ct/ct-noc-a8360-1-b.cfg Sun Apr 19 08:36:27 PM EDT 2026

configs/ct/ct-noc-a8360-1-b.cfg

@@ -2,7 +2,7 @@ Current configuration:
 !
 !Version ArubaOS-CX LL.10.13.1010
 !export-password: default
-hostname ct-noc-a8360-1-b
+hostname ct-noc-a8360-2-b
 banner motd #
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !           You are accessing a PRIVATE COMPUTING FACILITY.           !
@@ -18,12 +18,9 @@ banner motd #
 !                                                                     !
 !         IF YOU ARE NOT AUTHORIZED TO BE HERE DISCONNECT NOW!        !
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#
-user admin group administrators password ciphertext AQBapTEevtY7lM+kHKSkkX1bOfEYBF3ZhcpQqPzmCRTTstHzYgAAADp3kPH5OcbdGFv83hUwWAuVLIvEPilvF9C8XsDh3PmQRuqYLzcmBdGpX1N/8n6F9cXcWWDEcp7qwIzMvsl1MhKlCLceQVtwdk0DCywIHCyi2tjCl0j1aqjKazLZRIU2rzdM
+user admin group administrators password ciphertext AQBapc7xM5lJ1LpJwrne0HtnwVlefij7xu8Fmj+Kpye4ivSsYgAAAIx4BE1lanTTS2+NtUGdtMVM27uzr4eJuektGIqpIe4GRkzGrjzfTlYGZZfKX+wgiV4dZL+9YGzt4q7nDd1DwWhYyrxRmAWqS3QWnEp7MzVul9IbUW1rYVNvSkciM6ddBEfo
 clock timezone america/new_york
-router vrrp enable
-bfd
 profile aggregation-leaf
-vrf outside
 ntp server 10.1.1.2 iburst
 ntp server 10.1.1.3 iburst
 ntp enable
@@ -31,9 +28,9 @@ ntp enable
 !
 !
 !
-tacacs-server host 10.1.40.115 key ciphertext AQBapcYUUASiYxDliVMPYfLTRD/NT3E+iggCnHk06y6tVsjECQAAAItwfenTk5YK8g== vrf mgmt
+tacacs-server host 10.1.40.115 key ciphertext AQBapQolpl8fVv5MoOiL5fSEYB2+xL0++UZWlBb/R2bK8ZrxCQAAAG+dvQWuw7STOQ== vrf mgmt
-tacacs-server host 10.1.40.116 key ciphertext AQBapdK5MeXMDftvyXJL+Onh7N3CdRQCsRNLnwR9oEzG9sXOCQAAAIFIj3bwCgADsA== vrf mgmt
+tacacs-server host 10.1.40.116 key ciphertext AQBapSzstHL/Nfq0Q4yf84kjV9VwMZteedFlhMfaodLTFP3sCQAAAJPuA1ZQD9bfng== vrf mgmt
-tacacs-server host 10.1.40.117 key ciphertext AQBapczlRKnMIcIMER0hLrQRdg6CfDIkWn94AsmlB7eUBDSZCQAAAGjfvq7R5cNbfA== vrf mgmt
+tacacs-server host 10.1.40.117 key ciphertext AQBapeuP8ioqqlPxk5UthaDr6oLGqJ6gxjVvhZw4YBiTrVP3CQAAAOc1VFhc68xJOw== vrf mgmt
 aaa authentication allow-fail-through
 !
 !
