1573 lines
39 KiB
INI
1573 lines
39 KiB
INI
Building configuration...
|
|
|
|
Current configuration : 39543 bytes
|
|
!
|
|
! Last configuration change at 14:33:17 EDT Wed Apr 1 2026 by jkafta72.admin
|
|
! NVRAM config last updated at 14:33:11 EDT Wed Apr 1 2026 by jkafta72.admin
|
|
!
|
|
version 15.2
|
|
no service pad
|
|
service timestamps debug datetime msec
|
|
service timestamps log datetime localtime
|
|
no service password-encryption
|
|
service compress-config
|
|
!
|
|
hostname nottingham-mdf-4507
|
|
!
|
|
boot-start-marker
|
|
boot system flash bootflash:cat4500e-sup8e-firmwareupgrade-151_1r_SG18.SPA
|
|
boot system flash bootflash:cat4500e-sup8e-universalk9.SPA.03.11.06.E.152-7.E6.bin
|
|
license boot level entservices
|
|
boot-end-marker
|
|
!
|
|
shell processing full
|
|
!
|
|
vrf definition mgmtVrf
|
|
!
|
|
address-family ipv4
|
|
exit-address-family
|
|
!
|
|
address-family ipv6
|
|
exit-address-family
|
|
!
|
|
no logging console
|
|
enable secret 5 $1$AylJ$/rzrPQa/gwkSAOjw9d7iE0
|
|
!
|
|
username admin password 0 syr1Admin
|
|
aaa new-model
|
|
!
|
|
!
|
|
aaa authentication login default group tacacs+ local
|
|
aaa authentication enable default group tacacs+ enable
|
|
aaa authorization console
|
|
aaa authorization exec default group tacacs+ local
|
|
aaa accounting exec default start-stop group tacacs+
|
|
aaa accounting commands 15 default stop-only group tacacs+
|
|
aaa accounting network default start-stop group tacacs+
|
|
aaa accounting connection default start-stop group tacacs+
|
|
aaa accounting system default start-stop group tacacs+
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
aaa session-id common
|
|
clock timezone EST -5 0
|
|
clock summer-time EDT recurring
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
udld aggressive
|
|
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
ip multicast-routing
|
|
ip domain-lookup source-interface Loopback0
|
|
ip domain-name scsd.ad
|
|
ip name-server 10.1.40.12
|
|
ip name-server 10.1.40.10
|
|
ip name-server 10.1.9.102
|
|
ip name-server 10.1.48.200
|
|
ip name-server 10.21.48.242
|
|
!
|
|
!
|
|
vtp domain nott
|
|
vtp mode transparent
|
|
!
|
|
flow record netflow-record
|
|
match ipv4 tos
|
|
match ipv4 protocol
|
|
match ipv4 source address
|
|
match ipv4 destination address
|
|
match transport source-port
|
|
match transport destination-port
|
|
match interface input
|
|
collect interface output
|
|
collect counter bytes long
|
|
collect counter packets long
|
|
!
|
|
!
|
|
flow exporter netflow-to-orion
|
|
destination 10.1.48.37
|
|
source Vlan506
|
|
transport udp 2055
|
|
!
|
|
!
|
|
flow monitor netflow-monitor
|
|
exporter netflow-to-orion
|
|
cache timeout inactive 10
|
|
cache timeout active 60
|
|
record netflow-record
|
|
!
|
|
!
|
|
!
|
|
power redundancy-mode redundant
|
|
archive
|
|
log config
|
|
logging enable
|
|
logging size 1000
|
|
notify syslog contenttype plaintext
|
|
hidekeys
|
|
path bootflash:
|
|
maximum 5
|
|
file privilege 10
|
|
object-group network day-enterprise-servers
|
|
description day-enterprise-servers
|
|
host 10.1.230.11
|
|
host 10.1.40.108
|
|
!
|
|
object-group network dns-servers
|
|
description Internal-DNS-Servers
|
|
host 10.1.40.10
|
|
host 10.1.48.11
|
|
!
|
|
object-group network ntp-servers
|
|
host 10.1.40.154
|
|
host 10.1.48.103
|
|
!
|
|
!
|
|
spanning-tree mode rapid-pvst
|
|
spanning-tree loopguard default
|
|
spanning-tree portfast edge bpduguard default
|
|
spanning-tree extend system-id
|
|
spanning-tree uplinkfast
|
|
spanning-tree backbonefast
|
|
spanning-tree vlan 10,20,30,35,40,50-60,62,64,70 priority 8192
|
|
!
|
|
redundancy
|
|
mode sso
|
|
!
|
|
vlan internal allocation policy ascending
|
|
!
|
|
vlan 10
|
|
name mgmt
|
|
!
|
|
vlan 20
|
|
name data
|
|
!
|
|
vlan 30
|
|
name IoT
|
|
!
