srieger
/
git-virl-hs-fulda
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
45 Commits
1 Branch
0 Tags
667 KiB
Tree: b28f9f4678
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b28f9f4678'
${ noResults }
git-virl-hs-fulda/GIT-VIRL-HS-Fulda/!Experiments/smb-asa.virl

563 lines
12 KiB
Raw Normal View History

initial commit
9 years ago
  1. <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
  2. <topology xmlns="http://www.cisco.com/VIRL" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" schemaVersion="0.9" xsi:schemaLocation="http://www.cisco.com/VIRL https://raw.github.com/CiscoVIRL/schema/v0.9/virl.xsd">
  3. <extensions>
  4. <entry key="management_network" type="String">exclusive</entry>
  5. </extensions>
  6. <node name="flat-2" type="ASSET" subtype="FLAT" location="261,80">
  7. <interface id="0" name="link0"/>
  8. </node>
  9. <node name="iosvl2-1" type="SIMPLE" subtype="IOSvL2" location="527,252">
  10. <extensions>
  11. <entry key="config" type="string">! IOSvL2 Config generated on 2015-08-13 20:38
  12. ! by autonetkit_0.15.3
  13. !
  14. version 15.2
  15. service timestamps debug datetime msec
  16. service timestamps log datetime msec
  17. no service password-encryption
  18. service compress-config
  19. no service config
  20. enable password cisco
  21. ip classless
  22. ip subnet-zero
  23. no ip domain lookup
  24. !
  25. line vty 0 4
  26. transport input ssh telnet
  27. exec-timeout 720 0
  28. password cisco
  29. login
  30. !
  31. line con 0
  32. password cisco
  33. !
  34. hostname iosvl2-1
  35. !
  36. boot-start-marker
  37. boot-end-marker
  38. !
  39. !
  40. !
  41. no aaa new-model
  42. !
  43. !
  44. !
  45. !
  46. !
  47. !
  48. !
  49. !
  50. ip cef
  51. no ipv6 cef
  52. !
  53. !
  54. spanning-tree mode pvst
  55. spanning-tree extend system-id
  56. !
  57. vlan internal allocation policy ascending
  58. !
  59. !
  60. !
  61. !
  62. !
  63. !
  64. !
  65. !
  66. interface Loopback0
  67. description Loopback
  68. !
  69. interface GigabitEthernet0/0
  70. description Mapped to Vlan1 for management
  71. ! Configured on launch
  72. switchport mode access
  73. no shutdown
  74. !
  75. interface GigabitEthernet0/1
  76. description to iosvl2-2
  77. switchport trunk encapsulation dot1q
  78. switchport mode trunk
  79. no shutdown
  80. !
  81. interface GigabitEthernet0/2
  82. description to server-1
  83. switchport access vlan 2
  84. switchport mode access
  85. no shutdown
  86. !
  87. interface Vlan1
  88. description OOB Management
  89. ! Configured on launch
  90. no ip address
  91. !
  92. !
  93. ip forward-protocol nd
  94. !
  95. no ip http server
  96. no ip http secure-server
  97. !
  98. !
  99. !
  100. !
  101. !
  102. !
  103. control-plane
  104. !
  105. !
  106. !
  107. end
  108. </entry>
  109. <entry key="AutoNetkit.mgmt_ip" type="string"></entry>
  110. </extensions>
  111. <interface id="0" name="GigabitEthernet0/1"/>
  112. <interface id="1" name="GigabitEthernet0/2"/>
  113. </node>
  114. <node name="iosvl2-2" type="SIMPLE" subtype="IOSvL2" location="401,182">
  115. <extensions>
  116. <entry key="config" type="string">! IOSvL2 Config generated on 2015-08-13 20:38
  117. ! by autonetkit_0.15.3
  118. !
  119. version 15.2
  120. service timestamps debug datetime msec
  121. service timestamps log datetime msec
  122. no service password-encryption
  123. service compress-config
  124. no service config
  125. enable password cisco
  126. ip classless
  127. ip subnet-zero
  128. no ip domain lookup
  129. !
  130. line vty 0 4
  131. transport input ssh telnet
  132. exec-timeout 720 0
  133. password cisco
  134. login
  135. !
  136. line con 0
  137. password cisco
  138. !
  139. hostname iosvl2-2
  140. !
  141. boot-start-marker
  142. boot-end-marker
  143. !
  144. !
  145. !
  146. no aaa new-model
  147. !
  148. !
  149. !
  150. !
  151. !
  152. !
  153. !
  154. !
  155. ip cef
  156. no ipv6 cef
  157. !
