seymour/seymour-mdf-4507.cfg Thu Apr 2 08:32:37 PM EDT 2026

ct/ct-noc-a8360-6-a.cfg Thu Apr 2 08:32:37 PM EDT 2026
ct/ct-noc-a8360-6-b.cfg Thu Apr 2 08:32:37 PM EDT 2026
2026-04-02 20:32:39 -04:00 · 2026-04-02 20:32:39 -04:00 · 2026-04-02 20:32:39 -04:00 · 2026-04-02 20:32:38 -04:00 · 2026-04-02 20:32:38 -04:00 · 2026-04-02 20:32:38 -04:00
14 changed files with 103 additions and 98 deletions
--- a/configs/ct/ct-noc-a8360-6-a.cfg
+++ b/configs/ct/ct-noc-a8360-6-a.cfg
@ -743,6 +743,12 @@ interface lag 256
    vlan trunk native 699 tag
    vlan trunk allowed all
    lacp mode active
+interface 1/1/1
+    description DP01 cab 26
+    no shutdown
+    mtu 9198
+    no routing
+    vlan access 48
 interface 1/1/2
    description cab15-ups C15U02 C15P19
    no shutdown
--- a/configs/ct/ct-noc-a8360-6-b.cfg
+++ b/configs/ct/ct-noc-a8360-6-b.cfg
@ -744,9 +744,11 @@ interface lag 256
    vlan trunk allowed all
    lacp mode active
 interface 1/1/1
+    description DP01 cab 26
    no shutdown
+    mtu 9198
    no routing
-    vlan access 35
+    vlan access 48
 interface 1/1/34
    description AV500046 C26U24 C26P23
    no shutdown
--- a/configs/itc/itc-idf1-a6300-sw1.cfg
+++ b/configs/itc/itc-idf1-a6300-sw1.cfg
@ -7049,6 +7049,7 @@ interface 6/1/8
 interface 6/1/9
    description Imaging
    no shutdown
+    mtu 9198
    no routing
    vlan access 21
    spanning-tree bpdu-guard
--- a/configs/rober/rober-mdf-a8360-sw1.cfg
+++ b/configs/rober/rober-mdf-a8360-sw1.cfg
@ -139,15 +139,13 @@ access-list ip Image-acl
    158 permit tcp any clearpass_servers group clearpass_tcp_ports
    160 deny any any any
 access-list ip hvac-acl
-    10 permit any 10.42.230.0/255.255.255.224 day-enterprise-servers
-    20 permit udp 10.42.230.0/255.255.255.224 dns-servers eq dns
-    30 permit udp 10.42.230.0/255.255.255.224 ntp-servers eq ntp
-    40 permit icmp 10.42.230.0/255.255.255.252 10.42.230.0/255.255.255.224
-    50 permit icmp 10.42.230.0/255.255.255.224 10.42.230.0/255.255.255.252
-    60 deny any any 10.0.0.0/255.0.0.0
-    70 deny any any 192.168.0.0/255.255.0.0
-    80 deny any any 172.16.0.0/255.240.0.0
-    90 permit tcp 10.42.230.0/255.255.255.224 any eq 587 log count
+    10 permit any any 10.1.230.11
+    20 permit any any 10.1.40.108
+    30 permit udp any any eq dns
+    40 deny any any 10.0.0.0/255.0.0.0
+    50 deny any any 192.168.0.0/255.255.0.0
+    60 deny any any 172.16.0.0/255.240.0.0
+    70 permit tcp any any eq 587 log count
 access-list ip users-acl
    10 deny any any 192.168.0.0/255.255.0.0
    20 permit any any any
@ -419,6 +417,7 @@ interface vlan 230
    ip helper-address 10.1.40.20
    ip helper-address 10.21.48.20
    ip ospf 1 area 0.0.0.201
+    apply access-list ip hvac-acl routed-in
    ip igmp enable
    ip pim-sparse enable
 interface vlan 254
--- a/configs/rober/rober-mdf-a8360-sw2.cfg
+++ b/configs/rober/rober-mdf-a8360-sw2.cfg
@ -139,15 +139,13 @@ access-list ip Image-acl
    158 permit tcp any clearpass_servers group clearpass_tcp_ports
    160 deny any any any
 access-list ip hvac-acl
-    10 permit any 10.42.230.0/255.255.255.224 day-enterprise-servers
-    20 permit udp 10.42.230.0/255.255.255.224 dns-servers eq dns
-    30 permit udp 10.42.230.0/255.255.255.224 ntp-servers eq ntp
