sh/sh-noc-ilo-a6300-b.cfg Fri Mar 6 08:33:10 PM EST 2026

configs/corcoran/corcoran-mdf-4507.cfg

@@ -1,8 +1,9 @@
 Building configuration...
 
-Current configuration : 32558 bytes
+Current configuration : 32633 bytes
 !
-! Last configuration change at 15:58:02 EST Wed Feb 18 2026 by josoto73.admin
+! Last configuration change at 14:08:58 EST Fri Mar 6 2026 by estein66.admin
+! NVRAM config last updated at 14:09:28 EST Fri Mar 6 2026 by estein66.admin
 !
 version 15.2
 no service pad
@@ -1170,7 +1171,7 @@ line vty 5 15
  transport preferred ssh
  transport input ssh
 !
-ntp server 10.1.1.2 prefer
-ntp server 10.1.1.3
+ntp server 10.1.40.154
+ntp server 10.1.48.103
 !
 end

configs/fortigate/vdom_scsd/firewall.cfg

@@ -2834,6 +2834,9 @@ config firewall address
         set comment "used for Day Automation/HVAC notifications"
         set fqdn "email-smtp.us-east-1.amazonaws.com"
     next
+    edit "SheaVLAN230"
+        set subnet 10.14.230.0 255.255.255.224
+    next
 end
 config firewall multicast-address
     edit "all_hosts"
@@ -3044,6 +3047,9 @@ config firewall addrgrp
     edit "NOCTI_Inside"
         set member "Shea_Secure_Wireless" "Shea_VLAN_6" "Corcoran_VLAN_20" "Corcoran_Secure_Wireless"
     next
+    edit "VLAN230AddrGroup"
+        set member "SheaVLAN230"
+    next
 end
 config firewall wildcard-fqdn custom
     edit "g-Adobe Login"
@@ -5483,6 +5489,25 @@ config firewall policy
         set ippool enable
         set poolname "ippool-198.36.23.251"
     next
+    edit 127
+        set name "DAY-AUTO-EMAIL-ALERTS"
+        set srcintf "inside"
+        set dstintf "outside"
+        set action accept
+        set srcaddr "VLAN230AddrGroup"
+        set dstaddr "Amazon SMTP East-1"
+        set schedule "always"
+        set service "TCP-587"
+        set utm-status enable
+        set ssl-ssh-profile "certificate-inspection"
+        set av-profile "g-default"
+        set ips-sensor "Outgoing_IPS"
+        set application-list "App_Ctrl_1"
+        set logtraffic all
+        set nat enable
+        set ippool enable
+        set poolname "ippool-198.36.23.251" "ippool-198.36.23.252" "ippool-198.36.23.253" "ippool-198.36.23.254"
+    next
     edit 106
         set name "Internet Access"
         set srcintf "inside" "RAP"

configs/sh/sh-noc-a8360-1-a.cfg

@@ -832,6 +832,7 @@ interface 1/1/36
     description ISL LAG
     no shutdown
     lag 256
+interface vlan 10
 snmp-server vrf default
 snmp-server vrf mgmt
 snmp-server system-description sh-noc-8360-1-a

configs/sh/sh-noc-ilo-a6300-a.cfg

@@ -105,11 +105,25 @@ interface 1/1/1
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/2
     description iLo_NVR2_Row1_Rack3
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/3
     description DC04-iLo
     no shutdown
@@ -120,86 +134,205 @@ interface 1/1/4
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/5
     description iLo_NVR5_Row1_Rack3
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/6
     description iLo_NVR1_Row1_Rack4
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/7
     description iLo_NVR2_Row1_Rack4
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/8
     description iLo_NVR3_Row1_Rack4
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/9
     description iLo_NVR4_Row1_Rack4
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/10
     description iLo_NVR5_Row1_Rack4
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/11
     description iLo_NVR1_Row1_Rack5
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/12
     description iLo_NVR2_Row1_Rack5
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/13
     description iLo_NVR3_Row1_Rack5
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/14
     description iLo_NVR4_Row1_Rack5
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/15
     description iLo_NVR5_Row1_Rack5
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/16
     description iLo_NVR1_Row1_Rack6
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/17
     description iLo_NVR2_Row1_Rack6
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/18
     description iLo_NVR3_Row1_Rack6
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/19
     description iLo_NVR4_Row1_Rack6
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/20
     description iLo_NVR5_Row1_Rack6
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/21
     no shutdown
     no routing

