1014 lines
25 KiB
Plaintext
1014 lines
25 KiB
Plaintext
|
Building configuration...
|
||
|
|
|
||
|
|
Current configuration : 25928 bytes
|
||
|
|
!
|
||
|
|
! Last configuration change at 08:55:11 MSK Fri Jul 15 2022 by adm_kapustinal
|
||
|
|
! NVRAM config last updated at 09:15:50 MSK Thu Jul 14 2022 by adm_kapustinal
|
||
|
|
!
|
||
|
|
version 15.2
|
||
|
|
no service pad
|
||
|
|
service timestamps debug datetime msec localtime show-timezone year
|
||
|
|
service timestamps log datetime msec localtime show-timezone year
|
||
|
|
service password-encryption
|
||
|
|
!
|
||
|
|
hostname KZN-MLK-KMK-SW-1-1
|
||
|
|
!
|
||
|
|
boot-start-marker
|
||
|
|
boot-end-marker
|
||
|
|
!
|
||
|
|
!
|
||
|
|
logging discriminator STACKPOW mnemonics drops STACKPOWER
|
||
|
|
logging userinfo
|
||
|
|
logging buffered discriminator STACKPOW
|
||
|
|
enable secret 5 $1$Znuf$/iXVXut/jj7ATYdr9GcxJ0
|
||
|
|
!
|
||
|
|
username netadmin privilege 15 secret 5 $1$KndH$cfO8bwEDMOTsETRnuOM4/.
|
||
|
|
username akhmetzyanovrr privilege 15 password 7 0322601D1201315657031D5445
|
||
|
|
aaa new-model
|
||
|
|
!
|
||
|
|
!
|
||
|
|
aaa group server radius NPS
|
||
|
|
server name IZH-RDS002
|
||
|
|
server name P11-RDS003
|
||
|
|
ip radius source-interface Vlan300
|
||
|
|
load-balance method least-outstanding
|
||
|
|
!
|
||
|
|
aaa authentication login default group NPS local enable
|
||
|
|
aaa authentication login CONSOLE local group NPS
|
||
|
|
aaa authorization exec default group NPS local if-authenticated
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
aaa session-id common
|
||
|
|
clock timezone MSK 3 0
|
||
|
|
switch 1 provision ws-c3750x-24s
|
||
|
|
switch 2 provision ws-c3750x-24s
|
||
|
|
system mtu routing 1500
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
ip routing
|
||
|
|
no ip cef optimize neighbor resolution
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
no ip domain-lookup
|
||
|
|
ip domain-name milkom-komos.ru
|
||
|
|
ip host tftp 10.4.0.214
|
||
|
|
!
|
||
|
|
stack-power stack Powerstack-1
|
||
|
|
mode redundant
|
||
|
|
!
|
||
|
|
vtp mode transparent
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
crypto pki trustpoint TP-self-signed-1328648448
|
||
|
|
enrollment selfsigned
|
||
|
|
subject-name cn=IOS-Self-Signed-Certificate-1328648448
|
||
|
|
revocation-check none
|
||
|
|
rsakeypair TP-self-signed-1328648448
|
||
|
|
!
|
||
|
|
crypto pki trustpoint TP-self-signed-1335665536
|
||
|
|
enrollment selfsigned
|
||
|
|
subject-name cn=IOS-Self-Signed-Certificate-1335665536
|
||
|
|
revocation-check none
|
||
|
|
rsakeypair TP-self-signed-1335665536
|
||
|
|
!
|
||
|
|
!