|
|
vlan 35
|
|
name new_wireless
|
|
!
|
|
vlan 40
|
|
!
|
|
vlan 50
|
|
name voice_50
|
|
!
|
|
vlan 51
|
|
name voice_51
|
|
!
|
|
vlan 52
|
|
name voice_52
|
|
!
|
|
vlan 53
|
|
name voice_53
|
|
!
|
|
vlan 54
|
|
name voice_54
|
|
!
|
|
vlan 55
|
|
name voice_55
|
|
!
|
|
vlan 56
|
|
name voice_56
|
|
!
|
|
vlan 60
|
|
name Owireless
|
|
!
|
|
vlan 64
|
|
name wireless_64
|
|
!
|
|
vlan 70
|
|
name security-cameras
|
|
!
|
|
vlan 72
|
|
name access-control
|
|
!
|
|
vlan 230
|
|
name HVAC
|
|
!
|
|
vlan 251
|
|
name native stub
|
|
!
|
|
vlan 506
|
|
name CC-Ring
|
|
!
|
|
vlan 516
|
|
name ring6_ct-b
|
|
!
|
|
vlan 525
|
|
name native_stub
|
|
!
|
|
vlan 526
|
|
name ring6_sh-a
|
|
!
|
|
vlan 536
|
|
name ring6_sh-b
|
|
!
|
|
vlan 1030
|
|
name hvac_iot
|
|
lldp run
|
|
!
|
|
!
|
|
class-map match-all AutoQos-4.0-Scavenger-Classify
|
|
match access-group name AutoQos-4.0-ACL-Scavenger
|
|
class-map match-all AutoQos-4.0-Signaling-Classify
|
|
match access-group name AutoQos-4.0-ACL-Signaling
|
|
class-map match-any AutoQos-4.0-Priority-Queue
|
|
match cos 5
|
|
match dscp ef
|
|
match dscp cs5
|
|
match dscp cs4
|
|
class-map match-all AutoQos-4.0-VoIP-Data-Cos
|
|
match cos 5
|
|
class-map match-any AutoQos-4.0-Multimedia-Stream-Queue
|
|
match dscp af31
|
|
match dscp af32
|
|
match dscp af33
|
|
class-map match-all AutoQos-4.0-Network-Mgmt
|
|
match dscp cs2
|
|
class-map match-all AutoQos-4.0-VoIP-Signal-Cos
|
|
match cos 3
|
|
class-map match-any AutoQos-4.0-Multimedia-Conf-Queue
|
|
match cos 4
|
|
match dscp af41
|
|
match dscp af42
|
|
match dscp af43
|
|
match access-group name AutoQos-4.0-ACL-Multimedia-Conf
|
|
class-map match-any AutoQos-4.0-Transaction-Data
|
|
match dscp af21
|
|
match dscp af22
|
|
match dscp af23
|
|
class-map match-all AutoQos-4.0-Network-Ctrl
|
|
match dscp cs7
|
|
class-map match-all AutoQos-4.0-Scavenger
|
|
match dscp cs1
|
|
class-map match-all AutoQos-4.0-Default-Classify
|
|
match access-group name AutoQos-4.0-ACL-Default
|
|
class-map match-any AutoQos-4.0-Signaling
|
|
match dscp cs3
|
|
match cos 3
|
|
class-map match-any AutoQos-4.0-Bulk-Data-Queue
|
|
match cos 1
|
|
match dscp af11
|
|
match dscp af12
|
|
match dscp af13
|
|
match access-group name AutoQos-4.0-ACL-Bulk-Data
|
|
class-map match-all AutoQos-4.0-Transaction-Classify
|
|
match access-group name AutoQos-4.0-ACL-Transactional-Data
|
|
class-map match-all AutoQos-4.0-Broadcast-Vid
|
|
match dscp cs5
|
|
class-map match-any AutoQos-4.0-Bulk-Data
|
|
match dscp af11
|
|
match dscp af12
|
|
match dscp af13
|
|
class-map match-all AutoQos-4.0-VoIP-Video-Cos
|
|
match cos 4
|
|
class-map match-any AutoQos-4.0-Scavenger-Queue
|
|
match dscp cs1
|
|
match cos 1
|
|
match access-group name AutoQos-4.0-ACL-Scavenger
|
|
class-map match-any AutoQos-4.0-VoIP
|
|
match dscp ef
|
|
match cos 5
|
|
class-map match-any AutoQos-4.0-Multimedia-Conf
|
|
match dscp af41
|
|
match dscp af42
|
|
match dscp af43
|
|
class-map match-any AutoQos-4.0-Control-Mgmt-Queue
|
|
match cos 3
|
|
match dscp cs7
|
|
match dscp cs6
|
|
match dscp cs3
|
|
match dscp cs2
|
|
match access-group name AutoQos-4.0-ACL-Signaling
|
|
class-map match-all AutoQos-4.0-Bulk-Data-Classify
|
|
match access-group name AutoQos-4.0-ACL-Bulk-Data
|
|
class-map match-any AutoQos-4.0-Trans-Data-Queue
|
|
match cos 2
|
|
match dscp af21
|
|
match dscp af22
|
|
match dscp af23
|
|
match access-group name AutoQos-4.0-ACL-Transactional-Data
|
|
class-map match-any AutoQos-4.0-Multimedia-Stream
|
|
match dscp af31
|
|
match dscp af32
|
|
match dscp af33
|
|
class-map match-any AutoQos-4.0-VoIP-Data
|
|
match dscp ef
|
|
match cos 5
|
|
class-map match-all AutoQos-4.0-Internetwork-Ctrl
|
|
match dscp cs6
|
|
class-map match-all AutoQos-4.0-Realtime-Interact
|
|
match dscp cs4
|
|
class-map match-all AutoQos-4.0-Multimedia-Conf-Classify
|
|
match access-group name AutoQos-4.0-ACL-Multimedia-Conf
|
|
class-map match-any AutoQos-4.0-VoIP-Signal
|
|
match dscp cs3
|
|
match cos 3
|
|
!
