delaware/delaware-mdf-4507.cfg Tue Mar 10 08:33:24 PM EDT 2026

lincol/lincol-4507-1.cfg Tue Mar 10 08:33:24 PM EDT 2026
belle/belle-4507-1.cfg Tue Mar 10 08:33:24 PM EDT 2026
2026-03-10 20:33:26 -04:00 · 2026-03-10 20:33:26 -04:00 · 2026-03-10 20:33:26 -04:00 · 2026-03-10 20:33:26 -04:00 · 2026-03-10 20:33:26 -04:00 · 2026-03-10 20:33:26 -04:00
16 changed files with 933 additions and 507 deletions
--- a/configs/belle/belle-4507-1.cfg
+++ b/configs/belle/belle-4507-1.cfg
@ -1,8 +1,9 @@
 Building configuration...
-Current configuration : 30094 bytes
+Current configuration : 31083 bytes
 !
-! Last configuration change at 10:37:42 EST Fri Jan 9 2026
+! Last configuration change at 14:59:15 EDT Tue Mar 10 2026 by estein66.admin
 ! NVRAM config last updated at 14:59:33 EDT Tue Mar 10 2026 by estein66.admin
 !
 version 15.2
 no service pad
@ -112,6 +113,20 @@ archive
 path bootflash:
 maximum 5
 file privilege 10
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@ -915,6 +930,11 @@ interface Vlan72
 interface Vlan107
 no ip address
 !
 interface Vlan230
 ip address 10.16.230.1 255.255.255.224
 ip access-group hvac in
 shutdown
 !
 interface Vlan233
 ip address 10.16.233.1 255.255.255.0
 !
@ -1024,6 +1044,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit udp any any eq 1575
 permit tcp any any eq 1630
 permit udp any any eq 1630
 ip access-list extended hvac
 permit ip 10.16.230.0 0.0.0.31 object-group day-enterprise-servers
 permit udp 10.16.230.0 0.0.0.31 object-group dns-servers eq domain
 permit udp 10.16.230.0 0.0.0.31 object-group ntp-servers eq ntp
 permit icmp 10.16.230.0 0.0.0.31 host 10.16.230.1
 permit icmp host 10.16.230.1 10.16.230.0 0.0.0.31
 deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.16.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
--- a/configs/delaware/delaware-mdf-4507.cfg
+++ b/configs/delaware/delaware-mdf-4507.cfg
@ -1,8 +1,8 @@
 Building configuration...
-Current configuration : 37672 bytes
+Current configuration : 37673 bytes
 !
-! Last configuration change at 16:13:28 EDT Mon Mar 9 2026 by estein66.admin
+! Last configuration change at 08:28:55 EDT Tue Mar 10 2026 by bmaccl09.admin
 ! NVRAM config last updated at 16:13:32 EDT Mon Mar 9 2026 by estein66.admin
 !
 version 15.2
--- a/configs/elmwood/elmwood-mdf-4507.cfg
+++ b/configs/elmwood/elmwood-mdf-4507.cfg
@ -1,9 +1,9 @@
 Building configuration...
-Current configuration : 35203 bytes
+Current configuration : 36025 bytes
 !
-! Last configuration change at 13:38:42 EST Mon Jan 12 2026 by estein66.admin
+! Last configuration change at 08:42:20 EDT Tue Mar 10 2026 by estein66.admin
-! NVRAM config last updated at 13:32:51 EDT Thu Sep 18 2025 by bmaccl09.admin
+! NVRAM config last updated at 08:42:57 EDT Tue Mar 10 2026 by estein66.admin
 !
 version 15.2
 no service pad
@ -116,6 +116,20 @@ archive
 path bootflash:
 maximum 5
 file privilege 10
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@ -1083,6 +1097,7 @@ interface Vlan107
 !
 interface Vlan230
 ip address 10.23.230.1 255.255.255.224
 ip access-group hvac in
 !
