admin/scsd-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

lincol/lincol-4507-1.cfg Wed Mar 5 04:08:13 PM EST 2025

Browse Source
This commit is contained in:
John Poland 2025-03-05 16:08:14 -05:00
parent 3cb44f628b
commit 0668144e03
1 changed files with 770 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

770
configs/lincol/lincol-4507-1.cfg Normal file
View File

@ -0,0 +1,770 @@
Building configuration...
Current configuration : 19547 bytes
!
! Last configuration change at 08:02:17 EDT Wed Apr 3 2024 by jkuzni09.admin
! NVRAM config last updated at 10:27:50 EST Tue Jan 16 2024 by tmarri81.admin
!
version 15.2
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
service internal
service compress-config
service counters max age 5
!
hostname lincol-4507-1
!
boot-start-marker
boot system flash bootflash:cat4500e-sup8e-firmwareupgrade-151_1r_SG18.SPA
boot system flash bootflash:cat4500e-sup8e-universalk9.SPA.03.11.06.E.152-7.E6.bin
boot-end-marker
!
shell processing full
!
vrf definition mgmtVrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging buffered 32000
no logging console
logging monitor notifications
enable secret 5 $1$ye2E$UVbXVXk/R/pl3ZRdhHsyZ1
enable password 7 060316246E4B0C34
!
username admin privilege 15 password 7 120A1C05432A08092325
aaa new-model
!
!
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization exec default group tacacs+ local
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default stop-only group tacacs+
aaa accounting network default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
!
!
!
!
!
!
aaa session-id common
clock timezone EST -5 0
clock summer-time EDT recurring
!
!
!
!
!
udld aggressive
!
!
!
!
!
!
ip multicast-routing
no ip domain-lookup
ip domain-name scsd.ad
!
!
vtp mode transparent
!
flow record netflow-record
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
collect interface output
collect counter bytes long
collect counter packets long
!
!
flow exporter netflow-to-orion
destination 10.1.48.37
transport udp 2055
!
!
flow monitor netflow-monitor
exporter netflow-to-orion
cache timeout inactive 10
cache timeout active 60
record netflow-record
!
!
!
power redundancy-mode redundant
archive
path bootflash:
maximum 5
file privilege 10
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree portfast edge bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
spanning-tree vlan 10,20,30,35,40,50-60,64,70 priority 8192
!
redundancy
mode sso
!
vlan internal allocation policy ascending
!
vlan 10
name mgmt
!
vlan 20
name data
!
vlan 30
name IoT
!
vlan 35
name new_wireless
!
vlan 40
!
vlan 50
name voice_50
!
vlan 51
name voice_51
!
vlan 52
name voice_52
!
vlan 53
name voice_53
!
vlan 54
name voice 54
!
vlan 55
name voice_55
!
vlan 56
name voice_56
!
vlan 60
name wireless_60
!
vlan 64
name wireless_64
!
vlan 70
name security-cameras
!
vlan 72
name access-control
!
vlan 508
name CC-Ring
!
vlan 525
name stub
lldp run
!
!