|
||
|
|
crypto pki certificate chain TP-self-signed-1328648448
|
||
|
|
certificate self-signed 01
|
||
|
|
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
|
||
|
|
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
|
||
|
|
69666963 6174652D 31333238 36343834 3438301E 170D3036 30313032 30303034
|
||
|
|
35345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
|
||
|
|
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33323836
|
||
|
|
34383434 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
|
||
|
|
8100981C 397F3360 346CC34D 5C76C071 C53D2CB5 7DEC80DF 9F1AE196 6E25B900
|
||
|
|
5B17A808 C4463AF7 E39DC80D 0509E836 31231CC3 4CFD4121 0CBABA19 D72FAC65
|
||
|
|
D95B9D05 CCEB1F7E 31CA6499 BEFAFA94 1C4EC89C 09427E3B 07088ABA 054ECD68
|
||
|
|
7E0D1123 E21665F9 A65D145A 24B28B52 79A865D9 C105A08F D090ECB8 658CEFDE
|
||
|
|
02190203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
|
||
|
|
551D2304 18301680 141C9CC5 AD150A37 024FD74E D172F0DA D6409013 89301D06
|
||
|
|
03551D0E 04160414 1C9CC5AD 150A3702 4FD74ED1 72F0DAD6 40901389 300D0609
|
||
|
|
2A864886 F70D0101 05050003 8181006B 4A373FBE ED031312 7BF684E3 D420B700
|
||
|
|
594C71E1 35C2C38E D6DDB7E0 724E3AB9 1FAD8CCA E9EA4967 810C4176 A1ED8BAF
|
||
|
|
56F2C19A 8C0A4E05 6F39BE8D 19F6F9BC 8241B7DD 35912BAD 6318E7A5 EA51A631
|
||
|
|
33E89821 CF1C688F 3FC95097 5684298E 8AE9C486 1D9ABD18 C16C4D27 4C281C53
|
||
|
|
712B6ECD 2B55F376 06339059 649916
|
||
|
|
quit
|
||
|
|
crypto pki certificate chain TP-self-signed-1335665536
|
||
|
|
license boot level ipservices
|
||
|
|
license boot level ipbase switch 2
|
||
|
|
archive
|
||
|
|
log config
|
||
|
|
logging enable
|
||
|
|
logging size 900
|
||
|
|
notify syslog contenttype plaintext
|
||
|
|
hidekeys
|
||
|
|
path tftp://tftp/KZN/MLK/KMK-SW_L3/$H-$T
|
||
|
|
write-memory
|
||
|
|
time-period 10080
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
object-group network Pernit_for_ProdVlan550
|
||
|
|
host 192.168.75.200
|
||
|
|
!
|
||
|
|
!
|
||
|
|
mac access-list extended VSL-BPDU
|
||
|
|
permit any 0180.c200.0000 0000.0000.0003
|
||
|
|
mac access-list extended VSL-CDP
|
||
|
|
permit any host 0100.0ccc.cccc
|
||
|
|
mac access-list extended VSL-DOT1x
|
||
|
|
permit any any 0x888E 0x1
|
||
|
|
mac access-list extended VSL-GARP
|
||
|
|
permit any host 0180.c200.0020
|
||
|
|
mac access-list extended VSL-LLDP
|
||
|
|
permit any host 0180.c200.000e
|
||
|
|
mac access-list extended VSL-MGMT
|
||
|
|
permit any 0022.bdcd.d200 0000.0000.00ff
|
||
|
|
permit 0022.bdcd.d200 0000.0000.00ff any
|
||
|
|
mac access-list extended VSL-SSTP
|
||
|
|
permit any host 0100.0ccc.cccd
|
||
|
|
!
|
||
|
|
spanning-tree mode rapid-pvst
|
||
|
|
spanning-tree extend system-id
|
||
|
|
spanning-tree vlan 1-4094 priority 4096
|
||
|
|
port-channel load-balance src-dst-ip
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
vlan internal allocation policy ascending
|
||
|
|
!
|
||
|
|
vlan 13
|
||
|
|
name Users KU-13
|
||
|
|
!
|
||
|
|
vlan 16
|
||
|
|
name --KU16_Users--
|
||
|
|
!
|
||
|
|
vlan 101
|
||
|
|
name --PRINTERS--
|
||
|
|
!
|
||
|
|
vlan 111
|
||
|
|
name INTERCONNECT
|
||
|
|
!
|
||
|
|
vlan 113
|
||
|
|
name --link-to-mikrotik--
|
||
|
|
!
|
||
|
|
vlan 150
|
||
|
|
name --Wi-Fi_WORK--
|
||
|
|
!
|
||
|
|
vlan 200
|
||
|
|
!
|
||
|
|
vlan 201
|
||
|
|
name test
|
||
|
|
!
|
||
|
|
vlan 220
|
||
|
|
name SkladWifi
|
||
|
|
!