 interface Vlan233
 ip address 10.23.233.1 255.255.255.0
@ -1186,6 +1201,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit udp any any eq 1575
 permit tcp any any eq 1630
 permit udp any any eq 1630
 ip access-list extended hvac
 permit ip 10.23.230.0 0.0.0.31 object-group day-enterprise-servers
 permit udp 10.23.230.0 0.0.0.31 object-group dns-servers eq domain
 permit udp 10.23.230.0 0.0.0.31 object-group ntp-servers eq ntp
 permit icmp 10.23.230.0 0.0.0.31 host 10.23.230.1
 permit icmp host 10.23.230.1 10.23.230.0 0.0.0.31
 deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.23.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
--- a/configs/fortigate/fortigate.conf
+++ b/configs/fortigate/fortigate.conf
--- a/configs/fortigate/vdom_scsd/firewall.cfg
+++ b/configs/fortigate/vdom_scsd/firewall.cfg
@ -2843,6 +2843,24 @@ config firewall address
    edit "DelawareVLAN230"
        set subnet 10.22.230.0 255.255.255.224
    next
    edit "ElmwoodVLAN230"
        set subnet 10.23.230.0 255.255.255.224
    next
    edit "FranklinVLAN230"
        set subnet 10.24.230.0 255.255.255.224
    next
    edit "LatinVLAN230"
        set subnet 10.28.230.0 255.255.255.224
    next
    edit "SalemVLAN230"
        set subnet 10.30.230.0 255.255.255.224
    next
    edit "SeymourVLAN230"
        set subnet 10.44.230.0 255.255.255.224
    next
    edit "WebsterVLAN230"
        set subnet 10.51.230.0 255.255.255.224
    next
 end
 config firewall multicast-address
    edit "all_hosts"
@ -3054,7 +3072,7 @@ config firewall addrgrp
        set member "Shea_Secure_Wireless" "Shea_VLAN_6" "Corcoran_VLAN_20" "Corcoran_Secure_Wireless"
    next
    edit "VLAN230AddrGroup"
-        set member "SheaVLAN230" "CorcoranVLAN230" "DelawareVLAN230"
+        set member "SheaVLAN230" "CorcoranVLAN230" "DelawareVLAN230" "ElmwoodVLAN230" "FranklinVLAN230" "LatinVLAN230" "SalemVLAN230" "SeymourVLAN230" "WebsterVLAN230"
    next
 end
 config firewall wildcard-fqdn custom
--- a/configs/frank/frank-mdf-4507.cfg
+++ b/configs/frank/frank-mdf-4507.cfg
@ -1,8 +1,9 @@
 Building configuration...
-Current configuration : 20951 bytes
+Current configuration : 21724 bytes
 !
-! Last configuration change at 09:59:10 EDT Sat Oct 4 2025
+! Last configuration change at 10:35:46 EDT Tue Mar 10 2026 by estein66.admin
 ! NVRAM config last updated at 10:37:15 EDT Tue Mar 10 2026 by estein66.admin
 !
 version 15.2
 no service pad
@ -115,6 +116,16 @@ archive
 path bootflash:
 maximum 5
 file privilege 10
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network netadmin-hosts 
 description SCSD Network Administrators Hosts
 !
@ -124,6 +135,10 @@ object-group network netadmins-hosts
 host 10.1.6.126
 host 10.1.6.32
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@ -619,6 +634,7 @@ interface Vlan207
 !
 interface Vlan230
 ip address 10.24.230.1 255.255.255.224
 ip access-group hvac in
 !
