!Software Version V200R021C00SPC100
#
sysname IZH-KI-VOR158-SW-1-1
#
dns resolve
dns server 10.1.8.1
dns domain komos.ru
#
vlan batch 2 to 3 5 101 to 102 150 300 to 301 305 307 310 350 400
vlan batch 555
#
stp mode rstp
stp instance 0 priority 4096
#
authentication-profile name default_authen_profile
 undo authentication ip-address in-accounting-start
authentication-profile name dot1x_authen_profile
 undo authentication ip-address in-accounting-start
authentication-profile name dot1xmac_authen_profile
 undo authentication ip-address in-accounting-start
authentication-profile name mac_authen_profile
 undo authentication ip-address in-accounting-start
authentication-profile name multi_authen_profile
 undo authentication ip-address in-accounting-start
authentication-profile name portal_authen_profile
 undo authentication ip-address in-accounting-start
#
domain komos.ru admin
#
http server-source all-interface
#
clock timezone Samara add 04:00:00
#
observe-port 1 interface GigabitEthernet0/0/6
#
dhcp enable
#
dhcp snooping enable ipv4
#
portal https-redirect tls1.1 enable
#
undo pki key enhance enable
#
diffserv domain default
#
ip route-monitor-group test
 track ip route 10.14.112.253 255.255.255.255
 monitor enable
#
radius-server template default
radius-server template rad-serv
 radius-server shared-key cipher %^%#q(/&#>(m<7b:cvS<*`2-MPKZHGGu7$T8n@0K.-y;B"w<S-1IV4hGcsC@h//N1d]v.SL)STXr`,IMF>+9;ZydDZQJsY1wlZ~.Hpc9%^%#
 radius-server authentication 10.4.0.248 1645 source Vlanif 300 weight 80
 radius-server authentication 10.1.122.248 1645 source Vlanif 300 weight 80
 radius-server retransmit 2
 undo radius-server user-name domain-included
#
pki realm default
 certificate-check none
#
acl name ACL_QOS_Q6 3993
 rule 5 permit ip dscp cs6
 rule 10 permit udp destination-port eq bootps
 rule 15 permit udp destination-port eq bootpc
acl name ACL_QOS_Q1 3994
 rule 10 permit tcp destination-port eq www
 rule 15 permit tcp destination-port eq 8443
 rule 20 permit tcp destination-port eq 443
 rule 25 permit tcp destination-port eq 445
acl name ACL_QOS_Q0 3995
 rule 5 permit ip dscp default
acl name ACL_QOS_Q5 3996
 rule 10 permit udp destination 10.4.7.17 0 destination-port range 10000 20000
 rule 15 permit udp destination 172.17.100.1 0 destination-port range 10000 20000
 rule 20 permit udp destination-port eq dns
 rule 25 permit udp destination-port eq ntp
 rule 30 permit udp destination-port eq 88
 rule 35 permit tcp destination-port eq domain
 rule 40 permit udp destination-port eq 389
 rule 45 permit tcp destination-port eq 389
 rule 50 permit tcp destination-port eq 161
 rule 55 permit udp destination-port eq snmp
acl name ACL_QOS_Q2 3997
 rule 5 permit tcp destination 10.0.0.0 0.255.255.255 destination-port eq www
 rule 10 permit tcp destination 10.0.0.0 0.255.255.255 destination-port eq 443
 rule 15 permit tcp destination 10.0.0.0 0.255.255.255 destination-port eq 8443
 rule 20 permit tcp destination 192.168.0.0 0.0.255.255 destination-port eq www
 rule 25 permit tcp destination 192.168.0.0 0.0.255.255 destination-port eq 443
 rule 30 permit tcp destination 192.168.0.0 0.0.255.255 destination-port eq 8443
 rule 35 permit tcp destination 172.16.0.0 0.15.255.255 destination-port eq www
 rule 40 permit tcp destination 172.16.0.0 0.15.255.255 destination-port eq 443
 rule 45 permit tcp destination 172.16.0.0 0.15.255.255 destination-port eq 8443
 rule 50 permit tcp destination-port eq 1433
 rule 55 permit udp destination-port eq 1433
 rule 60 permit tcp destination-port eq 1541
 rule 65 permit tcp destination-port eq 1540
 rule 70 permit tcp destination-port range 1560 1591
acl name ACL_QOS_Q3 3998
 rule 5 permit tcp destination-port eq 3389
 rule 6 permit udp destination-port eq 3389
 rule 10 permit tcp destination-port eq 22
 rule 15 permit tcp destination-port eq 8291
 rule 20 permit tcp destination-port eq 5060
 rule 25 permit udp destination-port eq 5060
acl name ACL_QOS_Q4 3999
#
traffic classifier TC_QOS_Q0 operator or
 if-match acl ACL_QOS_Q0
traffic classifier TC_QOS_Q1 operator or
 if-match acl ACL_QOS_Q1
traffic classifier TC_QOS_Q2 operator or
 if-match acl ACL_QOS_Q2
traffic classifier TC_QOS_Q3 operator or
 if-match acl ACL_QOS_Q3
traffic classifier TC_QOS_Q4 operator or
 if-match acl ACL_QOS_Q4