|
|
policy-map AutoQos-4.0-Output-Policy
|
|
class AutoQos-4.0-Scavenger-Queue
|
|
bandwidth remaining percent 1
|
|
class AutoQos-4.0-Priority-Queue
|
|
priority
|
|
police cir percent 30 bc 33 ms
|
|
class AutoQos-4.0-Control-Mgmt-Queue
|
|
bandwidth remaining percent 10
|
|
class AutoQos-4.0-Multimedia-Conf-Queue
|
|
bandwidth remaining percent 10
|
|
class AutoQos-4.0-Multimedia-Stream-Queue
|
|
bandwidth remaining percent 10
|
|
class AutoQos-4.0-Trans-Data-Queue
|
|
bandwidth remaining percent 10
|
|
dbl
|
|
class AutoQos-4.0-Bulk-Data-Queue
|
|
bandwidth remaining percent 4
|
|
dbl
|
|
class class-default
|
|
bandwidth remaining percent 25
|
|
dbl
|
|
policy-map AutoQos-4.0-Input-Policy
|
|
class AutoQos-4.0-VoIP
|
|
class AutoQos-4.0-Broadcast-Vid
|
|
class AutoQos-4.0-Realtime-Interact
|
|
class AutoQos-4.0-Network-Ctrl
|
|
class AutoQos-4.0-Internetwork-Ctrl
|
|
class AutoQos-4.0-Signaling
|
|
class AutoQos-4.0-Network-Mgmt
|
|
class AutoQos-4.0-Multimedia-Conf
|
|
class AutoQos-4.0-Multimedia-Stream
|
|
class AutoQos-4.0-VoIP-Signal-Cos
|
|
set dscp cs3
|
|
police cir 32000 bc 8000
|
|
exceed-action set-dscp-transmit cs1
|
|
bandwidth remaining percent 10
|
|
dbl
|
|
class AutoQos-4.0-Multimedia-Stream-Queue
|
|
bandwidth remaining percent 10
|
|
class AutoQos-4.0-Transaction-Data
|
|
class AutoQos-4.0-Bulk-Data
|
|
class AutoQos-4.0-Scavenger
|
|
policy-map AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
class AutoQos-4.0-VoIP-Data-Cos
|
|
set dscp ef
|
|
police cir 128000 bc 8000
|
|
exceed-action set-dscp-transmit cs1
|
|
exceed-action set-cos-transmit 1
|
|
class AutoQos-4.0-VoIP-Video-Cos
|
|
set dscp af41
|
|
police cir 10000000 bc 8000
|
|
exceed-action set-dscp-transmit cs1
|
|
exceed-action set-cos-transmit 1
|
|
class AutoQos-4.0-VoIP-Signal-Cos
|
|
set dscp cs3
|
|
police cir 32000 bc 8000
|
|
exceed-action set-dscp-transmit cs1
|
|
exceed-action set-cos-transmit 1
|
|
class class-default
|
|
set dscp default
|
|
set cos 0
|
|
policy-map AutoQos-4.0-40G-Output-Policy
|
|
class AutoQos-4.0-Scavenger-Queue
|
|
bandwidth 100000
|
|
class AutoQos-4.0-Priority-Queue
|
|
police cir percent 30 bc 33 ms
|
|
priority
|
|
class AutoQos-4.0-Control-Mgmt-Queue
|
|
bandwidth 1000000
|
|
class AutoQos-4.0-Multimedia-Conf-Queue
|
|
bandwidth 1000000
|
|
class AutoQos-4.0-Multimedia-Stream-Queue
|
|
bandwidth 1000000
|
|
class AutoQos-4.0-Trans-Data-Queue
|
|
bandwidth 1000000
|
|
dbl
|
|
class AutoQos-4.0-Bulk-Data-Queue
|
|
bandwidth 400000
|
|
dbl
|
|
class class-default
|
|
bandwidth 2500000
|
|
dbl
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
interface Loopback0
|
|
ip address 10.4.254.254 255.255.255.255
|
|
!