configs/sh/sh-noc-ilo-a6300-b.cfg

@@ -105,101 +105,241 @@ interface 1/1/1
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/2
     description iLo_NVR7_Row1_Rack3
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/3
     description iLo_NVR8_Row1_Rack3
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/4
     description iLo_NVR9_Row1_Rack3
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/5
     description iLo_NVR10_Row1_Rack3
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/6
     description iLo_NVR6_Row1_Rack4
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/7
     description iLo_NVR7_Row1_Rack4
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/8
     description iLo_NVR8_Row1_Rack4
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/9
     description iLo_NVR9_Row1_Rack4
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/10
     description iLo_NVR10_Row1_Rack4
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/11
     description iLo_NVR6_Row1_Rack5
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/12
     description iLo_NVR7_Row1_Rack5
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/13
     description iLo_NVR8_Row1_Rack5
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/14
     description iLo_NVR9_Row1_Rack5
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/15
     description iLo_NVR10_Row1_Rack5
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/16
     description iLo_NVR6_Row1_Rack6
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/17
     description iLo_NVR7_Row1_Rack6
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/18
     description iLo_NVR8_Row1_Rack6
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/19
     description iLo_NVR9_Row1_Rack6
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/20
     description iLo_NVR10_Row1_Rack6
     no shutdown
     no routing
     vlan access 10
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+    spanning-tree root-guard
+    spanning-tree tcn-guard
+    loop-protect
+    client track ip enable
+    client track ip update-interval 120
 interface 1/1/21
     no shutdown
     no routing

configs/shea/shea-4507-1.cfg

@@ -1,9 +1,9 @@
 Building configuration...
 
-Current configuration : 34910 bytes
+Current configuration : 35730 bytes
 !
-! Last configuration change at 10:25:00 EST Wed Feb 11 2026 by swalts49.admin
-! NVRAM config last updated at 10:25:01 EST Wed Feb 11 2026 by swalts49.admin
+! Last configuration change at 15:42:07 EST Fri Mar 6 2026 by estein66.admin
+! NVRAM config last updated at 15:42:18 EST Fri Mar 6 2026 by estein66.admin
 !
 version 15.2
 no service pad
@@ -92,12 +92,26 @@ archive
  path bootflash:
  maximum 5
 file privilege 10
+object-group network day-enterprise-servers 
+ description day-enterprise-servers
+ host 10.1.230.11
+ host 10.1.40.108
+!
+object-group network dns-servers 
+ description Internal-DNS-Servers
+ host 10.1.40.10
+ host 10.1.48.11
+!
 object-group network netadmin-hosts 
  description SCSD Network Administrators Hosts
  host 10.1.6.20
  host 10.1.6.126
  host 10.1.6.32
 !
+object-group network ntp-servers 
+ host 10.1.40.154
+ host 10.1.48.103
+!
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@@ -1080,6 +1094,7 @@ interface Vlan107
 !
 interface Vlan230
  ip address 10.14.230.1 255.255.255.224
+ ip access-group hvac in
 !
 interface Vlan501
  description to Ring
@@ -1185,6 +1200,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
  permit udp any any eq 1575
  permit tcp any any eq 1630
  permit udp any any eq 1630
+ip access-list extended hvac
+ permit ip 10.14.230.0 0.0.0.31 object-group day-enterprise-servers
+ permit udp 10.14.230.0 0.0.0.31 object-group dns-servers eq domain
+ permit udp 10.14.230.0 0.0.0.31 object-group ntp-servers eq ntp
+ permit icmp 10.14.230.0 0.0.0.31 host 10.14.230.1
+ permit icmp host 10.14.230.1 10.14.230.0 0.0.0.31
+ deny   ip any 10.0.0.0 0.255.255.255
+ deny   ip any 192.168.0.0 0.0.255.255
+ deny   ip any 172.16.0.0 0.15.255.255
+ permit tcp 10.14.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended sbhc-acl
  remark School Based Health Center ACL
  permit ip 10.53.107.0 0.0.0.255 10.107.49.0 0.0.0.255