Building configuration...

Current configuration : 17740 bytes
!
! Last configuration change at 11:40:40 MSK Sat Mar 5 2022 by akhmetzyanovrr_adm
! NVRAM config last updated at 01:00:03 MSK Thu Jul 28 2022
!
version 15.2
no service pad
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
service password-encryption
!
hostname IZH-TK-M48-SW-1-1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$j4UP$Wgs2xMeWlYNzcOvcwfmE90
!
username netadmin privilege 15 secret 5 $1$vKj6$fSbQtbNeROsGi/YA2YmwY1
aaa new-model
!
!
aaa group server radius NPS
 server name IZH-RDS002
 server name P11-RDS003
 load-balance method least-outstanding
!
aaa authentication login default group NPS local enable
aaa authentication login CONSOLE local group NPS
aaa authorization exec default group NPS local if-authenticated 
!
!
!
!
!
!
aaa session-id common
clock timezone MSK 4 0
switch 1 provision ws-c2960s-48ts-l
!
!
ip dhcp snooping vlan 2,150,200-201,300,350,500
ip dhcp snooping
ip domain-list komos.local
no ip domain-lookup
ip domain-name komos.ru
ip host VM-KG-NET 10.1.12.70
ip host tftp 10.4.0.214
login on-failure log
login on-success log
vtp mode transparent
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-3365658752
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3365658752
 revocation-check none
 rsakeypair TP-self-signed-3365658752
!
!
crypto pki certificate chain TP-self-signed-3365658752
 certificate self-signed 01
  3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 33333635 36353837 3532301E 170D3933 30333031 30303133 
  34315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 33363536 
  35383735 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100CBD1 BDE243E1 2E89DF7C F2F13A01 B795490A 5E7CB690 81692928 BB47289F 
  60B69FB4 8DD9E4C1 0E25DA5A FDAA0B4A D7C3F87B 183A0F22 D253B198 DF3FF695 
  119AC43E EC69BA93 54D875CB DC2A7C09 D575274F 67E09124 D52E4653 456F00E6 
  0B0A52BE 9E09A072 E2E1A4C1 D63C10B9 2B5A7DF1 834DE4CD 21107DA0 F9D0B51C 
  61E70203 010001A3 72307030 0F060355 1D130101 FF040530 030101FF 301D0603 
  551D1104 16301482 124D3438 2D537731 2D312E6B 6F6D6F73 2E727530 1F060355 
  1D230418 30168014 94B9B3BF 0C7D3E20 35B56ED1 A39D2BA3 6BB3A9E1 301D0603 
  551D0E04 16041494 B9B3BF0C 7D3E2035 B56ED1A3 9D2BA36B B3A9E130 0D06092A 
  864886F7 0D010104 05000381 81004D1D 6D6029FE 2CCF1886 B4B02A16 90BAE972 
  CC6953CA FC52A879 4154DD1A 92134B46 F0ACB3C1 FAB30571 38ACEBEC 5659F0B8 
  970E413D A91F9788 7829A1AA 98A757C5 1C3312DD E886BCD0 A07A56E1 14837778 
  4F39303B B5963F44 7C7A4E09 D0473E20 B6D1A343 22981742 D65A98E1 1FBA8031 
  6A544D83 3F40EC78 FAF3BFD5 9421
  	quit
archive
 log config
  logging enable
  logging size 900
  notify syslog contenttype plaintext
  hidekeys
 path tftp://tftp/IZH/TK/M48-SW_L2/$H.$T.conf
 write-memory
 time-period 10080
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause loopback
errdisable recovery interval 600
!
!
!
!
vlan internal allocation policy ascending
!
vlan 2
 name TK-LAN-USERS-AREA
!
vlan 25
 name VOICE_AREA
!
vlan 102
 name VD
!
vlan 150
 name TK-WIFI-USERS-AREA
!
vlan 200
 name TK-SERVERS-AREA
!
vlan 201
 name TK-SERVERS-VD-AREA
!
vlan 251
 name --SERVERS_BACKUP--
!
vlan 290
 name -=SrvVmwVMon=-
!
vlan 300
 name NETWORK_MANAGEMENT
!
vlan 350
 name TK-VOICE-AREA
!
vlan 500
 name TK-WIFI-GUEST-AREA
!
vlan 555
 name --BGP_TRANSIT--
!
ip tcp selective-ack
ip tcp path-mtu-discovery
lldp run
!
! 
!
!
!
!
!
!
!
!
interface Loopback7777
 description TK5743m
 no ip address
 shutdown
!
interface FastEthernet0
 no ip address
!
interface GigabitEthernet1/0/1
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/2
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/3
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/4
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/5
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/6
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/7
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/8
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/9
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/10
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/11
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/12
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/13
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/14
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/15
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/16
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/17
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/18
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/19
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/20
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/21
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/22
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/23
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/24
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/25
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/26
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/27
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/28
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/29
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/30
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/31
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/32
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/33
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/34
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/35
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/36
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/37
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/38
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/39
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/40
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/41
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/42
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/43
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/44
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/45
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet1/0/46
 description [WIFI] M48-AP-1-UHK
 switchport trunk native vlan 300
 switchport trunk allowed vlan 150,300,500
 switchport mode trunk
 no logging event link-status
 no cdp enable
 spanning-tree portfast
 spanning-tree bpdufilter enable
 spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/47
 description [CORE] M48-RT-1-1
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 ip dhcp snooping trust
!
interface GigabitEthernet1/0/48
 description [KU] M48-SW-2-1
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 ip dhcp snooping trust
!
interface GigabitEthernet1/0/49
 description [CORE] M44-SW-1-3
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 ip dhcp snooping trust
!
interface GigabitEthernet1/0/50
 description TRUNK
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
!
interface GigabitEthernet1/0/51
 description TRUNK
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
!
interface GigabitEthernet1/0/52
 description TRUNK
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan300
 ip address 10.0.5.240 255.255.255.0
 no ip route-cache
!
ip default-gateway 10.0.5.254
no ip http server
no ip http secure-server
!
ip tftp source-interface Vlan300
ip ssh authentication-retries 2
ip ssh version 2
!
kron occurrence EveryDay at 1:00 recurring
 policy-list SaveBackup
!
kron policy-list SaveBackup
 cli write memory
!
logging trap debugging
logging origin-id hostname
logging source-interface Vlan300
logging host 10.4.244.4 transport udp port 515
!
snmp-server community lmTUEsk6Yvlv RO
snmp-server host 10.1.122.227 lmTUEsk6Yvlv 
!
!
radius server IZH-RDS002
 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405
!
radius server P11-RDS003
 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405
!
!
line con 0
 exec-timeout 60 0
 logging synchronous
 login authentication CONSOLE
line vty 0 4
 exec-timeout 60 0
 logging synchronous
 login authentication NPS
 length 0
 transport input ssh
line vty 5 15
 logging synchronous
 login authentication NPS
 transport input ssh
!
ntp source Vlan300
ntp server 10.0.5.254
end