scsd/scsd-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: scsd:069d6acd951d24c2a4d08449eb4638c43858d366
Branches Tags
scsd:main
...
compare: scsd:d91383fdbbc49c01f613dd6fd301fac584310bd7
Branches Tags
scsd:main

4 Commits
069d6acd95 ... d91383fdbb

Author SHA1 Message Date
John Poland
d91383fdbb bright/bright-mdf-a8360-sw1.cfg Mon Jan 12 07:43:35 PM EST 2026 2026-01-12 19:43:38 -05:00
John Poland
bdf45c44e2 bright/bright-mdf-a6300-sw1.cfg Mon Jan 12 07:43:35 PM EST 2026 2026-01-12 19:43:38 -05:00
John Poland
a8abc00cd6 elmwood/elmwood-mdf-4507.cfg Mon Jan 12 07:43:35 PM EST 2026 2026-01-12 19:43:36 -05:00
John Poland
210c7a0279 steam/steam-idf6-a6300-sw1.cfg Mon Jan 12 07:43:35 PM EST 2026 2026-01-12 19:43:35 -05:00
4 changed files with 498 additions and 14 deletions
Show Stats Expand all files Collapse all files

50
configs/bright/bright-mdf-a6300-sw1.cfg
View File

@ -1773,13 +1773,27 @@ interface 2/1/16
description Auto
no shutdown
no routing
vlan access 20
vlan access 168
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
port-access onboarding-method concurrent enable
aaa authentication port-access allow-cdp-bpdu
aaa authentication port-access allow-lldp-bpdu
aaa authentication port-access client-limit 3
aaa authentication port-access dot1x authenticator
cached-reauth
cached-reauth-period 86400
reauth
enable
aaa authentication port-access mac-auth
cached-reauth
cached-reauth-period 86400
quiet-period 30
reauth
enable
client track ip enable
client track ip update-interval 120
power-over-ethernet pre-std-detect
@ -2627,12 +2641,27 @@ interface 2/1/47
description Auto
no shutdown
no routing
vlan access 539
vlan access 168
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
port-access onboarding-method concurrent enable
aaa authentication port-access allow-cdp-bpdu
aaa authentication port-access allow-lldp-bpdu
aaa authentication port-access client-limit 3
aaa authentication port-access dot1x authenticator
cached-reauth
cached-reauth-period 86400
reauth
enable
aaa authentication port-access mac-auth
cached-reauth
cached-reauth-period 86400
quiet-period 30
reauth
enable
client track ip enable
client track ip update-interval 120
power-over-ethernet pre-std-detect
@ -2640,12 +2669,27 @@ interface 2/1/48
description Auto
no shutdown
no routing
vlan access 539
vlan access 168
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
port-access onboarding-method concurrent enable
aaa authentication port-access allow-cdp-bpdu
aaa authentication port-access allow-lldp-bpdu
aaa authentication port-access client-limit 3
aaa authentication port-access dot1x authenticator
cached-reauth
cached-reauth-period 86400
reauth
enable
aaa authentication port-access mac-auth
cached-reauth
cached-reauth-period 86400
quiet-period 30
reauth
enable
client track ip enable
client track ip update-interval 120
power-over-ethernet pre-std-detect

