scsd/scsd-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hughes/hughes-4507-01.cfg Tue Mar 10 08:33:24 PM EDT 2026

Browse Source
This commit is contained in:
John Poland 2026-03-10 20:33:26 -04:00
parent 67a5d5cdcb
commit f4ba369101
1 changed files with 32 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
configs/hughes/hughes-4507-01.cfg
View File

@ -1,8 +1,8 @@
Building configuration... Building configuration...
Current configuration : 39870 bytes Current configuration : 40648 bytes
! !
! Last configuration change at 09:24:35 EDT Thu Sep 25 2025 by mloper19.admin ! Last configuration change at 12:44:55 EDT Tue Mar 10 2026 by estein66.admin
! NVRAM config last updated at 09:24:38 EDT Thu Sep 25 2025 by mloper19.admin ! NVRAM config last updated at 09:24:38 EDT Thu Sep 25 2025 by mloper19.admin
! !
version 15.2 version 15.2
@ -119,6 +119,8 @@ crypto pki trustpoint TP-self-signed-18273
! !
! !
crypto pki certificate chain TP-self-signed-18273 crypto pki certificate chain TP-self-signed-18273
errdisable recovery cause security-violation
errdisable recovery interval 30
power redundancy-mode redundant power redundancy-mode redundant
archive archive
log config log config
@ -130,6 +132,20 @@ archive
maximum 5 maximum 5
write-memory write-memory
file privilege 10 file privilege 10
object-group network day-enterprise-servers
description day-enterprise-servers
host 10.1.230.11
host 10.1.40.108
!
object-group network dns-servers
description Internal-DNS-Servers
host 10.1.40.10
host 10.1.48.11
!
object-group network ntp-servers
host 10.1.40.154
host 10.1.48.103
!
! !
spanning-tree mode rapid-pvst spanning-tree mode rapid-pvst
spanning-tree loopguard default spanning-tree loopguard default
@ -580,11 +596,13 @@ interface GigabitEthernet5/2
spanning-tree portfast edge spanning-tree portfast edge
! !
interface GigabitEthernet5/3 interface GigabitEthernet5/3
description hvac description HVAC
switchport access vlan 230 switchport access vlan 230
switchport mode access switchport mode access
switchport port-security violation restrict
switchport port-security mac-address sticky switchport port-security mac-address sticky
ip access-group hvac in switchport port-security mac-address sticky 0050.0618.aa26
switchport port-security
! !
interface GigabitEthernet5/4 interface GigabitEthernet5/4
description *** To Voice and Data Endpoints *** description *** To Voice and Data Endpoints ***
@ -1226,6 +1244,7 @@ interface Vlan107
! !
interface Vlan230 interface Vlan230
ip address 10.28.230.1 255.255.255.224 ip address 10.28.230.1 255.255.255.224
ip access-group hvac in
! !
interface Vlan506 interface Vlan506
description to Ring #6 CCF Service #S200310 description to Ring #6 CCF Service #S200310
@ -1337,10 +1356,15 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
permit tcp any any eq 1630 permit tcp any any eq 1630
permit udp any any eq 1630 permit udp any any eq 1630
ip access-list extended hvac ip access-list extended hvac
permit tcp host 10.28.230.11 host 10.1.230.11 permit ip 10.28.230.0 0.0.0.31 object-group day-enterprise-servers
permit icmp host 10.28.230.11 host 10.1.230.11 log permit udp 10.28.230.0 0.0.0.31 object-group dns-servers eq domain
permit tcp host 10.28.230.11 host 10.1.40.108 permit udp 10.28.230.0 0.0.0.31 object-group ntp-servers eq ntp
permit icmp host 10.28.230.11 host 10.1.40.108 log permit icmp 10.28.230.0 0.0.0.31 host 10.28.230.1
permit icmp host 10.28.230.1 10.28.230.0 0.0.0.31
deny ip any 10.0.0.0 0.255.255.255
deny ip any 192.168.0.0 0.0.255.255
deny ip any 172.16.0.0 0.15.255.255
permit tcp 10.28.230.0 0.0.0.31 any eq 587 log-input
ip access-list extended users ip access-list extended users
deny ip any 192.168.0.0 0.0.255.255 deny ip any 192.168.0.0 0.0.255.255
permit ip any any permit ip any any