From 95661157e0e98013bd0c40230613812471873fb0 Mon Sep 17 00:00:00 2001
From: John Poland <jdpoland@gmail.com>
Date: Fri, 1 Aug 2025 09:15:00 -0400
Subject: [PATCH] vanduyn/vanduyn-idf4-a6300-sw1.cfg Fri Aug  1 09:15:00 AM EDT
 2025

---
 configs/vanduyn/vanduyn-idf4-a6300-sw1.cfg | 38 +++++++++++++++-------
 1 file changed, 26 insertions(+), 12 deletions(-)

diff --git a/configs/vanduyn/vanduyn-idf4-a6300-sw1.cfg b/configs/vanduyn/vanduyn-idf4-a6300-sw1.cfg
index 03fa8ee..b633ba2 100644
--- a/configs/vanduyn/vanduyn-idf4-a6300-sw1.cfg
+++ b/configs/vanduyn/vanduyn-idf4-a6300-sw1.cfg
@@ -18,7 +18,7 @@ banner motd #
 !                                                                     !
 !         IF YOU ARE NOT AUTHORIZED TO BE HERE DISCONNECT NOW!        !
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#
-user admin group administrators password ciphertext AQBapfJ6BCKw0B3mLa2j6EotQGd6+zghx8uZyi9gxe1AZ4ZkYgAAACR2solP9IrI9u1tAuwQD5YkRavtGuNaTLQLpC4ubmXpvIEGO6CQv3BNtcm2T2eHEAPZPCcuqU4Y8PfXgFdCyap5wNC2g3M7sefXP8USQfHt7SvkLxuh8/2erDxlZ2eU1Suv
+user admin group administrators password ciphertext AQBapboHRWXIYOvYN0FV5WBf0Hq6v4eBY971HZU9my+4bdBAYgAAAIEBn8wd4lGlpAcDGHifcyKVTa0By8pMIskMToBxKMf4zwyWGkpYwyFQ6bbJGO2VO5mKBBG/5GT5Dc9j4WQd4Psxj8onGsZMzQQAyctl9ZTH7HjTBUVxdF4gyPZWhEJqx1t2
 clock timezone america/new_york
 loop-protect re-enable-timer 30
 ntp server 10.1.1.2 iburst
@@ -27,13 +27,13 @@ ntp enable
 !
 !
 !
-tacacs-server host 10.1.40.115 key ciphertext AQBapSWUvrhuaEiABHb8l3hTEwlzH/ZKsB9TAyQaBPbqC5IoCQAAAKZl+dDTlaolEQ==
-tacacs-server host 10.1.40.116 key ciphertext AQBapeO2CkRPeW9ISQSz6QUQCPlUmruuo7RC/hd9OsXQLII1CQAAAJvaCbiD0dPTPA==
-tacacs-server host 10.1.40.117 key ciphertext AQBapUmRHYq6RhBK2wq4+C3JaDt+yM2V7cqEpi5k1MAjT/b9CQAAAPgxHP86Z0KLqQ==
+tacacs-server host 10.1.40.115 key ciphertext AQBapVUGbIBvrI8AjlZc5CF7MdwE2zBO+fXOiaDKnVKMsIA6CQAAAKCyrjulaWTdEg==
+tacacs-server host 10.1.40.116 key ciphertext AQBapTWrcleaOlI/wAleseiOqeTD/a0JU6TFi+1gne0Keo1BCQAAAIbsTOFUI/kmZQ==
+tacacs-server host 10.1.40.117 key ciphertext AQBapbdokvhLqoSEWi9m9KRcwSH9bEzrT7zTaWBRM2V3ztYtCQAAAFqbhEho4i8/Vg==
 !
-radius-server host 10.1.40.115 key ciphertext AQBapQ+eGXQ8XHv1qGHINsNiS2P9lFAv7yRo/3URKkAiwf8CCQAAAPK3pRT6IQQjIQ==
-radius-server host 10.1.40.116 key ciphertext AQBapS/0BLRsmpjueK4BdCZ9lquzPO21uiMbQifzpvOtKsRPCQAAAPG9Ve+OTvTgEQ==
-radius-server host 10.1.40.117 key ciphertext AQBapZi3V1lPPG/YRyfEcwwfCQNdwrzyshXsu9bbeEsfkPOVCQAAAIQU5JNaJVxVuQ==
+radius-server host 10.1.40.115 key ciphertext AQBapenNSMLB9htXe0QFfW2uRiyadK4kMlyOA5P9wykCCo8TCQAAAOe46eQHqTncGw==
+radius-server host 10.1.40.116 key ciphertext AQBapSHUYnAs9NuoS9VKFHeEAW/80znmNZs+GFTZhdPsTU3aCQAAABX3rQALXruoOg==
+radius-server host 10.1.40.117 key ciphertext AQBapcXokPuueJi5Lw0c5Uj6NiPslGOIIgSJPvL7HZaAzCXyCQAAABoMac6iZKREmA==
 aaa authentication allow-fail-through
 !
 !
@@ -51,9 +51,9 @@ aaa accounting port-access start-stop group tacacs
 !
 radius dyn-authorization enable
 !
-radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapW+DegdJX0wJDJqz6oJW76GJ8R5lvRAdccfAKB4r7QAjCQAAAKjQIK8GcAOh1g==
-radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBapUh9d1rxcxhAuhlK3kbqm5+SUmTsnhhha+5ekD4Lhfu9CQAAADjD98qIqLx9wA==
-radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapSxx/BniiQM/RpnkJX3ubPAwva4Nli3b85+ZPPZ0GOWFCQAAAANAZySR8Nvhyw==
+radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapebpgEevNnOkUGL57MbGUxqZw5GCZChNE6WB0qn+ewHxCQAAAHF1oh36FYzHkA==
+radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBapXCLMdEGZnbUCB37jemc0abVQVQ+RHO1I7xH4SCxmyP5CQAAAK4FpdZIzZYwWA==
+radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapfQ67dAQ+yYpUtRkon9SAEWvi110UU7huFU/vHcgHM3fCQAAAJJidMcbvMaUsA==
 ssh server vrf default
 ssh server vrf mgmt
 ssh key-exchange-algorithms curve25519-sha256 curve25519-sha256@libssh.org diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512
@@ -836,16 +836,30 @@ interface 1/1/24
     client track ip update-interval 120
     power-over-ethernet pre-std-detect
 interface 1/1/25
-    description - To BT Clock Controller -
+    description Auto
     no shutdown
     no routing
-    vlan access 30
+    vlan access 168
     spanning-tree bpdu-guard
     spanning-tree port-type admin-edge
     spanning-tree root-guard
     spanning-tree tcn-guard
     loop-protect
     port-access onboarding-method concurrent enable
+    aaa authentication port-access allow-cdp-bpdu
+    aaa authentication port-access allow-lldp-bpdu
+    aaa authentication port-access client-limit 3
+    aaa authentication port-access dot1x authenticator
+        cached-reauth
+        cached-reauth-period 86400
+        reauth
+        enable
+    aaa authentication port-access mac-auth
+        cached-reauth
+        cached-reauth-period 86400
+        quiet-period 30
+        reauth
+        enable
     client track ip enable
     client track ip update-interval 120
     power-over-ethernet pre-std-detect