admin/testing
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
testing/configs/shea/shea-4507-1.cfg

1269 lines
35 KiB
INI
Raw Blame History

Building configuration...
Current configuration : 35501 bytes
!
! Last configuration change at 08:27:50 EST Fri Jan 10 2025 by Jmaxam76.admin
! NVRAM config last updated at 08:28:18 EST Fri Jan 10 2025 by Jmaxam76.admin
!
version 15.2
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
service internal
service compress-config
service counters max age 5
!
hostname shea-4507-1
!
boot-start-marker
boot system flash bootflash:cat4500e-sup8e-firmwareupgrade-151_1r_SG18.SPA
boot system flash bootflash:cat4500e-sup8e-universalk9.SPA.03.11.06.E.152-7.E6.bin
boot-end-marker
!
shell processing full
!
vrf definition mgmtVrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging buffered 32000
no logging console
logging monitor notifications
enable secret 5 $1$ye2E$UVbXVXk/R/pl3ZRdhHsyZ1
enable password 7 060316246E4B0C34
!
username admin privilege 15 password 7 120A1C05432A08092325
aaa new-model
!
!
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization exec default group tacacs+ local
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default stop-only group tacacs+
aaa accounting network default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
!
!
!
!
!
!
aaa session-id common
clock timezone EST -5 0
clock summer-time EDT recurring
clock calendar-valid
!
!
!
!
!
udld aggressive
!
ip multicast-routing
no ip domain-lookup
ip domain-name scsd.ad
ip name-server 10.1.40.10
!
!
ip igmp profile 21
permit
range 239.14.21.0 239.14.21.255
vtp mode transparent
!
crypto pki trustpoint TP-self-signed-18501
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-18501
revocation-check none
rsakeypair TP-self-signed-18501
!
!
crypto pki certificate chain TP-self-signed-18501
certificate self-signed 01
30820221 3082018A A0030201 02020101 300D0609 2A864886 F70D0101 05050030
2C312A30 28060355 04031321 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31383530 31301E17 0D323330 32303231 35333330 325A170D
33303031 30313030 30303030 5A302C31 2A302806 03550403 1321494F 532D5365
6C662D53 69676E65 642D4365 72746966 69636174 652D3138 35303130 819F300D
06092A86 4886F70D 01010105 0003818D 00308189 02818100 AE6C236A 662695CF
CE5AA935 4188F507 C30BCE8F E23CB2A2 9CEDF45D DB60F21E 991A8FE7 E80BFCCD
43192E3A 13BB8F92 DD6F68D6 04D0930A 0DD1971D 738069B7 01631F66 9F2F76A7
9FD4BCA3 7BE8BECA 3EA43783 3B34212B F2464E01 3AD5B3AF 2132217D 6EEFCF4A
1F5BDB4C 03AD446F 37E8E1A0 C798D49C 99B30A60 4B4C1749 02030100 01A35330
51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D 23041830 168014B0
C9C9B186 0378EEAA 396455F0 19078C80 0AE03D30 1D060355 1D0E0416 0414B0C9
C9B18603 78EEAA39 6455F019 078C800A E03D300D 06092A86 4886F70D 01010505
00038181 00950461 53FA946E C4D8CE80 C033E1DE DE16E927 965EC253 D4C82606
70841075 E874E57F 1950B10B 0ABCB315 BA5DA552 5E5044BB 9269A02C ED76FEEF
BB2B3459 1C71CE0B 468F797C 38CE32A4 0D0A355D B8B318F2 95371904 60734CB6
DAA94648 1C289F1D 95F08E62 E5704981 BE6073B8 0061FA71 349DAD9C 989CA5E4
42EFB145 0C
quit
power redundancy-mode redundant
archive
path bootflash:
maximum 5
file privilege 10
object-group network netadmin-hosts
description SCSD Network Administrators Hosts
host 10.1.6.20
host 10.1.6.126
host 10.1.6.32
!