class-map match-all AutoQos-4.0-Scavenger-Classify
match access-group name AutoQos-4.0-ACL-Scavenger
class-map match-all AutoQos-4.0-Signaling-Classify
match access-group name AutoQos-4.0-ACL-Signaling
class-map match-any AutoQos-4.0-Priority-Queue
match cos 5
match dscp ef
match dscp cs5
match dscp cs4
class-map match-all AutoQos-4.0-VoIP-Data-Cos
match cos 5
class-map match-any AutoQos-4.0-Multimedia-Stream-Queue
match dscp af31
match dscp af32
match dscp af33
class-map match-all AutoQos-4.0-Network-Mgmt
match dscp cs2
class-map match-all AutoQos-4.0-VoIP-Signal-Cos
match cos 3
class-map match-any AutoQos-4.0-Multimedia-Conf-Queue
match cos 4
match dscp af41
match dscp af42
match dscp af43
match access-group name AutoQos-4.0-ACL-Multimedia-Conf
class-map match-any AutoQos-4.0-Transaction-Data
match dscp af21
match dscp af22
match dscp af23
class-map match-all AutoQos-4.0-Network-Ctrl
match dscp cs7
class-map match-all AutoQos-4.0-Scavenger
match dscp cs1
class-map match-all AutoQos-4.0-Default-Classify
match access-group name AutoQos-4.0-ACL-Default
class-map match-any AutoQos-4.0-Signaling
match dscp cs3
match cos 3
class-map match-any AutoQos-4.0-Bulk-Data-Queue
match cos 1
match dscp af11
match dscp af12
match dscp af13
match access-group name AutoQos-4.0-ACL-Bulk-Data
class-map match-all AutoQos-4.0-Transaction-Classify
match access-group name AutoQos-4.0-ACL-Transactional-Data
class-map match-all AutoQos-4.0-Broadcast-Vid
match dscp cs5
class-map match-any AutoQos-4.0-Bulk-Data
match dscp af11
match dscp af12
match dscp af13
class-map match-any AutoQos-4.0-Scavenger-Queue
match dscp cs1
match cos 1
match access-group name AutoQos-4.0-ACL-Scavenger
class-map match-any AutoQos-4.0-VoIP
match dscp ef
match cos 5
class-map match-any AutoQos-4.0-Multimedia-Conf
match dscp af41
match dscp af42
match dscp af43
class-map match-any AutoQos-4.0-Control-Mgmt-Queue
match cos 3
match dscp cs7
match dscp cs6
match dscp cs3
match dscp cs2
match access-group name AutoQos-4.0-ACL-Signaling
class-map match-all AutoQos-4.0-Bulk-Data-Classify
match access-group name AutoQos-4.0-ACL-Bulk-Data
class-map match-any AutoQos-4.0-Trans-Data-Queue
match cos 2
match dscp af21
match dscp af22
match dscp af23
match access-group name AutoQos-4.0-ACL-Transactional-Data
class-map match-any AutoQos-4.0-Multimedia-Stream
match dscp af31
match dscp af32
match dscp af33
class-map match-any AutoQos-4.0-VoIP-Data
match dscp ef
match cos 5
class-map match-all AutoQos-4.0-Internetwork-Ctrl
match dscp cs6
class-map match-all AutoQos-4.0-Realtime-Interact
match dscp cs4
class-map match-all AutoQos-4.0-Multimedia-Conf-Classify
match access-group name AutoQos-4.0-ACL-Multimedia-Conf
class-map match-any AutoQos-4.0-VoIP-Signal
match dscp cs3
match cos 3
!
policy-map AutoQos-4.0-Output-Policy
class AutoQos-4.0-Scavenger-Queue
bandwidth remaining percent 1
class AutoQos-4.0-Priority-Queue
priority
police cir percent 30 bc 33 ms
class AutoQos-4.0-Control-Mgmt-Queue
bandwidth remaining percent 10
class AutoQos-4.0-Multimedia-Conf-Queue
bandwidth remaining percent 10
class AutoQos-4.0-Multimedia-Stream-Queue
bandwidth remaining percent 10
class AutoQos-4.0-Trans-Data-Queue
bandwidth remaining percent 10
dbl
class AutoQos-4.0-Bulk-Data-Queue
bandwidth remaining percent 4
dbl
class class-default
bandwidth remaining percent 25
dbl
policy-map AutoQos-4.0-Input-Policy
class AutoQos-4.0-VoIP
class AutoQos-4.0-Broadcast-Vid
class AutoQos-4.0-Realtime-Interact
class AutoQos-4.0-Network-Ctrl
class AutoQos-4.0-Internetwork-Ctrl
class AutoQos-4.0-Signaling
class AutoQos-4.0-Network-Mgmt
class AutoQos-4.0-Multimedia-Conf
class AutoQos-4.0-Multimedia-Stream
class AutoQos-4.0-Transaction-Data
class AutoQos-4.0-Bulk-Data
class AutoQos-4.0-Scavenger
policy-map AutoQos-4.0-Cisco-Phone-Input-Policy
class AutoQos-4.0-VoIP-Data-Cos
set dscp ef
police cir 128000 bc 8000
exceed-action set-dscp-transmit cs1
exceed-action set-cos-transmit 1
class AutoQos-4.0-VoIP-Signal-Cos
set dscp cs3
police cir 32000 bc 8000
exceed-action set-dscp-transmit cs1
exceed-action set-cos-transmit 1
class class-default
set dscp default
set cos 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.13.254.254 255.255.255.255
!