@@ -94,6 +91,9 @@ vlan 18
     description Peoplesoft
 vlan 19
     name VLAN0019
+vlan 20
+    name OSA_Data_VLAN
+    description DATA VLAN
 vlan 21
     name Imaging
     description Imaging
@@ -168,6 +168,9 @@ vlan 164
     description Intune Wireless Imaging
 vlan 165
     name VLAN0165
+vlan 168
+    name Imaging_VLAN
+    description Imaging VLAN
 vlan 172
     name isolated_iSCSI_vlan_used_on_Por
     description isolated iSCSI vlan used on Port-Channel 2
@@ -215,9 +218,6 @@ vlan 303
 vlan 304
     name NottinghamSecureWLAN
     description Nottingham Secure WLAN
-vlan 305
-    name STEAMSecureWLAN
-    description STEAM HS Secure WLAN
 vlan 306
     name HenningerSecureWLAN
     description Henninger Secure WLAN clients
@@ -302,9 +302,6 @@ vlan 344
 vlan 345
     name EdSmithSecureWLAN
     description EdSmith Secure WLAN
-vlan 346
-    name Brighton466SecureWLAN
-    description Brighton466 Secure WLAN
 vlan 347
     name ELMSSecureWLAN
     description ELMS Secure WLAN
@@ -335,9 +332,12 @@ vlan 357
 vlan 360
     name TeachersCenterSecureWLAN
     description TeachersCenter Secure WLAN
-vlan 366
+vlan 367
-    name ENLSecureWLAN
+    name RAPCenterSecureWLAN
-    description ENL Secure WLAN
+    description RAP Center Secure WLAN
+vlan 368
+    name CNYWorksSecureWLAN
+    description CNY Works Secure WLAN
 vlan 386
     name StLucySecureWLAN
     description StLucy Secure WLAN
@@ -350,9 +350,6 @@ vlan 403
 vlan 404
     name NottinghamVendorWLAN
     description Nottingham Vendor WLAN
-vlan 405
-    name STEAMVendorWLAN
-    description STEAM HS Vendor WLAN
 vlan 406
     name HenningerVendorWLAN
     description Henninger Vendor WLAN clients
@@ -437,9 +434,6 @@ vlan 444
 vlan 445
     name EdSmithVendorWLAN
     description EdSmith Vendor WLAN
-vlan 446
-    name Brighton466VendorWLAN
-    description Brighton466 Vendor WLAN
 vlan 447
     name ELMSVendorWLAN
     description ELMS Vendor WLAN
@@ -470,9 +464,12 @@ vlan 457
 vlan 460
     name TeachersCenterVendorWLAN
     description TeachersCenter Vendor WLAN
-vlan 466
+vlan 467
-    name ENLVendorWLAN
+    name RAPCenterVendorWLAN
-    description ENL Vendor WLAN
+    description RAP Center Vendor WLAN
+vlan 468
+    name CNYWorksVendorWLAN
+    description CNY Works Vendor WLAN
 vlan 486
     name StLucyVendorWLAN
     description StLucy Vendor WLAN
@@ -541,11 +538,6 @@ vlan 1811
 vlan 1812
     name InterVRF_A_Outside
     description InterVRF B outside
-vlan 1813
-    name InterVRF_Linewize_A_Outside
-vlan 1814
-    name InterVRF_Linewize_B_Outside
-    description InterVRF Linewize B Outside
 vlan 2999
     name NexusToArubaTransit
     description NexusToArubaTransit
@@ -557,7 +549,7 @@ spanning-tree
 spanning-tree priority 2
 spanning-tree trap topology-change instance 0
 spanning-tree ignore-pvid-inconsistency
-spanning-tree vlan 3,5-7,9-12,16,18,19,21,24,30,34,35,40,45,48,50,60,70,72,99-101,107,114,140,145,150,151,160,161,164,165,172-179,200,203,230,251,252,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466,486,500-509,525,699,811,812,995,999,1180,1202,1251,1254,1256,1811-1814,2999,3000