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree portfast edge bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
spanning-tree vlan 10,20-21,30,35,40,50-60,64,70,72 priority 8192
!
redundancy
mode sso
!
vlan internal allocation policy ascending
!
vlan 10
name mgmt
!
vlan 20
name data
!
vlan 21
name Imaging
!
vlan 30
name IoT
!
vlan 35
name new_wireless
!
vlan 40
!
vlan 50
name voice_50
!
vlan 51
name voice_51
!
vlan 52
name voice_52
!
vlan 53
name voice_53
!
vlan 54
name voice 54
!
vlan 55
name voice_55
!
vlan 56
name voice_56
!
vlan 60
name wireless_60
!
vlan 64
name wireless_64
!
vlan 70
name security-cameras
!
vlan 72
name access-control
!
vlan 107
name health_services
!
vlan 230
name hvac
!
vlan 501
!
vlan 525
name stub
lldp run
!
!
class-map match-all AutoQos-4.0-Scavenger-Classify
match access-group name AutoQos-4.0-ACL-Scavenger
class-map match-all AutoQos-4.0-Signaling-Classify
match access-group name AutoQos-4.0-ACL-Signaling
class-map match-any AutoQos-4.0-Priority-Queue
match cos 5
match dscp ef
match dscp cs5
match dscp cs4
class-map match-all AutoQos-4.0-VoIP-Data-Cos
match cos 5
class-map match-all AutoQos-VoIP-Control-Dscp26
match dscp af31
class-map match-any AutoQos-4.0-Multimedia-Stream-Queue
match dscp af31
match dscp af32
match dscp af33
class-map match-all AutoQos-4.0-VoIP-Signal-Cos
match cos 3
class-map match-all AutoQos-VoIP-Control-Dscp24
match dscp cs3
class-map match-any AutoQos-4.0-Multimedia-Conf-Queue
match cos 4
match dscp af41
match dscp af42
match dscp af43
match access-group name AutoQos-4.0-ACL-Multimedia-Conf
class-map match-all AutoQos-VoIP-Bearer-Cos
match cos 5
class-map match-all AutoQos-4.0-Default-Classify
match access-group name AutoQos-4.0-ACL-Default
class-map match-any AutoQos-4.0-Bulk-Data-Queue
match cos 1
match dscp af11
match dscp af12
match dscp af13
match access-group name AutoQos-4.0-ACL-Bulk-Data
class-map match-all AutoQos-4.0-Transaction-Classify
match access-group name AutoQos-4.0-ACL-Transactional-Data
class-map match-all AutoQos-VoIP-Control-QosGroup24
match qos-group 24
class-map match-all AutoQos-VoIP-Control-QosGroup26
match qos-group 26
class-map match-all AutoQos-VoIP-Bearer-QosGroup
match qos-group 46
class-map match-all AutoQos-VoIP-Bearer-Dscp
match dscp ef
class-map match-any AutoQos-4.0-Scavenger-Queue
match dscp cs1
match cos 1
match access-group name AutoQos-4.0-ACL-Scavenger
class-map match-any AutoQos-4.0-Control-Mgmt-Queue
match cos 3
match dscp cs7
match dscp cs6
match dscp cs3
match dscp cs2
match access-group name AutoQos-4.0-ACL-Signaling
class-map match-all AutoQos-4.0-Bulk-Data-Classify
match access-group name AutoQos-4.0-ACL-Bulk-Data
class-map match-any AutoQos-4.0-Trans-Data-Queue
match cos 2
match dscp af21
match dscp af22
match dscp af23
match access-group name AutoQos-4.0-ACL-Transactional-Data
class-map match-any AutoQos-4.0-VoIP-Data
match dscp ef
match cos 5
class-map match-all AutoQos-VoIP-Control-Cos
match cos 3
class-map match-all AutoQos-4.0-Multimedia-Conf-Classify
match access-group name AutoQos-4.0-ACL-Multimedia-Conf
class-map match-any AutoQos-4.0-VoIP-Signal
match dscp cs3
match cos 3
!
