503 lines
13 KiB
INI
503 lines
13 KiB
INI
Current configuration:
|
|
!
|
|
!Version ArubaOS-CX FL.10.13.1161
|
|
!export-password: default
|
|
hostname sh-noc-ilo-a6300-a
|
|
banner motd #
|
|
!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
! You are accessing a PRIVATE COMPUTING FACILITY. !
|
|
! Access to this system is restricted to AUTHORIZED PERSONNEL. !
|
|
! !
|
|
! Anyone who accesses this system without authorization, or in !
|
|
! excess of their authorization could be subject to a fine, !
|
|
! imprisonment, or both under Public and Federal Law. By entering !
|
|
! this system, you consent to having your accesses and activities !
|
|
! monitored and recorded. If this monitoring or record reveals !
|
|
! suspected unauthorized or criminal activity, the evidence will !
|
|
! be provided to supervisory personnel and law enforcement officials. !
|
|
! !
|
|
! IF YOU ARE NOT AUTHORIZED TO BE HERE DISCONNECT NOW! !
|
|
!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
#
|
|
lldp management-address vlan 10
|
|
user admin group administrators password ciphertext AQBapZv2wjYecqPhsfcsIG3A8bsqwO5pSWmgJ4mlMqCQgovcYgAAAJ1P1gS+QBZjkkXlzBDKygiYD7+/G59/Z2zQbgHWEov50vu5rfYq8BEXyMdqGYA4t5eR0blVvGJjTbmCUhBvpCsAYd+ql1o2gdZJIySkgPv2Bn1gcBUIA+s/JZ4Bp/zqL7kJ
|
|
clock timezone america/new_york
|
|
loop-protect re-enable-timer 30
|
|
ntp server 10.1.1.2 iburst
|
|
ntp server pool.ntp.org minpoll 4 maxpoll 4 iburst
|
|
ntp enable
|
|
!
|
|
!
|
|
!
|
|
!
|
|
tacacs-server host 10.1.40.115 key ciphertext AQBapVi+DROPlEz6Xbj+XmpTBSkRpiUzT1pbN2jAPxpROpXUCQAAAJo2rByQo6PmHA== vrf mgmt
|
|
tacacs-server host 10.1.40.116 key ciphertext AQBapTMexGftwvG8GZ2szVaR0b5Bs1O+CahONxWesmjhVflWCQAAABeynYJRsrGFbw== vrf mgmt
|
|
tacacs-server host 10.1.40.117 key ciphertext AQBapfMBiaIuTVGmW2FxxbLym619rkZ2kr4G5MGKyYXwNtMnCQAAAPkbS5B7uM2dFQ== vrf mgmt
|
|
!
|
|
radius-server host 10.1.40.115 key ciphertext AQBapfPfGeGTeC+uVhI32/gbSn2pPil0Yoky28Y/vD3H9ZppCQAAAJYGS+ioflSAUA== vrf mgmt
|
|
radius-server host 10.1.40.116 key ciphertext AQBapaBjm1i/LGBgK5acd6xv7+mJFH8So4ZG6i1CimuLIxfrCQAAAAYr/eoO6OvRGw== vrf mgmt
|
|
radius-server host 10.1.40.117 key ciphertext AQBapTkTxKDQj8j2smkObCcvYfgJUz0/GTnOqTjMTQZEAXm2CQAAAK0INinpnLsheA== vrf mgmt
|
|
aaa authentication allow-fail-through
|
|
!
|
|
!
|
|
aaa group server radius cppm
|
|
server 10.1.40.115 vrf mgmt
|
|
server 10.1.40.116 vrf mgmt
|
|
server 10.1.40.117 vrf mgmt
|
|
!
|
|
aaa authentication login default group tacacs local
|
|
aaa accounting all-mgmt console start-stop group tacacs
|
|
aaa accounting all-mgmt default start-stop group radius
|
|
aaa accounting all-mgmt https-server start-stop group radius
|
|
aaa accounting all-mgmt ssh start-stop group tacacs
|
|
aaa accounting port-access start-stop group tacacs
|
|
!
|
|
radius dyn-authorization enable
|
|
!