 interface Vlan233
 ip address 10.24.233.1 255.255.255.0
@ -727,9 +743,15 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit tcp any any eq 1630
 permit udp any any eq 1630
 ip access-list extended hvac
- permit ip 10.24.230.0 0.0.0.31 host 10.1.230.11
+ permit ip 10.24.230.0 0.0.0.31 object-group day-enterprise-servers
- permit ip host 10.1.230.11 10.24.230.0 0.0.0.31
+ permit udp 10.24.230.0 0.0.0.31 object-group dns-servers eq domain
- deny   ip any any
+ permit udp 10.24.230.0 0.0.0.31 object-group ntp-servers eq ntp
 permit icmp 10.24.230.0 0.0.0.31 host 10.24.230.1
 permit icmp host 10.24.230.1 10.24.230.0 0.0.0.31
 deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.24.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended sbhc-acl
 permit ip 10.24.107.0 0.0.0.255 10.107.50.0 0.0.0.255
 permit tcp 10.24.107.0 0.0.0.255 any eq 443
--- a/configs/frazer/frazer-4507-1.cfg
+++ b/configs/frazer/frazer-4507-1.cfg
@ -1,9 +1,9 @@
 Building configuration...
-Current configuration : 37407 bytes
+Current configuration : 38237 bytes
 !
-! Last configuration change at 21:08:49 EDT Wed Aug 13 2025 by jpoland.oa
+! Last configuration change at 11:50:38 EDT Tue Mar 10 2026 by estein66.admin
-! NVRAM config last updated at 23:19:20 EDT Wed Aug 13 2025 by jpoland.oa
+! NVRAM config last updated at 11:50:39 EDT Tue Mar 10 2026 by estein66.admin
 !
 version 15.2
 no service pad
@ -116,6 +116,20 @@ archive
 path bootflash:
 maximum 5
 file privilege 10
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@ -1115,6 +1129,7 @@ interface Vlan107
 !
 interface Vlan230
 ip address 10.25.230.1 255.255.255.224
 ip access-group hvac in
 !
 interface Vlan504
 description to Ring #4 CCF Service #S200290
@ -1216,6 +1231,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit udp any any eq 1575
 permit tcp any any eq 1630
 permit udp any any eq 1630
 ip access-list extended hvac
 permit ip 10.25.230.0 0.0.0.31 object-group day-enterprise-servers
 permit udp 10.25.230.0 0.0.0.31 object-group dns-servers eq domain
 permit udp 10.25.230.0 0.0.0.31 object-group ntp-servers eq ntp
 permit icmp 10.25.230.0 0.0.0.31 host 10.25.230.1
 permit icmp host 10.25.230.1 10.25.230.0 0.0.0.31
 deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.25.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
--- a/configs/grant/grant-mdf-4507.cfg
+++ b/configs/grant/grant-mdf-4507.cfg
@ -1,9 +1,9 @@
 Building configuration...
-Current configuration : 32927 bytes
+Current configuration : 33834 bytes
 !
-! Last configuration change at 20:39:41 EST Thu Mar 5 2026 by jkafta72.admin
+! Last configuration change at 14:45:13 EDT Tue Mar 10 2026 by estein66.admin
-! NVRAM config last updated at 20:12:23 EST Thu Mar 5 2026 by jkafta72.admin
+! NVRAM config last updated at 14:45:40 EDT Tue Mar 10 2026 by estein66.admin
 !
 version 15.2
 no service pad
@ -135,12 +135,26 @@ power redundancy-mode redundant
 archive
 path bootflash:
 maximum 12
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network netadmins-hosts 
 description SCSD Network Administrators Hosts
 host 10.1.6.20
 host 10.1.6.126
 host 10.1.6.32
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@ -206,6 +220,9 @@ vlan 72
 vlan 107
 name SBHC
 !
 vlan 230
 name HVAC
 !
 vlan 233
 name City-CGRs
 !
@ -975,6 +992,11 @@ interface Vlan107
 ip access-group sbhc-acl in
 no ip redirects
 !
 interface Vlan230
 ip address 10.9.230.1 255.255.255.224
 ip access-group hvac in
 shutdown
 !
 interface Vlan233
 ip address 10.9.233.1 255.255.255.0
 !
