sh/sh-noc-ilo-a6300-a.cfg Wed Sep 4 06:33:19 PM EDT 2024

2024-09-04 18:33:19 -04:00 · 2024-09-04 18:33:19 -04:00 · 11e6c9f640
commit 11e6c9f640
parent 5e39a8beeb
1 changed files with 82 additions and 5 deletions
--- a/configs/sh/sh-noc-ilo-a6300-a.cfg
+++ b/configs/sh/sh-noc-ilo-a6300-a.cfg
@ -3,27 +3,96 @@ Current configuration:
 !Version ArubaOS-CX FL.10.13.1010
 !export-password: default
 hostname sh-noc-ilo-a6300-a
+banner motd #
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!           You are accessing a PRIVATE COMPUTING FACILITY.           !
+!     Access to this system is restricted to AUTHORIZED PERSONNEL.    !
+!                                                                     !
+!    Anyone who accesses this system without authorization, or in     !
+!      excess of their authorization could be subject to a fine,      !
+!   imprisonment, or both under Public and Federal Law. By entering   !
+!   this system, you consent to having your accesses and activities   !
+!    monitored and recorded. If this monitoring or record reveals     !
+!   suspected unauthorized or criminal activity, the evidence will    !
+! be provided to supervisory personnel and law enforcement officials. !
+!                                                                     !
+!         IF YOU ARE NOT AUTHORIZED TO BE HERE DISCONNECT NOW!        !
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+#
 user admin group administrators password ciphertext AQBapZv2wjYecqPhsfcsIG3A8bsqwO5pSWmgJ4mlMqCQgovcYgAAAJ1P1gS+QBZjkkXlzBDKygiYD7+/G59/Z2zQbgHWEov50vu5rfYq8BEXyMdqGYA4t5eR0blVvGJjTbmCUhBvpCsAYd+ql1o2gdZJIySkgPv2Bn1gcBUIA+s/JZ4Bp/zqL7kJ
+clock timezone america/new_york
+loop-protect re-enable-timer 30
+ntp server 10.1.1.2 iburst
 ntp server pool.ntp.org minpoll 4 maxpoll 4 iburst
 ntp enable
 !
 !
 !
 !
+tacacs-server host 10.1.40.115 key ciphertext AQBapVi+DROPlEz6Xbj+XmpTBSkRpiUzT1pbN2jAPxpROpXUCQAAAJo2rByQo6PmHA== vrf mgmt
+tacacs-server host 10.1.40.116 key ciphertext AQBapTMexGftwvG8GZ2szVaR0b5Bs1O+CahONxWesmjhVflWCQAAABeynYJRsrGFbw== vrf mgmt
+tacacs-server host 10.1.40.117 key ciphertext AQBapfMBiaIuTVGmW2FxxbLym619rkZ2kr4G5MGKyYXwNtMnCQAAAPkbS5B7uM2dFQ== vrf mgmt
+!
+radius-server host 10.1.40.115 key ciphertext AQBapfPfGeGTeC+uVhI32/gbSn2pPil0Yoky28Y/vD3H9ZppCQAAAJYGS+ioflSAUA== vrf mgmt
+radius-server host 10.1.40.116 key ciphertext AQBapaBjm1i/LGBgK5acd6xv7+mJFH8So4ZG6i1CimuLIxfrCQAAAAYr/eoO6OvRGw== vrf mgmt
+radius-server host 10.1.40.117 key ciphertext AQBapTkTxKDQj8j2smkObCcvYfgJUz0/GTnOqTjMTQZEAXm2CQAAAK0INinpnLsheA== vrf mgmt
+aaa authentication allow-fail-through
 !
 !
+aaa group server radius cppm
+    server 10.1.40.115 vrf mgmt
+    server 10.1.40.116 vrf mgmt
+    server 10.1.40.117 vrf mgmt
+!
+aaa authentication login default group tacacs local
+aaa accounting all-mgmt console start-stop group tacacs
+aaa accounting all-mgmt default start-stop group radius
+aaa accounting all-mgmt https-server start-stop group radius
+aaa accounting all-mgmt ssh start-stop group tacacs
+aaa accounting port-access start-stop group tacacs
+!
+radius dyn-authorization enable
+!
+radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapdnIE2FNvoogRkpJl/ZuwykWLHmd/fTvyZgCIG/3v4r2CQAAAOEQtqkUDdiHIQ==
+radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBapWvYPppJSj3xHhiE1gkzB+C3/PyQn47nEWIgmkkVtuc1CQAAANedzl/ZTjTqCg==
+radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapSNwoTvxxdmfzKtuW53EJoL6/U0I6T2/UiPZgvMVyWGWCQAAAN3uenBRrhnjjA==
 ssh server vrf default
 ssh server vrf mgmt
+ssh key-exchange-algorithms curve25519-sha256 curve25519-sha256@libssh.org diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512
 vsf member 1 
    type jl663a
-vlan 1
+dhcpv4-snooping
+client track ip 
+vlan 1,10
 vlan 20
    name data
    shutdown
+vlan 35
+    name Wireless_Controller_Admin
+    description Wireless Controller Admin
+vlan 101
+    name mgmt-ct-noc
+    description Aruba CT-NOC Management vlan
+vlan 114
+    name mgmt-sh-noc
+    description Aruba SH-NOC Management vlan
+vlan 699
+    name SCSDDCDefaultVLAN
+spanning-tree mode rpvst
 spanning-tree
+spanning-tree bpdu-guard timeout 30
+spanning-tree ignore-pvid-inconsistency
+spanning-tree vlan 10,35,101,114,699
 interface mgmt
    no shutdown
    ip dhcp
+interface lag 231
+    description Uplink LAG
+    no shutdown
+    no routing
+    vlan trunk native 699 tag
+    vlan trunk allowed all
+    lacp mode active
 interface 1/1/1
    no shutdown
    no routing
@ -225,15 +294,23 @@ interface 1/1/50
    no routing
    vlan access 1
 interface 1/1/51
+    description Uplink LAG
    no shutdown
-    no routing
-    vlan access 1
+    lag 231
 interface 1/1/52
+    description Uplink LAG
    no shutdown
-    no routing
-    vlan access 1
+    lag 231
 interface vlan 1
    ip dhcp
+snmp-server vrf default
+snmp-server system-description sh-noc-6300-1-9
+snmp-server system-location SH-NOC
+snmp-server system-contact Tim Marris
+snmp-server community mickey03
+ip dns domain-name scsd.ad
+ip dns server-address 10.1.40.10
+ip dns server-address 10.21.48.10
 !
 !
 !