traffic classifier TC_QOS_Q5 operator or
 if-match acl ACL_QOS_Q5
traffic classifier TC_QOS_Q6 operator or
 if-match acl ACL_QOS_Q6
#
traffic behavior TB_QOS_Q0
 statistic enable
traffic behavior TB_QOS_Q1
 remark dscp cs1
 statistic enable
traffic behavior TB_QOS_Q2
 remark dscp cs2
 statistic enable
traffic behavior TB_QOS_Q3
 remark dscp cs3
 statistic enable
traffic behavior TB_QOS_Q4
 remark dscp cs4
 statistic enable
traffic behavior TB_QOS_Q5
 remark dscp cs5
 statistic enable
traffic behavior TB_QOS_Q6
 remark dscp cs6
 statistic enable
#
traffic policy TP_QOS_IN match-order config
 classifier TC_QOS_Q6 behavior TB_QOS_Q6
 classifier TC_QOS_Q5 behavior TB_QOS_Q5
 classifier TC_QOS_Q4 behavior TB_QOS_Q4
 classifier TC_QOS_Q3 behavior TB_QOS_Q3
 classifier TC_QOS_Q2 behavior TB_QOS_Q2
 classifier TC_QOS_Q1 behavior TB_QOS_Q1
traffic policy test match-order config
 classifier TC_QOS_Q2 behavior TB_QOS_Q2
#
free-rule-template name default_free_rule
#
portal-access-profile name portal_access_profile
#
vlan 2
 name Users
 dhcp snooping enable
vlan 5
 name Admin_vlan
vlan 101
 name Printers
 dhcp snooping enable
vlan 150
 name WIFI_Users
 dhcp snooping enable
vlan 300
 name MGM
vlan 301
 name WIFI_MGM
 dhcp snooping enable
vlan 305
 name WIFI_ELTEX_MGM
vlan 307
 name SKUD
vlan 310
 name UPS_MGM
vlan 350
 name VOIP
 dhcp snooping enable
vlan 400
 name VIDEO
#
aaa
 authentication-scheme default
  authentication-mode radius local
 authentication-scheme radius
  authentication-mode radius
 authorization-scheme default
  authorization-mode local
 accounting-scheme default
  accounting-mode none
 local-aaa-user password policy administrator
  password history record number 0
  password expire 0
 local-aaa-user password policy access-user 
 domain default
  authentication-scheme radius
  accounting-scheme default
  radius-server default
 domain default_admin
  authentication-scheme default
  accounting-scheme default
 domain komos.ru
  authentication-scheme radius
  accounting-scheme default
  radius-server rad-serv
 local-user admin password irreversible-cipher $1c$3#yrX*Z$mF$HS_yBhT=G;zwGfIjI~&QrKK2T,C1l2@+`MBrel[.$
 local-user admin privilege level 15
 local-user admin service-type ssh
 local-user netadmin password irreversible-cipher $1c$4HI^Bv5>BT$x"UO"aCN}Xzu\K+aonA'tc7xFL>_GA"j>u;n+q;Y$
 local-user netadmin privilege level 15
 local-user netadmin service-type terminal ssh
 local-user akhmetzyanovrr password irreversible-cipher $1c$<x21S<4qu8$-f%_"~r;&M>}<6UBA.mA%1X3#RDM/;DgG2.f_G78$
 local-user akhmetzyanovrr privilege level 15
 local-user akhmetzyanovrr service-type telnet terminal ssh
#
ntp-service server disable
ntp-service ipv6 server disable
ntp-service unicast-server 10.1.8.1
ntp-service unicast-server 10.1.8.2
#
interface Vlanif5
 description Users Admin
 ip address 10.14.117.254 255.255.255.0
 undo icmp host-unreachable send
 undo icmp redirect send
 undo icmp port-unreachable send
 ospf enable 555 area 0.0.0.0
 dhcp select relay
 dhcp relay server-ip 10.4.0.5
 dhcp relay server-ip 10.1.8.5
#
interface Vlanif101
 description Printers
 ip address 10.14.116.126 255.255.255.128
 undo icmp host-unreachable send
 undo icmp redirect send
 undo icmp port-unreachable send
 ospf enable 555 area 0.0.0.0
 dhcp select relay
 dhcp relay server-ip 10.4.0.5
 dhcp relay server-ip 10.1.8.5
#
interface Vlanif300
 description MGM
 ip address 10.14.112.251 255.255.255.0
#
interface Vlanif301
 description WIFi MGM
 ip address 10.14.112.126 255.255.255.192
 undo icmp host-unreachable send
 undo icmp redirect send
 undo icmp port-unreachable send
 ospf enable 555 area 0.0.0.0
 dhcp select relay
 dhcp relay server-ip 10.4.0.5
 dhcp relay server-ip 10.1.8.5
#
interface Vlanif305
 description WIFI_ELTEX_MGM
 ip address 10.14.118.254 255.255.255.0
 undo icmp host-unreachable send
 undo icmp redirect send
 undo icmp port-unreachable send
 ospf enable 555 area 0.0.0.0
 dhcp select relay
 dhcp relay server-ip 10.4.0.5
#
interface Vlanif307
 description SKUD
 ip address 10.14.112.158 255.255.255.224
 undo icmp host-unreachable send
 undo icmp redirect send
 undo icmp port-unreachable send
 ospf enable 555 area 0.0.0.0
#
interface Vlanif310
 description UPS MGM
 ip address 10.14.112.62 255.255.255.192