@ -1081,6 +1103,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 ip access-list extended CAP1-FILTER-LIST
 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
 permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
 ip access-list extended hvac
 permit ip 10.9.230.0 0.0.0.31 object-group day-enterprise-servers
 permit udp 10.9.230.0 0.0.0.31 object-group dns-servers eq domain
 permit udp 10.9.230.0 0.0.0.31 object-group ntp-servers eq ntp
 permit icmp 10.9.230.0 0.0.0.31 host 10.9.230.1
 permit icmp host 10.9.230.1 10.9.230.0 0.0.0.31
 deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.9.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended sbhc-acl
 permit ip 10.9.107.0 0.0.0.255 10.107.50.0 0.0.0.255
 permit tcp 10.9.107.0 0.0.0.255 any eq 443
--- a/configs/henninger/henninger-mdf-4507.cfg
+++ b/configs/henninger/henninger-mdf-4507.cfg
@ -1,9 +1,9 @@
 Building configuration...
-Current configuration : 30458 bytes
+Current configuration : 31341 bytes
 !
-! Last configuration change at 19:50:27 EDT Thu Sep 18 2025 by jkafta72.admin
+! Last configuration change at 14:42:30 EDT Tue Mar 10 2026 by estein66.admin
-! NVRAM config last updated at 19:50:27 EDT Thu Sep 18 2025 by jkafta72.admin
+! NVRAM config last updated at 14:42:44 EDT Tue Mar 10 2026 by estein66.admin
 !
 version 15.2
 no service pad
@ -116,6 +116,20 @@ archive
 path bootflash:
 maximum 5
 file privilege 10
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 !
 spanning-tree mode pvst
 spanning-tree loopguard default
@ -923,6 +937,11 @@ interface Vlan72
 ip pim sparse-mode
 no autostate
 !
 interface Vlan230
 ip address 10.6.230.1 255.255.255.224
 ip access-group hvac in
 shutdown
 !
 interface Vlan508
 description to Ring #8 CCF Service #S200285
 ip address 10.250.208.6 255.255.255.0
@ -1016,6 +1035,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit udp any any eq 1575
 permit tcp any any eq 1630
 permit udp any any eq 1630
 ip access-list extended hvac
 permit ip 10.6.230.0 0.0.0.31 object-group day-enterprise-servers
 permit udp 10.6.230.0 0.0.0.31 object-group dns-servers eq domain
 permit udp 10.6.230.0 0.0.0.31 object-group ntp-servers eq ntp
 permit icmp 10.6.230.0 0.0.0.31 host 10.6.230.1
 permit icmp host 10.6.230.1 10.6.230.0 0.0.0.31
 deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.6.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
--- a/configs/hughes/hughes-4507-01.cfg
+++ b/configs/hughes/hughes-4507-01.cfg
@ -1,8 +1,8 @@
 Building configuration...
-Current configuration : 39870 bytes
+Current configuration : 40648 bytes
 !
-! Last configuration change at 09:24:35 EDT Thu Sep 25 2025 by mloper19.admin
+! Last configuration change at 12:44:55 EDT Tue Mar 10 2026 by estein66.admin
 ! NVRAM config last updated at 09:24:38 EDT Thu Sep 25 2025 by mloper19.admin
 !
 version 15.2
@ -119,6 +119,8 @@ crypto pki trustpoint TP-self-signed-18273
 !
 !
 crypto pki certificate chain TP-self-signed-18273
 errdisable recovery cause security-violation
 errdisable recovery interval 30
 power redundancy-mode redundant
 archive
 log config
@ -130,6 +132,20 @@ archive
 maximum 5
 write-memory
 file privilege 10
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@ -580,11 +596,13 @@ interface GigabitEthernet5/2
 spanning-tree portfast edge
 !
 interface GigabitEthernet5/3
- description hvac
+ description HVAC
 switchport access vlan 230
 switchport mode access
 switchport port-security violation restrict
 switchport port-security mac-address sticky
- ip access-group hvac in
+ switchport port-security mac-address sticky 0050.0618.aa26
 switchport port-security
 !