|
|
radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapdnIE2FNvoogRkpJl/ZuwykWLHmd/fTvyZgCIG/3v4r2CQAAAOEQtqkUDdiHIQ==
|
|
radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBapWvYPppJSj3xHhiE1gkzB+C3/PyQn47nEWIgmkkVtuc1CQAAANedzl/ZTjTqCg==
|
|
radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapSNwoTvxxdmfzKtuW53EJoL6/U0I6T2/UiPZgvMVyWGWCQAAAN3uenBRrhnjjA==
|
|
logging 10.1.40.144 severity alert
|
|
ssh server vrf default
|
|
ssh server vrf mgmt
|
|
ssh key-exchange-algorithms curve25519-sha256 curve25519-sha256@libssh.org diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512
|
|
vsf member 1
|
|
type jl663a
|
|
dhcpv4-snooping
|
|
client track ip
|
|
vlan 1,10
|
|
vlan 20
|
|
name data
|
|
shutdown
|
|
vlan 35
|
|
name Wireless_Controller_Admin
|
|
description Wireless Controller Admin
|
|
vlan 101
|
|
name mgmt-ct-noc
|
|
description Aruba CT-NOC Management vlan
|
|
vlan 114
|
|
name mgmt-sh-noc
|
|
description Aruba SH-NOC Management vlan
|
|
vlan 699
|
|
name SCSDDCDefaultVLAN
|
|
spanning-tree mode rpvst
|
|
spanning-tree
|
|
spanning-tree bpdu-guard timeout 30
|
|
spanning-tree ignore-pvid-inconsistency
|
|
spanning-tree vlan 10,35,101,114,699
|
|
spanning-tree vlan 10 priority 15
|
|
spanning-tree vlan 35 priority 15
|
|
spanning-tree vlan 101 priority 15
|
|
spanning-tree vlan 114 priority 15
|
|
spanning-tree vlan 699 priority 15
|
|
interface mgmt
|
|
no shutdown
|
|
ip static 192.168.114.19/24
|
|
default-gateway 192.168.114.1
|
|
interface lag 231
|
|
description Uplink LAG
|
|
no shutdown
|
|
no routing
|
|
vlan trunk native 699 tag
|
|
vlan trunk allowed all
|
|
lacp mode active
|
|
interface 1/1/1
|
|
description iLo_NVR1_Row1_Rack3
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/2
|
|
description iLo_NVR2_Row1_Rack3
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/3
|
|
description DC04-iLo
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/4
|
|
description iLo_NVR4_Row1_Rack3
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/5
|
|
description iLo_NVR5_Row1_Rack3
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/6
|
|
description iLo_NVR1_Row1_Rack4
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/7
|
|
description iLo_NVR2_Row1_Rack4
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/8
|
|
description iLo_NVR3_Row1_Rack4
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/9
|
|
description iLo_NVR4_Row1_Rack4
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/10
|
|
description iLo_NVR5_Row1_Rack4
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/11
|
|
description iLo_NVR1_Row1_Rack5
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/12
|
|
description iLo_NVR2_Row1_Rack5
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/13
|
|
description iLo_NVR3_Row1_Rack5
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/14
|
|
description iLo_NVR4_Row1_Rack5
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/15
|
|
description iLo_NVR5_Row1_Rack5
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/16
|
|
description iLo_NVR1_Row1_Rack6
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/17
|
|
description iLo_NVR2_Row1_Rack6
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/18
|
|
description iLo_NVR3_Row1_Rack6
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/19
|
|
description iLo_NVR4_Row1_Rack6
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/20
|
|
description iLo_NVR5_Row1_Rack6
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
spanning-tree bpdu-guard
|
|
spanning-tree port-type admin-edge
|
|
spanning-tree root-guard
|
|
spanning-tree tcn-guard
|
|
loop-protect
|
|
client track ip enable
|
|
client track ip update-interval 120
|
|
interface 1/1/21
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/22
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/23
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/24
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/25
|
|
description CharlieBrown_iLo
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/26
|
|
description Snoopy_iLo
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/27
|
|
description Lucy_iLo
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/28
|
|
description Woodstock_iLo
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/29
|
|
description Linus_iLo
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/30
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/31
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/32
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/33
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/34
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/35
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/36
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/37
|
|
description Linewize-A-MGT
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/38
|
|
description Linewize-A-IPMI
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/39
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/40
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/41
|
|
description sh-noc-a8360-2-a
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/42
|
|
description sh-noc-a8360-2-b
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/43
|
|
description sh-noc-a8360-3-a mgmt
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/44
|
|
description sh-noc-a8360-3-b mgmt
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/45
|
|
description sh-noc-a8360-1-a mgmt
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/46
|
|
description sh-noc-a8360-1-b mgmt
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/47
|
|
description sh-noc-a8360-4-a mgmt
|
|
no shutdown
|
|
no routing
|
|
vlan access 114
|
|
interface 1/1/48
|
|
description JuniperB_Mgmt
|
|
no shutdown
|
|
no routing
|
|
vlan access 10
|
|
interface 1/1/49
|
|
no shutdown
|
|
no routing
|
|
vlan access 1
|
|
interface 1/1/50
|
|
no shutdown
|
|
no routing
|
|
vlan access 1
|
|
interface 1/1/51
|
|
description Uplink LAG
|
|
no shutdown
|
|
lag 231
|
|
interface 1/1/52
|
|
description Uplink LAG
|
|
no shutdown
|
|
lag 231
|
|
interface vlan 1
|
|
ip dhcp
|
|
snmp-server vrf default
|
|
snmp-server system-description sh-noc-6300-1-9
|
|
snmp-server system-location SH-NOC
|
|
snmp-server system-contact Tim Marris
|
|
snmp-server community mickey03
|
|
mirror session 1
|
|
destination interface 1/1/7
|
|
source interface 1/1/5 both
|
|
enable
|
|
ip dns domain-name scsd.ad
|
|
ip dns server-address 10.1.40.10
|
|
ip dns server-address 10.1.48.10
|
|
ip dns server-address 10.1.40.10 vrf mgmt
|
|
ip dns server-address 10.1.48.11 vrf mgmt
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
https-server vrf default
|
|
https-server vrf mgmt
|
|
configuration-lockout central managed |