weeks/weeks-mdf-a8360-sw2.cfg Mon Mar 16 08:32:17 PM EDT 2026

configs/weeks/weeks-mdf-a8360-sw2.cfg

@@ -51,6 +51,12 @@ object-group ip address clearpass_servers
     10 10.1.40.115
     20 10.1.40.116
     30 10.1.40.117
+object-group ip address day-enterprise-servers
+    10 10.1.230.11
+    20 10.1.40.108
+object-group ip address dns-servers
+    10 10.1.40.10
+    20 10.1.48.11
 object-group ip address dom_cont
     10 10.1.40.10
     20 10.1.40.95
@@ -61,6 +67,9 @@ object-group ip address dom_cont
     70 10.21.48.10
 object-group ip address netadmin_hosts
     10 10.1.6.0/255.255.255.0
+object-group ip address ntp-servers
+    10 10.1.40.154
+    20 10.1.48.103
 object-group ip address rfc_1918
     10 10.0.0.0/255.0.0.0
     20 192.168.0.0/255.255.0.0
@@ -152,6 +161,16 @@ access-list ip Image-acl
     158 comment ClearPass_TCP_PORTS_OUT
     158 permit tcp any clearpass_servers group clearpass_tcp_ports
     160 deny any any any
+access-list ip hvac-acl
+    10 permit any 10.34.230.0/255.255.255.224 day-enterprise-servers
+    20 permit udp 10.34.230.0/255.255.255.224 dns-servers eq dns
+    30 permit udp 10.34.230.0/255.255.255.224 ntp-servers eq ntp
+    40 permit icmp 10.34.230.0/255.255.255.252 10.34.230.0/255.255.255.224
+    50 permit icmp 10.34.230.0/255.255.255.224 10.34.230.0/255.255.255.252
+    60 deny any any 10.0.0.0/255.0.0.0
+    70 deny any any 192.168.0.0/255.255.0.0
+    80 deny any any 172.16.0.0/255.240.0.0
+    90 permit tcp 10.34.230.0/255.255.255.224 any eq 587 log count
 access-list ip sbhc-acl
     10 comment SBHC_Out
     10 permit any sbhc_internal sbhc_external