448
configs/bright/bright-mdf-a8360-sw1.cfg Normal file
View File

@ -0,0 +1,448 @@
Current configuration:
!
!Version ArubaOS-CX LL.10.13.1040
!export-password: default
hostname bright-mdf-a8360-sw1
banner motd #
!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
! You are accessing a PRIVATE COMPUTING FACILITY. !
! Access to this system is restricted to AUTHORIZED PERSONNEL. !
! !
! Anyone who accesses this system without authorization, or in !
! excess of their authorization could be subject to a fine, !
! imprisonment, or both under Public and Federal Law. By entering !
! this system, you consent to having your accesses and activities !
! monitored and recorded. If this monitoring or record reveals !
! suspected unauthorized or criminal activity, the evidence will !
! be provided to supervisory personnel and law enforcement officials. !
! !
! IF YOU ARE NOT AUTHORIZED TO BE HERE DISCONNECT NOW! !
!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#
user admin group administrators password ciphertext AQBapVlIo3Pne/G1gLW1CzOHUXyO+1fY8Ou2GYUGm+rX0kaTYgAAAG5d87CL15d9tjogrBKGUCLX0VYWC4vydnnB6JcMquF4LouswavhMZ9Mr8HXHvQRG0CYen6yAp+I0owTJUb7Zu8SF66AYUr5PZb45cI2LkiZ28SQZABzJxjO6wvyHH6mRCHh
clock timezone america/new_york
profile aggregation-leaf
ntp server 10.1.1.2 iburst
ntp server 10.1.1.3 iburst
ntp enable
!
!
!
!
tacacs-server host 10.1.40.115 key ciphertext AQBapQzapQIUS+NVKmJtcTE98VrMEX4G0TTFRXByYl8+6zfbCQAAAK4PN86GeE9DgQ==
tacacs-server host 10.1.40.116 key ciphertext AQBapedCOTg2ILQdxTct/j0fXqefKaXUo4+R0qnT5Q6vE0JBCQAAAFiVk+hTcDhEIA==
tacacs-server host 10.1.40.117 key ciphertext AQBapRGYlBRsBBXudbGP8TNvlZ2RMaEGAJInyBEVcVRTHL+qCQAAAB4FaQrcsuv2Yw==
!
radius-server host 10.1.40.115 key ciphertext AQBapW+8vxwreiGEpIKTgdsnWv8QeGJZzIYupeqVSGYCWsR2CQAAAC/wgT67wUs/aQ==
radius-server host 10.1.40.116 key ciphertext AQBapYwL1k1E6jCNIon2FJAjZmi8UwLcyAyfG9WR3L0B1NgECQAAAK+iq7oEymA1HQ==
radius-server host 10.1.40.117 key ciphertext AQBapTzensFzWAUnYhCjN3JzE40K+yIJq98037rh38HN21ctCQAAAC9fTLFyXvfeWg==
aaa authentication allow-fail-through
!
!
aaa authentication login default group tacacs local
aaa accounting all-mgmt console start-stop group tacacs
aaa accounting all-mgmt default start-stop group radius
aaa accounting all-mgmt https-server start-stop group radius
aaa accounting all-mgmt ssh start-stop group tacacs
!
logging 10.1.40.78
ssh server vrf default
ssh server vrf mgmt
ssh key-exchange-algorithms curve25519-sha256 curve25519-sha256@libssh.org diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha1 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521
object-group ip address clearpass_servers
10 10.1.40.115
20 10.1.40.116
30 10.1.40.117
object-group ip address dom_cont
10 10.1.40.10
20 10.1.40.95
30 10.1.48.120
40 10.21.48.10
50 10.1.203.21
60 10.1.48.10
object-group ip address sccm_servers
10 10.1.48.53
20 10.1.48.189
object-group port clearpass_tcp_ports
10 eq dce-rpc
20 eq rdp
object-group port dc_tcp_ports
10 eq dce-rpc
20 eq ldap
30 eq 3268
40 eq dns
50 eq 88
70 eq microsoft-ds
80 range 49666 49679
object-group port dc_udp_ports
10 eq ntp
20 eq ldap
30 eq dns
40 eq isakmp
object-group port sccm_tcp_ports
10 eq 8530
20 eq 10123
object-group port sccm_udp_ports
10 eq dce-rpc
20 eq ldap
50 eq dns
60 eq 88
70 eq microsoft-ds
90 eq isakmp
140 gt 1022
access-list ip Image-acl
10 comment DC_UDP_PORTS_IN
10 permit udp dom_cont group dc_udp_ports any
15 comment DC_UDP_PORTS_OUT
15 permit udp any dom_cont group dc_udp_ports
20 comment DC_TCP PORTS_IN
20 permit tcp dom_cont group dc_tcp_ports any
25 comment DC_TCP_PORTS_OUT
25 permit tcp any dom_cont group dc_tcp_ports
30 comment SCCM_UDP_PORTS_IN
30 permit udp sccm_servers group sccm_udp_ports any
35 comment SCCM_UDP_PORTS_OUT
35 permit udp any sccm_servers group sccm_udp_ports
40 comment SCCM_TCP_PORTS_IN
40 permit tcp sccm_servers group sccm_tcp_ports any
45 comment SCCM_TCP_PORTS_OUT