 interface GigabitEthernet5/4
 description ***   To Voice and Data Endpoints  ***
@ -1226,6 +1244,7 @@ interface Vlan107
 !
 interface Vlan230
 ip address 10.28.230.1 255.255.255.224
 ip access-group hvac in
 !
 interface Vlan506
 description to Ring #6 CCF Service #S200310
@ -1337,10 +1356,15 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit tcp any any eq 1630
 permit udp any any eq 1630
 ip access-list extended hvac
- permit tcp host 10.28.230.11 host 10.1.230.11
+ permit ip 10.28.230.0 0.0.0.31 object-group day-enterprise-servers
- permit icmp host 10.28.230.11 host 10.1.230.11 log
+ permit udp 10.28.230.0 0.0.0.31 object-group dns-servers eq domain
- permit tcp host 10.28.230.11 host 10.1.40.108
+ permit udp 10.28.230.0 0.0.0.31 object-group ntp-servers eq ntp
- permit icmp host 10.28.230.11 host 10.1.40.108 log
+ permit icmp 10.28.230.0 0.0.0.31 host 10.28.230.1
 permit icmp host 10.28.230.1 10.28.230.0 0.0.0.31
 deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.28.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
--- a/configs/king/king-4507-1.cfg
+++ b/configs/king/king-4507-1.cfg
@ -1,9 +1,9 @@
 Building configuration...
-Current configuration : 36773 bytes
+Current configuration : 37687 bytes
 !
-! Last configuration change at 18:30:41 EDT Tue Aug 19 2025 by estein66.admin
+! Last configuration change at 15:24:51 EDT Tue Mar 10 2026 by estein66.admin
-! NVRAM config last updated at 18:31:27 EDT Tue Aug 19 2025 by estein66.admin
+! NVRAM config last updated at 15:25:08 EDT Tue Mar 10 2026 by estein66.admin
 !
 version 15.2
 no service pad
@ -116,6 +116,16 @@ archive
 path bootflash:
 maximum 5
 file privilege 10
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network netadmin-hosts 
 description SCSD Network Administrators Hosts
 !
@ -125,6 +135,10 @@ object-group network netadmins-hosts
 host 10.1.6.126
 host 10.1.6.32
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 object-group service zoom-tcp-390 
 description Zoom phones TCP 390
 tcp eq 390
@ -204,6 +218,9 @@ vlan 72
 vlan 107
 name health_services
 !
 vlan 230
 name HVAC
 !
 vlan 505
 name CC-Ring
 !
@ -1131,6 +1148,11 @@ interface Vlan107
 ip address 10.20.107.1 255.255.255.0
 ip access-group sbhc-acl in
 !
 interface Vlan230
 ip address 10.20.230.1 255.255.255.224
 ip access-group hvac in
 shutdown
 !
 interface Vlan505
 description to Ring #5 CCF Service S200282
 ip address 10.250.205.20 255.255.255.0
@ -1234,6 +1256,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit udp any any eq 1575
 permit tcp any any eq 1630
 permit udp any any eq 1630
 ip access-list extended hvac
 permit ip 10.20.230.0 0.0.0.31 object-group day-enterprise-servers
 permit udp 10.20.230.0 0.0.0.31 object-group dns-servers eq domain
 permit udp 10.20.230.0 0.0.0.31 object-group ntp-servers eq ntp
 permit icmp 10.20.230.0 0.0.0.31 host 10.20.230.1
 permit icmp host 10.20.230.1 10.20.230.0 0.0.0.31
 deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.20.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended sbhc-acl
 permit ip 10.20.107.0 0.0.0.255 10.107.50.0 0.0.0.255
 permit tcp 10.20.107.0 0.0.0.255 any eq 443
--- a/configs/lincol/lincol-4507-1.cfg
+++ b/configs/lincol/lincol-4507-1.cfg
@ -1,8 +1,9 @@
 Building configuration...
