From 750f0b5e7b90e15812683e2f693fbd9146cef06f Mon Sep 17 00:00:00 2001 From: John Poland Date: Fri, 6 Mar 2026 20:33:10 -0500 Subject: [PATCH] shea/shea-4507-1.cfg Fri Mar 6 08:33:10 PM EST 2026 --- configs/shea/shea-4507-1.cfg | 31 ++++++++++++++++++++++++++++--- 1 file changed, 28 insertions(+), 3 deletions(-) diff --git a/configs/shea/shea-4507-1.cfg b/configs/shea/shea-4507-1.cfg index aecfefe..f8823b7 100644 --- a/configs/shea/shea-4507-1.cfg +++ b/configs/shea/shea-4507-1.cfg @@ -1,9 +1,9 @@ Building configuration... -Current configuration : 34910 bytes +Current configuration : 35730 bytes ! -! Last configuration change at 10:25:00 EST Wed Feb 11 2026 by swalts49.admin -! NVRAM config last updated at 10:25:01 EST Wed Feb 11 2026 by swalts49.admin +! Last configuration change at 15:42:07 EST Fri Mar 6 2026 by estein66.admin +! NVRAM config last updated at 15:42:18 EST Fri Mar 6 2026 by estein66.admin ! version 15.2 no service pad @@ -92,12 +92,26 @@ archive path bootflash: maximum 5 file privilege 10 +object-group network day-enterprise-servers + description day-enterprise-servers + host 10.1.230.11 + host 10.1.40.108 +! +object-group network dns-servers + description Internal-DNS-Servers + host 10.1.40.10 + host 10.1.48.11 +! object-group network netadmin-hosts description SCSD Network Administrators Hosts host 10.1.6.20 host 10.1.6.126 host 10.1.6.32 ! +object-group network ntp-servers + host 10.1.40.154 + host 10.1.48.103 +! ! spanning-tree mode rapid-pvst spanning-tree loopguard default @@ -1080,6 +1094,7 @@ interface Vlan107 ! interface Vlan230 ip address 10.14.230.1 255.255.255.224 + ip access-group hvac in ! interface Vlan501 description to Ring @@ -1185,6 +1200,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data permit udp any any eq 1575 permit tcp any any eq 1630 permit udp any any eq 1630 +ip access-list extended hvac + permit ip 10.14.230.0 0.0.0.31 object-group day-enterprise-servers + permit udp 10.14.230.0 0.0.0.31 object-group dns-servers eq domain + permit udp 10.14.230.0 0.0.0.31 object-group ntp-servers eq ntp + permit icmp 10.14.230.0 0.0.0.31 host 10.14.230.1 + permit icmp host 10.14.230.1 10.14.230.0 0.0.0.31 + deny ip any 10.0.0.0 0.255.255.255 + deny ip any 192.168.0.0 0.0.255.255 + deny ip any 172.16.0.0 0.15.255.255 + permit tcp 10.14.230.0 0.0.0.31 any eq 587 log-input ip access-list extended sbhc-acl remark School Based Health Center ACL permit ip 10.53.107.0 0.0.0.255 10.107.49.0 0.0.0.255