-    40 permit icmp 10.42.230.0/255.255.255.252 10.42.230.0/255.255.255.224
-    50 permit icmp 10.42.230.0/255.255.255.224 10.42.230.0/255.255.255.252
-    60 deny any any 10.0.0.0/255.0.0.0
-    70 deny any any 192.168.0.0/255.255.0.0
-    80 deny any any 172.16.0.0/255.240.0.0
-    90 permit tcp 10.42.230.0/255.255.255.224 any eq 587 log count
+    10 permit any any 10.1.230.11
+    20 permit any any 10.1.40.108
+    30 permit udp any any eq dns
+    40 deny any any 10.0.0.0/255.0.0.0
+    50 deny any any 192.168.0.0/255.255.0.0
+    60 deny any any 172.16.0.0/255.240.0.0
+    70 permit tcp any any eq 587 log count
 access-list ip users-acl
    10 deny any any 192.168.0.0/255.255.0.0
    20 permit any any any
@ -420,6 +418,7 @@ interface vlan 230
    ip helper-address 10.1.40.20
    ip helper-address 10.21.48.20
    ip ospf 1 area 0.0.0.201
+    apply access-list ip hvac-acl routed-in
    ip igmp enable
    ip pim-sparse enable
 interface vlan 254
--- a/configs/salem_h/salem_h-4507-1.cfg
+++ b/configs/salem_h/salem_h-4507-1.cfg
@ -1,9 +1,9 @@
 Building configuration...

-Current configuration : 34320 bytes
+Current configuration : 34104 bytes
 !
-! Last configuration change at 07:42:30 EDT Tue Mar 31 2026 by jpoland.oa
-! NVRAM config last updated at 07:42:31 EDT Tue Mar 31 2026 by jpoland.oa
+! Last configuration change at 08:29:40 EDT Thu Apr 2 2026 by jkafta72.admin
+! NVRAM config last updated at 08:29:27 EDT Thu Apr 2 2026 by jkafta72.admin
 !
 version 15.2
 no service pad
@ -1057,7 +1057,7 @@ interface Vlan107
 !
 interface Vlan230
 ip address 10.30.230.1 255.255.255.224
- ip access-group hvac in
+ ip access-group hvac-acl in
 !
 interface Vlan233
 ip address 10.30.233.1 255.255.255.0
@ -1165,16 +1165,14 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit udp any any eq 1575
 permit tcp any any eq 1630
 permit udp any any eq 1630
-ip access-list extended hvac
- permit ip 10.30.230.0 0.0.0.31 object-group day-enterprise-servers
- permit udp 10.30.230.0 0.0.0.31 object-group dns-servers eq domain
- permit udp 10.30.230.0 0.0.0.31 object-group ntp-servers eq ntp
- permit icmp 10.30.230.0 0.0.0.31 host 10.30.230.1
- permit icmp host 10.30.230.1 10.30.230.0 0.0.0.31
- deny   ip any 10.0.0.0 0.255.255.255
+ip access-list extended hvac-acl
+ permit ip any host 10.1.230.11
+ permit ip any host 10.1.40.108
+ permit udp any any eq domain
+ deny   ip any 10.0.0.0 0.0.0.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
- permit tcp 10.30.230.0 0.0.0.31 any eq 587 log-input
+ permit tcp any any eq 587 log count
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
--- a/configs/seymour/seymour-mdf-4507.cfg
+++ b/configs/seymour/seymour-mdf-4507.cfg
@ -1,9 +1,9 @@
 Building configuration...

-Current configuration : 21259 bytes
+Current configuration : 21043 bytes
 !
-! Last configuration change at 07:42:45 EDT Tue Mar 31 2026 by jpoland.oa
-! NVRAM config last updated at 07:42:45 EDT Tue Mar 31 2026 by jpoland.oa
+! Last configuration change at 08:30:40 EDT Thu Apr 2 2026 by jkafta72.admin
+! NVRAM config last updated at 08:30:35 EDT Thu Apr 2 2026 by jkafta72.admin
 !
 version 15.2
 no service pad
@ -645,7 +645,7 @@ interface Vlan107
 !
 interface Vlan230
 ip address 10.44.230.1 255.255.255.224
- ip access-group hvac in
+ ip access-group hvac-acl in
 !