policy-map AutoQos-VoIP-Input-Dscp-Policy
class AutoQos-VoIP-Bearer-Dscp
set qos-group 46
class AutoQos-VoIP-Control-Dscp26
set qos-group 26
class AutoQos-VoIP-Control-Dscp24
set qos-group 24
policy-map AutoQos-4.0-Output-Policy
class AutoQos-4.0-Scavenger-Queue
bandwidth remaining percent 1
class AutoQos-4.0-Priority-Queue
priority
police cir percent 30 bc 33 ms
class AutoQos-4.0-Control-Mgmt-Queue
bandwidth remaining percent 10
class AutoQos-4.0-Multimedia-Conf-Queue
bandwidth remaining percent 10
class AutoQos-4.0-Multimedia-Stream-Queue
bandwidth remaining percent 10
class AutoQos-4.0-Trans-Data-Queue
bandwidth remaining percent 10
dbl
class AutoQos-4.0-Bulk-Data-Queue
bandwidth remaining percent 4
dbl
class class-default
bandwidth remaining percent 25
dbl
policy-map AutoQos-VoIP-Input-CiscoPhone-Cos-Policy
class AutoQos-VoIP-Bearer-Cos
set qos-group 46
class AutoQos-VoIP-Control-Cos
set qos-group 24
class class-default
set dscp default
set cos 0
policy-map AutoQos-VoIP-Output-Policy
class AutoQos-VoIP-Bearer-QosGroup
set dscp ef
set cos 5
priority
police cir percent 33
class AutoQos-VoIP-Control-QosGroup26
set dscp af31
set cos 3
bandwidth remaining percent 5
class AutoQos-VoIP-Control-QosGroup24
set dscp cs3
set cos 3
bandwidth remaining percent 5
class class-default
dbl
policy-map AutoQos-VoIP-Input-Cos-Policy
class AutoQos-VoIP-Bearer-Cos
set qos-group 46
class AutoQos-VoIP-Control-Cos
set qos-group 24
policy-map AutoQos-4.0-Cisco-Phone-Input-Policy
class AutoQos-4.0-VoIP-Data-Cos
set dscp ef
police cir 128000 bc 8000
exceed-action set-dscp-transmit cs1
exceed-action set-cos-transmit 1
class AutoQos-4.0-VoIP-Signal-Cos
set dscp cs3
police cir 32000 bc 8000
exceed-action set-dscp-transmit cs1
exceed-action set-cos-transmit 1
class class-default
set dscp default
set cos 5
!
!
!
!
!
!
!
interface Loopback0
ip address 10.14.254.254 255.255.255.255
!
interface Port-channel11
description To IDF1 .11
switchport
switchport trunk allowed vlan 10,20,30,35,40,51,60,62,64,70,230,525
switchport trunk native vlan 525
switchport mode trunk
!
interface Port-channel21
description To IDF2 .21
switchport
switchport trunk allowed vlan 10,20,21,30,35,40,48,52,60,70,525
switchport trunk native vlan 525
switchport mode trunk
!
interface Port-channel31
description To IDF3 .31
switchport
switchport trunk allowed vlan 10,20,30,35,40,53,60,70,525
switchport trunk native vlan 525
switchport mode trunk
!
interface Port-channel41
description To IDF4 .41
switchport
switchport trunk allowed vlan 10,20,30,35,40,54,60,70,525
switchport trunk native vlan 525
switchport mode trunk
!
interface Port-channel51
description To IDF5 .51
switchport
switchport trunk allowed vlan 10,20,21,30,35,40,48,55,60,70,525
switchport trunk native vlan 525
switchport mode trunk
!
interface FastEthernet1
vrf forwarding mgmtVrf
no ip address
shutdown
speed auto
duplex auto
!
interface TenGigabitEthernet1/1
description *** To mdf-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,50,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
shutdown
!
interface TenGigabitEthernet1/2
description To IDF1 .11
switchport trunk allowed vlan 10,20,30,35,40,51,60,62,64,70,230,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 11 mode active
!
interface TenGigabitEthernet1/3
description To IDF2 .21
switchport trunk allowed vlan 10,20,21,30,35,40,48,52,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 21 mode active
!
interface TenGigabitEthernet1/4
description To IDF3 .31
switchport trunk allowed vlan 10,20,30,35,40,53,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 31 mode active
!
interface TenGigabitEthernet1/5
description To IDF4 .41
switchport trunk allowed vlan 10,20,30,35,40,54,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 41 mode active
!
interface TenGigabitEthernet1/6
description *** To idf5-sw1 ***
switchport trunk allowed vlan 10,20,21,30,35,40,48,55,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 51 mode active
!
