Compare commits
5 Commits
ec7b1d689b
...
7848a85ead
| Author | SHA1 | Date | |
|---|---|---|---|
| 7848a85ead | |||
| 5befe24235 | |||
| 2c6ceae105 | |||
| daa2df4cc8 | |||
| e0ec019bf9 |
@ -1,9 +1,9 @@
|
|||||||
Building configuration...
|
Building configuration...
|
||||||
|
|
||||||
Current configuration : 32633 bytes
|
Current configuration : 33447 bytes
|
||||||
!
|
!
|
||||||
! Last configuration change at 14:08:58 EST Fri Mar 6 2026 by estein66.admin
|
! Last configuration change at 08:19:58 EDT Mon Mar 9 2026 by estein66.admin
|
||||||
! NVRAM config last updated at 14:09:28 EST Fri Mar 6 2026 by estein66.admin
|
! NVRAM config last updated at 08:26:47 EDT Mon Mar 9 2026 by estein66.admin
|
||||||
!
|
!
|
||||||
version 15.2
|
version 15.2
|
||||||
no service pad
|
no service pad
|
||||||
@ -115,6 +115,20 @@ archive
|
|||||||
path bootflash:
|
path bootflash:
|
||||||
maximum 5
|
maximum 5
|
||||||
file privilege 10
|
file privilege 10
|
||||||
|
object-group network day-enterprise-servers
|
||||||
|
description day-enterprise-servers
|
||||||
|
host 10.1.230.11
|
||||||
|
host 10.1.40.108
|
||||||
|
!
|
||||||
|
object-group network dns-servers
|
||||||
|
description Internal-DNS-Servers
|
||||||
|
host 10.1.40.10
|
||||||
|
host 10.1.48.11
|
||||||
|
!
|
||||||
|
object-group network ntp-servers
|
||||||
|
host 10.1.40.154
|
||||||
|
host 10.1.48.103
|
||||||
|
!
|
||||||
!
|
!
|
||||||
spanning-tree mode rapid-pvst
|
spanning-tree mode rapid-pvst
|
||||||
spanning-tree loopguard default
|
spanning-tree loopguard default
|
||||||
@ -975,6 +989,7 @@ interface Vlan107
|
|||||||
!
|
!
|
||||||
interface Vlan230
|
interface Vlan230
|
||||||
ip address 10.7.230.1 255.255.255.224
|
ip address 10.7.230.1 255.255.255.224
|
||||||
|
ip access-group hvac in
|
||||||
!
|
!
|
||||||
interface Vlan501
|
interface Vlan501
|
||||||
description to Ring #1 CCF Service #S200279
|
description to Ring #1 CCF Service #S200279
|
||||||
@ -1076,6 +1091,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
|
|||||||
ip access-list extended dhcpcap
|
ip access-list extended dhcpcap
|
||||||
permit udp host 10.1.40.20 any
|
permit udp host 10.1.40.20 any
|
||||||
permit udp host 10.21.48.20 any
|
permit udp host 10.21.48.20 any
|
||||||
|
ip access-list extended hvac
|
||||||
|
permit ip 10.7.230.0 0.0.0.31 object-group day-enterprise-servers
|
||||||
|
permit udp 10.7.230.0 0.0.0.31 object-group dns-servers eq domain
|
||||||
|
permit udp 10.7.230.0 0.0.0.31 object-group ntp-servers eq ntp
|
||||||
|
permit icmp 10.7.230.0 0.0.0.31 host 10.7.230.1
|
||||||
|
permit icmp host 10.7.230.1 10.7.230.0 0.0.0.31
|
||||||
|
deny ip any 10.0.0.0 0.255.255.255
|
||||||
|
deny ip any 192.168.0.0 0.0.255.255
|
||||||
|
deny ip any 172.16.0.0 0.15.255.255
|
||||||
|
permit tcp 10.7.230.0 0.0.0.31 any eq 587 log-input
|
||||||
ip access-list extended users
|
ip access-list extended users
|
||||||
deny ip any 192.168.0.0 0.0.255.255
|
deny ip any 192.168.0.0 0.0.255.255
|
||||||
permit ip any any
|
permit ip any any
|
||||||
|
|||||||
@ -1,8 +1,9 @@
|
|||||||
Building configuration...
|
Building configuration...
|
||||||
|
|
||||||
Current configuration : 36756 bytes
|
Current configuration : 37672 bytes
|
||||||
!
|
!
