Building configuration...

Current configuration : 14280 bytes
!
! Last configuration change at 10:48:29 MSK Wed Jul 27 2022 by akhmetzyanovrr_adm
! NVRAM config last updated at 01:00:04 MSK Thu Jul 28 2022
!
version 15.2
service nagle
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
service password-encryption
service sequence-numbers
!
hostname IZH-KG-P11-SW-3-1
!
boot-start-marker
boot-end-marker
!
logging buffered 512000 informational
enable secret 5 $1$j4UP$Wgs2xMeWlYNzcOvcwfmE90
!
username netadmin privilege 15 secret 5 $1$CQeO$S4HH/vnzngIp6U6ZFLfrO0
aaa new-model
!
!
aaa group server radius NPS
 server name IZH-RDS002
 server name P11-RDS003
 load-balance method least-outstanding
!
aaa authentication login default group NPS local enable
aaa authentication login CONSOLE local group NPS
aaa authorization exec default group NPS local if-authenticated 
!
!
!
!
!
!
aaa session-id common
clock timezone MSK 4 0
switch 1 provision ws-c2960s-24ts-l
no ip source-route
no ip gratuitous-arps
!
!
ip dhcp snooping vlan 2-4094
ip dhcp snooping
no ip domain-lookup
ip domain-name komos.ru
ip host tftp 10.4.0.214
ip host VM-KG-NET 10.1.12.70
login on-failure log
login on-success log
vtp mode transparent
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-2259452544
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2259452544
 revocation-check none
 rsakeypair TP-self-signed-2259452544
!
!
crypto pki certificate chain TP-self-signed-2259452544
 certificate self-signed 01
  3082024D 308201B6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 32323539 34353235 3434301E 170D3138 30383232 31343239 
  32355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 32353934 
  35323534 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100A59A BFED056D 9D333446 C726AC40 7EADF72F 966D3CE2 994B6BDE DA919AF5 
  88FA8465 71AD5D71 2DFA930A CF6162D3 9B876348 6B8EB217 58186614 2BDE7EC9 
  300F16E1 4F8CCCB3 FD2A4095 1A033720 D8AD8025 9FC4F5BB F630B39F B61DC1D0 
  DF2B366D A28EEA43 155997C6 DFD97C5E 8F899AFA FE25CFB6 5401AE34 C1631D56 
  10770203 010001A3 75307330 0F060355 1D130101 FF040530 030101FF 30200603 
  551D1104 19301782 15495A48 2D4B472D 5357332D 312E6B6F 6D6F732E 7275301F 
  0603551D 23041830 168014D8 19514B07 87F7B754 F1D402B3 FDE57470 03EBCF30 
  1D060355 1D0E0416 0414D819 514B0787 F7B754F1 D402B3FD E5747003 EBCF300D 
  06092A86 4886F70D 01010405 00038181 0083F8B2 5C592E0D 2341687F B700B29C 
  562535BF D5C63A0D 8ADFB971 C8C620D1 4429AA92 E84E3054 B81DC65E 662D4431 
  032A7DBA 454FE975 CB1632FF 3F29562A 8AA23974 DB92F630 004B28B5 135CDAC6 
  513D9FF5 172CAEE3 2C20A8B9 E2D6B6DC 83901E4D 8DB3E493 3B0FB98B DC1F6552 
  A9D4DF44 25A7BC33 BB798A58 C225E368 53
  	quit
archive
 log config
  logging enable
  logging size 900
  notify syslog contenttype plaintext
  hidekeys
 path tftp://tftp/IZH/KG/P11-SW_L2/$H.$T.conf
 write-memory
 time-period 10080
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause port-mode-failure
errdisable recovery cause loopback
errdisable recovery interval 600
!
!
!
!
vlan internal allocation policy ascending
!
vlan 2
 name KG_LAN-USER
!
vlan 5
 name KG_LAN-ADMIN
!
vlan 6
 name IMP-LAN
!
vlan 8
 name KG_VOIP_TEST_USERS
!
vlan 11 
!
vlan 12
 name WIRELESS_UNIFI
!
vlan 100
 name Inbound_management
!
vlan 150
 name KG_WIFI-USER
!
vlan 151
 name KG_KOMOS-CONF
!
vlan 152 
!
vlan 154
 name Eltex_WIFI
!
vlan 202 
!
vlan 204
 name KG_Kaznach
!
vlan 300
 name KG_MGMT-NET
!
vlan 301
 name KG_MGMT-WIFI
!
vlan 303 
!
vlan 304
 name WIFI_ARUBA_MGM
!
vlan 307
 name SKUD
!
vlan 310
 name --MGM_UPS--
!
vlan 351
 name KG_VOIP
!
vlan 352
 name KG_VOIP_TEST
!
vlan 500
 name KG_WIFI-GUEST
!
vlan 3333
 name HUAWEI_WIFI_NETWORK
!
vlan 3334
 name HUAWEI_WIFI_NETWORK_USERS
!
lldp run
!