interface Port-channel5
description ** To MDF .5 Stack **
switchport
switchport trunk allowed vlan 10,20,30,35,40,50,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
!
interface Port-channel11
description ** To IDF1 **
switchport
switchport trunk allowed vlan 10,20,30,35,40,51,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
!
interface Port-channel21
description ** To IDF2 **
switchport
switchport trunk allowed vlan 10,20,30,35,40,52,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
!
interface FastEthernet1
vrf forwarding mgmtVrf
no ip address
shutdown
speed auto
duplex auto
!
interface TenGigabitEthernet1/1
description *** To lincol-mdf109j-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,50,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 5 mode active
!
interface TenGigabitEthernet1/2
description *** To lincol-mdf109j-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,50,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 5 mode active
!
interface TenGigabitEthernet1/3
description *** To lincol-idf118b-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,51,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 11 mode active
!
interface TenGigabitEthernet1/4
description *** To lincol-idf118b-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,51,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 11 mode active
!
interface TenGigabitEthernet1/5
description *** To lincol-idf225a-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,52,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 21 mode active
!
interface TenGigabitEthernet1/6
description *** To lincol-idf225a-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,52,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 21 mode active
!
interface TenGigabitEthernet1/7
description *** To idf3-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,53,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
shutdown
!
interface TenGigabitEthernet1/8
description *** To idf3-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,53,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
shutdown
!
interface TenGigabitEthernet1/9
description *** To idf4-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,54,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
shutdown
!
interface TenGigabitEthernet1/10
description *** To idf4-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,54,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
shutdown
!
interface TenGigabitEthernet1/11
description *** To idf5-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,55,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
shutdown
!
interface TenGigabitEthernet1/12
description *** To idf5-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,55,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
shutdown
!
interface TenGigabitEthernet3/1
!
interface TenGigabitEthernet3/2
!
interface TenGigabitEthernet3/3
!
interface TenGigabitEthernet3/4
!
interface TenGigabitEthernet3/5
!
interface TenGigabitEthernet3/6
description ** Connected to Lincoln Voice Gateway 10.13.50.5 **
switchport access vlan 50
switchport mode access
spanning-tree portfast edge
spanning-tree bpduguard enable
!
interface TenGigabitEthernet3/7
shutdown
!
interface TenGigabitEthernet3/8
description to Ring#8 CCF Circuit ID 159988
switchport trunk allowed vlan 508
switchport trunk native vlan 525
switchport mode trunk
ip flow monitor netflow-monitor input
udld port disable
no vtp
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 192.168.13.1 255.255.255.0
no ip redirects
ip pim sparse-mode
!
interface Vlan20
ip address 10.13.1.1 255.255.248.0
ip access-group users in
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
ip helper-address 10.1.48.189
no ip redirects
ip directed-broadcast 117
ip pim sparse-mode
!
interface Vlan21
no ip address
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
ip helper-address 10.1.40.189
shutdown
!
interface Vlan30
description Internet of Things
ip address 10.13.30.1 255.255.254.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
ip helper-address 10.1.48.189
no ip redirects
ip directed-broadcast 117
ip pim sparse-mode
!
interface Vlan35
ip address 10.13.35.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
ip helper-address 10.1.40.115
ip helper-address 10.1.40.117
ip helper-address 10.1.40.116
no ip redirects
ip pim sparse-mode
!
interface Vlan40
ip address 10.13.40.1 255.255.255.0
no ip redirects
ip pim sparse-mode
!
interface Vlan50
ip address 10.13.50.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan51
ip address 10.13.51.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan52
ip address 10.13.52.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan53
ip address 10.13.53.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan54
ip address 10.13.54.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan55
ip address 10.13.55.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan56
ip address 10.13.56.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan60
ip address 10.13.60.2 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan64
ip address 10.13.64.1 255.255.252.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
!
interface Vlan70
description Security Cameras
ip address 10.13.70.1 255.255.254.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan72
description Access Control
ip address 10.13.72.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan107
no ip address
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
shutdown
!
interface Vlan508
description to Ring #8 CCF Service #S200297
ip address 10.250.208.13 255.255.255.0
ip pim sparse-mode
!
router ospf 315
router-id 13.13.13.13
area 208 nssa
area 208 range 10.13.0.0 255.255.0.0
passive-interface default
no passive-interface Vlan508
network 10.13.0.0 0.0.255.255 area 208
network 10.250.208.13 0.0.0.0 area 0
network 192.168.13.0 0.0.0.255 area 208
!