+spanning-tree vlan 3,5-7,9-12,16,18-21,24,30,34,35,40,45,48,50,60,70,72,99-101,107,114,140,145,150,151,160,161,164,165,168,172-179,200,203,230,251,252,302-304,306-310,313-316,320-325,327-330,333,334,336,337,340-342,344,345,347-349,351,353-357,360,367,368,386,402-404,406-410,413-416,420-425,427-430,433,434,436,437,440-442,444,445,447-449,451,453-457,460,467,468,486,500-509,525,699,811,812,995,999,1180,1202,1251,1254,1256,1811,1812,2999,3000
 spanning-tree vlan 3 priority 12
 spanning-tree vlan 5 priority 12
 spanning-tree vlan 6 priority 12
@@ -569,6 +561,7 @@ spanning-tree vlan 12 priority 12
 spanning-tree vlan 16 priority 12
 spanning-tree vlan 18 priority 12
 spanning-tree vlan 19 priority 12
+spanning-tree vlan 20 priority 12
 spanning-tree vlan 21 priority 12
 spanning-tree vlan 24 priority 12
 spanning-tree vlan 30 priority 12
@@ -594,6 +587,7 @@ spanning-tree vlan 160 priority 12
 spanning-tree vlan 161 priority 12
 spanning-tree vlan 164 priority 12
 spanning-tree vlan 165 priority 12
+spanning-tree vlan 168 priority 12
 spanning-tree vlan 172 priority 12
 spanning-tree vlan 173 priority 12
 spanning-tree vlan 174 priority 12
@@ -610,7 +604,6 @@ spanning-tree vlan 252 priority 12
 spanning-tree vlan 302 priority 12
 spanning-tree vlan 303 priority 12
 spanning-tree vlan 304 priority 12
-spanning-tree vlan 305 priority 12
 spanning-tree vlan 306 priority 12
 spanning-tree vlan 307 priority 12
 spanning-tree vlan 308 priority 12
@@ -639,7 +632,6 @@ spanning-tree vlan 341 priority 12
 spanning-tree vlan 342 priority 12
 spanning-tree vlan 344 priority 12
 spanning-tree vlan 345 priority 12
-spanning-tree vlan 346 priority 12
 spanning-tree vlan 347 priority 12
 spanning-tree vlan 348 priority 12
 spanning-tree vlan 349 priority 12
@@ -650,12 +642,12 @@ spanning-tree vlan 355 priority 12
 spanning-tree vlan 356 priority 12
 spanning-tree vlan 357 priority 12
 spanning-tree vlan 360 priority 12
-spanning-tree vlan 366 priority 12
+spanning-tree vlan 367 priority 12
+spanning-tree vlan 368 priority 12
 spanning-tree vlan 386 priority 12
 spanning-tree vlan 402 priority 12
 spanning-tree vlan 403 priority 12
 spanning-tree vlan 404 priority 12
-spanning-tree vlan 405 priority 12
 spanning-tree vlan 406 priority 12
 spanning-tree vlan 407 priority 12
 spanning-tree vlan 408 priority 12
@@ -684,7 +676,6 @@ spanning-tree vlan 441 priority 12
 spanning-tree vlan 442 priority 12
 spanning-tree vlan 444 priority 12
 spanning-tree vlan 445 priority 12
-spanning-tree vlan 446 priority 12
 spanning-tree vlan 447 priority 12
 spanning-tree vlan 448 priority 12
 spanning-tree vlan 449 priority 12
@@ -695,7 +686,8 @@ spanning-tree vlan 455 priority 12
 spanning-tree vlan 456 priority 12
 spanning-tree vlan 457 priority 12
 spanning-tree vlan 460 priority 12
-spanning-tree vlan 466 priority 12
+spanning-tree vlan 467 priority 12
+spanning-tree vlan 468 priority 12
 spanning-tree vlan 486 priority 12
 spanning-tree vlan 500 priority 12
 spanning-tree vlan 501 priority 12
@@ -712,13 +704,11 @@ spanning-tree vlan 699 priority 12
 spanning-tree vlan 995 priority 12
 spanning-tree vlan 999 priority 12
 spanning-tree vlan 1180 priority 12
-spanning-tree vlan 1251 priority 12
-spanning-tree vlan 1254 priority 12
 spanning-tree vlan 2999 priority 12
 spanning-tree vlan 3000 priority 12
 interface mgmt
     no shutdown
-    ip static 192.168.101.21/24