! 
!
!
!
!
!
!
!
!
interface Loopback7777
 description TKO1000765
 no ip address
 shutdown
!
interface Loopback99999
 description test
 no ip address
!
interface Port-channel1
 description [CORE] SW-1-1
 switchport mode trunk
 ip dhcp snooping trust
!
interface Port-channel5
 description test_huawei
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0
 no ip address
!
interface GigabitEthernet1/0/1
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/2
 description ELTEX-WIFI
 switchport access vlan 5
 switchport trunk native vlan 154
 switchport trunk allowed vlan 150,154
 switchport mode trunk
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/3
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/4
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/5
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/6
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/7
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/8
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/9
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/10
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/11
 description [PRN] Kab 307
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 speed 100
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/12
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/13
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/14
 description NAS-SRV
 switchport access vlan 12
 switchport mode access
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
!
interface GigabitEthernet1/0/15
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/16
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 speed 10
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/17
 description 303kab
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/18
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/19
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/20
 description NONE
 switchport access vlan 5
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/21
 description Mikrotik_Kapustin
 switchport access vlan 5
 switchport trunk allowed vlan 2,5,8,11,12,100,150,152,154,303,310,351,352
 switchport mode trunk
 switchport voice vlan 351
 logging event trunk-status
 logging event spanning-tree
 spanning-tree portfast
!
interface GigabitEthernet1/0/22
 description Mikrotik_Rustam
 switchport trunk allowed vlan 2,5,8,11,12,100,150,204,303,304,351,352
 switchport mode trunk
 switchport voice vlan 351
 storm-control broadcast level pps 200
 storm-control multicast level pps 200
 spanning-tree portfast
!
interface GigabitEthernet1/0/23
 description [ACC] Luchikov
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 351
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 spanning-tree portfast
!
interface GigabitEthernet1/0/24
 description [WIFI] AP-3-306-IT
 switchport trunk native vlan 12
 switchport trunk allowed vlan 5,12,150,151,301,500
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
!
interface GigabitEthernet1/0/25
 description [CORE] Po1 SW-1-1
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 channel-group 1 mode on
 ip dhcp snooping trust
!
interface GigabitEthernet1/0/26
 description PORT-CHANNEL
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 channel-group 1 mode on
 ip dhcp snooping trust
!
interface GigabitEthernet1/0/27
 description PORT-CHANNEL
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 channel-group 1 mode on
 ip dhcp snooping trust
!
interface GigabitEthernet1/0/28
 description TO_SW-3-2
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 ip dhcp snooping trust
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan100
 ip address 10.1.1.31 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
!
ip default-gateway 10.1.1.1
no ip http server
ip http secure-server
!
ip tftp source-interface Vlan100
ip ssh authentication-retries 2
!
ip access-list extended TEST
 deny   ip host 10.1.122.227 any
 permit ip any any
ip access-list extended test
kron occurrence EveryDay at 1:00 recurring
 policy-list SaveBackup
!
kron policy-list SaveBackup
 cli write memory
!
logging trap debugging
logging origin-id hostname
logging facility local6
logging source-interface Vlan100
logging host 10.4.244.4 transport udp port 515
access-list 23 permit any
access-list 23 deny   any log
!
snmp-server community lmTUEsk6Yvlv RO
snmp-server host 10.1.122.227 lmTUEsk6Yvlv 
!
radius-server attribute 31 send nas-port-detail
!
radius server IZH-RDS002
 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405
!
radius server P11-RDS003
 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405
!
privilege exec all level 7 show cdp
privilege exec level 7 show startup-config
privilege exec all level 7 show running-config
privilege exec all level 7 show configuration
privilege exec level 7 show
banner login ^CC
*****************************************************************************
*                                                                           *
*                            OOO "KOMOS GROUP"                              *
*                              Pesochnaya 11                                *
*                                3th FLOOR                                  *
*                              IT DEPARTMENT                                *
*                                                                           *
*                    UNAUTHORIZED ACCESS IS PROHIBITED                      *
*                                                                           *
*                     You have accessed network equipment.                  *
*  You must have authorized permission to access or configure this device.  *
*     All activities performed on this device are logged and monitored.     *
*                                                                           *
*****************************************************************************^C
!
line con 0
 logging synchronous
line vty 0 4
 exec-timeout 120 0
 logging synchronous
 login authentication NPS
 length 0
 transport input ssh
line vty 5 15
 exec-timeout 120 0
 logging synchronous
 login authentication NPS
 transport input ssh
!
ntp source Vlan100
ntp server 10.1.1.2
end