-Current configuration : 20252 bytes
+Current configuration : 21262 bytes
 !
-! Last configuration change at 14:42:28 EDT Fri Oct 17 2025
+! Last configuration change at 14:49:20 EDT Tue Mar 10 2026 by estein66.admin
 ! NVRAM config last updated at 14:50:10 EDT Tue Mar 10 2026 by estein66.admin
 !
 version 15.2
 no service pad
@ -109,6 +110,20 @@ archive
 path bootflash:
 maximum 5
 file privilege 10
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@ -170,6 +185,9 @@ vlan 70
 vlan 72
 name access-control
 !
 vlan 230
 name HVAC
 !
 vlan 508
 name CC-Ring
 !
@ -623,6 +641,11 @@ interface Vlan107
 ip helper-address 10.21.48.20 
 shutdown
 !
 interface Vlan230
 ip address 10.13.230.1 255.255.255.224
 ip access-group hvac in
 shutdown
 !
 interface Vlan508
 description to Ring #8 CCF Service #S200297
 ip address 10.250.208.13 255.255.255.0
@ -721,6 +744,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit udp any any eq 1575
 permit tcp any any eq 1630
 permit udp any any eq 1630
 ip access-list extended hvac
 permit ip 10.13.230.0 0.0.0.31 object-group day-enterprise-servers
 permit udp 10.13.230.0 0.0.0.31 object-group dns-servers eq domain
 permit udp 10.13.230.0 0.0.0.31 object-group ntp-servers eq ntp
 permit icmp 10.13.230.0 0.0.0.31 host 10.13.230.1
 permit icmp host 10.13.230.1 10.13.230.0 0.0.0.31
 deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.13.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
--- a/configs/nottingham/nottingham-mdf-4507.cfg
+++ b/configs/nottingham/nottingham-mdf-4507.cfg
@ -1,9 +1,9 @@
 Building configuration...
-Current configuration : 38333 bytes
+Current configuration : 39238 bytes
 !
-! Last configuration change at 19:43:29 EDT Thu Sep 18 2025 by jkafta72.admin
+! Last configuration change at 14:37:20 EDT Tue Mar 10 2026 by estein66.admin
-! NVRAM config last updated at 19:43:29 EDT Thu Sep 18 2025 by jkafta72.admin
+! NVRAM config last updated at 14:38:57 EDT Tue Mar 10 2026 by estein66.admin
 !
 version 15.2
 no service pad
@ -118,6 +118,20 @@ archive
 path bootflash:
 maximum 5
 file privilege 10
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@ -179,6 +193,9 @@ vlan 70
 vlan 72
 name access-control
 !
 vlan 230
 name HVAC
 !
 vlan 251
 name native stub
 !
@ -1325,6 +1342,11 @@ interface Vlan107
 ip helper-address 10.21.48.20 
 shutdown
 !
 interface Vlan230
 ip address 10.4.230.1 255.255.255.224
 ip access-group hvac in
 shutdown
 !
 interface Vlan506
 description to Ring #6 CCF Service #S200286
 ip address 10.250.206.4 255.255.255.0
@ -1440,6 +1462,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit udp any any eq 1630
 ip access-list extended BadCamera
 deny   ip host 10.4.70.41 any
 ip access-list extended hvac
 permit ip 10.4.230.0 0.0.0.31 object-group day-enterprise-servers
 permit udp 10.4.230.0 0.0.0.31 object-group dns-servers eq domain
 permit udp 10.4.230.0 0.0.0.31 object-group ntp-servers eq ntp
 permit icmp 10.4.230.0 0.0.0.31 host 10.4.230.1
 permit icmp host 10.4.230.1 10.4.230.0 0.0.0.31
 deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.4.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
--- a/configs/salem_h/salem_h-4507-1.cfg
+++ b/configs/salem_h/salem_h-4507-1.cfg
@ -1,9 +1,9 @@
 Building configuration...