ip local policy route-map blue
ip forward-protocol nd
ip forward-protocol udp netbios-ss
ip forward-protocol udp 1512
ip forward-protocol udp discard
no ip http server
no ip http secure-server
ip pim rp-address 10.1.0.1
ip msdp peer 10.1.0.2 connect-source Loopback0
ip msdp peer 10.1.0.3 connect-source Loopback0
ip msdp cache-sa-state
ip msdp mesh-group anycase 10.1.0.2
ip msdp mesh-group anycase 10.1.0.3
!
ip tftp blocksize 8192
ip tacacs source-interface Vlan10
!
ip access-list extended AutoQos-4.0-ACL-Bulk-Data
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any any eq 22
permit tcp any any eq smtp
permit tcp any any eq 465
permit tcp any any eq 143
permit tcp any any eq 993
permit tcp any any eq pop3
permit tcp any any eq 995
permit tcp any any eq 1914
ip access-list extended AutoQos-4.0-ACL-Default
permit ip any any
ip access-list extended AutoQos-4.0-ACL-Multimedia-Conf
permit udp any any range 16384 32767
ip access-list extended AutoQos-4.0-ACL-Scavenger
permit tcp any any eq 1214
permit udp any any eq 1214
permit tcp any any range 2300 2400
permit udp any any range 2300 2400
permit tcp any any eq 3689
permit udp any any eq 3689
permit tcp any any range 6881 6999
permit tcp any any eq 11999
permit tcp any any range 28800 29100
ip access-list extended AutoQos-4.0-ACL-Signaling
permit tcp any any range 2000 2002
permit tcp any any range 5060 5061
permit udp any any range 5060 5061
ip access-list extended AutoQos-4.0-ACL-Transactional-Data
permit tcp any any eq 443
permit tcp any any eq 1521
permit udp any any eq 1521
permit tcp any any eq 1526
permit udp any any eq 1526
permit tcp any any eq 1575
permit udp any any eq 1575
permit tcp any any eq 1630
permit udp any any eq 1630
ip access-list extended users
deny ip any 192.168.0.0 0.0.255.255
permit ip any any
!
logging origin-id hostname
logging facility syslog
logging source-interface Vlan10
logging host 10.1.40.78
access-list 117 permit udp host 10.1.40.189 any eq discard
!
!
snmp-server community mickey03 RO
snmp-server community mouse99 RW
snmp-server trap-source Vlan10
snmp-server location lincol-MDF
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps flash insertion removal
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps config
!
tacacs server noc-cp-a
address ipv4 10.1.40.116
key 7 08324F5D0D5A00130752
tacacs server noc-cp-b
address ipv4 10.1.40.117
key 7 08324F5D0D5A00130752
!
!
privilege configure all level 10 logging
privilege exec level 1 connect
privilege exec level 15 telnet
privilege exec level 10 show running-config view full
privilege exec level 10 show running-config view
privilege exec all level 10 show running-config
privilege exec level 10 show
banner motd ^C
!!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!!
! !
! You are accessing a PRIVATE COMPUTING FACILITY. !
! Access to this system is restricted to AUTHORIZED PERSONNEL. !
! !
! Anyone who accesses this system without authorization, or in !
! excess of their authorization could be subject to a fine, !
! imprisonment, or both under Public and Federal Law. By entering !
! this system, you consent to having your accesses and activities !
! monitored and recorded. !
! !
! If this monitoring or record reveals suspected unauthorized !
! or criminal activity, the evidence will be provided !
! to supervisory personnel and law enforcement officials. !
! !
! IF YOU ARE NOT AUTHORIZED TO BE HERE DISCONNECT NOW ! !
! !
!!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!!
^C
alias exec show-running-config show running-config view full
!
line con 0
exec-timeout 0 0
password 7 121C1C12300E0929
logging synchronous
stopbits 1
line vty 0 4
exec-timeout 0 0
password 7 01001F160A2A02022842
length 0
transport preferred ssh
transport input ssh
line vty 5 15
exec-timeout 15 0
password 7 01001F160A2A02022842
length 0
transport preferred ssh
transport input ssh
!
scheduler runtime netinput 100
ntp server 10.1.1.2 prefer
ntp server 10.1.1.3
!
end