|
|
interface Port-channel5
|
|
description ** To MDF .5 Stack **
|
|
switchport
|
|
switchport trunk allowed vlan 10,20,30,35,40,50,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
!
|
|
interface Port-channel6
|
|
no ip address
|
|
!
|
|
interface Port-channel7
|
|
no ip address
|
|
!
|
|
interface Port-channel8
|
|
no ip address
|
|
!
|
|
interface Port-channel9
|
|
no ip address
|
|
!
|
|
interface Port-channel10
|
|
no ip address
|
|
!
|
|
interface Port-channel11
|
|
description ** To IDF1 **
|
|
switchport
|
|
switchport trunk allowed vlan 10,20,30,35,40,51,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
flowcontrol receive on
|
|
!
|
|
interface Port-channel12
|
|
no ip address
|
|
!
|
|
interface Port-channel13
|
|
no ip address
|
|
!
|
|
interface Port-channel14
|
|
no ip address
|
|
!
|
|
interface Port-channel15
|
|
no ip address
|
|
!
|
|
interface Port-channel16
|
|
no ip address
|
|
!
|
|
interface Port-channel17
|
|
no ip address
|
|
!
|
|
interface Port-channel18
|
|
no ip address
|
|
!
|
|
interface Port-channel19
|
|
no ip address
|
|
!
|
|
interface Port-channel20
|
|
no ip address
|
|
!
|
|
interface Port-channel21
|
|
description ** To IDF2 **
|
|
switchport
|
|
switchport trunk allowed vlan 10,20,30,35,40,52,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
flowcontrol receive on
|
|
!
|
|
interface Port-channel22
|
|
no ip address
|
|
!
|
|
interface Port-channel23
|
|
no ip address
|
|
!
|
|
interface Port-channel24
|
|
no ip address
|
|
!
|
|
interface Port-channel25
|
|
no ip address
|
|
!
|
|
interface Port-channel26
|
|
no ip address
|
|
!
|
|
interface Port-channel27
|
|
no ip address
|
|
!
|
|
interface Port-channel28
|
|
no ip address
|
|
!
|
|
interface Port-channel29
|
|
no ip address
|
|
!
|
|
interface Port-channel30
|
|
no ip address
|
|
!
|
|
interface Port-channel31
|
|
description ** To IDF3 **
|
|
switchport
|
|
switchport trunk allowed vlan 10,20,30,35,40,53,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
flowcontrol receive on
|
|
!
|
|
interface Port-channel32
|
|
no ip address
|
|
!
|
|
interface Port-channel33
|
|
no ip address
|
|
!
|
|
interface Port-channel34
|
|
no ip address
|
|
!
|
|
interface Port-channel35
|
|
no ip address
|
|
!
|
|
interface Port-channel36
|
|
no ip address
|
|
!
|
|
interface Port-channel37
|
|
no ip address
|
|
!
|
|
interface Port-channel38
|
|
no ip address
|
|
!
|
|
interface Port-channel39
|
|
no ip address
|
|
!
|
|
interface Port-channel40
|
|
no ip address
|
|
!
|
|
interface Port-channel41
|
|
description to nottin-1df4-sw1
|
|
switchport
|
|
switchport trunk allowed vlan 10,20,30,35,40,54,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
flowcontrol receive on
|
|
!
|
|
interface Port-channel42
|
|
no ip address
|
|
!
|
|
interface Port-channel43
|
|
no ip address
|
|
!
|
|
interface Port-channel44
|
|
no ip address
|
|
!
|
|
interface Port-channel45
|
|
no ip address
|
|
!
|
|
interface Port-channel46
|
|
no ip address
|
|
!
|
|
interface Port-channel47
|
|
no ip address
|
|
!
|
|
interface Port-channel48
|
|
no ip address
|
|
!
|
|
interface Port-channel49
|
|
no ip address
|
|
!
|
|
interface Port-channel50
|
|
no ip address
|
|
!
|
|
interface Port-channel51
|
|
description ** To IDF5 **
|
|
switchport
|
|
switchport trunk allowed vlan 10,20,30,35,40,55,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
flowcontrol receive on
|
|
!
|
|
interface Port-channel52
|
|
no ip address
|
|
!
|
|
interface Port-channel53
|
|
no ip address
|
|
!
|
|
interface Port-channel54
|
|
no ip address
|
|
!
|
|
interface Port-channel55
|
|
no ip address
|
|
!