 undo icmp host-unreachable send
 undo icmp redirect send
 undo icmp port-unreachable send
 ospf enable 555 area 0.0.0.0
#
interface Vlanif350
 description VOIP
 ip address 10.14.115.254 255.255.255.0
 undo icmp host-unreachable send
 undo icmp redirect send
 undo icmp port-unreachable send
 ospf enable 555 area 0.0.0.0
 dhcp select relay
 dhcp relay server-ip 10.4.0.5
 dhcp relay server-ip 10.1.8.5
#
interface Vlanif400
 description VIDEO
 ip address 10.14.112.190 255.255.255.224
 undo icmp host-unreachable send
 undo icmp redirect send
 undo icmp port-unreachable send
 ospf enable 555 area 0.0.0.0
#
interface Vlanif555
 description OSPF Transit
 ip address 10.14.127.3 255.255.255.248
 undo icmp host-unreachable send
 undo icmp redirect send
 undo icmp port-unreachable send
 ospf enable 555 area 0.0.0.0
#
interface MEth0/0/1
 shutdown
#
interface Eth-Trunk1
 description [CORE] RT-1-1
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 2 101 150 300 to 301 305 307 310 350 400 555
 mode lacp
 dhcp snooping trusted
#
interface Eth-Trunk2
 description [CORE] RT-1-2
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 2 40 101 150 300 to 301 305 307 310 350 400
 port trunk allow-pass vlan 555
 mode lacp
 dhcp snooping trusted
#
interface Eth-Trunk98
 description ELTEX ESR-21-2
 port link-type trunk
 port trunk allow-pass vlan 3 102 300
 mode lacp
#
interface Eth-Trunk99
 port link-type trunk
 port trunk allow-pass vlan 3 300
 mode lacp
#
interface Eth-Trunk100
 shutdown
 port link-type trunk
 port trunk allow-pass vlan 300
 mode lacp
#
interface GigabitEthernet0/0/1
 description [ACC] 05-01
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/2
 description [ACC] 04-01 ELTEX
 port link-type hybrid
 port hybrid pvid vlan 305
 port hybrid tagged vlan 2 5 150 350
 port hybrid untagged vlan 305
 traffic-policy TP_QOS_IN inbound
 poe af-inrush enable
 undo lldp enable
#
interface GigabitEthernet0/0/3
 description [ACC] 05-03
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/4
 description [ACC] 04-02 ELTEX_WIFI TEST
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 5
 port hybrid tagged vlan 2 150 350
 port hybrid untagged vlan 5
 traffic-policy TP_QOS_IN inbound
 poe af-inrush enable
#
interface GigabitEthernet0/0/5
 description [ACC] 05-05
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/6
 description [ACC] 04-03
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 5
 port hybrid tagged vlan 3 102 300 350
 port hybrid untagged vlan 5
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/7
 description [ACC] 05-07
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/8
 description [ACC] 04-04
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/9
 description [ACC] 05-09
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/10
 description [ACC] 04-05 Rstam TLF
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 305 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/11
 description [ACC] 05-11
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/12
 description [ACC] 04-06
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/13
 description [ACC] 05-13
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/14
 description [ACC] 04-07
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/15
 description [ACC] 05-15
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/16
 description [ACC] 04-08
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/17
 description [ACC] 05-17
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/18
 description [ACC] 04-09
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/19
 description [ACC] 05-19
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/20
 description [ACC] 04-10
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/21
 description [ACC] 05-21
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/22
 description [ACC] 04-11 UrvancevS
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/23
 description [ACC] 05-23
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/24
 description [ACC] 04-12
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/25
 description [ACC] 06-01
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/26
 description [ACC] 04-13
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/27