+    ip static 192.168.101.22/24
     default-gateway 192.168.101.1
 qos queue-profile switchports
     map queue 0 local-priority 0
@@ -749,58 +739,20 @@ qos dscp-map 45 local-priority 6 color green name CS5
 qos dscp-map 47 local-priority 6 color green name CS5 
 system interface-group 1 speed 10g
     !interface group 1 contains ports 1/1/1-1/1/4
-interface lag 19 multi-chassis
+interface lag 242 multi-chassis
-    description aruba-wlc-a pc-0
-    no shutdown
-    no routing
-    vlan trunk native 699
-    vlan trunk allowed 10,30,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466,486
-    lacp mode active
-interface lag 26 multi-chassis
-    description aruba-wlc-b pc-0
-    no shutdown
-    no routing
-    vlan trunk native 699
-    vlan trunk allowed 10,30,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466,486
-    lacp mode active
-interface lag 28 multi-chassis
-    description aruba-wlc-c pc-0
-    no shutdown
-    no routing
-    vlan trunk native 699
-    vlan trunk allowed 10,30,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466,486
-    lacp mode active
-interface lag 181 multi-chassis
-    description FG-A inside
-    no shutdown
-    no routing
-    vlan access 1251
-    lacp mode active
-interface lag 182 multi-chassis
-    description FG-A outside
-    no shutdown
-    no routing
-    vlan access 1202
-    lacp mode active
-interface lag 183 multi-chassis
-    description FG-B inside
-    no shutdown
-    no routing
-    vlan access 1251
-    lacp mode active
-interface lag 184 multi-chassis
-    description FG-B outside
-    no shutdown
-    no routing
-    vlan access 1202
-    lacp mode active
-interface lag 241 multi-chassis
     description Uplink LAG
     no shutdown
     no routing
     vlan trunk native 699 tag
     vlan trunk allowed all
     lacp mode active
+interface lag 248 multi-chassis
+    description NOC 6300 LAG
+    no shutdown
+    no routing
+    vlan trunk native 699
+    vlan trunk allowed 6,10,20,30,35,40,48,50,70,72,101,168,230
+    lacp mode active
 interface lag 256
     description ISL link
     no shutdown
@@ -809,75 +761,94 @@ interface lag 256
     vlan trunk allowed all
     lacp mode active
 interface 1/1/1
-    description CKM02-LAN-SFP1 C07U18 C07P13
+    description MrRobinWilliams_Birdcage-SFP2 C22U37 C25P13
+    no shutdown
     no routing
-    vlan access 252
+    vlan trunk native 40
+    vlan trunk allowed 9,18,35,40,48,70,175-179,203
+interface 1/1/2
+    description DPHOST-SFP2 C26U24 C26P01
+    no shutdown
+    no routing
+    vlan access 48
 interface 1/1/3
-    description CKM02-WAN C07U18 C07P14
+    description MrRobinWilliams_Birdcage-SFP4 C22U37 C25P14
-    no routing
-    vlan access 1202
-interface 1/1/4
-    description Linewize-B-WAN C12U35 C12P02
     no shutdown
     no routing
-    vlan access 1814
+    vlan trunk native 40
+    vlan trunk allowed 9,18,35,40,48,70,175-179,203
 interface 1/1/5
-    description CKM03-LAN C07U16 C07P15
+    description MrRobinWilliams_MrsDoubtfire-SFP2 C22U35 C25P15
+    no shutdown
     no routing
-    vlan access 252
+    vlan trunk native 40
+    vlan trunk allowed 9,18,35,40,45,48,70,175-179,203
+interface 1/1/6
+    description NVR-SFP-B C26U38 C26P08
+    no shutdown
+    no routing