|
|
interface Port-channel56
|
|
no ip address
|
|
!
|
|
interface Port-channel57
|
|
no ip address
|
|
!
|
|
interface Port-channel58
|
|
no ip address
|
|
!
|
|
interface Port-channel59
|
|
no ip address
|
|
!
|
|
interface Port-channel60
|
|
no ip address
|
|
!
|
|
interface Port-channel61
|
|
description ** To IDF6 **
|
|
switchport
|
|
switchport trunk allowed vlan 10,20,30,35,40,56,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
!
|
|
interface Tunnel1
|
|
no ip address
|
|
!
|
|
interface FastEthernet1
|
|
vrf forwarding mgmtVrf
|
|
no ip address
|
|
shutdown
|
|
speed auto
|
|
duplex auto
|
|
!
|
|
interface TenGigabitEthernet1/1
|
|
description *** To mdf-sw1 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,50,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
flowcontrol receive off
|
|
channel-group 5 mode active
|
|
!
|
|
interface TenGigabitEthernet1/2
|
|
description *** To idf1-sw1 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,51,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
channel-group 11 mode active
|
|
!
|
|
interface TenGigabitEthernet1/3
|
|
description *** To idf2-sw1 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,52,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
channel-group 21 mode active
|
|
!
|
|
interface TenGigabitEthernet1/4
|
|
description *** To nottin-idfi27-sw1 - 192.168.4.31 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,53,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
channel-group 31 mode active
|
|
!
|
|
interface TenGigabitEthernet1/5
|
|
description *** To idf4-sw1 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,54,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
channel-group 41 mode active
|
|
!
|
|
interface TenGigabitEthernet1/6
|
|
description *** To notti-idf240-sw1 - 192.168.4.51 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,55,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
channel-group 51 mode active
|
|
!
|
|
interface TenGigabitEthernet1/7
|
|
description *** To idf6-sw1 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,56,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
channel-group 61 mode active
|
|
!
|
|
interface TenGigabitEthernet1/8
|
|
switchport trunk allowed vlan 10,20,30,40,50,60,70
|
|
switchport trunk native vlan 10
|
|
switchport mode trunk
|
|
shutdown
|
|
auto qos trust
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface TenGigabitEthernet1/9
|
|
switchport trunk allowed vlan 10,20,30,40,50,60,70
|
|
switchport trunk native vlan 10
|
|
switchport mode trunk
|
|
shutdown
|
|
auto qos trust
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface TenGigabitEthernet1/10
|
|
switchport trunk allowed vlan 10,20,30,40,50,60,70
|
|
switchport trunk native vlan 10
|
|
switchport mode trunk
|
|
shutdown
|
|
auto qos trust
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface TenGigabitEthernet1/11
|
|
description NVR-RING6-Nott_10.4.70.11
|
|
switchport access vlan 70
|
|
switchport mode access
|
|
!
|
|
interface TenGigabitEthernet1/12
|
|
switchport trunk allowed vlan 10,20,30,40,50,60,70
|
|
switchport trunk native vlan 10
|
|
switchport mode trunk
|
|
shutdown
|
|
auto qos trust
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface TenGigabitEthernet2/1
|
|
description *** To mdf-sw1 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,50,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
flowcontrol receive off
|
|
channel-group 5 mode active
|
|
!
|
|
interface TenGigabitEthernet2/2
|
|
description *** To idf1-sw1 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,51,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
channel-group 11 mode active
|
|
!
|
|
interface TenGigabitEthernet2/3
|
|
description *** To idf2-sw1 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,52,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
channel-group 21 mode active
|
|
!
|
|
interface TenGigabitEthernet2/4
|
|
description *** To nottin-idfi27-sw1 - 192.168.4.31 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,53,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
channel-group 31 mode active
|
|
!
|
|
interface TenGigabitEthernet2/5
|
|
description *** To idf4-sw1 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,54,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
channel-group 41 mode active
|
|
!
|
|
interface TenGigabitEthernet2/6
|
|
description *** To notti-idf240-sw1 - 192.168.4.51 ***
|
|
switchport trunk allowed vlan 10,20,30,35,40,55,59,60,70,72,251
|
|
switchport trunk native vlan 251
|
|
switchport mode trunk
|
|
channel-group 51 mode active
|
|
!
|
|
interface TenGigabitEthernet2/7
|
|
!
|
|
interface TenGigabitEthernet2/8
|
|
!
|
|
interface TenGigabitEthernet2/9
|
|
!
|
|
interface TenGigabitEthernet2/10
|
|
!
|
|
interface TenGigabitEthernet2/11
|
|
!
|
|
interface TenGigabitEthernet2/12
|
|
no switchport
|
|
no ip address
|
|
shutdown
|
|
auto qos trust
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface TenGigabitEthernet3/1
|
|
!