|
||
|
|
vlan 250
|
||
|
|
name --SERVERS_37.0/24--
|
||
|
|
!
|
||
|
|
vlan 251
|
||
|
|
name --SERVERS_BACKUP--
|
||
|
|
!
|
||
|
|
vlan 252
|
||
|
|
name --SERVERS_VIDEO--
|
||
|
|
!
|
||
|
|
vlan 290
|
||
|
|
name -=SrvVmwVMon=-
|
||
|
|
!
|
||
|
|
vlan 300
|
||
|
|
name --MANAGEMENT--
|
||
|
|
!
|
||
|
|
vlan 301
|
||
|
|
name --Wi-Fi_MANAGEMENT--
|
||
|
|
!
|
||
|
|
vlan 310
|
||
|
|
!
|
||
|
|
vlan 350
|
||
|
|
name --VOICE--
|
||
|
|
!
|
||
|
|
vlan 450
|
||
|
|
name --Wi-Fi_SKLAD--
|
||
|
|
!
|
||
|
|
vlan 500
|
||
|
|
name --Wi-Fi_GUEST--
|
||
|
|
!
|
||
|
|
vlan 550
|
||
|
|
name --PRODACTION_TRANSFER--
|
||
|
|
!
|
||
|
|
vlan 555
|
||
|
|
name --BGP_TRANSIT--
|
||
|
|
!
|
||
|
|
vlan 603
|
||
|
|
name --CRPT-Mark--
|
||
|
|
!
|
||
|
|
vlan 2145
|
||
|
|
name Test_BGP
|
||
|
|
!
|
||
|
|
vlan 4093
|
||
|
|
name DOMRU_FOR_KOMOS_STROY
|
||
|
|
!
|
||
|
|
vlan 4094
|
||
|
|
name L2VPN_Tattelecom_for_MCHS
|
||
|
|
!
|
||
|
|
!
|
||
|
|
class-map match-any VSL-DATA-PACKETS
|
||
|
|
match access-group name VSL-MGMT
|
||
|
|
class-map match-any VSL-L2-CONTROL-PACKETS
|
||
|
|
match access-group name VSL-DOT1x
|
||
|
|
match access-group name VSL-BPDU
|
||
|
|
match access-group name VSL-CDP
|
||
|
|
match access-group name VSL-LLDP
|
||
|
|
match access-group name VSL-SSTP
|
||
|
|
match access-group name VSL-GARP
|
||
|
|
class-map match-any VSL-L3-CONTROL-PACKETS
|
||
|
|
match access-group name VSL-IPV4-ROUTING
|
||
|
|
match access-group name VSL-BFD
|
||
|
|
match access-group name VSL-DHCP-CLIENT-TO-SERVER
|
||
|
|
match access-group name VSL-DHCP-SERVER-TO-CLIENT
|
||
|
|
match access-group name VSL-DHCP-SERVER-TO-SERVER
|
||
|
|
match access-group name VSL-IPV6-ROUTING
|
||
|
|
class-map match-any VSL-MULTIMEDIA-TRAFFIC
|
||
|
|
match ip dscp af41
|
||
|
|
match ip dscp af42
|
||
|
|
match ip dscp af43
|
||
|
|
match ip dscp af31
|
||
|
|
match ip dscp af32
|
||
|
|
match ip dscp af33
|
||
|
|
match ip dscp af21
|
||
|
|
match ip dscp af22
|
||
|
|
match ip dscp af23
|
||
|
|
class-map match-any VSL-VOICE-VIDEO-TRAFFIC
|
||
|
|
match ip dscp ef
|
||
|
|
match ip dscp cs4
|
||
|
|
match ip dscp cs5
|
||
|
|
class-map match-any VSL-SIGNALING-NETWORK-MGMT
|
||
|
|
match ip dscp cs2
|
||
|
|
match ip dscp cs3
|
||
|
|
match ip dscp cs6
|
||
|
|
match ip dscp cs7
|
||
|
|
!
