From 854bec95bea289dc82dfaf80c47da3225abf4864 Mon Sep 17 00:00:00 2001 From: John Poland Date: Mon, 16 Mar 2026 20:32:19 -0400 Subject: [PATCH] elmcrest/elmcrest-mdf-a8360-sw2.cfg Mon Mar 16 08:32:17 PM EDT 2026 --- configs/elmcrest/elmcrest-mdf-a8360-sw2.cfg | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/configs/elmcrest/elmcrest-mdf-a8360-sw2.cfg b/configs/elmcrest/elmcrest-mdf-a8360-sw2.cfg index f420955..27b6b97 100644 --- a/configs/elmcrest/elmcrest-mdf-a8360-sw2.cfg +++ b/configs/elmcrest/elmcrest-mdf-a8360-sw2.cfg @@ -51,6 +51,12 @@ object-group ip address clearpass_servers 10 10.1.40.115 20 10.1.40.116 30 10.1.40.117 +object-group ip address day-enterprise-servers + 10 10.1.230.11 + 20 10.1.40.108 +object-group ip address dns-servers + 10 10.1.40.10 + 20 10.1.48.11 object-group ip address dom_cont 10 10.1.40.10 20 10.1.40.95 @@ -58,6 +64,9 @@ object-group ip address dom_cont 40 10.21.48.10 50 10.1.203.21 60 10.1.48.10 +object-group ip address ntp-servers + 10 10.1.40.154 + 20 10.1.48.103 object-group ip address sccm_servers 10 10.1.48.53 20 10.1.48.189 @@ -128,6 +137,16 @@ access-list ip Image-acl 158 comment ClearPass_TCP_PORTS_OUT 158 permit tcp any clearpass_servers group clearpass_tcp_ports 160 deny any any any +access-list ip hvac-acl + 10 permit any 10.27.230.0/255.255.255.224 day-enterprise-servers + 20 permit udp 10.27.230.0/255.255.255.224 dns-servers eq dns + 30 permit udp 10.27.230.0/255.255.255.224 ntp-servers eq ntp + 40 permit icmp 10.27.230.0/255.255.255.252 10.27.230.0/255.255.255.224 + 50 permit icmp 10.27.230.0/255.255.255.224 10.27.230.0/255.255.255.252 + 60 deny any any 10.0.0.0/255.0.0.0 + 70 deny any any 192.168.0.0/255.255.0.0 + 80 deny any any 172.16.0.0/255.240.0.0 + 90 permit tcp 10.27.230.0/255.255.255.224 any eq 587 log count access-list ip users-acl 10 deny any any 192.168.0.0/255.255.0.0 20 permit any any any