Building configuration...

Current configuration : 12316 bytes
!
! Last configuration change at 09:02:48 MSK Fri Jul 1 2022 by akhmetzyanovrr_adm
! NVRAM config last updated at 01:00:03 MSK Thu Jul 28 2022
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname KZN-MLK-KMK-SW-1-7
!
boot-start-marker
boot-end-marker
!
!
username netadmin privilege 15 secret 5 $1$KndH$cfO8bwEDMOTsETRnuOM4/.
aaa new-model
!
!
aaa group server radius NPS
 server name IZH-RDS002
 server name P11-RDS003
 load-balance method least-outstanding
!
aaa authentication login default group NPS local enable
aaa authentication login CONSOLE local group NPS
aaa authorization exec default group NPS local if-authenticated 
!
!
!
!
!
!
aaa session-id common
clock timezone MSK 3 0
switch 1 provision ws-c2960s-48fps-l
!
!
no ip domain-lookup
ip domain-name milkom-komos.ru
ip host tftp 10.4.0.214
ip device tracking
vtp mode off
!
!
crypto pki trustpoint TP-self-signed-1740317184
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1740317184
 revocation-check none
 rsakeypair TP-self-signed-1740317184
!
!
crypto pki certificate chain TP-self-signed-1740317184
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 31373430 33313731 3834301E 170D3131 30333330 30343038 
  31305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37343033 
  31373138 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100A474 BCFD8653 76A26B01 E478B7DF 96B6492A 81B12F9B 0B841C06 039E03CF 
  73ED0FC6 F7D5998A 896B0FCB 71B80B3B 08132324 4D44BAA9 B7FE14A6 9968368C 
  6EC2AEC9 749056DD 95DEE8D9 FEAF0537 C5090573 165A51DD A05CA918 7BBD7B05 
  0928197F A4CF2515 74D51A9E 5B8B9359 0ED50022 CD442E64 9D14FA56 6D2AB020 
  89210203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 
  551D2304 18301680 14B19B12 04747B85 6F1E9272 CDC6B521 0980F5C4 78301D06 
  03551D0E 04160414 B19B1204 747B856F 1E9272CD C6B52109 80F5C478 300D0609 
  2A864886 F70D0101 05050003 81810034 BDB2D7FE 76FCDCF7 59B7BCFB 502C4ADD 
  E830AF0F 320266C4 06A59F1D B5BDE97D 60DCACF2 B239EFEF FEB8BEC7 64DAE236 
  BC633A4C A84C49BE DCB5D13C D4FA0B3E 4DBBF310 E0208B89 FB00EA71 647521A3 
  E996F4FB 60823A24 4C37523C 049157A0 35AB24FC 6E1DCF59 040D5D61 0EEBB787 
  AB513E8C 69F38062 63E546EB 075C97
  	quit
archive
 log config
  logging enable
  logging size 900
  notify syslog contenttype plaintext
  hidekeys
 path tftp://tftp/KZN/MLK/KMK-SW_L2/$H-$T
 write-memory
 time-period 10080
!
spanning-tree mode rapid-pvst
spanning-tree logging
no spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
spanning-tree vlan 2-4094 priority 12288
!
!
!
!
!
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause sfp-config-mismatch
errdisable recovery cause gbic-invalid
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause mac-limit
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery cause inline-power
errdisable recovery cause loopback
errdisable recovery cause small-frame
errdisable recovery interval 60
!
!
!
!
vlan internal allocation policy ascending
!
vlan 13
 name --Users-KU13--
!
vlan 16
 name --Users_KU16--
!
vlan 101
 name --PRINTERS--
!
vlan 111
 name INTERCONNECT
!
vlan 150
 name --Wi-Fi_WORK--
!
vlan 200
 name Guest_WiFi
!
vlan 201
 name test
!
vlan 220 
!
vlan 250
 name --SERVERS_37.0/24--
!
vlan 251
 name --SERVERS_BACKUP--
!
vlan 252
 name --SERVERS_VIDEO--
!
vlan 300
 name --MANAGMENT--
!
vlan 301
 name --Wi-Fi_MANAGEMENT--
!
vlan 350
 name --VOICE--
!
vlan 450
 name --Wi-Fi_SKLAD--
!
vlan 500
 name --Wi-Fi_GUEST--
!
vlan 550
 name --PRODACTION_TRANSFER--
!
vlan 555
 name --BGP_TRANSIT--
!
vlan 603
 name CRPT_Markirovka
!
vlan 4093
 name DOMRU_FOR_KOMOS_STROY
!
vlan 4094
 name L2VPN_Tattelecom_for_MCHS
!
ip tftp source-interface Vlan300
ip ssh authentication-retries 2
ip ssh logging events
ip ssh version 2
lldp run
!
