admin/scsd-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

elmcrest/Elmcrest-mdf-4507.cfg Wed Mar 5 04:08:13 PM EST 2025

Browse Source
This commit is contained in:
John Poland 2025-03-05 16:08:14 -05:00
parent aa11dcfcf9
commit 3cb44f628b
1 changed files with 527 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

527
configs/elmcrest/Elmcrest-mdf-4507.cfg Normal file
View File

@ -0,0 +1,527 @@
Building configuration...
Current configuration : 12908 bytes
!
! Last configuration change at 09:51:55 EDT Mon Apr 29 2024 by gdaniels.admin
! NVRAM config last updated at 09:49:34 EDT Mon Apr 29 2024 by gdaniels.admin
!
version 15.2
no service pad
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
service password-encryption
service compress-config
service sequence-numbers
!
hostname Elmcrest-mdf-4507
!
boot-start-marker
boot system flash bootflash:cat4500e-sup7e-firmwareupgradeallK10-150_1r_SG16.SPA
boot system flash bootflash:cat4500e-sup7e-universalk9.SPA.03.11.04.E.152-7.E4.bin
boot-end-marker
!
shell processing full
!
vrf definition mgmtVrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging buffered 500000
no logging console
logging monitor notifications
enable secret 5 $1$Q83c$UyndFUrS0GSqqmwmqRnmg.
!
username admin password 7 02151D495A270B2C4540
aaa new-model
!
!
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization exec default group tacacs+ local
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default stop-only group tacacs+
aaa accounting network default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
!
!
!
!
!
!
aaa session-id common
clock timezone EST -5 0
clock summer-time EDT recurring
!
!
!
!
!
udld aggressive
!
!
!
!
!
!
ip multicast-routing
no ip domain-lookup
ip domain-name scsd.ad
ip name-server 10.1.40.10
ip name-server 10.1.9.102
ip name-server 10.1.48.200
ip name-server 10.21.48.242
!
!
!
flow record NTArecord
match ipv4 tos
match ipv4 dscp
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
collect datalink dot1q vlan output
collect routing forwarding-status reason
collect routing is-multicast
collect transport tcp flags
collect interface output
collect counter bytes
collect counter packets
collect timestamp sys-uptime first
collect timestamp sys-uptime last
!
!
flow record netflow-record
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
collect interface output
collect counter bytes long
collect counter packets long
!
!
flow exporter NTAexporter
destination 10.1.48.37
transport udp 2055
!
!
flow exporter netflow-to-orion
destination 10.1.48.37
transport udp 2055
!
!
flow monitor NTAmonitor
exporter NTAexporter
cache timeout active 5
record NTArecord
!
!
flow monitor netflow-monitor
exporter netflow-to-orion
cache timeout inactive 10
cache timeout active 60
record netflow-record
!
!
!
errdisable recovery cause link-flap
power redundancy-mode redundant
memory free low-watermark processor 25000
memory free low-watermark IO 25000
archive
log config
logging enable
logging size 1000
notify syslog contenttype plaintext
hidekeys
path bootflash:
maximum 5
file privilege 10
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree portfast edge bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
spanning-tree vlan 10,20,30,35,40,50-53,60,62,64,70,525 priority 8192
process cpu threshold type total rising 80 interval 60 location active
!
redundancy
mode rpr
!
vlan internal allocation policy ascending
lldp run
!
!
class-map match-all AutoQos-VoIP-Control-Dscp26
match dscp af31
class-map match-all AutoQos-VoIP-Control-Dscp24
match dscp cs3
class-map match-all AutoQos-VoIP-Bearer-Cos
match cos 5
class-map match-all AutoQos-VoIP-Control-QosGroup24
match qos-group 24
class-map match-all AutoQos-VoIP-Control-QosGroup26
match qos-group 26
class-map match-all AutoQos-VoIP-Bearer-QosGroup
match qos-group 46
class-map match-all AutoQos-VoIP-Bearer-Dscp
match dscp ef
class-map match-all AutoQos-VoIP-Control-Cos
match cos 3
!
policy-map AutoQos-VoIP-Input-Dscp-Policy
class AutoQos-VoIP-Bearer-Dscp
set qos-group 46
class AutoQos-VoIP-Control-Dscp26
set qos-group 26
class AutoQos-VoIP-Control-Dscp24
set qos-group 24
policy-map AutoQos-VoIP-Output-Policy
class AutoQos-VoIP-Bearer-QosGroup
set dscp ef
set cos 5
priority
police cir percent 33
class AutoQos-VoIP-Control-QosGroup26
set dscp af31
set cos 3
bandwidth remaining percent 5
class AutoQos-VoIP-Control-QosGroup24
set dscp cs3
set cos 3
bandwidth remaining percent 5
class class-default
dbl
policy-map AutoQos-VoIP-Input-Cos-Policy
class AutoQos-VoIP-Bearer-Cos
set qos-group 46
class AutoQos-VoIP-Control-Cos
set qos-group 24
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.27.254.254 255.255.255.255
!
interface Port-channel5
description to Elmcrest-mdf-stack1
switchport
switchport trunk allowed vlan 10,20,30,35,40,50,60,62,64,70,525
switchport trunk native vlan 525
switchport mode trunk
flowcontrol receive on
!
interface Port-channel11
description ** To IDF1 **
switchport
switchport trunk allowed vlan 10,20,30,35,40,51,60,62,64,70,525
switchport trunk native vlan 525
switchport mode trunk
!
interface FastEthernet1
vrf forwarding mgmtVrf
no ip address
shutdown
speed auto
duplex auto
!
interface TenGigabitEthernet1/1
description Elmcrest-mdf-stack1 .5
switchport trunk allowed vlan 10,20,30,35,40,50,60,62,64,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 5 mode on
!
interface TenGigabitEthernet1/2
description Elmcrest-IDF1-2960s
switchport trunk allowed vlan 10,20,30,35,40,51,60,62,64,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 11 mode on
!
interface TenGigabitEthernet1/3
!
