Есть доступ к пару сиско свитчам en15
что можно из этого выжать?
Сделать VPN или еще чего?

Привожу конфиг


Building configuration...
!
!
! ADTRAN, Inc. OS version 13.12.00.E
! Boot ROM version 08.02.XB
! Platform: NetVanta 1224R, part number 1200510L1
! Serial number LBADTN0520AD478
!
!
hostname "Switch"
enable password encrypted 3f37ea7402d74f14b05451e8b4b7bcfd4720
!
clock timezone -5-Eastern-Time
!
ip subnet-zero
ip classless
ip name-server 65.106.1.196 65.106.7.196
ip default-gateway 67.152.240.225
ip routing
!
no auto-config
!
event-history on
no logging forwarding
no logging email
logging email priority-level info
!
service password-encryption
!
username "pwebber" password encrypted "151c2fb1fcfaec69076c6c2184e0a21588ac"
username "admin" password encrypted "2523c5106c74fb131a68834f6a8f51cf3304"
!
!
ip firewall
no ip firewall alg msn
no ip firewall alg h323
no ip firewall alg sip
!
!
!
!
!
!
!
!
!
ip dhcp-server excluded-address 192.168.1.200 192.168.1.255
!
ip dhcp-server pool "Local PCs"
network 192.167.1.0 255.255.255.0
domain-name "allcomm.local"
dns-server 192.167.1.204 192.167.1.200
netbios-name-server 192.167.1.200
netbios-node-type h-node
default-router 192.167.1.240
lease 8 4 0
option 66 ascii tftp://192.167.1.210
option 2 hex 0xFFFFB9B0
option 4 ip 192.167.1.200
option 160 ascii http://allcommcic1.allcomm.local:8088
!
ip crypto
!
crypto ike client configuration pool "Allcomm VPN access"
ip-range 192.167.2.1 192.167.2.254
dns-server 192.167.1.200 192.167.1.204
netbios-name-server 192.167.1.200
!
crypto ike policy 100
initiate main
respond anymode
local-id address 67.152.240.226
peer 12.51.161.178
attribute 3
encryption 3des
hash md5
authentication pre-share
!
crypto ike policy 101
no initiate
respond anymode
local-id fqdn vpn.goallcomm.com
peer any
client configuration pool "Allcomm VPN access"
attribute 1
encryption 3des
hash md5
authentication pre-share
!
crypto ike policy 102
initiate main
respond anymode
local-id address 67.152.240.226
peer 64.3.7.154
attribute 3
encryption 3des
hash md5
authentication pre-share
!
crypto ike policy 103
initiate main
respond anymode
local-id address 67.152.240.226
peer 65.44.167.50
attribute 3
encryption 3des
hash md5
authentication pre-share
!
crypto ike policy 104
initiate main
respond anymode
local-id address 67.152.240.226
peer 74.7.237.46
attribute 3
encryption 3des
hash md5
authentication pre-share
!
crypto ike policy 105
initiate main
respond anymode
local-id address 67.152.240.226
peer 74.7.237.50
attribute 3
encryption 3des
hash md5
authentication pre-share
!
crypto ike policy 106
initiate main
respond anymode
local-id address 67.152.240.226
peer 66.79.219.18
attribute 1
encryption 3des
hash md5
authentication pre-share
!
crypto ike remote-id user-fqdn bberry@goallcomm.com preshared-key Goallcomm1 ike-policy 101 crypto map VPN 20 no-xauth
crypto ike remote-id user-fqdn dolson@goallcomm.com preshared-key Goallcomm1 ike-policy 101 crypto map VPN 20 no-xauth
crypto ike remote-id user-fqdn jgiannola@goallcomm.com preshared-key Goallcomm1 ike-policy 101 crypto map VPN 20 no-xauth
crypto ike remote-id user-fqdn mhenry@goallcomm.com preshared-key Goallcomm1 ike-policy 101 crypto map VPN 20 no-xauth
crypto ike remote-id user-fqdn mszlaga@goallcomm.com preshared-key Goallcomm1 ike-policy 101 crypto map VPN 20 no-xauth
crypto ike remote-id user-fqdn paul.moore@goallcomm.com preshared-key Goallcomm1 ike-policy 101 crypto map VPN 20 no-xauth
crypto ike remote-id user-fqdn pspagnuolo@goallcomm.com preshared-key Goallcomm1 ike-policy 101 crypto map VPN 20 no-xauth
crypto ike remote-id address 12.51.161.178 preshared-key Goallcomm1 ike-policy 100 crypto map VPN 10 no-mode-config no-xauth
crypto ike remote-id address 64.3.7.154 preshared-key Goallcomm1 ike-policy 102 crypto map VPN 30 no-mode-config no-xauth
crypto ike remote-id address 65.44.167.50 preshared-key Goallcomm1 ike-policy 103 crypto map VPN 40 no-mode-config no-xauth
crypto ike remote-id address 66.79.219.18 preshared-key Goallcomm1 ike-policy 106 crypto map VPN 70 no-mode-config no-xauth
crypto ike remote-id address 74.7.237.46 preshared-key Goallcomm1 ike-policy 104 crypto map VPN 50 no-mode-config no-xauth
crypto ike remote-id address 74.7.237.50 preshared-key Goallcomm1 ike-policy 105 crypto map VPN 60 no-mode-config no-xauth
!