|
||||||
! Last configuration change at 05:56:13 EDT Mon Oct 20 2025
|
! Last configuration change at 16:13:28 EDT Mon Mar 9 2026 by estein66.admin
|
||||||
|
! NVRAM config last updated at 16:13:32 EDT Mon Mar 9 2026 by estein66.admin
|
||||||
!
|
!
|
||||||
version 15.2
|
version 15.2
|
||||||
no service pad
|
no service pad
|
||||||
@ -129,6 +130,16 @@ archive
|
|||||||
path bootflash:
|
path bootflash:
|
||||||
maximum 5
|
maximum 5
|
||||||
file privilege 10
|
file privilege 10
|
||||||
|
object-group network day-enterprise-servers
|
||||||
|
description day-enterprise-servers
|
||||||
|
host 10.1.230.11
|
||||||
|
host 10.1.40.108
|
||||||
|
!
|
||||||
|
object-group network dns-servers
|
||||||
|
description Internal-DNS-Servers
|
||||||
|
host 10.1.40.10
|
||||||
|
host 10.1.48.11
|
||||||
|
!
|
||||||
object-group network netadmin-hosts
|
object-group network netadmin-hosts
|
||||||
description SCSD Network Administrators Hosts
|
description SCSD Network Administrators Hosts
|
||||||
!
|
!
|
||||||
@ -138,6 +149,10 @@ object-group network netadmins-hosts
|
|||||||
host 10.1.6.126
|
host 10.1.6.126
|
||||||
host 10.1.6.32
|
host 10.1.6.32
|
||||||
!
|
!
|
||||||
|
object-group network ntp-servers
|
||||||
|
host 10.1.40.154
|
||||||
|
host 10.1.48.103
|
||||||
|
!
|
||||||
!
|
!
|
||||||
spanning-tree mode rapid-pvst
|
spanning-tree mode rapid-pvst
|
||||||
spanning-tree loopguard default
|
spanning-tree loopguard default
|
||||||
@ -1120,6 +1135,7 @@ interface Vlan107
|
|||||||
!
|
!
|
||||||
interface Vlan230
|
interface Vlan230
|
||||||
ip address 10.22.230.1 255.255.255.224
|
ip address 10.22.230.1 255.255.255.224
|
||||||
|
ip access-group hvac in
|
||||||
!
|
!
|
||||||
interface Vlan503
|
interface Vlan503
|
||||||
description to Ring #3 CCF Service #S200281
|
description to Ring #3 CCF Service #S200281
|
||||||
@ -1223,6 +1239,16 @@ ip access-list extended AutoQos-4.0-ACL-Transactional-Data
|
|||||||
permit udp any any eq 1575
|
permit udp any any eq 1575
|
||||||
permit tcp any any eq 1630
|
permit tcp any any eq 1630
|
||||||
permit udp any any eq 1630
|
permit udp any any eq 1630
|
||||||
|
ip access-list extended hvac
|
||||||
|
permit ip 10.22.230.0 0.0.0.31 object-group day-enterprise-servers
|
||||||
|
permit udp 10.22.230.0 0.0.0.31 object-group dns-servers eq domain
|
||||||
|
permit udp 10.22.230.0 0.0.0.31 object-group ntp-servers eq ntp
|
||||||
|
permit icmp 10.22.230.0 0.0.0.31 host 10.22.230.1
|
||||||
|
permit icmp host 10.22.230.1 10.22.230.0 0.0.0.31
|
||||||
|
deny ip any 10.0.0.0 0.255.255.255
|
||||||
|
deny ip any 192.168.0.0 0.0.255.255
|
||||||
|
deny ip any 172.16.0.0 0.15.255.255
|
||||||
|
permit tcp 10.22.230.0 0.0.0.31 any eq 587 log-input
|
||||||
ip access-list extended sbhc-acl
|
ip access-list extended sbhc-acl
|
||||||
permit ip 10.22.107.0 0.0.0.255 10.107.50.0 0.0.0.255
|
permit ip 10.22.107.0 0.0.0.255 10.107.50.0 0.0.0.255
|
||||||
permit tcp 10.22.107.0 0.0.0.255 any eq 443
|
permit tcp 10.22.107.0 0.0.0.255 any eq 443
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
@ -2837,6 +2837,12 @@ config firewall address
|
|||||||
edit "SheaVLAN230"
|
edit "SheaVLAN230"
|
||||||
set subnet 10.14.230.0 255.255.255.224
|
set subnet 10.14.230.0 255.255.255.224
|
||||||
next
|
next
|
||||||
|
edit "CorcoranVLAN230"