  158. !
  159. spanning-tree mode pvst
  160. spanning-tree extend system-id
  161. !
  162. vlan internal allocation policy ascending
  163. !
  164. !
  165. !
  166. !
  167. !
  168. !
  169. !
  170. !
  171. interface Loopback0
  172. description Loopback
  173. !
  174. interface GigabitEthernet0/0
  175. description Mapped to Vlan1 for management
  176. ! Configured on launch
  177. switchport mode access
  178. no shutdown
  179. !
  180. interface GigabitEthernet0/1
  181. description to iosvl2-1
  182. switchport trunk encapsulation dot1q
  183. switchport mode trunk
  184. no shutdown
  185. !
  186. interface GigabitEthernet0/2
  187. description to iosvl2-3
  188. switchport trunk encapsulation dot1q
  189. switchport mode trunk
  190. no shutdown
  191. !
  192. interface GigabitEthernet0/3
  193. description to iosv-2
  194. switchport access vlan 2
  195. switchport mode access
  196. no shutdown
  197. !
  198. interface Vlan1
  199. description OOB Management
  200. ! Configured on launch
  201. no ip address
  202. !
  203. !
  204. ip forward-protocol nd
  205. !
  206. no ip http server
  207. no ip http secure-server
  208. !
  209. !
  210. !
  211. !
  212. !
  213. !
  214. control-plane
  215. !
  216. !
  217. !
  218. end
  219. </entry>
  220. <entry key="AutoNetkit.mgmt_ip" type="string"></entry>
  221. </extensions>
  222. <interface id="0" name="GigabitEthernet0/1"/>
  223. <interface id="1" name="GigabitEthernet0/2"/>
  224. <interface id="2" name="GigabitEthernet0/3"/>
  225. </node>
  226. <node name="server-1" type="SIMPLE" subtype="server" location="527,346">
  227. <extensions>
  228. <entry key="config" type="String">#cloud-config
  229. bootcmd:
  230. - ln -s -t /etc/rc.d /etc/rc.local
  231. hostname: server-1
  232. manage_etc_hosts: true
  233. runcmd:
  234. - start ttyS0
  235. - systemctl start getty@ttyS0.service
  236. - systemctl start rc-local
  237. - sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config
  238. - echo "UseDNS no" &gt;&gt; /etc/ssh/sshd_config
  239. - service ssh restart
  240. - service sshd restart
  241. users:
  242. - default
  243. - gecos: User configured by VIRL Configuration Engine 0.15.9
  244. lock-passwd: false
  245. name: cisco
  246. plain-text-passwd: cisco
  247. shell: /bin/bash
  248. ssh-authorized-keys:
  249. - VIRL-USER-SSH-PUBLIC-KEY
  250. sudo: ALL=(ALL) ALL
  251. write_files:
  252. - path: /etc/init/ttyS0.conf
  253. owner: root:root
  254. content: |
  255. # ttyS0 - getty
  256. # This service maintains a getty on ttyS0 from the point the system is
  257. # started until it is shut down again.
  258. start on stopped rc or RUNLEVEL=[12345]
  259. stop on runlevel [!12345]
  260. respawn
  261. exec /sbin/getty -L 115200 ttyS0 vt102
  262. permissions: '0644'
  263. - path: /etc/systemd/system/dhclient@.service
  264. content: |
  265. [Unit]
  266. Description=Run dhclient on %i interface
  267. After=network.target
  268. [Service]
  269. Type=oneshot
  270. ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease
  271. RemainAfterExit=yes
  272. owner: root:root
  273. permissions: '0644'
  274. - path: /etc/rc.local
  275. owner: root:root
  276. permissions: '0755'
  277. content: |-
  278. #!/bin/sh -e
  279. ifconfig eth1 up 10.0.0.1 netmask 255.255.128.0
  280. route add -host 192.168.0.4 gw 10.0.0.3 dev eth1
  281. route add -net 10.0.0.0/17 gw 10.0.0.3 dev eth1
  282. route add -net 10.0.128.0/30 gw 10.0.0.3 dev eth1
  283. exit 0
  284. </entry>
  285. </extensions>
  286. <interface id="0" name="eth1" ipv4="10.0.0.1" netPrefixLenV4="17"/>
  287. </node>
  288. <node name="iosvl2-3" type="SIMPLE" subtype="IOSvL2" location="261,252">
  289. <extensions>
  290. <entry key="config" type="string">! IOSvL2 Config generated on 2015-08-13 20:38
  291. ! by autonetkit_0.15.3
  292. !