interface TenGigabitEthernet1/7
description *** To idf6-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,56,59,60,70,525
switchport trunk native vlan 525
switchport mode trunk
!
interface TenGigabitEthernet1/8
shutdown
!
interface TenGigabitEthernet1/9
shutdown
!
interface TenGigabitEthernet1/10
shutdown
!
interface TenGigabitEthernet1/11
shutdown
!
interface TenGigabitEthernet1/12
description NVR-RING4-BLODG_10.53.70.11
switchport access vlan 70
switchport mode access
!
interface TenGigabitEthernet3/1
description DP14 Port 1 SFP+
switchport access vlan 21
switchport mode access
spanning-tree portfast edge
!
interface TenGigabitEthernet3/2
description To IDF1 .11
switchport trunk allowed vlan 10,20,30,35,40,51,60,62,64,70,230,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 11 mode active
!
interface TenGigabitEthernet3/3
description To IDF2 .21
switchport trunk allowed vlan 10,20,21,30,35,40,48,52,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 21 mode active
!
interface TenGigabitEthernet3/4
description To IDF3 .31
switchport trunk allowed vlan 10,20,30,35,40,53,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 31 mode active
!
interface TenGigabitEthernet3/5
description To IDF4 .41
switchport trunk allowed vlan 10,20,30,35,40,54,60,70,525
switchport trunk native vlan 525
switchport mode trunk
channel-group 41 mode active
!
interface TenGigabitEthernet3/6
description To IDF5 .51
switchport trunk allowed vlan 10,20,21,30,35,40,48,55,60,70,525
switchport trunk native vlan 525
switchport mode trunk
lacp port-priority 51
channel-group 51 mode active
!
interface TenGigabitEthernet3/7
description DP14 Port 2 SFP+
switchport access vlan 21
switchport mode access
spanning-tree portfast edge
!
interface TenGigabitEthernet3/8
description to Ring
switchport trunk allowed vlan 501
switchport trunk native vlan 525
switchport mode trunk
udld port disable
no vtp
spanning-tree guard none
!
interface GigabitEthernet5/1
description *** To UPS ***
switchport access vlan 10
switchport mode access
spanning-tree portfast disable
!
interface GigabitEthernet5/2
description mdf-ups2
switchport access vlan 10
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/3
description Connected to Video Cameras
switchport access vlan 70
switchport mode access
spanning-tree portfast edge
!
interface GigabitEthernet5/4
description Connected to Video Cameras
switchport access vlan 70
switchport mode access
spanning-tree portfast edge
!
interface GigabitEthernet5/5
description Connected to Video Cameras
switchport access vlan 70
switchport mode access
spanning-tree portfast edge
!
interface GigabitEthernet5/6
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/7
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/8
description Connected to data network
switchport access vlan 40
switchport mode access
spanning-tree portfast disable
spanning-tree bpduguard enable
!
interface GigabitEthernet5/9
description Connected to data network
switchport access vlan 40
switchport mode access
spanning-tree portfast disable
spanning-tree bpduguard enable
!
interface GigabitEthernet5/10
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/11
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/12
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/13
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/14
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/15
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/16
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/17
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/18
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/19
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/20
description *** To Voice and Data Endpoints ***
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/21
description *** To Voice and Data Endpoints ***
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/22
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/23
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/24
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/25
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/26
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/27
description DP14 Port 1 SCCM distribution point server
switchport access vlan 21
switchport mode access
spanning-tree portfast disable
!
interface GigabitEthernet5/28
description DP14 Port 1 SCCM distribution point server
switchport access vlan 21
switchport mode access
spanning-tree portfast disable
!
interface GigabitEthernet5/29
description To Voice and Data Endpoints
switchport access vlan 50
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/30
description To Voice and Data Endpoints
switchport access vlan 50
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/31
description To Voice and Data Endpoints
switchport access vlan 20
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/32
description Connected to Intrusion Alarm
switchport access vlan 72
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/33
description To Voice and Data Endpoints
switchport access vlan 50
switchport mode access
switchport voice vlan 50
auto qos voip cisco-phone
qos trust device cisco-phone
spanning-tree portfast edge
spanning-tree bpduguard enable
service-policy input AutoQos-VoIP-Input-Cos-Policy
service-policy output AutoQos-VoIP-Output-Policy
!