|
||
|
|
policy-map VSL-Queuing-Policy
|
||
|
|
class VSL-L2-CONTROL-PACKETS
|
||
|
|
class VSL-L3-CONTROL-PACKETS
|
||
|
|
class VSL-VOICE-VIDEO-TRAFFIC
|
||
|
|
class VSL-SIGNALING-NETWORK-MGMT
|
||
|
|
class VSL-MULTIMEDIA-TRAFFIC
|
||
|
|
class VSL-DATA-PACKETS
|
||
|
|
class class-default
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
interface Port-channel1
|
||
|
|
description [CORE] SW-1-2
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel2
|
||
|
|
description [KU] SW-2-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel3
|
||
|
|
description [KU] SW-3-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel4
|
||
|
|
description [KU] SW-4-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel5
|
||
|
|
description [KU] SW-5-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
storm-control broadcast level 30.00
|
||
|
|
!
|
||
|
|
interface Port-channel6
|
||
|
|
description [KU] SW-6-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel7
|
||
|
|
description [KU] SW-7-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel9
|
||
|
|
description [KU] SW-9-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel10
|
||
|
|
description [KU] SW-10-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel11
|
||
|
|
description [KU] SW-11-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel12
|
||
|
|
description [KU] SW-12-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel13
|
||
|
|
description [KU] SW-13-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel14
|
||
|
|
description [KU] SW-14-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel15
|
||
|
|
description [KU] SW-15-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel16
|
||
|
|
description [KU] SW-16-2
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel23
|
||
|
|
description [KU] SW-6-3
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel40
|
||
|
|
description [KU] SW-1-7
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface FastEthernet0
|
||
|
|
no ip address
|
||
|
|
no ip route-cache
|
||
|
|
shutdown
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/1
|
||
|
|
description [KU] Po40 SW-1-7
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 40 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/2
|
||
|
|
description [KU] Po2 SW-2-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 2 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/3
|
||
|
|
description [CAM] AT_KU3-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/4
|
||
|
|
description [KU] Po4 SW-4-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 4 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/5
|
||
|
|
description [KU] Po5 SW-5-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
storm-control broadcast level 30.00
|
||
|
|
channel-group 5 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/6
|
||
|
|
description [KU] Po6 SW-6-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 6 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/7
|
||
|
|
description [KU] Po7 SW-7-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 7 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/8
|
||
|
|
description [CAM] AT_KU8
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/9
|
||
|
|
description [KU] Po9 SW-9-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 9 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/10
|
||
|
|
description [KU] Po10 SW-10-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 10 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/11
|
||
|
|
description [KU] Po11 SW-11-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 11 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/12
|
||
|
|
description [KU] Po12 SW-12-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 12 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/13
|
||
|
|
description [KU] Po13 SW-13-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 13 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/14
|
||
|
|
description [KU] Po14 SW-14-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 14 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/15
|
||
|
|
description [KU] Po15 SW-15-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 15 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/16
|
||
|
|
description [KU] Po16 SW-16-2
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 16 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/17
|
||
|
|
description [CORE] Po1 SW-1-2
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 1 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/18
|
||
|
|
description [CORE] RT-1-2
|
||
|
|
switchport trunk allowed vlan 111,300,555
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/19
|
||
|
|
description [CAM] AT_KU15
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/20
|
||
|
|
description [KU] Po3 SW-3-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 3 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/21
|
||
|
|
description [SRV] vmw004 eth02 int VM_lan
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/22
|
||
|
|
description [SRV] vmw005 eth02 int VM_lan
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/23
|
||
|
|
description [KU] Po23 SW-6-3
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 23 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/24
|
||
|
|
description [SRV] SERV_REZERV
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/1/1
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/1/2
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/1/3
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/1/4
|
||
|
|
!
|
||
|
|
interface TenGigabitEthernet1/1/1
|
||
|
|
!