-Current configuration : 33357 bytes
+Current configuration : 33832 bytes
 !
-! Last configuration change at 19:55:55 EDT Thu Sep 18 2025 by jkafta72.admin
+! Last configuration change at 13:12:23 EDT Tue Mar 10 2026 by estein66.admin
-! NVRAM config last updated at 19:55:55 EDT Thu Sep 18 2025 by jkafta72.admin
+! NVRAM config last updated at 13:12:24 EDT Tue Mar 10 2026 by estein66.admin
 !
 version 15.2
 no service pad
@ -115,6 +115,20 @@ archive
 path bootflash:
 maximum 5
 file privilege 10
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@ -1027,6 +1041,7 @@ interface Vlan107
 !
 interface Vlan230
 ip address 10.30.230.1 255.255.255.224
 ip access-group hvac in
 !
 interface Vlan233
 ip address 10.30.233.1 255.255.255.0
@ -1135,12 +1150,15 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit tcp any any eq 1630
 permit udp any any eq 1630
 ip access-list extended hvac
- permit tcp 10.30.230.0 0.0.0.31 eq 22 10.1.230.0 0.0.0.31 log
+ permit ip 10.30.230.0 0.0.0.31 object-group day-enterprise-servers
- permit tcp 10.30.230.0 0.0.0.31 eq www 10.1.230.0 0.0.0.31 log
+ permit udp 10.30.230.0 0.0.0.31 object-group dns-servers eq domain
- permit tcp 10.30.230.0 0.0.0.31 eq 443 10.1.230.0 0.0.0.31 log
+ permit udp 10.30.230.0 0.0.0.31 object-group ntp-servers eq ntp
- permit icmp 10.30.230.0 0.0.0.31 10.1.230.0 0.0.0.31
+ permit icmp 10.30.230.0 0.0.0.31 host 10.30.230.1
- permit icmp 10.1.230.0 0.0.0.31 10.30.230.0 0.0.0.31
+ permit icmp host 10.30.230.1 10.30.230.0 0.0.0.31
- deny   ip any any
+ deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.30.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
--- a/configs/seymour/seymour-mdf-4507.cfg
+++ b/configs/seymour/seymour-mdf-4507.cfg
@ -1,9 +1,9 @@
 Building configuration...
-Current configuration : 19949 bytes
+Current configuration : 20771 bytes
 !
-! Last configuration change at 11:29:35 EDT Fri Oct 17 2025 by mloper19.admin
+! Last configuration change at 13:42:59 EDT Tue Mar 10 2026 by estein66.admin
-! NVRAM config last updated at 11:30:51 EDT Fri Oct 17 2025 by mloper19.admin
+! NVRAM config last updated at 13:48:43 EDT Tue Mar 10 2026 by estein66.admin
 !
 version 15.2
 no service pad
@ -120,6 +120,20 @@ archive
 path bootflash:
 maximum 5
 file privilege 10
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@ -615,6 +629,7 @@ interface Vlan107
 !
 interface Vlan230
 ip address 10.44.230.1 255.255.255.224
 ip access-group hvac in
 !
 interface Vlan233
 ip address 10.44.233.1 255.255.255.0
@ -721,6 +736,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit udp any any eq 1575
 permit tcp any any eq 1630
 permit udp any any eq 1630
 ip access-list extended hvac
 permit ip 10.44.230.0 0.0.0.31 object-group day-enterprise-servers
 permit udp 10.44.230.0 0.0.0.31 object-group dns-servers eq domain
 permit udp 10.44.230.0 0.0.0.31 object-group ntp-servers eq ntp
 permit icmp 10.44.230.0 0.0.0.31 host 10.44.230.1
 permit icmp host 10.44.230.1 10.44.230.0 0.0.0.31
 deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.44.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
--- a/configs/webster/webster-4507-1.cfg
+++ b/configs/webster/webster-4507-1.cfg
@ -1,9 +1,9 @@
 Building configuration...
