From 43670fbdd661273787af5af7fa674d1003f03800 Mon Sep 17 00:00:00 2001
From: John Poland <jdpoland@gmail.com>
Date: Fri, 1 Aug 2025 09:15:00 -0400
Subject: [PATCH] vanduyn/vanduyn-idf2-a6300-sw1.cfg Fri Aug  1 09:15:00 AM EDT
 2025

---
 configs/vanduyn/vanduyn-idf2-a6300-sw1.cfg | 38 +++++++++++++++-------
 1 file changed, 26 insertions(+), 12 deletions(-)

diff --git a/configs/vanduyn/vanduyn-idf2-a6300-sw1.cfg b/configs/vanduyn/vanduyn-idf2-a6300-sw1.cfg
index 22f9058..6989c64 100644
--- a/configs/vanduyn/vanduyn-idf2-a6300-sw1.cfg
+++ b/configs/vanduyn/vanduyn-idf2-a6300-sw1.cfg
@@ -18,7 +18,7 @@ banner motd #
 !                                                                     !
 !         IF YOU ARE NOT AUTHORIZED TO BE HERE DISCONNECT NOW!        !
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#
-user admin group administrators password ciphertext AQBapYcx80Ys9iAn+PuIIAdyx5uEClJb6yrYcKmXDtxztiLwYgAAAHvo7xKrT9S21y71MrmhO1yHWwzWB0noj6X+TBRAJlCiMNOfp03ILmVF/f+yYgVmmMuUb4A8MIFKu/2qmkmKtwU0ILpB2DMsFAarK+SxzHTs9zqbwTd/+BZeuCkj9z6e6U81
+user admin group administrators password ciphertext AQBapSltjV0Jy9r/fSFqPE3k2khnKqbm9QtERlO/bZ7T/BDZYgAAAD5+ggBnaFFarjjxUN1TLigixJIdNkG42kkpEldKf/oS1lB330rkZi/8AFD5YjmV1++bxaXZOPzaML/Kl2A2+7ehmBIidAykgkMWLy7WwHBfYcsofqQJfxw0uKp/g+G9Mu0h
 clock timezone america/new_york
 loop-protect re-enable-timer 30
 ntp server 10.1.1.2 iburst
@@ -27,13 +27,13 @@ ntp enable
 !
 !
 !
-tacacs-server host 10.1.40.115 key ciphertext AQBapfU4N+hlDGMNLDbRPdzbRG6ckxBThozQsGNyvnRhOP33CQAAAAJuGMwUMOLkMg==
-tacacs-server host 10.1.40.116 key ciphertext AQBapeRYujhBLifzahdms9OmQNWYQNzUPHKvw3QH+MpnnssOCQAAAI5F9xj4xaH/cA==
-tacacs-server host 10.1.40.117 key ciphertext AQBapX5JveYHJuwAkU28r6IAfp/PEoh03JwHJ0dWas3w5xiGCQAAAAOgJu9p1TmwoA==
+tacacs-server host 10.1.40.115 key ciphertext AQBapWSE8QsJvmeoShJZzq8lVu+Y1y+iP0ukvng6spkRrMZrCQAAAP7yJMiUX4hY0Q==
+tacacs-server host 10.1.40.116 key ciphertext AQBapZ4icWs7XQYed4z0nTOkNki9aaRz/ug+91Xo3UxDngk9CQAAAM55pGXG/ex+AA==
+tacacs-server host 10.1.40.117 key ciphertext AQBapYV6WaKPaYHM3WvIEbqk+JXPMFYKPOQWBylImmjMzeV5CQAAALZwwD/hZT/PEg==
 !
-radius-server host 10.1.40.115 key ciphertext AQBapSkMM+QNq49hyDprFudYCEMBJTQnwujz9L93Wv2MNAF1CQAAAPCBuJOvQOK2sw==
-radius-server host 10.1.40.116 key ciphertext AQBapWFYic7LhKROW2plBEmj1U6Lbdlyhv38IBDu1oki4tf1CQAAADL9WpbknWxgBw==
-radius-server host 10.1.40.117 key ciphertext AQBapXidDisj+LXPo1WD6WOuTUuZzPdvCR46JMEF1bxO41UwCQAAAFfBtHLYp5fGeA==
+radius-server host 10.1.40.115 key ciphertext AQBapUMP9rzt9qSpSE2zcpO6PihUdINU12h+8Rmygwf3xxHhCQAAAO91JTOzjkRUsg==
+radius-server host 10.1.40.116 key ciphertext AQBapZFjOmzAy7kYB1hnACjQ/tvNKXl8SGnr84na8t1D5wFMCQAAAP+sinJou5bwpA==
+radius-server host 10.1.40.117 key ciphertext AQBapeP+WYGs1V7ngx9zB2OtXfUulNg2cmFjAksyUgl1Q8VmCQAAAKaFBckO0BqiWQ==
 aaa authentication allow-fail-through
 !
 !
@@ -51,9 +51,9 @@ aaa accounting port-access start-stop group tacacs
 !
 radius dyn-authorization enable
 !
-radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapZ+tI/ceZUflPDcmOUMi4f2sgxG1AfVnlMqXoT/Q+PZmCQAAAFlcqdHTAryWUA==
-radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBapf+WVMelGBq4wkwblwPoLwVvEcSp5PLMIcxsF/PhxO1eCQAAAHw3xhvBUbPGgw==
-radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapWNRNqDWcnPSazjuRTeEhYZyqUKPaUX2jwidqq7UvnB1CQAAAODevlap3iW7QQ==
+radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapSEZokJ8sbMDJWYXwzuPr2sv8iPrty3G76qvtxX5nvWwCQAAAGdbKs3b8TR5Aw==
+radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBapTJ9vnF69yq12ruVNcTqqOSIb1yGw6cuWMUHE3V7KwldCQAAAKnMZdl0pYGH1Q==
+radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapTTJbbNZp6t0YRYnRvNNoqZxpmMGSIdec+85TQiEr99NCQAAAPZ+yZfvthMTzA==
 ssh server vrf default
 ssh server vrf mgmt
 ssh key-exchange-algorithms curve25519-sha256 curve25519-sha256@libssh.org diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512
@@ -827,16 +827,30 @@ interface 1/1/24
     client track ip update-interval 120
     power-over-ethernet pre-std-detect
 interface 1/1/25
-    description - To BT Clock Controller -
+    description Auto
     no shutdown
     no routing
-    vlan access 30
+    vlan access 168
     spanning-tree bpdu-guard
     spanning-tree port-type admin-edge
     spanning-tree root-guard
     spanning-tree tcn-guard
     loop-protect
     port-access onboarding-method concurrent enable
+    aaa authentication port-access allow-cdp-bpdu
+    aaa authentication port-access allow-lldp-bpdu
+    aaa authentication port-access client-limit 3
+    aaa authentication port-access dot1x authenticator
+        cached-reauth
+        cached-reauth-period 86400
+        reauth
+        enable
+    aaa authentication port-access mac-auth
+        cached-reauth
+        cached-reauth-period 86400
+        quiet-period 30
+        reauth
+        enable
     client track ip enable
     client track ip update-interval 120
     power-over-ethernet pre-std-detect