! 
!
!
!
!
!
!
!
!
interface Port-channel1
 description [CORE] SW-1-1
 switchport mode trunk
!
interface FastEthernet0
 no ip address
!
interface GigabitEthernet1/0/1
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/2
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/3
 description [CAM] Trassir
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/4
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/5
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/6
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/7
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/8
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/9
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/10
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/11
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/12
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/13
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/14
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/15
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/16
 description [ACC]
 switchport mode access
 no snmp trap link-status
 spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/17
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/18
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/19
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/20
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/21
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/22
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/23
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/24
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/25
 description [ACC] KOMOSSTROY
 switchport access vlan 4093
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/26
 description [WIFI] AP-1-4-k405
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/27
 description [ACC] L2VPN Tattelecom
 switchport access vlan 4094
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/28
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/29
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/30
 description [ACC]
 switchport trunk native vlan 301
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/31
 description [ACC]
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/32
 description [SRV]
 switchport mode trunk
 no snmp trap link-status
 storm-control multicast level pps 500
 storm-control action trap
!
interface GigabitEthernet1/0/33
 description [SRV]
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/34
 description [SRV]
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/35
 description [SRV]
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/36
 description [SRV]
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/37
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/38
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/39
 description [WIFI] Yurchenko AP
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/40
 description [WIFI] AP-1-4-Kozhura
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/41
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/42
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/43
 description [WIFI] AP-1-4-Peregovorka
 switchport trunk native vlan 301
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/44
 description [KU] KU1-3_4_5
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/45
 description [KU]
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/46
 description [ACC]
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/47
 description [CORE] Po1
 switchport mode trunk
 no snmp trap link-status
 channel-group 1 mode active
!
interface GigabitEthernet1/0/48
 description [CORE] Po1
 switchport mode trunk
 no snmp trap link-status
 channel-group 1 mode active
!
interface GigabitEthernet1/0/49
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/50
 switchport mode trunk
!
interface GigabitEthernet1/0/51
 switchport mode trunk
!
interface GigabitEthernet1/0/52
 switchport mode trunk
!
interface Vlan1
 no ip address
!
interface Vlan111
 description INTERCONNECT
 no ip address
!
interface Vlan200
 description GuestWiFI
 no ip address
!
interface Vlan220
 description SkladWiFi
 no ip address
!
interface Vlan300
 description --MGM--
 ip address 10.5.62.7 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
!
ip default-gateway 10.5.62.254
no ip http server
ip http secure-server
!
!
ip radius source-interface Vlan300 
kron occurrence EveryDay at 1:00 recurring
 policy-list SaveBackup
!
kron policy-list SaveBackup
 cli write memory
!
logging trap debugging
logging origin-id hostname
logging facility local6
logging source-interface Vlan300
logging host 10.4.244.4 transport udp port 515
!
snmp-server community lmTUEsk6Yvlv RO
!
!
radius server IZH-RDS002
 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN
!
radius server P11-RDS003
 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN
!
!
banner login ^CCC
*****************************************************************************
*                                                                           *
*                    UNAUTHORIZED ACCESS IS PROHIBITED                      *
*                                                                           *
*                     You have accessed network equipment.                  *
*  You must have authorized permission to access or configure this device.  *
*     All activities performed on this device are logged and monitored.     *
*                                                                           *
*****************************************************************************
^C
!
line con 0
 logging synchronous
 login authentication CONSOLE
line vty 0 4
 exec-timeout 120 0
 logging synchronous
 login authentication NPS
 length 0
 transport input ssh
line vty 5 15
 exec-timeout 120 0
 logging synchronous
 login authentication NPS
 transport input ssh
!
ntp server 192.168.8.200
ntp server 192.168.8.201
end