 interface Vlan233
 ip address 10.44.233.1 255.255.255.0
@ -752,16 +752,14 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit udp any any eq 1575
 permit tcp any any eq 1630
 permit udp any any eq 1630
-ip access-list extended hvac
- permit ip 10.44.230.0 0.0.0.31 object-group day-enterprise-servers
- permit udp 10.44.230.0 0.0.0.31 object-group dns-servers eq domain
- permit udp 10.44.230.0 0.0.0.31 object-group ntp-servers eq ntp
- permit icmp 10.44.230.0 0.0.0.31 host 10.44.230.1
- permit icmp host 10.44.230.1 10.44.230.0 0.0.0.31
- deny   ip any 10.0.0.0 0.255.255.255
+ip access-list extended hvac-acl
+ permit ip any host 10.1.230.11
+ permit ip any host 10.1.40.108
+ permit udp any any eq domain
+ deny   ip any 10.0.0.0 0.0.0.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
- permit tcp 10.44.230.0 0.0.0.31 any eq 587 log-input
+ permit tcp any any eq 587 log count
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
--- a/configs/shea/shea-4507-1.cfg
+++ b/configs/shea/shea-4507-1.cfg
@ -1,9 +1,9 @@
 Building configuration...

-Current configuration : 36279 bytes
+Current configuration : 36055 bytes
 !
-! Last configuration change at 09:47:46 EDT Tue Mar 31 2026 by tmarri81.admin
-! NVRAM config last updated at 09:47:49 EDT Tue Mar 31 2026 by tmarri81.admin
+! Last configuration change at 08:32:06 EDT Thu Apr 2 2026 by jkafta72.admin
+! NVRAM config last updated at 08:31:48 EDT Thu Apr 2 2026 by jkafta72.admin
 !
 version 15.2
 no service pad
@ -1111,7 +1111,7 @@ interface Vlan107
 !
 interface Vlan230
 ip address 10.14.230.1 255.255.255.224
- ip access-group hvac in
+ ip access-group hvac-acl in
 !
 interface Vlan501
 description to Ring
@ -1217,16 +1217,14 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit udp any any eq 1575
 permit tcp any any eq 1630
 permit udp any any eq 1630
-ip access-list extended hvac
- permit ip 10.14.230.0 0.0.0.31 object-group day-enterprise-servers
- permit udp 10.14.230.0 0.0.0.31 object-group dns-servers eq domain
- permit udp 10.14.230.0 0.0.0.31 object-group ntp-servers eq ntp
- permit icmp 10.14.230.0 0.0.0.31 host 10.14.230.1
- permit icmp host 10.14.230.1 10.14.230.0 0.0.0.31
- deny   ip any 10.0.0.0 0.255.255.255
+ip access-list extended hvac-acl
+ permit ip any host 10.1.230.11
+ permit ip any host 10.1.40.108
+ permit udp any any eq domain
+ deny   ip any 10.0.0.0 0.0.0.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
- permit tcp 10.14.230.0 0.0.0.31 any eq 587 log-input
+ permit tcp any any eq 587 log count
 ip access-list extended sbhc-acl
 remark School Based Health Center ACL
 permit ip 10.53.107.0 0.0.0.255 10.107.49.0 0.0.0.255
--- a/configs/shea/shea-noc-a6300-sw1.cfg
+++ b/configs/shea/shea-noc-a6300-sw1.cfg
@ -517,10 +517,10 @@ interface 1/1/22
    client track ip update-interval 120
    power-over-ethernet pre-std-detect
 interface 1/1/23
-    description Primex
+    description Test AP
    no shutdown
    no routing
-    vlan access 30
+    vlan access 20
    spanning-tree port-type admin-edge
 interface 1/1/24
    description VuWall
@ -1095,19 +1095,9 @@ interface 2/1/18
    loop-protect
    power-over-ethernet pre-std-detect
 interface 2/1/19
-    description Voice
    no shutdown
    no routing
-    vlan access 50
-    spanning-tree bpdu-guard
-    spanning-tree port-type admin-edge
-    spanning-tree root-guard
-    spanning-tree tcn-guard
-    loop-protect
-    port-access onboarding-method concurrent enable
-    client track ip enable
-    client track ip update-interval 120
-    power-over-ethernet pre-std-detect
+    vlan access 20
 interface 2/1/20
    description Clock
    no shutdown
--- a/configs/steam/steam-a8360-sw1.cfg
+++ b/configs/steam/steam-a8360-sw1.cfg
@ -128,6 +128,14 @@ access-list ip Image-acl
    158 comment ClearPass_TCP_PORTS_OUT
    158 permit tcp any clearpass_servers group clearpass_tcp_ports
    160 deny any any any
+access-list ip hvac-acl
+    10 permit any any 10.1.230.11
+    20 permit any any 10.1.40.108
+    30 permit udp any any eq dns
+    40 deny any any 10.0.0.0/255.0.0.0
+    50 deny any any 192.168.0.0/255.255.0.0
+    60 deny any any 172.16.0.0/255.240.0.0
+    70 permit tcp any any eq 587 log count