+    vlan trunk native 70
+    vlan trunk allowed all
 interface 1/1/7
-    description CKM03-WAN C07U16 C07P16
+    description MrRobinWilliams_MrsDoubtfire-SFP4 C22U35 C25P16
-    no routing
-    vlan access 1202
-interface 1/1/13
-    description FG-A_port19 C19U32 C12P07
-    no shutdown
-    lag 181
-interface 1/1/14
-    description future FG-A_port19 C19U32 C19P13
-    no shutdown
-    lag 181
-interface 1/1/15
-    description FG-A_port20 C19U32 C12P08+-
-    no shutdown
-    lag 182
-interface 1/1/16
-    description future FG-A_port20 C19U32 C19P14
-    no shutdown
-    lag 182
-interface 1/1/19
-    description aruba-wlc-a_0/0/3 C19U22 C12P10
-    no shutdown
-    lag 19
-interface 1/1/24
-    description to a8325-2_1/1/25:1 for Filter Bypass
     no shutdown
     no routing
-    vlan access 1813
+    vlan trunk native 40
-interface 1/1/26
+    vlan trunk allowed 9,18,35,40,45,48,70,175-179,203
-    description aruba-wlc-b_0/0/3_Cab20-fpp7
+interface 1/1/8
+    description NVR-SFP-B C26U36 C26P09
     no shutdown
-    lag 26
+    no routing
-interface 1/1/28
+    vlan trunk native 70
-    description aruba-wlc-c_0/0/3_Cab20-fpp8
+    vlan trunk allowed all
+interface 1/1/9
+    description MrRobinWilliams_Deadpoets-SFP2 C22U33 C25P17
     no shutdown
-    lag 28
+    no routing
-interface 1/1/30
+    vlan trunk native 40
-    description FG-B_port17 C20U32 C20P09
+    vlan trunk allowed 9,18,35,40,45,48,70,175-179,203
+interface 1/1/10
+    description NVR-SFP-B C26U34 C26P10
     no shutdown
-    lag 183
+    no routing
-interface 1/1/32
+    vlan trunk native 70
-    description FG-B_port20 C20U32 C20P10
+    vlan trunk allowed all
+interface 1/1/11
+    description MrRobinWilliams_Deadpoets-SFP4 C22U33 C25P18
     no shutdown
-    lag 184
+    no routing
+    vlan trunk native 40
+    vlan trunk allowed 9,18,35,40,45,48,70,175-179,203
+interface 1/1/12
+    description NVR-SFP-B C26U22 C26P11
+    no shutdown
+    no routing
+    vlan trunk native 70
+    vlan trunk allowed all
+interface 1/1/18
+    description Uplink LAG
+    no shutdown
+    lag 248
+interface 1/1/21
+    description AV500047-SFP-B C26U22 C26P11
+    no shutdown
+    no routing
+    vlan trunk native 70
+    vlan trunk allowed all
+interface 1/1/23
+    description AV500047-SFP-B C26U20 C26P12
+    no shutdown
+    no routing
+    vlan trunk native 70
+    vlan trunk allowed all
 interface 1/1/33
     description Uplink LAG
     no shutdown
-    lag 241
+    lag 242
 interface 1/1/34
     description Uplink LAG
     no shutdown
-    lag 241
+    lag 242
 interface 1/1/35
     description ISL LAG
     no shutdown
@@ -886,105 +857,27 @@ interface 1/1/36
     description ISL LAG
     no shutdown
     lag 256
-interface vlan 1251
-    description ct-noc inside firewall
-    vrf attach outside
-    ip address 10.251.1.254/24
-    ip ospf 2 area 0.0.0.0
-    vrrp dual-active-forwarding
-    vrrp 1 address-family ipv4
-        address 10.251.1.1 primary
-        priority 130
-        no shutdown
-        exit
-interface vlan 1254
-    description outside vrf transit-vlan
-    vrf attach outside
-    ip address 172.31.254.254/24
-    ip ospf 2 area 0.0.0.0
-    no ip ospf passive
-    ip pim-sparse enable
-interface vlan 1813