interface GigabitEthernet5/34
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/35
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/36
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/37
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/38
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/39
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/40
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/41
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/42
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/43
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/44
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/45
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/46
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/47
description *** To Wireless APs ***
switchport trunk allowed vlan 35,59,999
switchport trunk native vlan 35
switchport mode trunk
!
interface GigabitEthernet5/48
description *** To 3945 Voice Gateway ***
switchport access vlan 50
switchport mode access
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 192.168.14.1 255.255.255.0
no ip redirects
ip pim sparse-mode
!
interface Vlan20
ip address 10.14.1.1 255.255.248.0
ip access-group users in
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
ip helper-address 10.1.48.189
no ip redirects
ip directed-broadcast 117
ip pim sparse-mode
!
interface Vlan21
ip address 10.14.21.1 255.255.255.0
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
ip helper-address 10.14.21.106
no ip redirects
ip pim sparse-mode
!
interface Vlan30
description Internet of Things
ip address 10.14.30.1 255.255.254.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan35
ip address 10.14.35.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
ip helper-address 10.1.40.115
ip helper-address 10.1.40.117
ip helper-address 10.1.40.116
no ip redirects
ip pim sparse-mode
!
interface Vlan40
ip address 10.14.40.2 255.255.255.0
no ip redirects
ip pim sparse-mode
!
interface Vlan50
ip address 10.14.50.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan51
ip address 10.14.51.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan52
ip address 10.14.52.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan53
ip address 10.14.53.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan54
ip address 10.14.54.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan55
ip address 10.14.55.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan56
ip address 10.14.56.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan60
ip address 10.14.60.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan64
ip address 10.14.64.1 255.255.252.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
!
interface Vlan70
description Security Cameras
ip address 10.14.70.1 255.255.254.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan72
description Access Control
ip address 10.14.72.1 255.255.255.0
ip helper-address 10.21.48.20
ip helper-address 10.1.40.20
no ip redirects
ip pim sparse-mode
!
interface Vlan107
description School Based Health Center VLAN
no ip address
ip access-group sbhc-acl in
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
shutdown
!
interface Vlan230
ip address 10.14.230.1 255.255.255.224
!
interface Vlan501
description to Ring
ip address 10.250.201.14 255.255.255.0
ip pim sparse-mode
!
router ospf 315
router-id 14.14.14.14
area 201 nssa
area 201 range 10.14.0.0 255.255.0.0
area 201 range 192.168.0.0 255.255.252.0
area 204 nssa
area 204 range 10.53.0.0 255.255.0.0
passive-interface default
no passive-interface Vlan501
network 10.14.230.0 0.0.0.31 area 201
network 10.14.0.0 0.0.255.255 area 201
network 10.53.0.0 0.0.255.255 area 204
network 10.250.201.14 0.0.0.0 area 0
network 10.250.204.53 0.0.0.0 area 0
network 192.168.14.0 0.0.0.255 area 201
network 192.168.53.0 0.0.0.255 area 204
!
ip local policy route-map blue
ip forward-protocol nd
ip forward-protocol udp netbios-ss
ip forward-protocol udp 1512
ip forward-protocol udp discard
no ip http server
no ip http secure-server
ip pim rp-address 10.1.0.1
ip msdp peer 10.1.0.2 connect-source Loopback0
ip msdp peer 10.1.0.3 connect-source Loopback0
ip msdp cache-sa-state
ip msdp mesh-group anycase 10.1.0.2
ip msdp mesh-group anycase 10.1.0.3
ip tftp blocksize 8192
ip tacacs source-interface Vlan10
!
