Building configuration...

Current configuration : 18442 bytes
!
! Last configuration change at 08:09:57 MSK Tue Jul 5 2022 by adm_kapustinal
! NVRAM config last updated at 01:00:05 MSK Thu Jul 28 2022
!
version 15.2
service nagle
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
service password-encryption
service sequence-numbers
!
hostname IZH-KG-P11-SW-1c-1
!
boot-start-marker
boot-end-marker
!
logging buffered 512000 informational
enable secret 5 $1$V7o2$VGGspCSgKHYg21QwKqhwY/
!
username netadmin privilege 15 secret 5 $1$pV1K$8IetiBm1NEkMxD5pGTCWA1
aaa new-model
!
!
aaa group server radius NPS
 server name IZH-RDS002
 server name P11-RDS003
 load-balance method least-outstanding
!
aaa authentication login default group NPS local enable
aaa authentication login CONSOLE local group NPS
aaa authorization exec default group NPS local if-authenticated 
!
!
!
!
!
!
aaa session-id common
clock timezone MSK 4 0
switch 1 provision ws-c2960s-48ts-l
no ip source-route
no ip gratuitous-arps
!
!
ip dhcp snooping vlan 2,5,12,150,351,500
ip dhcp snooping
no ip domain-lookup
ip domain-name komos.ru
ip host VM-KG-NET 10.1.12.70
ip host tftp 10.4.0.214
login on-failure log
login on-success log
vtp mode transparent
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-3369412224
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3369412224
 revocation-check none
 rsakeypair TP-self-signed-3369412224
!
!
crypto pki certificate chain TP-self-signed-3369412224
 certificate self-signed 01
  30820253 308201BC A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 33333639 34313232 3234301E 170D3933 30333031 30303033 
  30375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 33363934 
  31323232 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100E2AE 1C44F6D6 1B201914 6B6E3507 23C3E50A 280EC65D 1BDA22A3 5B7FB101 
  8E20D634 7CA1ACB0 FD577842 DB876737 B6D37D8B 121CBC08 3FD3B067 BE8BA44E 
  F0A78443 097254D2 5BD9F1D2 36892168 D85D7B70 857452CC 90B38992 68D021C1 
  467672BA EBBE67F0 6269C45C DD2BDC4D FEB4D671 A8D2D468 43A5D34A 4D7A9DB0 
  177F0203 010001A3 7B307930 0F060355 1D130101 FF040530 030101FF 30260603 
  551D1104 1F301D82 1B495A48 2D4B472D 5031312D 53572D31 632D312E 6B6F6D6F 
  732E7275 301F0603 551D2304 18301680 14F9C1A2 D15097AE A0B8091F 91858C1D 
  7B24E01D A4301D06 03551D0E 04160414 F9C1A2D1 5097AEA0 B8091F91 858C1D7B 
  24E01DA4 300D0609 2A864886 F70D0101 04050003 81810048 7F935FB9 D3F88484 
  28B732FD DB498BF7 E0D23278 AE102645 4681BFD7 18DCAB40 0B0B09D3 48EF960A 
  6E6FB79E 1B16CF4D 8BA2298D 18A25170 63295A8C 94878870 599AACD9 A636B2E1 
  87FAECF5 3AC3422D 7828B790 F1F409C6 B5BC3E10 CA1A1940 516B3C62 31E9DD05 
  0EDC8B9F EE9BAD48 DB0DBA6F 7EBD3F06 F4007A5E 9E6245
  	quit
archive
 log config
  logging enable
  logging size 900
  notify syslog contenttype plaintext
  hidekeys
 path tftp://tftp/IZH/KG/P11-SW_L2/$H.$T.conf
 write-memory
 time-period 10080
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause port-mode-failure
errdisable recovery cause loopback
errdisable recovery interval 600
!
!
!
!
vlan internal allocation policy ascending
!
vlan 2
 name KG_LAN-USER
!
vlan 5
 name KG_LAN-ADMIN
!
vlan 12 
!
vlan 100
 name Inbound_management
!
vlan 150
 name KG_WIFI-USER
!
vlan 300
 name KG_MGMT-NET
!
vlan 301
 name KG_MGMT-WIFI
!
vlan 351
 name KG_VOIP
!
vlan 500
 name KG_WIFI-GUEST
!
lldp run
!