 description [ACC] 06-03
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/28
 description [ACC] 04-14
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/29
 description [ACC] 06-05
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/30
 description [ACC] 04-15
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/31
 description [ACC] 06-07
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/32
 description [ACC] 04-17
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/33
 description [ACC] 06-09
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/34
 description [ACC] 04-19
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/35
 description [ACC] 06-11
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/36
 description [ACC] 04-21
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/37
 description [ACC] 06-13
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/38
 description [ACC] 04-23
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/39
 description [CAM] 06-15
 shutdown
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/40
 description [CAM] 06-18
 shutdown
 port link-type hybrid
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/41
 description [CAM] 06-21
 shutdown
 port link-type hybrid
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/42
 description [SKD] 06-19 Sigur
 port link-type access
 port default vlan 307
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/43
 description [SKD] 06-22
 shutdown
 port link-type hybrid
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/44
 description [CAM] 06-20
 shutdown
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/45
 description [WIFI] 06-16 AP-1-2 Sklad
 port link-type hybrid
 port hybrid pvid vlan 301
 port hybrid tagged vlan 150
 port hybrid untagged vlan 301
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet0/0/46
 description ELTEX ESR-10
 port link-type hybrid
 port hybrid tagged vlan 300
#
interface GigabitEthernet0/0/47
 description [iSTACK]
#
interface GigabitEthernet0/0/48
 description [iSTACK]
#
interface GigabitEthernet1/0/1
 description [ACC] 02-01
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/2
 description [ACC] 01-01
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/3
 description [ACC] 02-03
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/4
 description [ACC] 01-03
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/5
 description [ACC] 02-05
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/6
 description [ACC] 01-05
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/7
 description [ACC] 02-07
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/8
 description [ACC] 01-07
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/9
 description [ACC] 02-09
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/10
 description [ACC] 01-09
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/11
 description [ACC] 02-11
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/12
 description [ACC] 01-11
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/13
 description [ACC] 02-13
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/14
 description [ACC] 01-13
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/15
 description [ACC] 02-15
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/16
 description [ACC] 01-15
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/17
 description [ACC] 02-17
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/18
 description [ACC] 01-17
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/19
 description [ACC] 02-19
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/20
 description [ACC] 01-19
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/21
 description [ACC] 02-21
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/22
 description [ACC] 01-21
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/23
 description [ACC] 02-23
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/24
 description [ACC] 01-23
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/25
 description [ACC] 03-01
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/26
 description [ACC] 03-22
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/27
 description [ACC] 03-03
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/28