ip access-list extended AutoQos-4.0-ACL-Bulk-Data
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any any eq 22
permit tcp any any eq smtp
permit tcp any any eq 465
permit tcp any any eq 143
permit tcp any any eq 993
permit tcp any any eq pop3
permit tcp any any eq 995
permit tcp any any eq 1914
ip access-list extended AutoQos-4.0-ACL-Default
permit ip any any
ip access-list extended AutoQos-4.0-ACL-Multimedia-Conf
permit udp any any range 16384 32767
ip access-list extended AutoQos-4.0-ACL-Scavenger
permit tcp any any eq 1214
permit udp any any eq 1214
permit tcp any any range 2300 2400
permit udp any any range 2300 2400
permit tcp any any eq 3689
permit udp any any eq 3689
permit tcp any any range 6881 6999
permit tcp any any eq 11999
permit tcp any any range 28800 29100
ip access-list extended AutoQos-4.0-ACL-Signaling
permit tcp any any range 2000 2002
permit tcp any any range 5060 5061
permit udp any any range 5060 5061
ip access-list extended AutoQos-4.0-ACL-Transactional-Data
permit tcp any any eq 443
permit tcp any any eq 1521
permit udp any any eq 1521
permit tcp any any eq 1526
permit udp any any eq 1526
permit tcp any any eq 1575
permit udp any any eq 1575
permit tcp any any eq 1630
permit udp any any eq 1630
ip access-list extended sbhc-acl
remark School Based Health Center ACL
permit ip 10.53.107.0 0.0.0.255 10.107.49.0 0.0.0.255
permit ip 10.53.107.0 0.0.0.255 10.107.50.0 0.0.0.255
permit ip 10.53.107.0 0.0.0.255 10.107.100.0 0.0.0.255
permit icmp 10.53.107.0 0.0.0.255 object-group netadmin-hosts
ip access-list extended tac
permit ip host 10.14.21.106 any
permit ip any host 10.14.21.106
ip access-list extended users
deny ip any 192.168.0.0 0.0.255.255
permit ip any any
!
logging origin-id hostname
logging facility syslog
logging source-interface Vlan10
logging host 10.1.40.78
access-list 107 permit ip 10.53.107.0 0.0.0.255 10.107.49.0 0.0.0.255
access-list 107 permit ip 10.53.107.0 0.0.0.255 10.107.50.0 0.0.0.255
access-list 107 permit ip 10.53.107.0 0.0.0.255 10.107.100.0 0.0.0.255
access-list 117 permit udp host 10.1.40.189 any eq discard
!
!
snmp-server community mickey03 RO
snmp-server community mouse99 RW
snmp-server trap-source Vlan10
snmp-server location shea-4507-1
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps flash insertion removal
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps config
tacacs-server directed-request
tacacs server noc-cp-a
address ipv4 10.1.40.116
key 7 08324F5D0D5A00130752
tacacs server noc-cp-b
address ipv4 10.1.40.117
key 7 08324F5D0D5A00130752
!
!
privilege configure all level 10 logging
privilege exec level 1 connect
privilege exec level 15 telnet
privilege exec level 10 show running-config view full
privilege exec level 10 show running-config view
privilege exec all level 10 show running-config
privilege exec level 10 show
banner motd ^CC
!!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!!
! !
! You are accessing a PRIVATE COMPUTING FACILITY. !
! Access to this system is restricted to AUTHORIZED PERSONNEL. !
! !
! Anyone who accesses this system without authorization, or in !
! excess of their authorization could be subject to a fine, !
! imprisonment, or both under Public and Federal Law. By entering !
! this system, you consent to having your accesses and activities !
! monitored and recorded. !
! !
! If this monitoring or record reveals suspected unauthorized !
! or criminal activity, the evidence will be provided !
! to supervisory personnel and law enforcement officials. !
! !
! IF YOU ARE NOT AUTHORIZED TO BE HERE DISCONNECT NOW ! !
! !
!!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!!
^C
alias exec show-running-config show running-config view full
!
line con 0
exec-timeout 0 0
password 7 121C1C12300E0929
logging synchronous
transport preferred none
stopbits 1
line vty 0 4
exec-timeout 0 0
password 7 01001F160A2A02022842
length 0
transport preferred ssh
transport input ssh
line vty 5 15
exec-timeout 15 0
password 7 01001F160A2A02022842
length 0
transport preferred ssh
transport input ssh
!
scheduler runtime netinput 100
ntp server 10.1.1.2 prefer
ntp server 10.1.1.3
end
Reference in New Issue View Git Blame Copy Permalink