|
||||||
|
set subnet 10.7.230.0 255.255.255.224
|
||||||
|
next
|
||||||
|
edit "DelawareVLAN230"
|
||||||
|
set subnet 10.22.230.0 255.255.255.224
|
||||||
|
next
|
||||||
end
|
end
|
||||||
config firewall multicast-address
|
config firewall multicast-address
|
||||||
edit "all_hosts"
|
edit "all_hosts"
|
||||||
@ -3048,7 +3054,7 @@ config firewall addrgrp
|
|||||||
set member "Shea_Secure_Wireless" "Shea_VLAN_6" "Corcoran_VLAN_20" "Corcoran_Secure_Wireless"
|
set member "Shea_Secure_Wireless" "Shea_VLAN_6" "Corcoran_VLAN_20" "Corcoran_Secure_Wireless"
|
||||||
next
|
next
|
||||||
edit "VLAN230AddrGroup"
|
edit "VLAN230AddrGroup"
|
||||||
set member "SheaVLAN230"
|
set member "SheaVLAN230" "CorcoranVLAN230" "DelawareVLAN230"
|
||||||
next
|
next
|
||||||
end
|
end
|
||||||
config firewall wildcard-fqdn custom
|
config firewall wildcard-fqdn custom
|
||||||
@ -4811,6 +4817,7 @@ config firewall policy
|
|||||||
set comments " (Copy of NVIDEA_LICENSING) (Reverse of NVIDEA_LICENSING)"
|
set comments " (Copy of NVIDEA_LICENSING) (Reverse of NVIDEA_LICENSING)"
|
||||||
next
|
next
|
||||||
edit 107
|
edit 107
|
||||||
|
set status disable
|
||||||
set name "NOCTI In->Out"
|
set name "NOCTI In->Out"
|
||||||
set srcintf "inside"
|
set srcintf "inside"
|
||||||
set dstintf "outside"
|
set dstintf "outside"
|
||||||
@ -4824,6 +4831,7 @@ config firewall policy
|
|||||||
set comments "Allow nocti.org"
|
set comments "Allow nocti.org"
|
||||||
next
|
next
|
||||||
edit 121
|
edit 121
|
||||||
|
set status disable
|
||||||
set name "NOCTI Out->In"
|
set name "NOCTI Out->In"
|
||||||
set srcintf "outside"
|
set srcintf "outside"
|
||||||
set dstintf "inside"
|
set dstintf "inside"
|
||||||
|
|||||||
@ -1,9 +1,9 @@
|
|||||||
Building configuration...
|
Building configuration...
|
||||||
|
|
||||||
Current configuration : 35730 bytes
|
Current configuration : 35781 bytes
|
||||||
!
|
!
|
||||||
! Last configuration change at 15:42:07 EST Fri Mar 6 2026 by estein66.admin
|
! Last configuration change at 13:37:58 EDT Mon Mar 9 2026 by estein66.admin
|
||||||
! NVRAM config last updated at 15:42:18 EST Fri Mar 6 2026 by estein66.admin
|
! NVRAM config last updated at 13:37:59 EDT Mon Mar 9 2026 by estein66.admin
|
||||||
!
|
!
|
||||||
version 15.2
|
version 15.2
|
||||||
no service pad
|
no service pad
|
||||||
@ -859,8 +859,9 @@ interface GigabitEthernet5/32
|
|||||||
service-policy output AutoQos-VoIP-Output-Policy
|
service-policy output AutoQos-VoIP-Output-Policy
|
||||||
!
|
!
|
||||||
interface GigabitEthernet5/33
|
interface GigabitEthernet5/33
|
||||||
description Trunk Test Port
|
description *** To Wireless APs ***
|
||||||
switchport trunk native vlan 525
|
switchport trunk allowed vlan 35,59,999
|
||||||
|
switchport trunk native vlan 35
|
||||||
switchport mode trunk
|
switchport mode trunk
|
||||||
!
|
!
|
||||||
interface GigabitEthernet5/34
|
interface GigabitEthernet5/34
|
||||||
@ -1303,6 +1304,6 @@ line vty 5 15
|
|||||||
transport input ssh
|
transport input ssh
|
||||||
!
|
!
|
||||||
scheduler runtime netinput 100
|
scheduler runtime netinput 100
|
||||||
ntp server 10.1.1.2 prefer
|
ntp server 10.1.40.154
|
||||||
ntp server 10.1.1.3
|
ntp server 10.1.48.103
|
||||||
end
|
end
|
||||||
Loading…
x
Reference in New Issue
Block a user