service timestamps debug datetime msec localtime show-timezone year service timestamps log datetime msec localtime show-timezone year service password-encryption clock timezone CET 1 clock summer-time CET recurring last Sun Mar 2:00 last Sun Oct 3:00 no ip domain lookup no ip ospf name-lookup line con 0 exec-timeout 10 0 logging synchronous line vty 0 4 exec-timeout 5 0 logging synchronous Source: http://mellowd.co.uk/ccie/?p=975 recommended on 2900 series for IPv6 traffic: sdm prefer dual-ipv4-and-ipv6 default auto archiving on 'write memory' archive log config logging enable logging size 1000 notify syslog contenttype plaintext hidekeys path tftp://192.168.100.100/$h.cfg write-memory time-period 1440 disable local services + add some security stuff no service tcp-small-servers no service udp-small-servers no service pad no ip http server no ip http secure-server no ip domain-lookup no ip finger no ip source-route login on-failure log login on-success log ip ssh authentication-retries 2 ip ssh logging events ip ssh version 2 logging buffered 512000