-Current configuration : 37980 bytes
+Current configuration : 38662 bytes
 !
-! Last configuration change at 19:41:10 EDT Thu Sep 18 2025 by estein66.admin
+! Last configuration change at 14:06:38 EDT Tue Mar 10 2026 by estein66.admin
-! NVRAM config last updated at 19:41:11 EDT Thu Sep 18 2025 by estein66.admin
+! NVRAM config last updated at 14:06:51 EDT Tue Mar 10 2026 by estein66.admin
 !
 version 15.2
 no service pad
@ -141,6 +141,20 @@ archive
 path bootflash:
 maximum 5
 file privilege 10
 object-group network day-enterprise-servers 
 description day-enterprise-servers
 host 10.1.230.11
 host 10.1.40.108
 !
 object-group network dns-servers 
 description Internal-DNS-Servers
 host 10.1.40.10
 host 10.1.48.11
 !
 object-group network ntp-servers 
 host 10.1.40.154
 host 10.1.48.103
 !
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@ -1160,6 +1174,7 @@ interface Vlan107
 !
 interface Vlan230
 ip address 10.51.230.1 255.255.255.224
 ip access-group hvac in
 !
 interface Vlan233
 ip address 10.51.233.1 255.255.255.0
@ -1265,9 +1280,15 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
 permit tcp any any eq 1630
 permit udp any any eq 1630
 ip access-list extended hvac
- permit ip host 10.1.230.11 host 10.51.230.11
+ permit ip 10.51.230.0 0.0.0.31 object-group day-enterprise-servers
- permit ip host 10.51.230.11 host 10.1.230.11
+ permit udp 10.51.230.0 0.0.0.31 object-group dns-servers eq domain
- deny   ip any any
+ permit udp 10.51.230.0 0.0.0.31 object-group ntp-servers eq ntp
 permit icmp 10.51.230.0 0.0.0.31 host 10.51.230.1
 permit icmp host 10.51.230.1 10.51.230.0 0.0.0.31
 deny   ip any 10.0.0.0 0.255.255.255
 deny   ip any 192.168.0.0 0.0.255.255
 deny   ip any 172.16.0.0 0.15.255.255
 permit tcp 10.51.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended users
 deny   ip any 192.168.0.0 0.0.255.255
 permit ip any any
Author	SHA1	Message	Date
John Poland	438251bd5a	delaware/delaware-mdf-4507.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:26 -04:00
John Poland	c4ce6c3046	lincol/lincol-4507-1.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:26 -04:00
John Poland	906cc7efb6	belle/belle-4507-1.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:26 -04:00
John Poland	fcfb9b3f48	frank/frank-mdf-4507.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:26 -04:00
John Poland	6c8ae20ad4	grant/grant-mdf-4507.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:26 -04:00
John Poland	f4ba369101	hughes/hughes-4507-01.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:26 -04:00
John Poland	67a5d5cdcb	seymour/seymour-mdf-4507.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:26 -04:00
John Poland	bfdddbb931	henninger/henninger-mdf-4507.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:25 -04:00
John Poland	ad86d7051b	elmwood/elmwood-mdf-4507.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:25 -04:00
John Poland	0142cbec0d	king/king-4507-1.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:25 -04:00
John Poland	795baf4a9e	webster/webster-4507-1.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:25 -04:00
John Poland	b5f6a30b0e	salem_h/salem_h-4507-1.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:24 -04:00
John Poland	adae93dca5	nottingham/nottingham-mdf-4507.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:24 -04:00
John Poland	fb244d5b6a	frazer/frazer-4507-1.cfg Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:24 -04:00
John Poland	cf18c414e4	fortigate-backup Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:24 -04:00
John Poland	dde6d7dd64	fortigate Tue Mar 10 08:33:24 PM EDT 2026	2026-03-10 20:33:24 -04:00