crypto ipsec transform-set esp-3des-esp-md5-hmac esp-3des esp-md5-hmac
mode tunnel
!
crypto map VPN 10 ipsec-ike
description Porretta Novi
match address VPN-10-vpn-selectors
set peer 12.51.161.178
set transform-set esp-3des-esp-md5-hmac
ike-policy 100
crypto map VPN 20 ipsec-ike
description Allcomm VPN access
match address VPN-20-vpn-selectors
set transform-set esp-3des-esp-md5-hmac
ike-policy 101
mobile
crypto map VPN 30 ipsec-ike
description AssociatedDerm Commerce
match address VPN-30-vpn-selectors1
set peer 64.3.7.154
set transform-set esp-3des-esp-md5-hmac
ike-policy 102
crypto map VPN 40 ipsec-ike
description AssociatedDerm WB
match address VPN-40-vpn-selectors1
set peer 65.44.167.50
set transform-set esp-3des-esp-md5-hmac
ike-policy 103
crypto map VPN 50 ipsec-ike
description MCFC - Dearborn
match address VPN-50-vpn-selectors1
set peer 74.7.237.46
set transform-set esp-3des-esp-md5-hmac
ike-policy 104
crypto map VPN 60 ipsec-ike
description MCFC - Clinton
match address VPN-60-vpn-selectors1
set peer 74.7.237.50
set transform-set esp-3des-esp-md5-hmac
ike-policy 105
crypto map VPN 70 ipsec-ike
description Porretta Southfield
match address VPN-70-vpn-selectors
set peer 66.79.219.18
set transform-set esp-3des-esp-md5-hmac
ike-policy 106
!
qos cos-map 1 0 1
qos cos-map 2 2 3
qos cos-map 3 4
qos cos-map 4 5 6 7
qos queue-type strict-priority
!
qos dscp-cos 0 8 16 24 32 40 48 56 to 0 1 2 3 4 5 6 7
!
!
!
vlan 1
name "Default"
vlan 2
name "Public"
vlan 6
name "BCM"
!
interface eth 0/1
spanning-tree edgeport
no shutdown
switchport mode trunk
qos default-cos 5
!
interface eth 0/2
spanning-tree edgeport
no shutdown
switchport mode trunk
qos default-cos 5
!
interface eth 0/3
spanning-tree edgeport
no shutdown
qos default-cos 5
!
interface eth 0/4
spanning-tree edgeport
no shutdown
qos default-cos 5
!
interface eth 0/5
spanning-tree edgeport
no shutdown
!
interface eth 0/6
spanning-tree edgeport
no shutdown
switchport access vlan 6
qos default-cos 5
no lldp send-and-receive
!
interface eth 0/7
spanning-tree edgeport
no shutdown
!
interface eth 0/8
spanning-tree edgeport
no shutdown
qos default-cos 5
!
interface eth 0/9
spanning-tree edgeport
no shutdown
!
interface eth 0/10
description Lab PC
spanning-tree edgeport
no shutdown
!
interface eth 0/11
description BCM Test Port
spanning-tree edgeport
no shutdown
!
interface eth 0/12
spanning-tree edgeport
no shutdown
!
interface eth 0/13
description Card access
spanning-tree edgeport
no shutdown
!
interface eth 0/14
spanning-tree edgeport
no shutdown
!
interface eth 0/15
spanning-tree edgeport
no shutdown
!
