ansible/backup/files/cisco/IZH-TK-M44-SW-3-1.txt

Building configuration...

Current configuration : 8220 bytes
!
! Last configuration change at 04:00:58 MSK Mon Jan 2 2006
! NVRAM config last updated at 01:00:01 MSK Thu Jul 28 2022
!
version 15.2
service nagle
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
service password-encryption
service sequence-numbers
!
hostname IZH-TK-M44-SW-3-1
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
logging rate-limit 10000
enable secret 5 $1$j4UP$Wgs2xMeWlYNzcOvcwfmE90
!
username netadmin privilege 15 secret 5 $1$MIy6$REAxQCFQRdFtJj9PPKDyi.
aaa new-model
!
!
aaa group server radius NPS
 server name IZH-RDS002
 server name P11-RDS003
 load-balance method least-outstanding
!
aaa authentication login default group NPS local enable
aaa authentication login CONSOLE local group NPS
aaa authorization exec default group NPS local if-authenticated 
!
!
!
!
!
!
aaa session-id common
clock timezone MSK 4 0
system mtu routing 1500
no ip source-route
no ip gratuitous-arps
!
!
ip dhcp snooping vlan 2,150,300,350,500
ip dhcp snooping
!
ip domain-list komos.local
no ip domain-lookup
ip domain-name komos.ru
ip host VM-KG-NET 10.1.12.70
ip host tftp 10.4.0.214
login on-failure log
login on-success log
vtp mode transparent
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-3260352896
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3260352896
 revocation-check none
 rsakeypair TP-self-signed-3260352896
!
!
crypto pki certificate chain TP-self-signed-3260352896
 certificate self-signed 01
  30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 33323630 33353238 3936301E 170D3933 30333031 30303539 
  34345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32363033 
  35323839 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100C846 8A8337BC 1E8688F4 0BE8DFA8 E25C18F7 95BB6BDD 5E85BBB0 666E033A 
  BAA66B1D DF83F619 2CB9AF81 5292486A 6FB8B66E EDA24399 599DE9B6 6C03BB20 
  E05BBB6F 813C84FA 31484143 28F78BD0 0097B3C6 9AF7BE9C 152EFF74 34B99797 
  38B65453 EDE7B1D8 158E4092 A9E68ED2 1E3A0B14 FA184F63 19957EC1 712A69B8 
  D4AD0203 010001A3 6C306A30 0F060355 1D130101 FF040530 030101FF 30170603 
  551D1104 10300E82 0C4D3434 2E6B6F6D 6F732E72 75301F06 03551D23 04183016 
  8014FD2C 11AE01BE 4376FA6C EF7A0B19 C2C0C894 5C19301D 0603551D 0E041604 
  14FD2C11 AE01BE43 76FA6CEF 7A0B19C2 C0C8945C 19300D06 092A8648 86F70D01 
  01040500 03818100 A0CA07CB 679FD968 9D8DAC97 964061CE 7E202931 95A8D53B 
  C9A6F8B5 947DEF21 5110D97C 18FD086C 818D07DB 98B748D0 38A57852 FED7C5D1 
  AB35930E AF62B11F E8D84B1D BD7F20AF BFC56885 4CFA8EEF AF3019EC D60842D4 
  CCE7F6AC BB5D0214 2937E441 5CE2046A 1A3A5C0F 9D55E887 88054112 B70DAB46 
  BC6B7569 D4359A6E
  	quit
archive
 log config
  logging enable
  logging size 900
  notify syslog contenttype plaintext
  hidekeys
 path tftp://tftp/IZH/TK/M44-SW_L2/$H.$T.conf
 write-memory
 time-period 10080
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause loopback
errdisable recovery interval 600
!
!
!
!
vlan internal allocation policy ascending
!
vlan 2
 name TK-LAN-USERS-AREA
!
vlan 25
 name VOICE_AREA
!
vlan 150
 name TK-WIFI-USERS-AREA
!
vlan 300
 name NETWORK_MANAGEMENT
!
vlan 350
 name TK-VOICE-AREA
!
vlan 500
 name TK-WIFI-GUEST-AREA
!
ip tcp selective-ack
ip tcp path-mtu-discovery
lldp run
!
! 
!
!
!
!
!
!
!