45 permit tcp any sccm_servers group sccm_tcp_ports
50 comment UDP_137-138
50 permit udp any range 137 138 any
90 comment HTTP_IN
90 permit tcp any eq http any
95 comment HTTP_OUT
95 permit tcp any any eq http
100 comment HTTPS_IN
100 permit tcp any eq https any
105 comment HTTPS_OUT
105 permit tcp any any eq https
110 permit udp any eq dhcp-client any eq dhcp-server
120 permit udp any eq dhcp-server any eq dhcp-client
130 comment TFTP_IN
130 permit udp any any eq tftp
140 comment TFTP_OUT
140 permit udp any eq tftp any
150 comment PXE_BOOT
150 permit udp any eq 4011 any eq 4011
154 comment ClearPass_TCP_PORTS_IN
154 permit tcp clearpass_servers group clearpass_tcp_ports any
158 comment ClearPass_TCP_PORTS_OUT
158 permit tcp any clearpass_servers group clearpass_tcp_ports
160 deny any any any
access-list ip users-acl
10 deny any any 192.168.0.0/255.255.0.0
20 permit any any any
access-list log-timer 5
flow exporter ipfix-to-orion
destination 10.1.48.37 vrf default
template data timeout 60
transport udp 2055
flow record ipfix-record
match ipv4 destination address
match ipv4 protocol
match ipv4 source address
match ipv4 version
match transport destination port
match transport source port
collect counter bytes
collect counter packets
collect timestamp absolute first
collect timestamp absolute last
flow monitor ipfix-monitor
cache timeout active 60
exporter ipfix-to-orion
record ipfix-record
dhcpv4-snooping
dhcpv4-snooping option 82 untrusted-policy keep
vlan 1
vlan 10
name mgmt
vlan 20
name Data
dhcpv4-snooping
ip igmp snooping enable
vlan 30
name IoT
description IoT VLAN
dhcpv4-snooping
ip igmp snooping enable
vlan 35
name Wireless
description Wireless VLAN
dhcpv4-snooping
ip igmp snooping enable
vlan 50
name Voice
voice
description Voice VLAN
dhcpv4-snooping
ip igmp snooping enable
vlan 70
name Security
description Security VLAN
dhcpv4-snooping
ip igmp snooping enable
vlan 72
name AccessControl
description Access Control VLAN
dhcpv4-snooping
ip igmp snooping enable
vlan 168
name Default
description Default and Imaging VLAN
dhcpv4-snooping
ip igmp snooping enable
apply access-list ip Image-acl in
vlan 230
name HVAC
description HVAC VLAN
dhcpv4-snooping
ip igmp snooping enable
vlan 254
name transit
description Transit VLAN
dhcpv4-snooping
vlan 509
name CT-A
dhcpv4-snooping
vlan 519
name CT-B
dhcpv4-snooping
vlan 529
name SH-A
dhcpv4-snooping
vlan 539
name SH-B
dhcpv4-snooping
vlan 699
name NativeVLAN
vlan 3046
name ToCiscoRouter
dhcpv4-snooping
spanning-tree mode rpvst
spanning-tree
spanning-tree priority 2
spanning-tree trap topology-change instance 0
spanning-tree ignore-pvid-inconsistency
spanning-tree vlan 10,20,30,35,50,70,72,168,230,254,509,519,529,539,699,3046
spanning-tree vlan 509 priority 15
spanning-tree vlan 519 priority 15
spanning-tree vlan 529 priority 15
spanning-tree vlan 539 priority 15
interface mgmt
no shutdown
ip dhcp
ip udp-bcast-forward
qos queue-profile switchports
map queue 0 local-priority 0
map queue 1 local-priority 1
map queue 2 local-priority 2
map queue 3 local-priority 3
map queue 4 local-priority 4
map queue 5 local-priority 6
map queue 6 local-priority 7
map queue 7 local-priority 5
qos schedule-profile voip
dwrr queue 0 weight 1
dwrr queue 1 weight 1
dwrr queue 2 weight 1
dwrr queue 3 weight 1
dwrr queue 4 weight 1
dwrr queue 5 weight 1
dwrr queue 6 weight 1
strict queue 7
apply qos queue-profile switchports schedule-profile voip
qos trust dscp
qos dscp-map 40 local-priority 6 color green name CS5
qos dscp-map 41 local-priority 6 color green name CS5
qos dscp-map 42 local-priority 6 color green name CS5
qos dscp-map 43 local-priority 6 color green name CS5
qos dscp-map 44 local-priority 6 color green name CS5
qos dscp-map 45 local-priority 6 color green name CS5
qos dscp-map 47 local-priority 6 color green name CS5
interface lag 5
description Uplink to bright-mdf-a6300-sw1
no shutdown
no routing
vlan trunk native 699
vlan trunk allowed all
lacp mode active
