Building configuration...

Current configuration : 19268 bytes
!
! Last configuration change at 12:01:30 YEKT Mon Jul 25 2022 by konovalov
! NVRAM config last updated at 11:05:14 YEKT Fri Jul 22 2022 by konovalov
!
version 15.0
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
no service password-encryption
service unsupported-transceiver
!
hostname PRM-MLK-PHK-SW-2-2
!
boot-start-marker
boot-end-marker
!
logging buffered 512000 informational
no logging console
no logging monitor
enable secret 5 $1$ISn2$0ytlcfXUzfcyFrNwPb7hP0
!
username netadmin privilege 15 secret 5 $1$m/mQ$KqBYDbB13GiR.2/Iu3sru/
aaa new-model
!
!
aaa group server radius NPS
 server name IZH-RDS002
 server name P11-RDS003
 load-balance method least-outstanding
!
aaa authentication login default group NPS local enable
aaa authentication login NPS group NPS local
aaa authentication login CONSOLE local group NPS
aaa authorization console
aaa authorization exec default group NPS local if-authenticated 
aaa authorization exec NPS group NPS local if-authenticated 
!
!
!
!
!
!
aaa session-id common
clock timezone YEKT 5 0
system mtu routing 1500
vtp mode transparent
no ip source-route
!
!
ip dhcp snooping vlan 1-4094
ip dhcp snooping
no ip domain-lookup
ip domain-name milkom-komos.ru
ip host tftp 10.4.0.214
ip host VM-KG-NET 10.1.1.250
login on-failure
login on-success
!
!
!
!
!
!
!
!
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig (STP)
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause sfp-config-mismatch
errdisable recovery cause gbic-invalid
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause mac-limit
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery cause inline-power
errdisable recovery cause arp-inspection
errdisable recovery cause loopback
errdisable recovery cause small-frame
errdisable recovery interval 600
archive
 log config
  logging enable
  logging size 900
  notify syslog contenttype plaintext
  hidekeys
 path tftp://tftp/PRM/MLK/PHK-SW_L2/$H.$T.conf
 write-memory
 time-period 1440
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 2
 name --USERS_102.0/24--
!
vlan 101
 name --PRINTERS--
!
vlan 150
 name --Wi-Fi_WORK--
!
vlan 300
 name --MANAGEMENT--
!
vlan 301
 name --Wi-Fi_MANAGEMENT--
!
vlan 350
 name --VOICE--
!
vlan 500
 name -Wi-Fi_GUEST--
lldp run
!
ip ssh time-out 30
ip ssh authentication-retries 5
ip ssh rsa keypair-name SSH_KEYS
ip ssh logging events
ip ssh version 2
!
!
!
!
!
interface Loopback7777
 description 237701
 no ip address
 shutdown
!
interface Port-channel1
 description LINK_TO_PHK-Sw1-1
 switchport mode trunk
!
interface Port-channel2
 description LINK_TO_PHK-Sw1-2
 switchport mode trunk
!
interface Port-channel3
 description LINK_TO_PHK-Sw1-3
 switchport mode trunk
!
interface Port-channel4
 description [CORE] SW-1-1
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 ip dhcp snooping trust
!
interface GigabitEthernet0/1
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/2
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/3
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/4
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/5
 description [ACC] otd_kadrov
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/6
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/7
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/8
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/9
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/10
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/11
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/12
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/13
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/14
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/15
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/16
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/17
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/18
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/19
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/20
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/21
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/22
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/23
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/24
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/25
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/26
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/27
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/28
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/29
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/30
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/31
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/32
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/33
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/34
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/35
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/36
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/37
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/38
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/39
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/40
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/41
 description NONE
 switchport access vlan 2
 switchport trunk allowed vlan 1,100
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/42
 description NONE
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/43
 description [ACC]
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/44
 description NONE
 switchport access vlan 2
 switchport trunk allowed vlan 1,100,200
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
 storm-control broadcast level pps 100
 storm-control multicast level pps 100
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/45
 description NONE
 switchport mode access
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet0/46
 switchport mode trunk
 channel-group 2 mode on
!
interface GigabitEthernet0/47
 description [CORE] Po4 SW-1-1
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 channel-group 4 mode active
 ip dhcp snooping trust
!
interface GigabitEthernet0/48
 description [CORE] Po4 SW-1-1
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 channel-protocol lacp
 channel-group 4 mode active
 ip dhcp snooping trust
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan300
 description --MANAGEMENT--
 ip address 10.5.126.22 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 no ip route-cache
!
ip default-gateway 10.5.126.254
no ip http server
no ip http secure-server
logging trap debugging
logging origin-id hostname
logging facility local6
logging source-interface Vlan300
logging host 192.168.8.119 transport udp port 5544
access-list 23 permit any
access-list 23 deny   any log
snmp-server community lmTUEsk6Yvlv RO
snmp-server host 10.1.122.227 lmTUEsk6Yvlv 
snmp ifmib ifindex persist
!
radius server IZH-RDS002
 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN
!
radius server P11-RDS003
 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN
!
!
!
vstack
banner exec ^C
        Welcome to $(hostname). You are connected on line $(line) on domain $(domain)

^C
banner login ^C
*****************************************************************************
*                                                                           *
*                    UNAUTHORIZED ACCESS IS PROHIBITED                      *
*                                                                           *
*                     You have accessed network equipment.                  *
*  You must have authorized permission to access or configure this device.  *
*     All activities performed on this device are logged and monitored.     *
*                                                                           *
*****************************************************************************
^C
alias router x exit  
alias subinterface x exit
alias interface x exit
alias configure x exit
alias exec ipconfig show ip interface brief | exclude unassigned
alias exec diff show archive config differences nvram:startup-config system:running-config
alias exec q exit
!
line con 0
 logging synchronous
 login authentication CONSOLE
line vty 0 4
 access-class 23 in
 exec-timeout 120 0
 logging synchronous
 login authentication NPS
 transport input ssh
line vty 5 15
 access-class 23 in
 exec-timeout 120 0
 logging synchronous
 login authentication NPS
 transport input ssh
!
ntp server 192.168.8.200
ntp server 192.168.8.201
mac address-table notification change
mac address-table notification mac-move
mac address-table aging-time 900
end