UNAUTH-TIMER match authen-status unauthenticated ! SSS PM [uid:11][7F70759389F0]: : Data: 000010 C6 38 00 00 00 00 00 00 .8......

ip route 0.0.0.0 0.0.0.0 192.168.8.226 ip route 192.168.0.0 255.255.0.0 192.168.8.1 ! *Aug 12 .394: SSF[uid:17:0.1]: L2HW Clear queued feature events returned: Success *Aug 12 .394: SSF[uid:.27]: Request flow segment context to be released *Aug 12 .394: SSF[uid:.27]: Deleting flow segment context *Aug 12 .394: SSF[Peruser/uid:17:0.1]: Apply Per-user configured features from source(EE00000A) *Aug 12 .394: SSF[Peruser/uid:17:0.1/Accounting]: Applying feature on segment ...

ip access-list extended ACL_IN_L4R permit tcp any any eq www permit tcp any any eq 443 ! Current Subscriber Information: Total sessions 1 -------------------------------------------------- Type: DHCPv4, UID: 17, State: authen, Identity: test IPv4 Address: 1.11 Session Up-time: , Last Changed: Switch-ID: 4158 Policy information: Context 7F70759389F0: Handle 1B000046 AAA_id 00001C9A: Flow_handle 0 Authentication status: authen Downloaded User profile, excluding services: accounting-list 0 "ISG_ACC" Downloaded User profile, including services: accounting-list 0 "ISG_ACC" sub-qos-policy-in 0 "SUB-QOS-IN" sub-qos-policy-out 0 "SUB-QOS-OUT" traffic-class 0 "in default drop" traffic-class 0 "out default drop" traffic-class 0 "output access-group name INT_OUT priority 50" traffic-class 0 "input access-group name INT_IN priority 50" username 0 "SUB-QOS" sub-policy-In 0 "SUB-QOS-IN" sub-policy-Out 0 "SUB-QOS-OUT" Config history for session (recent to oldest): Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys (Service) Profile name: SUB-QOS, 3 references password 0 username 0 "SUB-QOS" sub-policy-In 0 "SUB-QOS-IN" sub-policy-Out 0 "SUB-QOS-OUT" Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys (Service) Profile name: INET, 3 references sub-qos-policy-in 0 "SUB-QOS-IN" sub-qos-policy-out 0 "SUB-QOS-OUT" traffic-class 0 "in default drop" traffic-class 0 "out default drop" traffic-class 0 "output access-group name INT_OUT priority 50" traffic-class 0 "input access-group name INT_IN priority 50" Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys (Unapplied) (Service) Profile name: S_L4R, 4 references password 0 username 0 "S_L4R" traffic-class 0 "input access-group name ACL_IN_L4R priority 250" l4redirect 0 "redirect to ip 194.187.205.249 port 9002" Access-type: Web-user-logon Client: Account Command-Handler Policy event: Got More Keys Profile name: test, 2 references accounting-list 0 "ISG_ACC" Access-type: DHCP Client: SM Policy event: Service Selection Request (Service) Profile name: S_L4R, 4 references password 0 username 0 "S_L4R" traffic-class 0 "input access-group name ACL_IN_L4R priority 250" l4redirect 0 "redirect to ip 194.187.205.249 port 9002" Access-type: DHCP Client: SM Policy event: Service Selection Request (Service) Profile name: OPEN_GARDEN, 3 references password 0 username 0 "OPEN_GARDEN" traffic-class 0 "input access-group name OPENGARDEN_IN priority 250" traffic-class 0 "output access-group name OPENGARDEN_OUT priority 250" traffic-class 0 "input default drop" traffic-class 0 "output default drop" Active services associated with session: name "SUB-QOS" name "INET" name "OPEN_GARDEN", applied before account logon Rules, actions and conditions executed: subscriber rule-map ISG condition always event session-restart 1 service-policy type service name OPEN_GARDEN 5 set-timer UNAUTH-TIMER 5 10 service-policy type service name S_L4R subscriber rule-map ISG condition always event account-logon 10 authenticate aaa list RAD_SRV 20 service-policy type service unapply name S_L4R 30 service-policy type service name INET 40 service-policy type service name SUB-QOS subscriber condition-map match-all ISG-IP-UNAUTH match identifier timer UNAUTH-TIMER [TRUE] match identifier authen-status unauthenticated [FALSE] subscriber rule-map ISG condition ISG-IP-UNAUTH event timed-policy-expiry subscriber condition-map match-all ISG-IP-UNAUTH match identifier timer UNAUTH-TIMER [TRUE] match identifier authen-status unauthenticated [FALSE] subscriber rule-map ISG condition ISG-IP-UNAUTH event timed-policy-expiry subscriber condition-map match-all ISG-IP-UNAUTH match identifier timer UNAUTH-TIMER [TRUE] match identifier authen-status unauthenticated [FALSE] subscriber rule-map ISG condition ISG-IP-UNAUTH event timed-policy-expiry Classifiers: Class-id Dir Packets Bytes Pri.

policy-map SUB-QOS-IN class class-default police cir 100000 ! ip domain name ip name-server *.*.205.226 ip name-server *.*.205.254 ip dhcp relay information policy keep ip dhcp relay information trust-all ! *Aug 12 .394: SSF[uid:17:0.1/Qo S Policy Map]: Feature apply continue: pending mask = 0x0 *Aug 12 .394: SSF[INET/uid:17:0.1]: Apply Service Profile configured features from source(BC00000A) *Aug 12 .394: SSF[INET/uid:.21]: Config source Service Profile is already applied to this session, ignoring apply request *Aug 12 .394: SSF[SUB-QOS/uid:17:0.1]: Config source Service Profile is already applied to this session, ignoring apply request *Aug 12 .394: SSF[uid:17:0.1/Qo S Policy Map]: L2HW Update feature returned: Ready *Aug 12 .394: SSF[uid:17:0.1/Qo S Policy Map]: L2HW Queued feature info free.

Tags: , ,