!
interface Loopback7777
 description FTK4601
 no ip address
 shutdown
!
interface FastEthernet0/1
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/2
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/3
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/4
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/5
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/6
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/7
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/8
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/1
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/2
 description [CORE] M44-SW-1-3
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 ip dhcp snooping trust
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan300
 ip address 10.0.5.244 255.255.255.0
 no ip route-cache
!
ip default-gateway 10.0.5.254
no ip http server
no ip http secure-server
!
ip tftp source-interface Vlan300
ip ssh authentication-retries 2
ip ssh version 2
!
kron occurrence EveryDay at 1:00 recurring
 policy-list SaveBackup
!
kron policy-list SaveBackup
 cli write memory
!
logging trap debugging
logging origin-id hostname
logging facility local1
logging source-interface Vlan300
logging host 192.168.2.25
logging host 10.4.244.4 transport udp port 515
access-list 23 permit any
access-list 23 deny   any log
snmp-server community lmTUEsk6Yvlv RO
snmp-server host 10.1.122.227 lmTUEsk6Yvlv 
!
!
radius server IZH-RDS002
 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405
!
radius server P11-RDS003
 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405
!
banner login ^CCC
*****************************************************************************
*                                                                           *
^C
!
line con 0
 logging synchronous
 login authentication CONSOLE
line vty 0 4
 logging synchronous
 login authentication NPS
 length 0
 transport input ssh
line vty 5 15
 logging synchronous
 login authentication NPS
 transport input ssh
!
ntp source Vlan300
ntp server 10.0.5.254
end
first commit 2025-10-31 08:47:26 +04:00			`Building configuration...`

			`Current configuration : 8220 bytes`
			`!`
			`! Last configuration change at 04:00:58 MSK Mon Jan 2 2006`
			`! NVRAM config last updated at 01:00:01 MSK Thu Jul 28 2022`
			`!`
			`version 15.2`
			`service nagle`
			`no service pad`
			`service tcp-keepalives-in`
			`service tcp-keepalives-out`
			`service timestamps debug datetime msec localtime show-timezone year`
			`service timestamps log datetime msec localtime show-timezone year`
			`service password-encryption`
			`service sequence-numbers`
			`!`
			`hostname IZH-TK-M44-SW-3-1`
			`!`
			`boot-start-marker`
			`boot-end-marker`
			`!`
			`!`
			`logging buffered 51200 warnings`
			`logging rate-limit 10000`
			`enable secret 5 $1$j4UP$Wgs2xMeWlYNzcOvcwfmE90`
			`!`
			`username netadmin privilege 15 secret 5 $1$MIy6$REAxQCFQRdFtJj9PPKDyi.`
			`aaa new-model`
			`!`
			`!`
			`aaa group server radius NPS`
			`server name IZH-RDS002`
			`server name P11-RDS003`
			`load-balance method least-outstanding`
			`!`
			`aaa authentication login default group NPS local enable`
			`aaa authentication login CONSOLE local group NPS`
			`aaa authorization exec default group NPS local if-authenticated`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`aaa session-id common`
			`clock timezone MSK 4 0`
			`system mtu routing 1500`
			`no ip source-route`
			`no ip gratuitous-arps`
			`!`
			`!`
			`ip dhcp snooping vlan 2,150,300,350,500`
			`ip dhcp snooping`
			`!`
			`ip domain-list komos.local`
			`no ip domain-lookup`
			`ip domain-name komos.ru`
			`ip host VM-KG-NET 10.1.12.70`
			`ip host tftp 10.4.0.214`
			`login on-failure log`
			`login on-success log`
			`vtp mode transparent`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`crypto pki trustpoint TP-self-signed-3260352896`
			`enrollment selfsigned`
			`subject-name cn=IOS-Self-Signed-Certificate-3260352896`
			`revocation-check none`
			`rsakeypair TP-self-signed-3260352896`
			`!`
			`!`
			`crypto pki certificate chain TP-self-signed-3260352896`
			`certificate self-signed 01`
			`30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030`
			`31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274`
			`69666963 6174652D 33323630 33353238 3936301E 170D3933 30333031 30303539`
			`34345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649`
			`4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32363033`
			`35323839 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281`
			`8100C846 8A8337BC 1E8688F4 0BE8DFA8 E25C18F7 95BB6BDD 5E85BBB0 666E033A`