  293. version 15.2
  294. service timestamps debug datetime msec
  295. service timestamps log datetime msec
  296. no service password-encryption
  297. service compress-config
  298. no service config
  299. enable password cisco
  300. ip classless
  301. ip subnet-zero
  302. no ip domain lookup
  303. !
  304. line vty 0 4
  305. transport input ssh telnet
  306. exec-timeout 720 0
  307. password cisco
  308. login
  309. !
  310. line con 0
  311. password cisco
  312. !
  313. hostname iosvl2-3
  314. !
  315. boot-start-marker
  316. boot-end-marker
  317. !
  318. !
  319. !
  320. no aaa new-model
  321. !
  322. !
  323. !
  324. !
  325. !
  326. !
  327. !
  328. !
  329. ip cef
  330. no ipv6 cef
  331. !
  332. !
  333. spanning-tree mode pvst
  334. spanning-tree extend system-id
  335. !
  336. vlan internal allocation policy ascending
  337. !
  338. !
  339. !
  340. !
  341. !
  342. !
  343. !
  344. !
  345. interface Loopback0
  346. description Loopback
  347. !
  348. interface GigabitEthernet0/0
  349. description Mapped to Vlan1 for management
  350. ! Configured on launch
  351. switchport mode access
  352. no shutdown
  353. !
  354. interface GigabitEthernet0/1
  355. description to iosvl2-2
  356. switchport trunk encapsulation dot1q
  357. switchport mode trunk
  358. no shutdown
  359. !
  360. interface GigabitEthernet0/2
  361. description to server-2
  362. switchport access vlan 2
  363. switchport mode access
  364. no shutdown
  365. !
  366. interface Vlan1
  367. description OOB Management
  368. ! Configured on launch
  369. no ip address
  370. !
  371. !
  372. ip forward-protocol nd
  373. !
  374. no ip http server
  375. no ip http secure-server
  376. !
  377. !
  378. !
  379. !
  380. !
  381. !
  382. control-plane
  383. !
  384. !
  385. !
  386. end
  387. </entry>
  388. <entry key="AutoNetkit.mgmt_ip" type="string"></entry>
  389. </extensions>
  390. <interface id="0" name="GigabitEthernet0/1"/>
  391. <interface id="1" name="GigabitEthernet0/2"/>
  392. </node>
  393. <node name="server-2" type="SIMPLE" subtype="server" location="261,346">
  394. <extensions>
  395. <entry key="config" type="String">#cloud-config
  396. bootcmd:
  397. - ln -s -t /etc/rc.d /etc/rc.local
  398. hostname: server-2
  399. manage_etc_hosts: true
  400. runcmd:
  401. - start ttyS0
  402. - systemctl start getty@ttyS0.service
  403. - systemctl start rc-local
  404. - sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config
  405. - echo "UseDNS no" &gt;&gt; /etc/ssh/sshd_config
  406. - service ssh restart
  407. - service sshd restart
  408. users:
  409. - default
  410. - gecos: User configured by VIRL Configuration Engine 0.15.9
  411. lock-passwd: false
  412. name: cisco
  413. plain-text-passwd: cisco
  414. shell: /bin/bash
  415. ssh-authorized-keys:
  416. - VIRL-USER-SSH-PUBLIC-KEY
  417. sudo: ALL=(ALL) ALL
  418. write_files:
  419. - path: /etc/init/ttyS0.conf
  420. owner: root:root
  421. content: |
  422. # ttyS0 - getty
  423. # This service maintains a getty on ttyS0 from the point the system is
  424. # started until it is shut down again.
  425. start on stopped rc or RUNLEVEL=[12345]
  426. stop on runlevel [!12345]
  427. respawn
  428. exec /sbin/getty -L 115200 ttyS0 vt102
  429. permissions: '0644'
  430. - path: /etc/systemd/system/dhclient@.service
  431. content: |
  432. [Unit]
  433. Description=Run dhclient on %i interface
  434. After=network.target
  435. [Service]
  436. Type=oneshot
  437. ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease
  438. RemainAfterExit=yes
  439. owner: root:root
  440. permissions: '0644'
  441. - path: /etc/rc.local
  442. owner: root:root
  443. permissions: '0755'
  444. content: |-
  445. #!/bin/sh -e
  446. ifconfig eth1 up 10.0.0.2 netmask 255.255.128.0
  447. route add -host 192.168.0.4 gw 10.0.0.3 dev eth1
  448. route add -net 10.0.0.0/17 gw 10.0.0.3 dev eth1
  449. route add -net 10.0.128.0/30 gw 10.0.0.3 dev eth1
  450. exit 0
  451. </entry>
  452. </extensions>
  453. <interface id="0" name="eth1" ipv4="10.0.0.2" netPrefixLenV4="17"/>
  454. </node>
  455. <node name="asav-1" type="SIMPLE" subtype="ASAv" location="406,79">
  456. <extensions>
  457. <entry key="config" type="string">! ASAv Config generated on 2015-08-13 20:38
  458. ! by autonetkit_0.15.3
  459. !