-    description linewize bypass
-    vrf attach outside
-    ip address 172.31.250.2/24
-    ip ospf 2 area 0.0.0.0
-    no ip ospf passive
-    ip ospf cost 9000
-    ip ospf bfd
-interface vlan 1814
-    description Linewize-B outside
-    vrf attach outside
-    ip address 172.31.249.2/24
-    ip neighbor-flood 
-    ip ospf 2 area 0.0.0.0
-    no ip ospf passive
-    ip ospf cost 2000
-    ip ospf bfd
 snmp-server vrf default
 snmp-server vrf mgmt
-snmp-server system-description ct-noc-8360-2-1
+snmp-server system-description ct-noc-8360-2-2
 snmp-server system-location CT NOC
 snmp-server system-contact Tim Marris
 snmp-server community mickey03
 vsx
-    system-mac 12:01:01:01:01:01
+    system-mac 12:02:02:02:02:02
     inter-switch-link lag 256
     role secondary
-    keepalive peer 192.168.101.11 source 192.168.101.21 vrf mgmt
+    keepalive peer 192.168.101.12 source 192.168.101.22 vrf mgmt
-ip route 0.0.0.0/0 10.251.1.5 vrf outside
-ip route 10.0.0.0/8 nullroute vrf outside
-ip route 10.11.0.0/20 10.251.1.5 vrf outside
-ip route 10.46.0.0/16 10.251.1.5 vrf outside
-ip route 10.51.62.32/28 10.251.1.5 vrf outside
-ip route 10.79.0.0/16 10.251.1.5 vrf outside
-ip route 10.107.49.0/24 10.251.1.5 vrf outside
-ip route 10.107.50.0/24 10.251.1.5 vrf outside
-ip route 10.107.100.0/24 10.251.1.5 vrf outside
-ip route 10.211.21.16/28 10.251.1.5 vrf outside
-ip route 10.212.134.0/26 10.251.1.5 vrf outside
-ip route 10.222.0.0/16 10.251.1.5 vrf outside
-ip route 10.235.40.0/21 10.251.1.5 vrf outside
-ip route 10.249.0.46/32 10.251.1.5 vrf outside
-ip route 10.249.0.44/32 10.251.1.5 vrf outside
-ip route 10.250.0.0/16 10.251.1.5 vrf outside
-ip route 10.250.100.0/24 10.251.1.5 vrf outside
-ip route 10.253.17.0/24 10.251.1.5 vrf outside
-ip route 10.253.18.0/24 10.251.1.5 vrf outside
-ip route 172.16.0.0/12 nullroute vrf outside
-ip route 172.17.0.0/16 10.252.1.4 vrf outside
-ip route 172.18.0.0/16 10.252.1.5 vrf outside
-ip route 172.19.0.0/16 10.252.1.6 vrf outside
-ip route 172.30.44.0/23 10.251.1.5 vrf outside
-ip route 172.30.45.25/32 10.251.1.5 vrf outside
-ip route 172.30.45.30/32 10.251.1.5 vrf outside
-ip route 172.30.45.35/32 10.251.1.5 vrf outside
-ip route 172.30.45.84/32 10.251.1.5 vrf outside
-ip route 172.30.45.107/32 10.251.1.5 vrf outside
-ip route 172.30.45.109/32 10.251.1.5 vrf outside
-ip route 192.168.0.0/16 nullroute vrf outside
-ip route 192.168.46.0/24 10.251.1.5 vrf outside
-ip route 192.168.79.0/24 10.251.1.5 vrf outside
-ip route 192.168.146.0/24 10.251.1.5 vrf outside
 ip dns domain-name scsd.ad
+ip dns server-address 10.1.48.11
+ip dns server-address 10.1.40.10
 ip dns server-address 10.1.40.10 vrf mgmt
-ip dns server-address 10.21.48.10 vrf mgmt
+ip dns server-address 10.1.48.11 vrf mgmt
-ip prefix-list default-route seq 5 deny 0.0.0.0/0
-ip prefix-list default-route seq 10 permit 0.0.0.0/0
 !
 !
 !
 !
-route-map type1routes permit seq 10
-     match ip address prefix-list default-route
-     set metric-type external type-1
-route-map type1routes permit seq 20
 !
-router ospf 2 vrf outside
-    router-id 10.251.1.254
-    passive-interface default
-    rfc1583-compatibility
-    area 0.0.0.0
 https-server vrf default
 https-server vrf mgmt
 configuration-lockout central managed