Building configuration...

Current configuration : 11839 bytes
!
! Last configuration change at 15:54:53 MSK Tue Jun 21 2022 by akhmetzyanovrr_adm
! NVRAM config last updated at 01:00:05 MSK Thu Jul 28 2022
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname KZN-MLK-KMK-SW-1-2
!
boot-start-marker
boot-end-marker
!
logging userinfo
no logging console
enable secret 5 $1$dZT2$LvVL8x8a95HcV9P8IN8E.0
!
username netadmin privilege 15 secret 5 $1$vCLp$dQtclY0/AroO5pk.M4uN20
aaa new-model
!
!
aaa group server radius NPS
 server name IZH-RDS002
 server name P11-RDS003
 load-balance method least-outstanding
!
aaa authentication login default group NPS local enable
aaa authentication login LOCAL_AUTH local
aaa authentication login CONSOLE local group NPS
aaa authorization exec default group NPS local if-authenticated 
!
!
!
!
!
!
aaa session-id common
clock timezone MSK 3 0
switch 1 provision ws-c2960x-48lps-l
no ip source-route
no ip gratuitous-arps
!
!
no ip domain-lookup
ip domain-name milkom-komos.ru
ip host tftp 10.4.0.214
vtp domain kmk.tatarmilk.ru
vtp mode off
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-2890216832
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2890216832
 revocation-check none
 rsakeypair TP-self-signed-2890216832
!
!
crypto pki certificate chain TP-self-signed-2890216832
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 32383930 32313638 3332301E 170D3030 30323239 31313136 
  33355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 38393032 
  31363833 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100CE77 B7CEBAC7 0825FBB0 885171E5 39BE3547 6CFE283F 6AD281B7 DCBED3C7 
  91DCA45E 4B7679FB 69CF997E 72AB6954 EE6CC207 8267D4B4 4AC9C1DD C01AFA58 
  8D1D2CD9 A003A4F8 2574F23B 300CBF55 1113958B 144A0C80 99B9914C 97B223F6 
  7FACC198 6237A8C1 E99B0754 25FA9695 B9937AB0 16C534CD D00AACC0 DD7D4D72 
  BE150203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 
  551D2304 18301680 14AE2F54 DAE3EFCD 3A389E49 198A8BCF F1AAB717 75301D06 
  03551D0E 04160414 AE2F54DA E3EFCD3A 389E4919 8A8BCFF1 AAB71775 300D0609 
  2A864886 F70D0101 05050003 81810052 DE3AB167 1DEC63B3 0EB4171D 7C13FD0A 
  DF3CDA8E D1F3DA45 D1E313BE BF34AB25 1A3EB4F4 717C82D9 980222FD C84E4B4D 
  BC998C58 4D5EB314 C17BCB1A D1E7AA96 67E74FD5 433A7F42 EFED7333 70D6D4DC 
  1B049E20 5E4ED5AE 9815B345 0263EE7F AA021D3A 970220CB FEE0A8E8 6137061F 
  E6FA88AD FAA57555 2C666733 605FA6
  	quit
archive
 log config
  logging enable
  logging size 900
  notify syslog contenttype plaintext
  hidekeys
 path tftp://tftp/KZN/MLK/KMK-SW_L2/$H-$T
 write-memory
 time-period 10080
!
spanning-tree mode rapid-pvst
spanning-tree logging
no spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
spanning-tree vlan 2-4094 priority 8192
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause sfp-config-mismatch
errdisable recovery cause gbic-invalid
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause pppoe-ia-rate-limit
errdisable recovery cause mac-limit
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery cause inline-power
errdisable recovery cause arp-inspection
errdisable recovery cause loopback
errdisable recovery cause small-frame
errdisable recovery cause psp
errdisable recovery interval 60
port-channel load-balance src-dst-ip
!
!
!
!
vlan internal allocation policy ascending
!
vlan 13
 name --Users-KU13--
!
vlan 16
 name --Users_KU16--
!
vlan 101
 name --PRINTERS--
!
vlan 111
 name INTERCONNECT
!
vlan 150
 name --Wi-Fi_WORK--
!
vlan 200
 name Guest_WiFi
!
vlan 201
 name test
!
vlan 220 
!
vlan 250
 name --SERVERS_37.0/24--
!
vlan 251
 name --SERVERS_BACKUP--
!
vlan 252
 name --SERVERS_VIDEO--
!
vlan 290
 name -=SrvVmwVMon=-
!
vlan 300
 name --MANAGMENT--
!
vlan 301
 name --Wi-Fi_MANAGEMENT--
!
vlan 310
 name --UPS managment--
!
vlan 350
 name --VOICE--
!
vlan 450
 name --Wi-Fi_SKLAD--
!
vlan 500
 name --Wi-Fi_GUEST--
!
vlan 550
 name --PRODACTION_TRANSFER--
!
vlan 555
 name --BGP_TRANSIT--
!
vlan 603
 name CRPT_Markirovka
!
vlan 4093
 name DOMRU_FOR_KOMOS_STROY
!
vlan 4094
 name L2VPN_Tattelecom_for_MCHS
!
lldp run
!