 access-list ip users-acl
    10 deny any any 192.168.0.0/255.255.0.0
    20 permit any any any
@ -459,6 +467,7 @@ interface vlan 230
    ip helper-address 10.1.40.20
    ip helper-address 10.21.48.20
    ip ospf 1 area 0.0.0.209
+    apply access-list ip hvac-acl routed-in
    ip igmp enable
    ip pim-sparse enable
 interface vlan 254
--- a/configs/steam/steam-a8360-sw2.cfg
+++ b/configs/steam/steam-a8360-sw2.cfg
@ -128,6 +128,14 @@ access-list ip Image-acl
    158 comment ClearPass_TCP_PORTS_OUT
    158 permit tcp any clearpass_servers group clearpass_tcp_ports
    160 deny any any any
+access-list ip hvac-acl
+    10 permit any any 10.1.230.11
+    20 permit any any 10.1.40.108
+    30 permit udp any any eq dns
+    40 deny any any 10.0.0.0/255.0.0.0
+    50 deny any any 192.168.0.0/255.255.0.0
+    60 deny any any 172.16.0.0/255.240.0.0
+    70 permit tcp any any eq 587 log count
 access-list ip users-acl
    10 deny any any 192.168.0.0/255.255.0.0
    20 permit any any any
@ -460,6 +468,7 @@ interface vlan 230
    ip helper-address 10.1.40.20
    ip helper-address 10.21.48.20
    ip ospf 1 area 0.0.0.209
+    apply access-list ip hvac-acl routed-in
    ip igmp enable
    ip pim-sparse enable
 interface vlan 254
--- a/configs/vanduyn/vanduyn-mdf-a8360-sw1.cfg
+++ b/configs/vanduyn/vanduyn-mdf-a8360-sw1.cfg
@ -138,15 +138,13 @@ access-list ip Image-acl
    158 permit tcp any clearpass_servers group clearpass_tcp_ports
    160 deny any any any
 access-list ip hvac-acl
-    10 permit any 10.49.230.0/255.255.255.224 day-enterprise-servers
-    20 permit udp 10.49.230.0/255.255.255.224 dns-servers eq dns
-    30 permit udp 10.49.230.0/255.255.255.224 ntp-servers eq ntp
-    40 permit icmp 10.49.230.0/255.255.255.252 10.49.230.0/255.255.255.224
-    50 permit icmp 10.49.230.0/255.255.255.224 10.49.230.0/255.255.255.252
-    60 deny any any 10.0.0.0/255.0.0.0
-    70 deny any any 192.168.0.0/255.255.0.0
-    80 deny any any 172.16.0.0/255.240.0.0
-    90 permit tcp 10.49.230.0/255.255.255.224 any eq 587 log count
+    10 permit any any 10.1.230.11
+    20 permit any any 10.1.40.108
+    30 permit udp any any eq dns
+    40 deny any any 10.0.0.0/255.0.0.0
+    50 deny any any 192.168.0.0/255.255.0.0
+    60 deny any any 172.16.0.0/255.240.0.0
+    70 permit tcp any any eq 587 log count
 access-list ip users-acl
    10 deny any any 192.168.0.0/255.255.0.0
    20 permit any any any
@ -457,6 +455,7 @@ interface vlan 230
    ip helper-address 10.1.40.20
    ip helper-address 10.21.48.20
    ip ospf 1 area 0.0.0.202
+    apply access-list ip hvac-acl routed-in
    ip igmp enable
    ip pim-sparse enable
 interface vlan 233
--- a/configs/vanduyn/vanduyn-mdf-a8360-sw2.cfg
+++ b/configs/vanduyn/vanduyn-mdf-a8360-sw2.cfg
@ -138,15 +138,13 @@ access-list ip Image-acl
    158 permit tcp any clearpass_servers group clearpass_tcp_ports
    160 deny any any any
 access-list ip hvac-acl
-    10 permit any 10.49.230.0/255.255.255.224 day-enterprise-servers
-    20 permit udp 10.49.230.0/255.255.255.224 dns-servers eq dns
-    30 permit udp 10.49.230.0/255.255.255.224 ntp-servers eq ntp
-    40 permit icmp 10.49.230.0/255.255.255.252 10.49.230.0/255.255.255.224
-    50 permit icmp 10.49.230.0/255.255.255.224 10.49.230.0/255.255.255.252
-    60 deny any any 10.0.0.0/255.0.0.0
-    70 deny any any 192.168.0.0/255.255.0.0
-    80 deny any any 172.16.0.0/255.240.0.0
-    90 permit tcp 10.49.230.0/255.255.255.224 any eq 587 log count
+    10 permit any any 10.1.230.11
+    20 permit any any 10.1.40.108
+    30 permit udp any any eq dns
+    40 deny any any 10.0.0.0/255.0.0.0
+    50 deny any any 192.168.0.0/255.255.0.0
+    60 deny any any 172.16.0.0/255.240.0.0
+    70 permit tcp any any eq 587 log count
 access-list ip users-acl
    10 deny any any 192.168.0.0/255.255.0.0
    20 permit any any any
@ -458,6 +456,7 @@ interface vlan 230
    ip helper-address 10.1.40.20
    ip helper-address 10.21.48.20
    ip ospf 1 area 0.0.0.202
+    apply access-list ip hvac-acl routed-in
    ip igmp enable
    ip pim-sparse enable
 interface vlan 233
--- a/configs/webster/webster-4507-1.cfg
+++ b/configs/webster/webster-4507-1.cfg
@ -1,9 +1,9 @@
 Building configuration...

