hughes/hughes-4507-01.cfg Tue Mar 10 08:33:24 PM EDT 2026
This commit is contained in:
parent
67a5d5cdcb
commit
f4ba369101
@ -1,8 +1,8 @@
|
||||
Building configuration...
|
||||
|
||||
Current configuration : 39870 bytes
|
||||
Current configuration : 40648 bytes
|
||||
!
|
||||
! Last configuration change at 09:24:35 EDT Thu Sep 25 2025 by mloper19.admin
|
||||
! Last configuration change at 12:44:55 EDT Tue Mar 10 2026 by estein66.admin
|
||||
! NVRAM config last updated at 09:24:38 EDT Thu Sep 25 2025 by mloper19.admin
|
||||
!
|
||||
version 15.2
|
||||
@ -119,6 +119,8 @@ crypto pki trustpoint TP-self-signed-18273
|
||||
!
|
||||
!
|
||||
crypto pki certificate chain TP-self-signed-18273
|
||||
errdisable recovery cause security-violation
|
||||
errdisable recovery interval 30
|
||||
power redundancy-mode redundant
|
||||
archive
|
||||
log config
|
||||
@ -130,6 +132,20 @@ archive
|
||||
maximum 5
|
||||
write-memory
|
||||
file privilege 10
|
||||
object-group network day-enterprise-servers
|
||||
description day-enterprise-servers
|
||||
host 10.1.230.11
|
||||
host 10.1.40.108
|
||||
!
|
||||
object-group network dns-servers
|
||||
description Internal-DNS-Servers
|
||||
host 10.1.40.10
|
||||
host 10.1.48.11
|
||||
!
|
||||
object-group network ntp-servers
|
||||
host 10.1.40.154
|
||||
host 10.1.48.103
|
||||
!
|
||||
!
|
||||
spanning-tree mode rapid-pvst
|
||||
spanning-tree loopguard default
|
||||
@ -580,11 +596,13 @@ interface GigabitEthernet5/2
|
||||
spanning-tree portfast edge
|
||||
!
|
||||
interface GigabitEthernet5/3
|
||||
description hvac
|
||||
description HVAC
|
||||
switchport access vlan 230
|
||||
switchport mode access
|
||||
switchport port-security violation restrict
|
||||
switchport port-security mac-address sticky
|
||||
ip access-group hvac in
|
||||
switchport port-security mac-address sticky 0050.0618.aa26
|
||||
switchport port-security
|
||||
!
|
||||
interface GigabitEthernet5/4
|
||||
description *** To Voice and Data Endpoints ***
|
||||
@ -1226,6 +1244,7 @@ interface Vlan107
|
||||
!
|
||||
interface Vlan230
|
||||
ip address 10.28.230.1 255.255.255.224
|
||||
ip access-group hvac in
|
||||
!
|
||||
interface Vlan506
|
||||
description to Ring #6 CCF Service #S200310
|
||||
@ -1337,10 +1356,15 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
|
||||
permit tcp any any eq 1630
|
||||
permit udp any any eq 1630
|
||||
ip access-list extended hvac
|
||||
permit tcp host 10.28.230.11 host 10.1.230.11
|
||||
permit icmp host 10.28.230.11 host 10.1.230.11 log
|
||||
permit tcp host 10.28.230.11 host 10.1.40.108
|
||||
permit icmp host 10.28.230.11 host 10.1.40.108 log
|
||||
permit ip 10.28.230.0 0.0.0.31 object-group day-enterprise-servers
|
||||
permit udp 10.28.230.0 0.0.0.31 object-group dns-servers eq domain
|
||||
permit udp 10.28.230.0 0.0.0.31 object-group ntp-servers eq ntp
|
||||
permit icmp 10.28.230.0 0.0.0.31 host 10.28.230.1
|
||||
permit icmp host 10.28.230.1 10.28.230.0 0.0.0.31
|
||||
deny ip any 10.0.0.0 0.255.255.255
|
||||
deny ip any 192.168.0.0 0.0.255.255
|
||||
deny ip any 172.16.0.0 0.15.255.255
|
||||
permit tcp 10.28.230.0 0.0.0.31 any eq 587 log-input
|
||||
ip access-list extended users
|
||||
deny ip any 192.168.0.0 0.0.255.255
|
||||
permit ip any any
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user