|
||
|
|
interface TenGigabitEthernet1/1/2
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/1
|
||
|
|
description [KU] Po40 SW-1-7
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 40 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/2
|
||
|
|
description [KU] Po2 SW-2-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 2 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/3
|
||
|
|
description [KU] Po3 SW-3-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 3 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/4
|
||
|
|
description [KU] Po4 SW-4-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 4 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/5
|
||
|
|
description [KU] Po5 SW-5-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
storm-control broadcast level 30.00
|
||
|
|
channel-group 5 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/6
|
||
|
|
description [KU] Po6 SW-6-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 6 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/7
|
||
|
|
description [KU] Po7 SW-7-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 7 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/8
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/9
|
||
|
|
description [KU] Po9 SW-9-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 9 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/10
|
||
|
|
description [KU] Po10 SW-10-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 10 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/11
|
||
|
|
description [KU] Po11 SW-11-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 11 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/12
|
||
|
|
description [KU] Po12 SW-12-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 12 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/13
|
||
|
|
description [KU] Po13 SW-13-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 13 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/14
|
||
|
|
description [KU] Po14 SW-14-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 14 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/15
|
||
|
|
description [KU] Po15 SW-15-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 15 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/16
|
||
|
|
description [KU] Po16 SW-16-2
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 16 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/17
|
||
|
|
description [CORE] Po1 SW-1-2
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 1 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/18
|
||
|
|
description [CORE] RT-1-1
|
||
|
|
switchport trunk allowed vlan 111,300,555
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/19
|
||
|
|
description [CAM] AT-SW-6-1_Verhniy
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/20
|
||
|
|
description [CAM] AT-SW-6-1
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/21
|
||
|
|
description [SRV] vmw004 eth04 ext VM_lan
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/22
|
||
|
|
description [SRV] vmw005 eth04 ext VM_lan
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/23
|
||
|
|
description [KU] Po23 SW-6-3
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 23 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/24
|
||
|
|
description [SRV] SERV_REZERV
|
||
|
|
switchport trunk encapsulation dot1q
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/1/1
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/1/2
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/1/3
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/1/4
|
||
|
|
!
|
||
|
|
interface TenGigabitEthernet2/1/1
|
||
|
|
!
|
||
|
|
interface TenGigabitEthernet2/1/2
|
||
|
|
!
|
||
|
|
interface Vlan1
|
||
|
|
ip dhcp relay information trusted
|
||
|
|
ip address 192.168.77.254 255.255.255.0 secondary
|
||
|
|
ip address 192.168.76.126 255.255.255.128 secondary
|
||
|
|
ip address 10.5.35.254 255.255.252.0 secondary
|
||
|
|
ip address 10.5.38.254 255.255.255.0 secondary
|
||
|
|
ip address 10.5.63.254 255.255.255.0 secondary
|
||
|
|
ip address 10.5.36.254 255.255.255.0 secondary
|
||
|
|
ip address 192.168.75.254 255.255.255.0
|
||
|
|
ip helper-address 10.5.35.217
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan13
|
||
|
|
description --Users-KU13--
|
||
|
|
ip dhcp relay information trusted
|
||
|
|
ip address 10.5.43.254 255.255.255.0
|
||
|
|
ip helper-address 10.5.35.217
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan16
|
||
|
|
description --Users-KU16--
|
||
|
|
ip dhcp relay information trusted
|
||
|
|
ip address 10.5.46.254 255.255.255.0
|
||
|
|
ip helper-address 10.5.35.217
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan101
|
||
|
|
description --PRINTERS--
|
||
|
|
no ip address
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan111
|
||
|
|
description INTERCONNECT
|
||
|
|
ip address 172.16.8.4 255.255.255.248
|
||
|
|
!
|
||
|
|
interface Vlan113
|
||
|
|
description --Link-to-mikrotik--
|
||
|
|
ip address 10.8.252.253 255.255.255.252
|
||
|
|
!