interface eth 0/16
spanning-tree edgeport
no shutdown
!
interface eth 0/17
spanning-tree edgeport
no shutdown
!
interface eth 0/18
no shutdown
!
interface eth 0/19
spanning-tree edgeport
no shutdown
!
interface eth 0/20
spanning-tree edgeport
no shutdown
!
interface eth 0/21
spanning-tree edgeport
no shutdown
switchport access vlan 6
!
interface eth 0/22
spanning-tree edgeport
no shutdown
switchport access vlan 2
!
interface eth 0/23
spanning-tree edgeport
no shutdown
switchport access vlan 2
!
interface eth 0/24
description Uplink to SBC
spanning-tree edgeport
no shutdown
switchport access vlan 2
!
!
interface vlan 1
ip address 192.167.1.240 255.255.255.0
access-policy Private
no shutdown
interface vlan 2
description External Connection
ip address 192.167.1.240 255.255.255.0
access-policy Private
no shutdown
interface vlan 2
description External Connection
ip address 67.152.240.226 255.255.255.248
ip address 67.152.240.227 255.255.255.248 secondary
ip address 67.152.240.228 255.255.255.248 secondary
ip address 67.152.240.229 255.255.255.248 secondary
ip address 67.152.240.230 255.255.255.248 secondary
access-policy Public
crypto map VPN
no shutdown
interface vlan 6
ip address 192.168.15.1 255.255.255.0
access-policy BCM
no shutdown
!
!
interface t1 1/1
description Connect to Netopia Router
no shutdown
!
!
!
!
!
!
ip access-list standard wizard-ics
remark Internet Connection Sharing
permit any
!
!
ip access-list extended self
remark Traffic to Netvanta
permit ip any any log
!
ip access-list extended VPN-10-vpn-selectors
permit ip 192.167.1.0 0.0.0.255 192.168.124.0 0.0.0.255
!
ip access-list extended VPN-20-vpn-selectors
permit ip 192.167.1.0 0.0.0.255 192.167.2.0 0.0.0.255
!
ip access-list extended VPN-30-vpn-selectors1
permit ip 192.167.1.0 0.0.0.255 192.168.4.0 0.0.0.255
!
ip access-list extended VPN-40-vpn-selectors1
permit ip 192.167.1.0 0.0.0.255 192.168.1.0 0.0.0.255
!
ip access-list extended VPN-50-vpn-selectors1
permit ip 192.167.1.0 0.0.0.255 192.168.2.0 0.0.0.255
!
ip access-list extended VPN-60-vpn-selectors1
permit ip 192.167.1.0 0.0.0.255 192.168.3.0 0.0.0.255
!
ip access-list extended VPN-70-vpn-selectors
permit ip 192.167.1.0 0.0.0.255 192.168.125.0 0.0.0.255 log
!
ip access-list extended web-acl-10
remark Remote Admin
permit tcp any any eq telnet log
remark Remote Admin
permit tcp any any eq telnet log
permit tcp any any eq ssh log
permit icmp any any echo log
!
ip access-list extended web-acl-14
remark ACSERVX
permit ip host 192.167.1.204 any
!
ip access-list extended web-acl-15
remark Voxitas to I3 SIP & RTP, UDP & TCP
permit tcp any host 67.152.240.226 range 5004 5082 log
permit udp any host 67.152.240.226 range 5004 5082 log
permit tcp any host 67.152.240.226 range 10001 20000 log
permit udp any host 67.152.240.226 range 10001 20000 log
!
ip access-list extended web-acl-18
remark Allcomm1
permit ip host 192.167.1.200 any
!
ip access-list extended web-acl-19
remark Allcomm1
permit tcp any host 67.152.240.228 eq ftp-data log
permit tcp any host 67.152.240.228 eq ftp log
permit tcp any host 67.152.240.228 eq smtp log
permit tcp any host 67.152.240.228 eq www log
permit tcp any host 67.152.240.228 eq 143 log
permit tcp any host 67.152.240.228 eq https log
permit tcp any host 67.152.240.228 eq 2000 log
permit tcp any host 67.152.240.228 eq 3389 log
permit tcp any host 67.152.240.228 eq 4125 log
!