dhcpv4-snooping trust
interface lag 256
description ISL link
no shutdown
no routing
vlan trunk native 699 tag
vlan trunk allowed all
lacp mode active
dhcpv4-snooping trust
interface 1/1/1
no shutdown
lag 5
interface 1/1/2
no shutdown
lag 5
interface 1/1/10
no shutdown
no routing
vlan trunk native 3046
vlan trunk allowed 10,3046
dhcpv4-snooping trust
interface 1/1/14
description Connected to NVR
no shutdown
no routing
vlan access 70
interface 1/1/15
description Connected to Voice Gateway
no shutdown
no routing
vlan access 50
interface 1/1/16
description Primary Link Connected to Ring_9
no shutdown
flow-control rxtx
no routing
vlan trunk native 699
vlan trunk allowed 509,519,529,539
dhcpv4-snooping trust
ip flow monitor ipfix-monitor in
interface 1/1/17
description ISL LAG
no shutdown
lag 256
interface 1/1/18
description ISL LAG
no shutdown
lag 256
interface loopback 0
ip address 10.46.254.254/32
ip ospf 1 area 0.0.0.209
interface vlan 1
shutdown
interface vlan 10
description NetworkManagement
ip address 192.168.46.1/24
ip ospf 1 area 0.0.0.209
interface vlan 20
ip address 10.46.1.1/21
ip helper-address 10.1.40.20
ip helper-address 10.1.40.115
ip helper-address 10.1.40.116
ip helper-address 10.1.40.117
ip helper-address 10.1.48.189
ip helper-address 10.21.48.20
ip ospf 1 area 0.0.0.209
ip igmp enable
ip pim-sparse enable
interface vlan 30
ip address 10.46.30.1/23
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
ip ospf 1 area 0.0.0.209
ip igmp enable
ip pim-sparse enable
interface vlan 35
ip address 10.46.35.1/24
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
ip ospf 1 area 0.0.0.209
ip igmp enable
ip pim-sparse enable
interface vlan 50
ip address 10.46.50.1/24
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
ip ospf 1 area 0.0.0.209
ip igmp enable
ip pim-sparse enable
interface vlan 70
ip address 10.46.70.1/23
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
ip ospf 1 area 0.0.0.209
ip igmp enable
ip pim-sparse enable
interface vlan 72
ip address 10.46.72.1/24
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
ip ospf 1 area 0.0.0.209
ip igmp enable
ip pim-sparse enable
interface vlan 168
ip address 10.46.168.1/22
ip helper-address 10.1.40.20
ip helper-address 10.1.40.115
ip helper-address 10.1.40.116
ip helper-address 10.1.40.117
ip helper-address 10.1.48.189
ip helper-address 10.21.48.20
ip ospf 1 area 0.0.0.209
ip igmp enable
ip pim-sparse enable
interface vlan 230
ip address 10.46.230.1/27
ip helper-address 10.1.40.20
ip helper-address 10.21.48.20
ip ospf 1 area 0.0.0.209
ip igmp enable
ip pim-sparse enable
interface vlan 509
description ring9_ct-a
ip address 10.250.209.46/24
ip ospf 1 area 0.0.0.0
no ip ospf passive
ip ospf cost 3000
ip pim-sparse enable
interface vlan 519
description ring9_ct-b
ip address 10.254.219.46/24
ip ospf 1 area 0.0.0.0
no ip ospf passive
ip ospf cost 4000
ip pim-sparse enable
interface vlan 529
description ring9_sh-a
ip address 10.254.229.46/24
ip ospf 1 area 0.0.0.0
no ip ospf passive
ip ospf cost 1000
ip pim-sparse enable
interface vlan 539
description ring9_sh-b
ip address 10.254.239.46/24
ip ospf 1 area 0.0.0.0
no ip ospf passive
ip ospf cost 2000
ip pim-sparse enable
interface vlan 3046
ip address 192.168.146.6/24
snmp-server vrf default
snmp-server system-description bright-mdf-a8360-sw1
snmp-server system-location 466Brighton
snmp-server system-contact Tim Marris
snmp-server community mickey03
ip route 0.0.0.0/0 192.168.146.5 distance 200
ip dns domain-name scsd.ad
ip dns server-address 10.1.40.10
ip dns server-address 10.21.48.10
!
!
!
!
!
router ospf 1
router-id 10.46.254.254
passive-interface default
area 0.0.0.0
area 0.0.0.209
area 0.0.0.209 range 10.46.0.0/16 type inter-area
area 0.0.0.209 range 192.168.46.0/24 type inter-area
router pim
enable
rp-address 10.1.0.1
ip source-interface all interface vlan10
https-server vrf default
https-server vrf mgmt
configuration-lockout central managed