 description [ACC] 03-24
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 5
 port hybrid tagged vlan 350
 port hybrid untagged vlan 5
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/29
 description [ACC] 03-09
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/30
 description [ACC]
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 301
 port hybrid tagged vlan 150 350
 port hybrid untagged vlan 2 301
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/31
 description [ACC] 03-11
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/32
 description [ACC] 03-05
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/33
 description [ACC] 03-13
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/34
 description [ACC] 03-07
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/35
 description [PRN] 03-15
 port link-type access
 voice-vlan 350 enable
 port default vlan 101
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/36
 description [ACC]
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/37
 description [ACC] 03-17
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/38
 description [ACC]
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/39
 description [ACC] 03-19
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/40
 description Eth98 ELTEX ESR-21-2
 eth-trunk 98
#
interface GigabitEthernet1/0/41
 description [ACC] 03-21
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 350
 port hybrid untagged vlan 2
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/42
 description ELTEX ESR-21
 eth-trunk 99
#
interface GigabitEthernet1/0/43
 description [ACC] 03-23 Igor_PC
 port link-type hybrid
 voice-vlan 350 enable
 port hybrid pvid vlan 2
 port hybrid tagged vlan 2 350
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/44
 description test ELTEX
 shutdown
 eth-trunk 100
#
interface GigabitEthernet1/0/45
 description [WIFI] 06-22 AP-1-1 WC
 port link-type hybrid
 port hybrid pvid vlan 301
 port hybrid tagged vlan 150
 port hybrid untagged vlan 301
 traffic-policy TP_QOS_IN inbound
#
interface GigabitEthernet1/0/46
 description [UPS] Netagent
 port link-type access
 port default vlan 310
#
interface GigabitEthernet1/0/47
 description [iSTACK]
#
interface GigabitEthernet1/0/48
 description [iSTACK]
#
interface XGigabitEthernet0/0/1
 description [CORE] ET1 RT-1-1
 eth-trunk 1
#
interface XGigabitEthernet0/0/2
 shutdown
#
interface XGigabitEthernet0/0/3
#
interface XGigabitEthernet0/0/4
#
interface XGigabitEthernet1/0/1
 description [CORE] ET2 RT-1-2
 eth-trunk 2
#
interface XGigabitEthernet1/0/2
#
interface XGigabitEthernet1/0/3
#
interface XGigabitEthernet1/0/4
#
interface NULL0
#
ospf 555 router-id 10.14.112.251
 import-route static tag 555 route-policy RP_OSPF_OUT
 silent-interface all
 undo silent-interface Vlanif555
 enable log state
 enable log error
 bandwidth-reference 10000
 area 0.0.0.0
#
route-policy RP_OSPF_OUT permit node 10
 if-match ip-prefix PL_OSPF_OUT
 apply tag 555
#
undo icmp name timestamp-request receive
#
ip ip-prefix PL_OSPF_OUT index 10 permit 10.14.112.0 20
#
ip route-static 0.0.0.0 0.0.0.0 10.14.112.254 preference 254
ip route-static 10.14.112.0 255.255.240.0 NULL0 preference 255
#
snmp-agent
snmp-agent local-engineid 800007DB03F4A4D6D15B55
snmp-agent community read cipher %^%#\;],%`1Y=8dUSG!:\!VDBgwr0D~/(YdQw59_iY-Avy"7N[2v/3aY[{~Rty%#\nCF9pQ9{Ffm*&)KM)b&%^%#
snmp-agent sys-info location Izhevsk, ul. Vorovskogo, 158
snmp-agent sys-info version v2c
undo snmp-agent sys-info version v3
snmp-agent protocol source-status all-interface
undo snmp-agent protocol source-status ipv6 all-interface
#
stelnet ipv4 server enable
ssh server-source -i Vlanif300
ssh server cipher aes256_ctr aes128_ctr
ssh server hmac sha2_256
ssh client cipher aes256_ctr aes128_ctr
ssh client hmac sha2_256
ssh server dh-exchange min-len 2048
ssh server publickey ecc dsa rsa
#
nqa test-instance test test
 test-type icmp
 destination-address ipv4 10.14.112.253
 description RT-1-2
 frequency 5
 interval seconds 6
 timeout 5
 start now
#
user-interface con 0
 authentication-mode aaa
user-interface vty 0 4
 authentication-mode aaa
user-interface vty 16 20
#
dot1x-access-profile name dot1x_access_profile
#
mac-access-profile name mac_access_profile
#
ops
#
return