interface TenGigabitEthernet1/4
!
interface TenGigabitEthernet1/5
!
interface TenGigabitEthernet1/6
!
interface TenGigabitEthernet1/7
!
interface TenGigabitEthernet1/8
!
interface TenGigabitEthernet1/9
!
interface TenGigabitEthernet1/10
!
interface TenGigabitEthernet1/11
switchport trunk native vlan 10
switchport mode trunk
!
interface TenGigabitEthernet1/12
description *** Connected to 3725 Router ***
switchport access vlan 50
switchport mode access
!
interface TenGigabitEthernet3/1
description Elmcrest-mdf-stack1 .5
switchport trunk allowed vlan 10,20,30,35,40,50,60,62,64,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 5 mode on
!
interface TenGigabitEthernet3/2
description Elmcrest-IDF1-2960s
switchport trunk allowed vlan 10,20,30,35,40,51,60,62,64,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 11 mode on
!
interface TenGigabitEthernet3/3
!
interface TenGigabitEthernet3/4
description to Ring#6 CCF Circuit ID 159975
switchport trunk allowed vlan 506
switchport trunk native vlan 525
switchport mode trunk
ip flow monitor netflow-monitor input
udld port disable
no vtp
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 192.168.27.1 255.255.255.0
no ip redirects
ip pim sparse-mode
!
interface Vlan20
ip address 10.27.1.1 255.255.248.0
ip access-group users in
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
ip helper-address 10.1.48.189
no ip redirects
ip directed-broadcast 117
ip pim sparse-mode
!
interface Vlan21
no ip address
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
ip helper-address 10.1.40.189
shutdown
!
interface Vlan30
description Internet of Things
ip address 10.27.30.1 255.255.254.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan35
ip address 10.27.35.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
ip helper-address 10.1.40.115
ip helper-address 10.1.40.117
ip helper-address 10.1.40.116
no ip redirects
ip pim sparse-mode
!
interface Vlan40
ip address 10.27.40.1 255.255.255.0
no ip redirects
!
interface Vlan50
ip address 10.27.50.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan51
ip address 10.27.51.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan54
no ip address
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
shutdown
!
interface Vlan55
no ip address
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
shutdown
!
interface Vlan56
no ip address
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
shutdown
!
interface Vlan70
description Security Cameras
ip address 10.27.70.1 255.255.254.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan72
description Access Control
ip address 10.27.72.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
no autostate
!
interface Vlan107
no ip address
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
shutdown
!
interface Vlan506
description to Ring #6 CCF Service #S200287
ip address 10.250.206.27 255.255.255.0
ip pim sparse-mode
!
router ospf 315
router-id 27.27.27.27
area 206 nssa
area 206 range 10.27.0.0 255.255.0.0
passive-interface default
no passive-interface Vlan506
network 10.27.0.0 0.0.255.255 area 206
network 10.250.206.27 0.0.0.0 area 0
network 192.168.27.0 0.0.0.255 area 206
!
ip forward-protocol nd
ip forward-protocol udp discard
no ip http server
no ip http secure-server
ip pim rp-address 10.1.0.1
ip tftp blocksize 8192
ip tacacs source-interface Vlan10
!
ip access-list extended users
deny ip any 192.168.0.0 0.0.255.255
permit ip any any
!
logging trap notifications
logging origin-id hostname
logging facility syslog
logging source-interface Vlan10
logging host 10.1.40.78
access-list 117 permit udp host 10.1.40.189 any eq discard
!
!
snmp-server community mickey03 RO
snmp-server community mouse99 RW
snmp-server trap-source Vlan10
snmp-server location Elmcrest-MDF
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps flash insertion removal
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps config
no snmp mib flash cache
!
tacacs server noc-cp-a
address ipv4 10.1.40.116
key 7 08324F5D0D5A00130752
tacacs server noc-cp-b
address ipv4 10.1.40.117
key 7 08324F5D0D5A00130752
!
!
privilege configure all level 10 logging
privilege exec level 1 connect
privilege exec level 15 telnet
privilege exec level 10 show running-config view full
privilege exec level 10 show running-config view
privilege exec all level 10 show running-config
privilege exec level 10 show
banner motd ^C
!!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!!
! !
! You are accessing a PRIVATE COMPUTING FACILITY. !
! Access to this system is restricted to AUTHORIZED PERSONNEL. !
! !
! Anyone who accesses this system without authorization, or in !
! excess of their authorization could be subject to a fine, !
! imprisonment, or both under Public and Federal Law. By entering !
! this system, you consent to having your accesses and activities !
! monitored and recorded. !
! !
! If this monitoring or record reveals suspected unauthorized !
! or criminal activity, the evidence will be provided !
! to supervisory personnel and law enforcement officials. !
! !
! IF YOU ARE NOT AUTHORIZED TO BE HERE DISCONNECT NOW ! !
! !
!!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!!
^C
alias exec show-running-config show running-config view full
!
line con 0
exec-timeout 0 0
password 7 121C1C12300E0929
logging synchronous
stopbits 1
line vty 0 4
exec-timeout 0 0
password 7 01001F160A2A02022842
length 0
transport preferred ssh
transport input ssh
line vty 5 15
exec-timeout 15 0
password 7 01001F160A2A02022842
length 0
transport preferred ssh
transport input ssh
!
ntp server 10.1.1.2 prefer
ntp server 10.1.1.3
!
end