ip access-list extended web-acl-20
remark ACServX
permit tcp any host 67.152.240.230 eq ftp-data log
permit tcp any host 67.152.240.230 eq ftp log
permit tcp any host 67.152.240.230 eq www log
permit tcp any host 67.152.240.230 eq https log
permit tcp any host 67.152.240.230 eq 2002 log
!
ip access-list extended web-acl-21
remark Allcom2
permit ip host 192.167.1.201 any
!
ip access-list extended web-acl-22
remark Allcom2
permit tcp any host 67.152.240.227 eq ftp-data log
permit tcp any host 67.152.240.227 eq ftp log
permit tcp any host 67.152.240.227 eq www log
permit tcp any host 67.152.240.227 eq https log
permit tcp any host 67.152.240.227 eq 2000 log
!
ip access-list extended web-acl-23
remark BCM
permit ip any any
!
ip access-list extended web-acl-24
remark BCM
!
ip access-list extended web-acl-24
remark BCM
permit ip any any
!
ip access-list extended web-acl-27
remark Traffic to Netvanta
permit ip any any
!
ip access-list extended web-acl-28
remark NAT list wizard-ics
permit ip any any log
!
ip access-list extended web-acl-8
remark ACTestBench
permit ip any host 67.152.240.229 log
!
ip access-list extended web-acl-9
remark ACTestBench
permit ip host 192.167.1.250 any
!
ip policy-class BCM
allow list VPN-70-vpn-selectors stateless
allow list web-acl-23 policy Private stateless
allow list web-acl-27 self
nat source list web-acl-28 interface vlan 2 overload
!
ip policy-class Private
allow list web-acl-24 policy BCM stateless
allow list VPN-60-vpn-selectors1
allow list VPN-50-vpn-selectors1
allow list VPN-40-vpn-selectors1
allow list VPN-30-vpn-selectors1
allow list VPN-20-vpn-selectors stateless
allow list VPN-70-vpn-selectors stateless
allow list VPN-10-vpn-selectors stateless
nat source list web-acl-18 address 67.152.240.228 overload
nat source list web-acl-21 address 67.152.240.227 overload
nat source list web-acl-9 address 67.152.240.229 overload
nat source list web-acl-14 address 67.152.240.230 overload
allow list self self
nat source list wizard-ics interface vlan 2 overload
!
ip policy-class Public
allow reverse list VPN-70-vpn-selectors stateless
allow reverse list VPN-10-vpn-selectors stateless
allow reverse list VPN-60-vpn-selectors1
allow reverse list VPN-50-vpn-selectors1
allow reverse list VPN-40-vpn-selectors1
allow reverse list VPN-30-vpn-selectors1 stateless
allow reverse list VPN-20-vpn-selectors stateless
nat destination list web-acl-15 address 192.168.15.100
nat destination list web-acl-19 address 192.167.1.200
nat destination list web-acl-22 address 192.167.1.201
nat destination list web-acl-8 address 192.167.1.250
nat destination list web-acl-20 address 192.167.1.204
allow list web-acl-10 self
!
!
nat source list web-acl-9 address 67.152.240.229 overload
nat source list web-acl-14 address 67.152.240.230 overload
allow list self self
nat source list wizard-ics interface vlan 2 overload
!
ip policy-class Public
allow reverse list VPN-70-vpn-selectors stateless
allow reverse list VPN-10-vpn-selectors stateless
allow reverse list VPN-60-vpn-selectors1
allow reverse list VPN-50-vpn-selectors1
allow reverse list VPN-40-vpn-selectors1
allow reverse list VPN-30-vpn-selectors1 stateless
allow reverse list VPN-20-vpn-selectors stateless
nat destination list web-acl-15 address 192.168.15.100
nat destination list web-acl-19 address 192.167.1.200
nat destination list web-acl-22 address 192.167.1.201
nat destination list web-acl-8 address 192.167.1.250
nat destination list web-acl-20 address 192.167.1.204
allow list web-acl-10 self
!
!
!
ip route 0.0.0.0 0.0.0.0 67.152.240.225
!
no ip tftp server
no ip tftp server overwrite
ip http server
no ip http secure-server
ip http language English
no ip snmp agent
no ip ftp server
no ip scp server
no ip sntp server
!
!
!
!
!
!
!
!
!
line con 0
no login
!
line telnet 0 4
login
password encrypted 2f276d40e01aaad68379dff3045b5a8dbd9f
no shutdown
line ssh 0 4
login local-userlist
no shutdown
!
!
!
!
!
end