-Current configuration : 39119 bytes
+Current configuration : 38903 bytes
 !
-! Last configuration change at 07:43:04 EDT Tue Mar 31 2026 by jpoland.oa
-! NVRAM config last updated at 07:43:04 EDT Tue Mar 31 2026 by jpoland.oa
+! Last configuration change at 08:40:43 EDT Thu Apr 2 2026 by jkafta72.admin
+! NVRAM config last updated at 08:40:35 EDT Thu Apr 2 2026 by jkafta72.admin
 !
 version 15.2
 no service pad
@ -1189,7 +1189,7 @@ interface Vlan107
 !
 interface Vlan230
 ip address 10.51.230.1 255.255.255.224
- ip access-group hvac in
+ ip access-group hvac-acl in
 !
 interface Vlan233
 ip address 10.51.233.1 255.255.255.0
@ -1294,16 +1294,14 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit udp any any eq 1575
 permit tcp any any eq 1630
 permit udp any any eq 1630
-ip access-list extended hvac
- permit ip 10.51.230.0 0.0.0.31 object-group day-enterprise-servers
- permit udp 10.51.230.0 0.0.0.31 object-group dns-servers eq domain
- permit udp 10.51.230.0 0.0.0.31 object-group ntp-servers eq ntp
- permit icmp 10.51.230.0 0.0.0.31 host 10.51.230.1
- permit icmp host 10.51.230.1 10.51.230.0 0.0.0.31
- deny   ip any 10.0.0.0 0.255.255.255
+ip access-list extended hvac-acl
+ permit ip any host 10.1.230.11
+ permit ip any host 10.1.40.108
+ permit udp any any eq domain
+ deny   ip any 10.0.0.0 0.0.0.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
- permit tcp 10.51.230.0 0.0.0.31 any eq 587 log-input
+ permit tcp any any eq 587 log count
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
Author	SHA1	Message	Date
John Poland	b343f38f09	seymour/seymour-mdf-4507.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:39 -04:00
John Poland	7a413b7ff1	ct/ct-noc-a8360-6-a.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:39 -04:00
John Poland	67f39696d6	ct/ct-noc-a8360-6-b.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:39 -04:00
John Poland	7ff5c514f7	shea/shea-noc-a6300-sw1.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:38 -04:00
John Poland	cf0dd29138	shea/shea-4507-1.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:38 -04:00
John Poland	4a897f0c5f	webster/webster-4507-1.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:38 -04:00
John Poland	de871e5275	salem_h/salem_h-4507-1.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:38 -04:00
John Poland	5923d92a82	steam/steam-a8360-sw1.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:38 -04:00
John Poland	1b131d413d	steam/steam-a8360-sw2.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:38 -04:00
John Poland	10b8ec2829	itc/itc-idf1-a6300-sw1.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:38 -04:00
John Poland	3a3a84f9f3	rober/rober-mdf-a8360-sw1.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:37 -04:00
John Poland	8c675f608f	rober/rober-mdf-a8360-sw2.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:37 -04:00
John Poland	885a5dfc1e	vanduyn/vanduyn-mdf-a8360-sw1.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:37 -04:00
John Poland	277055c70d	vanduyn/vanduyn-mdf-a8360-sw2.cfg Thu Apr 2 08:32:37 PM EDT 2026	2026-04-02 20:32:37 -04:00