			`BAA66B1D DF83F619 2CB9AF81 5292486A 6FB8B66E EDA24399 599DE9B6 6C03BB20`
			`E05BBB6F 813C84FA 31484143 28F78BD0 0097B3C6 9AF7BE9C 152EFF74 34B99797`
			`38B65453 EDE7B1D8 158E4092 A9E68ED2 1E3A0B14 FA184F63 19957EC1 712A69B8`
			`D4AD0203 010001A3 6C306A30 0F060355 1D130101 FF040530 030101FF 30170603`
			`551D1104 10300E82 0C4D3434 2E6B6F6D 6F732E72 75301F06 03551D23 04183016`
			`8014FD2C 11AE01BE 4376FA6C EF7A0B19 C2C0C894 5C19301D 0603551D 0E041604`
			`14FD2C11 AE01BE43 76FA6CEF 7A0B19C2 C0C8945C 19300D06 092A8648 86F70D01`
			`01040500 03818100 A0CA07CB 679FD968 9D8DAC97 964061CE 7E202931 95A8D53B`
			`C9A6F8B5 947DEF21 5110D97C 18FD086C 818D07DB 98B748D0 38A57852 FED7C5D1`
			`AB35930E AF62B11F E8D84B1D BD7F20AF BFC56885 4CFA8EEF AF3019EC D60842D4`
			`CCE7F6AC BB5D0214 2937E441 5CE2046A 1A3A5C0F 9D55E887 88054112 B70DAB46`
			`BC6B7569 D4359A6E`
			`quit`
			`archive`
			`log config`
			`logging enable`
			`logging size 900`
			`notify syslog contenttype plaintext`
			`hidekeys`
			`path tftp://tftp/IZH/TK/M44-SW_L2/$H.$T.conf`
			`write-memory`
			`time-period 10080`
			`!`
			`spanning-tree mode rapid-pvst`
			`spanning-tree loopguard default`
			`no spanning-tree optimize bpdu transmission`
			`spanning-tree extend system-id`
			`errdisable recovery cause bpduguard`
			`errdisable recovery cause security-violation`
			`errdisable recovery cause channel-misconfig`
			`errdisable recovery cause dtp-flap`
			`errdisable recovery cause link-flap`
			`errdisable recovery cause psecure-violation`
			`errdisable recovery cause port-mode-failure`
			`errdisable recovery cause loopback`
			`errdisable recovery interval 600`
			`!`
			`!`
			`!`
			`!`
			`vlan internal allocation policy ascending`
			`!`
			`vlan 2`
			`name TK-LAN-USERS-AREA`
			`!`
			`vlan 25`
			`name VOICE_AREA`
			`!`
			`vlan 150`
			`name TK-WIFI-USERS-AREA`
			`!`
			`vlan 300`
			`name NETWORK_MANAGEMENT`
			`!`
			`vlan 350`
			`name TK-VOICE-AREA`
			`!`
			`vlan 500`
			`name TK-WIFI-GUEST-AREA`
			`!`
			`ip tcp selective-ack`
			`ip tcp path-mtu-discovery`
			`lldp run`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`interface Loopback7777`
			`description FTK4601`
			`no ip address`
			`shutdown`
			`!`
			`interface FastEthernet0/1`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/2`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/3`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/4`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/5`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/6`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/7`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/8`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface GigabitEthernet0/1`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface GigabitEthernet0/2`
			`description [CORE] M44-SW-1-3`
			`switchport mode trunk`
			`logging event trunk-status`
			`logging event spanning-tree`
			`ip dhcp snooping trust`
			`!`
			`interface Vlan1`
			`no ip address`
			`shutdown`
			`!`
			`interface Vlan300`
			`ip address 10.0.5.244 255.255.255.0`
			`no ip route-cache`
			`!`
			`ip default-gateway 10.0.5.254`
			`no ip http server`
			`no ip http secure-server`
			`!`
			`ip tftp source-interface Vlan300`
			`ip ssh authentication-retries 2`
			`ip ssh version 2`
			`!`
			`kron occurrence EveryDay at 1:00 recurring`
			`policy-list SaveBackup`
			`!`
			`kron policy-list SaveBackup`
			`cli write memory`
			`!`
			`logging trap debugging`
			`logging origin-id hostname`
			`logging facility local1`
			`logging source-interface Vlan300`
			`logging host 192.168.2.25`
			`logging host 10.4.244.4 transport udp port 515`
			`access-list 23 permit any`
			`access-list 23 deny any log`
			`snmp-server community lmTUEsk6Yvlv RO`
			`snmp-server host 10.1.122.227 lmTUEsk6Yvlv`
			`!`
			`!`
			`radius server IZH-RDS002`
			`address ipv4 10.4.0.248 auth-port 1645 acct-port 1646`
			`timeout 3`
			`retransmit 2`
			`key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405`
			`!`
			`radius server P11-RDS003`
			`address ipv4 10.1.122.248 auth-port 1645 acct-port 1646`
			`timeout 3`
			`retransmit 2`
			`key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405`
			`!`
			`banner login ^CCC`
			`*****************************************************************************`
			`* *`
			`^C`
			`!`
			`line con 0`
			`logging synchronous`
			`login authentication CONSOLE`
			`line vty 0 4`
			`logging synchronous`
			`login authentication NPS`
			`length 0`
			`transport input ssh`
			`line vty 5 15`
			`logging synchronous`
			`login authentication NPS`
			`transport input ssh`
			`!`
			`ntp source Vlan300`
			`ntp server 10.0.5.254`
			`end`