|
|
interface TenGigabitEthernet3/2
|
|
!
|
|
interface TenGigabitEthernet3/3
|
|
!
|
|
interface TenGigabitEthernet3/4
|
|
!
|
|
interface TenGigabitEthernet3/5
|
|
!
|
|
interface TenGigabitEthernet3/6
|
|
!
|
|
interface TenGigabitEthernet3/7
|
|
description Archive Server
|
|
switchport access vlan 70
|
|
switchport mode access
|
|
!
|
|
interface TenGigabitEthernet3/8
|
|
description to Ring#6 CCF Circuit ID 159971
|
|
switchport trunk allowed vlan 506,516,526,536
|
|
switchport trunk native vlan 525
|
|
switchport mode trunk
|
|
ip flow monitor netflow-monitor input
|
|
udld port disable
|
|
no vtp
|
|
!
|
|
interface GigabitEthernet5/1
|
|
description To UPS
|
|
switchport access vlan 10
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet5/2
|
|
description IOT - clocks
|
|
switchport access vlan 30
|
|
switchport mode access
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
!
|
|
interface GigabitEthernet5/3
|
|
description Bosch Intrusion Panel
|
|
switchport access vlan 72
|
|
switchport mode access
|
|
switchport voice vlan 50
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree portfast edge
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/4
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/5
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/6
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/7
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/8
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
speed 100
|
|
duplex full
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/9
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/10
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/11
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/12
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/13
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/14
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
!
|
|
interface GigabitEthernet5/15
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/16
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/17
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/18
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/19
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/20
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/21
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/22
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/23
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/24
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/25
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/26
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/27
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/28
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/29
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/30
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/31
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/32
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/33
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/34
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/35
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/36
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/37
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/38
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
auto qos voip cisco-phone
|
|
qos trust device cisco-phone
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
service-policy output AutoQos-4.0-Output-Policy
|
|
!
|
|
interface GigabitEthernet5/39
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/40
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/41
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/42
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
speed 100
|
|
duplex full
|
|
qos trust device cisco-phone
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
service-policy input AutoQos-4.0-Cisco-Phone-Input-Policy
|
|
!
|
|
interface GigabitEthernet5/43
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/44
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 20
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/45
|
|
description *** To Voice and Data Endpoints ***
|
|
switchport access vlan 10
|
|
switchport mode access
|
|
switchport voice vlan 52
|
|
qos trust device cisco-phone
|
|
!
|
|
interface GigabitEthernet5/46
|
|
description nvr-Nott-1Gig_10.4.70.13
|
|
switchport access vlan 70
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet5/47
|
|
description nvr-Nott-iLO_192.168.4.200
|
|
switchport access vlan 10
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet5/48
|
|
description to 3845
|
|
switchport access vlan 50
|
|
switchport mode access
|
|
!
|
|
interface Vlan1
|
|
no ip address
|
|
shutdown
|
|
!
|
|
interface Vlan10
|
|
ip address 192.168.4.1 255.255.255.0
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
no ip route-cache cef
|
|
!
|
|
interface Vlan20
|
|
ip address 10.4.1.1 255.255.248.0
|
|
ip access-group users in
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.48.189
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
!
|
|
interface Vlan21
|
|
no ip address
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.189
|
|
ip helper-address 10.1.40.19
|
|
shutdown
|
|
!
|
|
interface Vlan30
|
|
description Internet of Things
|
|
ip address 10.4.30.1 255.255.254.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
!
|
|
interface Vlan35
|
|
ip address 10.4.35.1 255.255.255.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.115
|
|
ip helper-address 10.1.40.117
|
|
ip helper-address 10.1.40.116
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
!
|
|
interface Vlan40
|
|
ip address 10.4.40.2 255.255.255.0
|
|
ip access-group hvac-acl in
|
|
no ip redirects
|
|
!
|
|
interface Vlan50
|
|
ip address 10.4.50.1 255.255.255.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
!
|
|
interface Vlan51
|
|
ip address 10.4.51.1 255.255.255.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
!
|
|
interface Vlan52
|
|
ip address 10.4.52.1 255.255.255.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
!
|
|
interface Vlan53
|
|
ip address 10.4.53.1 255.255.255.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
!
|
|
interface Vlan54
|
|
ip address 10.4.54.1 255.255.255.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
!
|
|
interface Vlan55
|
|
ip address 10.4.55.1 255.255.255.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
!
|
|
interface Vlan56
|
|
ip address 10.4.56.1 255.255.255.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
!
|
|
interface Vlan57
|
|
no ip address
|
|
!
|
|
interface Vlan60
|
|
ip address 10.4.60.1 255.255.252.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
shutdown
|
|
!
|
|
interface Vlan64
|
|
ip address 10.4.64.1 255.255.252.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
shutdown
|
|
!