|
||
|
|
interface Vlan150
|
||
|
|
description --Wi-Fi_WORK--
|
||
|
|
ip dhcp relay information trusted
|
||
|
|
ip address 10.5.41.254 255.255.255.0
|
||
|
|
ip helper-address 10.5.35.217
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan200
|
||
|
|
description GuestWiFi
|
||
|
|
ip address 10.200.1.254 255.255.255.0
|
||
|
|
ip access-group No_Local_For_GuestWiFI in
|
||
|
|
ip helper-address 10.200.0.230
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan201
|
||
|
|
description IMM
|
||
|
|
ip address 192.168.70.254 255.255.255.0
|
||
|
|
ip helper-address 10.5.35.217
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan220
|
||
|
|
description SkladWifi
|
||
|
|
ip dhcp relay information trusted
|
||
|
|
ip address 10.220.1.254 255.255.255.0
|
||
|
|
ip helper-address 10.220.1.230
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan250
|
||
|
|
description --SERVERS_37.0/24--
|
||
|
|
ip address 10.5.37.254 255.255.255.0
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan251
|
||
|
|
description --SERVERS_BACKUP--
|
||
|
|
ip address 10.5.61.30 255.255.255.224
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan252
|
||
|
|
description --SERVERS_VIDEO--
|
||
|
|
ip address 10.5.61.62 255.255.255.224
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan290
|
||
|
|
description -=SrvVmwVMon=-
|
||
|
|
ip address 10.5.61.94 255.255.255.224
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan300
|
||
|
|
description --MANAGEMENT--
|
||
|
|
ip address 10.5.62.254 255.255.255.0
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan301
|
||
|
|
description --Wi-Fi_MANAGEMENT--
|
||
|
|
ip dhcp relay information trusted
|
||
|
|
ip address 10.5.42.254 255.255.255.0
|
||
|
|
ip helper-address 10.5.35.217
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan310
|
||
|
|
description --UPS managment--
|
||
|
|
ip address 10.5.47.254 255.255.255.0
|
||
|
|
!
|
||
|
|
interface Vlan350
|
||
|
|
description --VOICE--
|
||
|
|
ip dhcp relay information trusted
|
||
|
|
ip address 10.5.44.254 255.255.255.0
|
||
|
|
ip helper-address 10.5.35.217
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan450
|
||
|
|
description --Wi-Fi_SKLAD--
|
||
|
|
ip dhcp relay information trusted
|
||
|
|
ip address 10.5.40.254 255.255.255.0
|
||
|
|
ip helper-address 10.5.35.217
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan500
|
||
|
|
description --Wi-Fi_GUEST--
|
||
|
|
ip dhcp relay information trusted
|
||
|
|
ip address 10.5.39.254 255.255.255.0
|
||
|
|
ip access-group No_Local_For_GuestWiFI in
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan550
|
||
|
|
description --PRODACTION_TRANSFER--
|
||
|
|
ip address 192.168.78.254 255.255.255.0
|
||
|
|
ip access-group ACL-FW_PROD_VLAN550-IN in
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
ip policy route-map RM_PRODACTION
|
||
|
|
!
|
||
|
|
interface Vlan555
|
||
|
|
description --BGP_TRANSIT--
|
||
|
|
ip address 172.30.30.102 255.255.255.248
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
interface Vlan603
|
||
|
|
description --CRPT-Mark--
|
||
|
|
ip dhcp relay information trusted
|
||
|
|
ip address 10.5.45.254 255.255.255.0
|
||
|
|
!
|
||
|
|
router bgp 64516
|
||
|
|
bgp router-id 172.30.30.102
|
||
|
|
bgp log-neighbor-changes
|
||
|
|
bgp graceful-restart restart-time 120
|
||
|
|
bgp graceful-restart stalepath-time 360
|
||
|
|
bgp graceful-restart
|
||
|
|
network 10.5.32.0 mask 255.255.252.0
|
||
|
|
network 10.5.36.0 mask 255.255.255.0
|
||
|
|
network 10.5.37.0 mask 255.255.255.0
|
||
|
|
network 10.5.38.0 mask 255.255.255.0
|
||
|
|
network 10.5.39.0 mask 255.255.255.0
|
||
|
|
network 10.5.40.0 mask 255.255.255.0
|
||
|
|
network 10.5.42.0 mask 255.255.255.0
|
||
|
|
network 10.5.62.0 mask 255.255.255.0
|
||
|
|
network 10.5.63.0 mask 255.255.255.0
|
||
|
|
network 10.220.1.0 mask 255.255.255.0
|
||
|
|
network 192.168.75.0
|
||
|
|
network 192.168.76.0 mask 255.255.255.128
|
||
|
|
network 192.168.77.0
|
||
|
|
network 192.168.78.0
|
||
|
|
aggregate-address 10.5.32.0 255.255.224.0
|
||
|
|
neighbor 172.30.30.100 remote-as 64516
|
||
|
|
neighbor 172.30.30.101 remote-as 64516
|
||
|
|
distance bgp 150 150 150
|
||
|
|
!
