vanduyn/vanduyn-idf4-a6300-sw1.cfg Fri Aug 1 09:15:00 AM EDT 2025

2025-08-01 09:15:00 -04:00 · 2025-08-01 09:15:00 -04:00 · 95661157e0
commit 95661157e0
parent 43670fbdd6
1 changed files with 26 additions and 12 deletions
--- a/configs/vanduyn/vanduyn-idf4-a6300-sw1.cfg
+++ b/configs/vanduyn/vanduyn-idf4-a6300-sw1.cfg
@ -18,7 +18,7 @@ banner motd #
 !                                                                     !
 !         IF YOU ARE NOT AUTHORIZED TO BE HERE DISCONNECT NOW!        !
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#
-user admin group administrators password ciphertext AQBapfJ6BCKw0B3mLa2j6EotQGd6+zghx8uZyi9gxe1AZ4ZkYgAAACR2solP9IrI9u1tAuwQD5YkRavtGuNaTLQLpC4ubmXpvIEGO6CQv3BNtcm2T2eHEAPZPCcuqU4Y8PfXgFdCyap5wNC2g3M7sefXP8USQfHt7SvkLxuh8/2erDxlZ2eU1Suv
+user admin group administrators password ciphertext AQBapboHRWXIYOvYN0FV5WBf0Hq6v4eBY971HZU9my+4bdBAYgAAAIEBn8wd4lGlpAcDGHifcyKVTa0By8pMIskMToBxKMf4zwyWGkpYwyFQ6bbJGO2VO5mKBBG/5GT5Dc9j4WQd4Psxj8onGsZMzQQAyctl9ZTH7HjTBUVxdF4gyPZWhEJqx1t2
 clock timezone america/new_york
 loop-protect re-enable-timer 30
 ntp server 10.1.1.2 iburst
@ -27,13 +27,13 @@ ntp enable
 !
 !
 !
-tacacs-server host 10.1.40.115 key ciphertext AQBapSWUvrhuaEiABHb8l3hTEwlzH/ZKsB9TAyQaBPbqC5IoCQAAAKZl+dDTlaolEQ==
-tacacs-server host 10.1.40.116 key ciphertext AQBapeO2CkRPeW9ISQSz6QUQCPlUmruuo7RC/hd9OsXQLII1CQAAAJvaCbiD0dPTPA==
-tacacs-server host 10.1.40.117 key ciphertext AQBapUmRHYq6RhBK2wq4+C3JaDt+yM2V7cqEpi5k1MAjT/b9CQAAAPgxHP86Z0KLqQ==
+tacacs-server host 10.1.40.115 key ciphertext AQBapVUGbIBvrI8AjlZc5CF7MdwE2zBO+fXOiaDKnVKMsIA6CQAAAKCyrjulaWTdEg==
+tacacs-server host 10.1.40.116 key ciphertext AQBapTWrcleaOlI/wAleseiOqeTD/a0JU6TFi+1gne0Keo1BCQAAAIbsTOFUI/kmZQ==
+tacacs-server host 10.1.40.117 key ciphertext AQBapbdokvhLqoSEWi9m9KRcwSH9bEzrT7zTaWBRM2V3ztYtCQAAAFqbhEho4i8/Vg==
 !
-radius-server host 10.1.40.115 key ciphertext AQBapQ+eGXQ8XHv1qGHINsNiS2P9lFAv7yRo/3URKkAiwf8CCQAAAPK3pRT6IQQjIQ==
-radius-server host 10.1.40.116 key ciphertext AQBapS/0BLRsmpjueK4BdCZ9lquzPO21uiMbQifzpvOtKsRPCQAAAPG9Ve+OTvTgEQ==
-radius-server host 10.1.40.117 key ciphertext AQBapZi3V1lPPG/YRyfEcwwfCQNdwrzyshXsu9bbeEsfkPOVCQAAAIQU5JNaJVxVuQ==
+radius-server host 10.1.40.115 key ciphertext AQBapenNSMLB9htXe0QFfW2uRiyadK4kMlyOA5P9wykCCo8TCQAAAOe46eQHqTncGw==
+radius-server host 10.1.40.116 key ciphertext AQBapSHUYnAs9NuoS9VKFHeEAW/80znmNZs+GFTZhdPsTU3aCQAAABX3rQALXruoOg==
+radius-server host 10.1.40.117 key ciphertext AQBapcXokPuueJi5Lw0c5Uj6NiPslGOIIgSJPvL7HZaAzCXyCQAAABoMac6iZKREmA==
 aaa authentication allow-fail-through
 !
 !
@ -51,9 +51,9 @@ aaa accounting port-access start-stop group tacacs
 !
 radius dyn-authorization enable
 !
-radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapW+DegdJX0wJDJqz6oJW76GJ8R5lvRAdccfAKB4r7QAjCQAAAKjQIK8GcAOh1g==
-radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBapUh9d1rxcxhAuhlK3kbqm5+SUmTsnhhha+5ekD4Lhfu9CQAAADjD98qIqLx9wA==
-radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapSxx/BniiQM/RpnkJX3ubPAwva4Nli3b85+ZPPZ0GOWFCQAAAANAZySR8Nvhyw==
+radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapebpgEevNnOkUGL57MbGUxqZw5GCZChNE6WB0qn+ewHxCQAAAHF1oh36FYzHkA==
+radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBapXCLMdEGZnbUCB37jemc0abVQVQ+RHO1I7xH4SCxmyP5CQAAAK4FpdZIzZYwWA==
+radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapfQ67dAQ+yYpUtRkon9SAEWvi110UU7huFU/vHcgHM3fCQAAAJJidMcbvMaUsA==
 ssh server vrf default
 ssh server vrf mgmt
 ssh key-exchange-algorithms curve25519-sha256 curve25519-sha256@libssh.org diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512
@ -836,16 +836,30 @@ interface 1/1/24
    client track ip update-interval 120
    power-over-ethernet pre-std-detect
 interface 1/1/25
-    description - To BT Clock Controller -
+    description Auto
    no shutdown
    no routing
-    vlan access 30
+    vlan access 168
    spanning-tree bpdu-guard
    spanning-tree port-type admin-edge
    spanning-tree root-guard
    spanning-tree tcn-guard
    loop-protect
    port-access onboarding-method concurrent enable
+    aaa authentication port-access allow-cdp-bpdu
+    aaa authentication port-access allow-lldp-bpdu
+    aaa authentication port-access client-limit 3
+    aaa authentication port-access dot1x authenticator
+        cached-reauth
+        cached-reauth-period 86400
+        reauth
+        enable
+    aaa authentication port-access mac-auth
+        cached-reauth
+        cached-reauth-period 86400
+        quiet-period 30
+        reauth
+        enable
    client track ip enable
    client track ip update-interval 120
    power-over-ethernet pre-std-detect