|
|
interface Vlan70
|
|
description Security Cameras
|
|
ip address 10.4.70.1 255.255.254.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
!
|
|
interface Vlan72
|
|
description Access Control
|
|
ip address 10.4.72.1 255.255.255.0
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.1.40.19
|
|
no ip redirects
|
|
ip pim sparse-mode
|
|
no autostate
|
|
!
|
|
interface Vlan107
|
|
no ip address
|
|
ip helper-address 10.1.40.20
|
|
ip helper-address 10.21.48.20
|
|
ip helper-address 10.1.40.19
|
|
shutdown
|
|
!
|
|
interface Vlan230
|
|
ip address 10.4.230.1 255.255.255.224
|
|
ip access-group hvac in
|
|
shutdown
|
|
!
|
|
interface Vlan506
|
|
description to Ring #6 CCF Service #S200286
|
|
ip address 10.250.206.4 255.255.255.0
|
|
ip pim sparse-mode
|
|
ip ospf cost 3000
|
|
!
|
|
interface Vlan516
|
|
description ring6_ct-b
|
|
ip address 10.254.216.4 255.255.255.0
|
|
ip pim sparse-mode
|
|
ip ospf cost 4000
|
|
!
|
|
interface Vlan525
|
|
no ip address
|
|
!
|
|
interface Vlan526
|
|
description ring6_sh-a
|
|
ip address 10.254.226.4 255.255.255.0
|
|
ip pim sparse-mode
|
|
ip ospf cost 1000
|
|
!
|
|
interface Vlan536
|
|
description ring6_sh-b
|
|
ip address 10.254.236.4 255.255.255.0
|
|
ip pim sparse-mode
|
|
ip ospf cost 2000
|
|
!
|
|
interface Vlan1030
|
|
description HVAC IoT
|
|
no ip address
|
|
shutdown
|
|
!
|
|
router ospf 315
|
|
router-id 4.4.4.4
|
|
area 206 nssa
|
|
area 206 range 10.4.0.0 255.255.0.0
|
|
passive-interface default
|
|
no passive-interface Vlan506
|
|
no passive-interface Vlan516
|
|
no passive-interface Vlan526
|
|
no passive-interface Vlan536
|
|
network 10.4.0.0 0.0.255.255 area 206
|
|
network 10.250.206.4 0.0.0.0 area 0
|
|
network 10.254.216.4 0.0.0.0 area 0
|
|
network 10.254.226.4 0.0.0.0 area 0
|
|
network 10.254.236.4 0.0.0.0 area 0
|
|
network 192.168.4.0 0.0.0.255 area 206
|
|
!
|
|
ip local policy route-map blue
|
|
ip forward-protocol nd
|
|
ip forward-protocol udp discard
|
|
no ip http server
|
|
no ip http secure-server
|
|
ip pim rp-address 10.1.0.1
|
|
ip msdp peer 10.1.0.2 connect-source Loopback0
|
|
ip msdp peer 10.1.0.3 connect-source Loopback0
|
|
ip msdp cache-sa-state
|
|
!
|
|
ip tftp blocksize 8192
|
|
ip tacacs source-interface Vlan10
|
|
ip ssh rsa keypair-name SSHKEYS
|
|
ip ssh version 2
|
|
ip ssh dh min size 4096
|
|
ip ssh server algorithm mac hmac-sha2-256 hmac-sha2-512
|
|
ip ssh server algorithm encryption aes256-ctr aes192-ctr aes128-ctr
|
|
ip ssh server algorithm kex diffie-hellman-group14-sha1
|
|
ip ssh server algorithm publickey x509v3-ssh-rsa
|
|
!