|
||
|
|
ip forward-protocol nd
|
||
|
|
!
|
||
|
|
!
|
||
|
|
ip http server
|
||
|
|
no ip http secure-server
|
||
|
|
ip tftp source-interface Vlan300
|
||
|
|
ip route 0.0.0.0 0.0.0.0 172.16.8.3
|
||
|
|
ip route 192.168.10.0 255.255.255.0 172.16.8.3
|
||
|
|
ip route 192.168.11.0 255.255.255.0 172.16.8.3
|
||
|
|
ip route 192.168.31.0 255.255.255.0 172.16.8.3
|
||
|
|
ip ssh version 2
|
||
|
|
!
|
||
|
|
ip access-list extended ACL-FW_PROD_VLAN550-IN
|
||
|
|
permit icmp any any
|
||
|
|
permit ip 192.168.78.0 0.0.0.255 10.4.192.0 0.0.0.255
|
||
|
|
permit ip 192.168.78.0 0.0.0.255 host 10.4.32.33
|
||
|
|
permit ip 192.168.78.0 0.0.0.255 host 10.5.155.29
|
||
|
|
permit ip 192.168.78.0 0.0.0.255 host 178.209.110.74
|
||
|
|
permit ip 192.168.78.0 0.0.0.255 host 91.240.179.50
|
||
|
|
remark RDP Server FOR access TO Prolight
|
||
|
|
permit ip host 192.168.78.101 host 192.168.75.207
|
||
|
|
permit ip host 192.168.78.101 host 192.168.8.164
|
||
|
|
permit ip host 192.168.78.101 host 10.5.33.20
|
||
|
|
permit ip host 192.168.78.101 host 10.5.33.66
|
||
|
|
permit ip host 192.168.78.101 host 10.5.32.81
|
||
|
|
permit ip host 192.168.78.101 host 10.5.33.104
|
||
|
|
permit ip host 192.168.78.101 host 10.14.113.127
|
||
|
|
permit tcp host 192.168.78.101 eq 49674 host 10.4.39.1
|
||
|
|
permit tcp host 192.168.78.101 eq 49674 192.168.8.0 0.0.0.255
|
||
|
|
permit tcp host 192.168.78.114 eq 5900 host 192.168.75.207
|
||
|
|
permit ip host 192.168.78.231 host 10.5.33.66
|
||
|
|
deny ip any 10.0.0.0 0.255.255.255
|
||
|
|
deny ip any 172.16.0.0 0.15.255.255
|
||
|
|
deny ip any 192.168.0.0 0.0.255.255
|
||
|
|
ip access-list extended ACL_FROM_PRODACTION
|
||
|
|
deny ip any 192.168.0.0 0.0.255.255
|
||
|
|
deny ip any 10.0.0.0 0.255.255.255
|
||
|
|
deny ip any 172.16.0.0 0.15.255.255
|
||
|
|
permit ip 192.168.78.0 0.0.0.255 any
|
||
|
|
ip access-list extended Local_For_SkladWiFI
|
||
|
|
remark Deny Guest VLAN220 access to Net and other PP
|
||
|
|
permit tcp any host 192.168.75.200 eq domain
|
||
|
|
permit udp any host 192.168.75.200 eq domain
|
||
|
|
permit tcp any host 192.168.75.201 eq domain
|
||
|
|
permit udp any host 192.168.75.201 eq domain
|
||
|
|
permit tcp any host 192.168.8.4
|
||
|
|
permit tcp any host 192.168.75.199
|
||
|
|
permit tcp any host 192.168.8.6
|
||
|
|
permit ip any host 192.168.8.254
|
||
|
|
permit ip any host 192.168.8.4
|
||
|
|
permit ip any host 192.168.8.6
|
||
|
|
deny ip any 10.2.0.0 0.0.255.255
|
||
|
|
deny ip any 192.168.0.0 0.0.255.255
|
||
|
|
permit ip any any
|
||
|
|
ip access-list extended No_Local_For_GuestWiFI
|
||
|
|
remark Deny Guest VLAN200 access to other VLANs
|
||
|
|
permit tcp any host 192.168.75.200 eq domain
|
||
|
|
permit udp any host 192.168.75.200 eq domain
|
||
|
|
permit tcp any host 192.168.75.201 eq domain
|
||
|
|
permit udp any host 192.168.75.201 eq domain
|
||
|
|
permit tcp any host 192.168.8.77 eq 443
|
||
|
|
deny ip any 192.168.0.0 0.0.255.255
|
||
|
|
deny ip any 10.0.0.0 0.255.255.255
|
||
|
|
permit ip any any
|
||
|
|
ip access-list extended VSL-BFD
|
||
|
|
permit udp any any eq 3784
|
||
|
|
ip access-list extended VSL-DHCP-CLIENT-TO-SERVER
|
||
|
|
permit udp any eq bootpc any eq bootps
|
||
|
|
ip access-list extended VSL-DHCP-SERVER-TO-CLIENT
|
||
|
|
permit udp any eq bootps any eq bootpc
|
||
|
|
ip access-list extended VSL-DHCP-SERVER-TO-SERVER
|
||
|
|
permit udp any eq bootps any eq bootps
|
||
|
|
ip access-list extended VSL-IPV4-ROUTING
|
||
|
|
permit ip any 224.0.0.0 0.0.0.255
|
||
|
|
!