! 
!
!
!
!
!
!
!
!
interface Loopback7777
 description TK5739m
 no ip address
 shutdown
!
interface Port-channel1
 description [CORE] SW-1-1
 switchport mode trunk
 ip dhcp snooping trust
!
interface Port-channel2
 description LINK_TO_1c-2
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0
 no ip address
!
interface GigabitEthernet1/0/1
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/2
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/3
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/4
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/5
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/6
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/7
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/8
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/9
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/10
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/11
 description [ACC] 1c-2-10
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/12
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/13
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/14
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/15
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/16
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 speed 100
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/17
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/18
 description [ACC] 1c-1-36
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/19
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/20
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/21
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/22
 description KG_ADMIN_CARAL
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/23
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/24
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/25
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/26
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/27
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/28
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/29
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/30
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/31
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/32
 description [ACC] 1c-1-XX
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/33
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/34
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/35
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/36
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/37
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/38
 description [ACC] 1c-1-20
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/39
 description [ACC] 1c-1-19
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/40
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/41
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/42
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/43
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/44
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/45
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/46
 description ACCESS
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/47
 description [PRN] Cvetnoy
 switchport access vlan 2
 switchport mode access
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 no lldp transmit
 no lldp receive
!
interface GigabitEthernet1/0/48
 description [WIFI] AP-1-127-KSV-v2
 switchport trunk native vlan 12
 switchport trunk allowed vlan 5,12,150,301,500
 switchport mode trunk
 no snmp trap link-status
 storm-control broadcast level 30.00
!
interface GigabitEthernet1/0/49
 description [CORE] Po1 SW-1-1
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 channel-group 1 mode on
 ip dhcp snooping trust
!
interface GigabitEthernet1/0/50
 description PORT-CHANNEL
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 channel-group 1 mode on
 ip dhcp snooping trust
!
interface GigabitEthernet1/0/51
 description PORT-CHANNEL
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 channel-group 2 mode on
 ip dhcp snooping trust
!
interface GigabitEthernet1/0/52
 description PORT-CHANNEL
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 channel-group 2 mode on
 ip dhcp snooping trust
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan12
 no ip address
!
interface Vlan100
 ip address 10.1.1.11 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
!
ip default-gateway 10.1.1.1
no ip http server
ip http secure-server
!
ip tftp source-interface Vlan100
ip ssh authentication-retries 2
!
kron occurrence EveryDay at 1:00 recurring
 policy-list SaveBackup
!
kron policy-list SaveBackup
 cli write memory
!
logging trap debugging
logging origin-id hostname
logging facility local6
logging source-interface Vlan100
logging host 10.4.244.4 transport udp port 515
access-list 23 permit any
access-list 23 deny   any log
!
snmp-server community private RW
snmp-server community lmTUEsk6Yvlv RO
snmp-server host 10.1.122.227 lmTUEsk6Yvlv 
snmp-server host 10.1.122.227 public 
tacacs-server host 192.168.2.2
tacacs-server directed-request
tacacs-server key 7 153A0A1E16253C37
!
!
radius server IZH-RDS002
 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405
!
radius server P11-RDS003
 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405
!
privilege exec all level 7 show cdp
privilege exec all level 7 show running-config
privilege exec all level 7 show configuration
privilege exec level 7 show
banner login ^CC
*****************************************************************************
*                                                                           *
*                            OOO "KOMOS GROUP"                              *
*                              Pesochnaya 11                                *
*                                1st FLOOR                                  *
*                               Kabinet 127                                 *
*                                                                           *
*                    UNAUTHORIZED ACCESS IS PROHIBITED                      *
*                                                                           *
*                     You have accessed network equipment.                  *
*  You must have authorized permission to access or configure this device.  *
*     All activities performed on this device are logged and monitored.     *
*                                                                           *
*****************************************************************************^C
!
line con 0
 logging synchronous
 login authentication CONSOLE
line vty 0 4
 access-class 23 in
 logging synchronous
 login authentication NPS
 length 0
 transport input ssh
line vty 5 15
 access-class 23 in
 logging synchronous
 login authentication NPS
 transport input ssh
!
ntp source Vlan100
ntp server 10.1.1.2
end