|
|
ip access-list extended AutoQos-4.0-ACL-Bulk-Data
|
|
permit tcp any any eq ftp
|
|
permit tcp any any eq ftp-data
|
|
permit tcp any any eq 22
|
|
permit tcp any any eq smtp
|
|
permit tcp any any eq 465
|
|
permit tcp any any eq 143
|
|
permit tcp any any eq 993
|
|
permit tcp any any eq pop3
|
|
permit tcp any any eq 995
|
|
permit tcp any any eq 1914
|
|
permit tcp any any eq 443
|
|
permit tcp any any eq 1521
|
|
permit udp any any eq 1521
|
|
permit tcp any any eq 1526
|
|
permit udp any any eq 1526
|
|
permit tcp any any eq 1575
|
|
ip access-list extended AutoQos-4.0-ACL-Default
|
|
permit ip any any
|
|
ip access-list extended AutoQos-4.0-ACL-Multimedia-Conf
|
|
permit udp any any range 16384 32767
|
|
ip access-list extended AutoQos-4.0-ACL-Scavenger
|
|
permit tcp any any eq 1214
|
|
permit udp any any eq 1214
|
|
permit tcp any any range 2300 2400
|
|
permit udp any any range 2300 2400
|
|
permit tcp any any eq 3689
|
|
permit udp any any eq 3689
|
|
permit tcp any any range 6881 6999
|
|
permit tcp any any eq 11999
|
|
permit tcp any any range 28800 29100
|
|
ip access-list extended AutoQos-4.0-ACL-Signaling
|
|
permit tcp any any range 2000 2002
|
|
permit tcp any any range 5060 5061
|
|
permit udp any any range 5060 5061
|
|
ip access-list extended AutoQos-4.0-ACL-Transactional-Data
|
|
permit tcp any any eq 443
|
|
permit tcp any any eq 1521
|
|
permit udp any any eq 1521
|
|
permit tcp any any eq 1526
|
|
permit udp any any eq 1526
|
|
permit tcp any any eq 1575
|
|
permit udp any any eq 1575
|
|
permit tcp any any eq 1630
|
|
permit udp any any eq 1630
|
|
ip access-list extended BadCamera
|
|
deny ip host 10.4.70.41 any
|
|
ip access-list extended hvac-acl
|
|
permit ip any host 10.1.230.11
|
|
permit ip any host 10.1.40.108
|
|
permit udp any any eq domain
|
|
deny ip any 10.0.0.0 0.0.0.255
|
|
deny ip any 192.168.0.0 0.0.255.255
|
|
deny ip any 172.16.0.0 0.15.255.255
|
|
permit tcp any any eq 587 log count
|
|
ip access-list extended users
|
|
deny ip any 192.168.0.0 0.0.255.255
|
|
permit ip any any
|
|
!
|
|
logging trap notifications
|
|
logging origin-id hostname
|
|
logging host 10.1.40.78
|
|
access-list 101 permit tcp 10.4.30.0 0.0.1.255 any
|
|
access-list 101 permit udp any 10.4.30.0 0.0.1.255
|
|
access-list 117 permit udp host 10.1.40.189 any eq discard
|
|
!
|
|
!
|
|
snmp-server community mickey03 RO
|
|
snmp-server community mouse99 RW
|
|
snmp-server trap-source Vlan10
|
|
snmp-server location Nottingham
|
|
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
|
|
snmp-server enable traps flash insertion removal
|
|
snmp-server enable traps vlancreate
|
|
snmp-server enable traps vlandelete
|
|
snmp-server enable traps envmon fan shutdown supply temperature status
|
|
snmp-server enable traps config
|
|
snmp ifmib ifindex persist
|
|
snmp mib persist cbqos
|
|
!
|
|
tacacs server noc-cp-a
|
|
address ipv4 10.1.40.116
|
|
key 7 08324F5D0D5A00130752
|
|
tacacs server noc-cp-b
|
|
address ipv4 10.1.40.117
|
|
key 7 08324F5D0D5A00130752
|
|
!
|
|
!
|
|
privilege configure all level 10 logging
|
|
privilege exec level 10 show running-config view full
|
|
privilege exec level 10 show running-config view
|
|
privilege exec all level 10 show running-config
|
|
privilege exec level 10 show interfaces
|
|
privilege exec level 10 show
|
|
banner motd ^C
|
|
!!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!!
|
|
! !
|
|
! You are accessing a PRIVATE COMPUTING FACILITY. !
|
|
! Access to this system is restricted to AUTHORIZED PERSONNEL. !
|
|
! !
|
|
! Anyone who accesses this system without authorization, or in !
|
|
! excess of their authorization could be subject to a fine, !
|
|
! imprisonment, or both under Public and Federal Law. By entering !
|
|
! this system, you consent to having your accesses and activities !
|
|
! monitored and recorded. !
|
|
! !
|
|
! If this monitoring or record reveals suspected unauthorized !
|
|
! or criminal activity, the evidence will be provided !
|
|
! to supervisory personnel and law enforcement officials. !
|
|
! !
|
|
! IF YOU ARE NOT AUTHORIZED TO BE HERE DISCONNECT NOW ! !
|
|
! !
|
|
!!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!! WARNING !!!!!
|
|
^C
|
|
alias exec show-running-config show running-config view full
|
|
!
|
|
line con 0
|
|
exec-timeout 0 0
|
|
password 7 121C1C12300E0929
|
|
logging synchronous
|
|
transport preferred none
|
|
stopbits 1
|
|
line vty 0 4
|
|
exec-timeout 0 0
|
|
password 7 01001F160A2A02022842
|
|
length 0
|
|
transport preferred ssh
|
|
transport input ssh
|
|
line vty 5 15
|
|
exec-timeout 15 0
|
|
password 7 01001F160A2A02022842
|
|
length 0
|
|
transport preferred ssh
|
|
transport input ssh
|
|
!
|
|
ntp server 10.1.1.2 prefer
|
|
ntp server 10.1.1.3
|
|
!
|
|
end |