! 
!
!
!
!
!
!
!
!
!
interface Port-channel1
 description [CORE] SW-1-1
 switchport mode trunk
!
interface FastEthernet0
 no ip address
 shutdown
!
interface GigabitEthernet1/0/1
 description [SRV] Domination1
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/2
 description [SRV] Domination2
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/3
 description [SRV] Domination3
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/4
 description [SRV] Domination3
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/5
 description [SRV] Domination5
 switchport access vlan 252
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/6
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/7
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/8
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/9
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/10
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/11
 description [ISP-2M] L2VPN Tattelecom for MCHS
 switchport access vlan 4094
 switchport mode access
 no snmp trap link-status
 spanning-tree bpdufilter enable
!
interface GigabitEthernet1/0/12
 description [ISP-20M] ER-Telecom for KOMOS STROY
 switchport access vlan 4093
 switchport mode access
 no snmp trap link-status
 spanning-tree bpdufilter enable
!
interface GigabitEthernet1/0/13
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/14
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/15
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/16
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/17
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/18
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/19
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/20
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/21
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/22
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/23
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/24
 description [SRV] kzn-bkp001
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/25
 description [SRV] vmw004-BMC
 switchport access vlan 290
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/26
 description [SRV] vmw005-BMC
 switchport access vlan 290
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/27
 description [SRV] mw004 eth01 int Manag-esx
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/28
 description [SRV] vmw005 eth01 int Manag-esx
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/29
 description [SRV] vmw004 eth03 ext Manag-esx
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/30
 description [SRV] vmw005 eth03 ext Manag-esx
 switchport trunk native vlan 301
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/31
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/32
 switchport mode trunk
 no snmp trap link-status
 storm-control multicast level pps 500
 storm-control action trap
!
interface GigabitEthernet1/0/33
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/34
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/35
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/36
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/37
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/38
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/39
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/40
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/41
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/42
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/43
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/44
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/45
 description [UPS] KZN-UPS002
 switchport access vlan 310
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/46
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/47
 description [WIFI] AP-1-6-Class_room
 switchport trunk allowed vlan 150,301,450,500
 switchport trunk native vlan 301
 switchport mode trunk
 no snmp trap link-status
!
interface GigabitEthernet1/0/48
 description [UPS] KZN-UPS001
 switchport access vlan 310
 switchport mode access
 no snmp trap link-status
!
interface GigabitEthernet1/0/49
 switchport mode trunk
 shutdown
 no snmp trap link-status
!
interface GigabitEthernet1/0/50
 switchport mode trunk
!
interface GigabitEthernet1/0/51
 description [CORE] Po1 SW-1-1
 switchport mode trunk
 channel-group 1 mode active
!
interface GigabitEthernet1/0/52
 description [CORE] Po1 SW-1-1
 switchport mode trunk
 channel-group 1 mode active
!
interface Vlan1
 no ip address
!
interface Vlan111
 description INTERCONNECT
 no ip address
!
interface Vlan200
 description GuestWiFI
 no ip address
!
interface Vlan220
 description SkladWiFi
 no ip address
!
interface Vlan300
 description --MANAGEMENT--
 ip address 10.5.62.245 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
!
ip default-gateway 10.5.62.254
no ip http server
no ip http secure-server
!
!
kron occurrence EveryDay at 1:00 recurring
 policy-list SaveBackup
!
kron policy-list SaveBackup
 cli write memory
!
logging origin-id hostname
logging source-interface Vlan300
logging host 192.168.8.119 transport udp port 5544
logging host 10.4.244.4 transport udp port 515
!
snmp-server community lmTUEsk6Yvlv RO
!
!
radius server IZH-RDS002
 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN
!
radius server P11-RDS003
 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN
!
alias exec sis sh int status
alias exec sib sh ip int brief
!
line con 0
 logging synchronous
 login authentication CONSOLE
line vty 0 4
 exec-timeout 120 0
 logging synchronous
 login authentication NPS
 length 0
 transport input ssh
line vty 5 15
 exec-timeout 120 0
 logging synchronous
 login authentication NPS
 transport input ssh
!
ntp server 192.168.8.200
ntp server 192.168.8.201
!
end