6
configs/elmwood/elmwood-mdf-4507.cfg
View File

@ -1,8 +1,8 @@
Building configuration...
Current configuration : 35202 bytes
Current configuration : 35203 bytes
!
! Last configuration change at 11:17:59 EST Fri Jan 9 2026 by estein66.admin
! Last configuration change at 13:38:42 EST Mon Jan 12 2026 by estein66.admin
! NVRAM config last updated at 13:32:51 EDT Thu Sep 18 2025 by bmaccl09.admin
!
version 15.2
@ -460,7 +460,7 @@ interface TenGigabitEthernet3/8
!
interface GigabitEthernet5/1
description UPS
switchport access vlan 20
switchport access vlan 10
switchport mode access
spanning-tree portfast edge
spanning-tree bpduguard enable

8
configs/steam/steam-idf6-a6300-sw1.cfg
View File

@ -1843,14 +1843,6 @@ interface 2/1/12
spanning-tree tcn-guard
loop-protect
port-access onboarding-method concurrent enable
aaa authentication port-access allow-cdp-bpdu
aaa authentication port-access allow-lldp-bpdu
aaa authentication port-access client-limit 3
aaa authentication port-access dot1x authenticator
cached-reauth
cached-reauth-period 86400
reauth
enable
client track ip enable
client track ip update-interval 120
power-over-ethernet pre-std-detect