  460. hostname asav-1
  461. username cisco password cisco privilege 15
  462. enable password cisco
  463. passwd cisco
  464. names
  465. !
  466. interface Loopback100
  467. description loopback
  468. no ip address
  469. interface GigabitEthernet0/0
  470. description to iosv-2
  471. nameif inside
  472. security-level 100
  473. no shutdown
  474. ip address 10.0.128.1 255.255.255.252
  475. interface GigabitEthernet0/1
  476. description to flat-2
  477. nameif outside
  478. security-level 0
  479. no shutdown
  480. no ip address
  481. interface Management0/0
  482. description OOB Management
  483. management-only
  484. nameif mgmt
  485. security-level 100
  486. no shutdown
  487. ! Configured on launch
  488. no ip address
  489. !
  490. same-security-traffic permit inter-interface
  491. logging enable
  492. logging asdm informational
  493. user-identity default-domain LOCAL
  494. aaa authentication ssh console LOCAL
  495. http server enable
  496. http 0.0.0.0 0.0.0.0 inside
  497. ssh 0.0.0.0 0.0.0.0 inside
  498. telnet 0.0.0.0 0.0.0.0 inside
  499. http 0.0.0.0 0.0.0.0 mgmt
  500. ssh 0.0.0.0 0.0.0.0 mgmt
  501. telnet 0.0.0.0 0.0.0.0 mgmt
  502. http 0.0.0.0 0.0.0.0 outside
  503. ssh 0.0.0.0 0.0.0.0 outside
  504. telnet 0.0.0.0 0.0.0.0 outside
  505. telnet timeout 15
  506. console timeout 0
  507. username cisco password cisco privilege 15
  508. !
  509. class-map inspection_default
  510. match default-inspection-traffic
  511. !
  512. !
  513. policy-map type inspect dns preset_dns_map
  514. parameters
  515. message-length maximum client auto
  516. message-length maximum 512
  517. policy-map global_policy
  518. class inspection_default
  519. inspect ip-options
  520. inspect netbios
  521. inspect rtsp
  522. inspect sunrpc
  523. inspect tftp
  524. inspect xdmcp
  525. inspect dns preset_dns_map
  526. inspect ftp
  527. inspect h323 h225
  528. inspect h323 ras
  529. inspect rsh
  530. inspect esmtp
  531. inspect sqlnet
  532. inspect sip
  533. inspect skinny
  534. inspect icmp
  535. inspect http
  536. !
  537. service-policy global_policy global
  538. no call-home reporting anonymous
  539. call-home
  540. profile CiscoTAC-1
  541. no active
  542. end
  543. </entry>
  544. <entry key="AutoNetkit.mgmt_ip" type="string"></entry>
  545. </extensions>
  546. <interface id="0" name="GigabitEthernet0/0">
  547. <extensions>
  548. <entry key="AutoNetkit.security_level" type="Integer">100</entry>
  549. </extensions>
  550. </interface>
  551. <interface id="1" name="GigabitEthernet0/1">
  552. <extensions>
  553. <entry key="AutoNetkit.security_level" type="Integer">0</entry>
  554. </extensions>
  555. </interface>
  556. </node>
  557. <connection dst="/virl:topology/virl:node[3]/virl:interface[1]" src="/virl:topology/virl:node[2]/virl:interface[1]"/>
  558. <connection dst="/virl:topology/virl:node[5]/virl:interface[1]" src="/virl:topology/virl:node[3]/virl:interface[2]"/>
  559. <connection dst="/virl:topology/virl:node[5]/virl:interface[2]" src="/virl:topology/virl:node[6]/virl:interface[1]"/>
  560. <connection dst="/virl:topology/virl:node[4]/virl:interface[1]" src="/virl:topology/virl:node[2]/virl:interface[2]"/>
  561. <connection dst="/virl:topology/virl:node[1]/virl:interface[1]" src="/virl:topology/virl:node[7]/virl:interface[2]"/>
  562. <connection dst="/virl:topology/virl:node[3]/virl:interface[3]" src="/virl:topology/virl:node[7]/virl:interface[1]"/>
  563. </topology>