|
||
|
|
logging origin-id hostname
|
||
|
|
logging facility local6
|
||
|
|
logging source-interface Vlan300
|
||
|
|
logging host 192.168.8.119 transport udp port 5544
|
||
|
|
logging host 10.4.244.4 transport udp port 515
|
||
|
|
arp 192.168.75.244 0020.85e1.d1d7 ARPA
|
||
|
|
!
|
||
|
|
route-map RM_PRODACTION permit 10
|
||
|
|
match ip address ACL_FROM_PRODACTION
|
||
|
|
set ip next-hop 172.16.8.2
|
||
|
|
!
|
||
|
|
!
|
||
|
|
snmp-server community lmTUEsk6Yvlv RO 5
|
||
|
|
!
|
||
|
|
!
|
||
|
|
radius server IZH-RDS002
|
||
|
|
address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
|
||
|
|
timeout 3
|
||
|
|
retransmit 2
|
||
|
|
key 7 082955452F3824373A0C553C732D372738022A46164E14044C1A1E6D55570F311F4354537B794D58395E14546A72533204176F182C18256E703B3C3631560E2654
|
||
|
|
!
|
||
|
|
radius server P11-RDS003
|
||
|
|
address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
|
||
|
|
timeout 3
|
||
|
|
retransmit 2
|
||
|
|
key 7 094457023F243632230B5D1272223B3C3E151B52075B1653431B156A0F5A143F50425B577A7E4C076903150B6521442706483F152536486C372B2024344F092E7A
|
||
|
|
!
|
||
|
|
!
|
||
|
|
ipv6 access-list VSL-IPV6-ROUTING
|
||
|
|
permit ipv6 any FF02::/124
|
||
|
|
banner login ^C
|
||
|
|
*****************************************************************************
|
||
|
|
* *
|
||
|
|
* UNAUTHORIZED ACCESS IS PROHIBITED *
|
||
|
|
* *
|
||
|
|
* You have accessed network equipment. *
|
||
|
|
* You must have authorized permission to access or configure this device. *
|
||
|
|
* All activities performed on this device are logged and monitored. *
|
||
|
|
* *
|
||
|
|
*****************************************************************************
|
||
|
|
^C
|
||
|
|
!
|
||
|
|
line con 0
|
||
|
|
logging synchronous
|
||
|
|
login authentication CONSOLE
|
||
|
|
stopbits 1
|
||
|
|
line vty 0 4
|
||
|
|
exec-timeout 120 0
|
||
|
|
logging synchronous
|
||
|
|
login authentication NPS
|
||
|
|
transport input ssh
|
||
|
|
line vty 5 15
|
||
|
|
exec-timeout 120 0
|
||
|
|
logging synchronous
|
||
|
|
login authentication NPS
|
||
|
|
transport input ssh
|
||
|
|
!
|
||
|
|
ntp source Vlan300
|
||
|
|
ntp server 192.168.8.200
|
||
|
|
ntp server 192.168.8.201
|
||
|
|
!
|
||
|
|
end
|