ansible/backup/files/cisco/IZH-TK-M44-SW-6-1.txt

Building configuration...

Current configuration : 9107 bytes
!
! Last configuration change at 04:00:58 MSK Mon Jan 2 2006
! NVRAM config last updated at 01:00:02 MSK Thu Jul 28 2022
!
version 15.2
service nagle
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
service password-encryption
service sequence-numbers
!
hostname IZH-TK-M44-SW-6-1
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
logging rate-limit 10000
enable secret 5 $1$j4UP$Wgs2xMeWlYNzcOvcwfmE90
!
username netadmin privilege 15 secret 5 $1$J.Qt$Hr5EAHwQ2BJA4L4FGJYUi/
aaa new-model
!
!
aaa group server radius NPS
 server name IZH-RDS002
 server name P11-RDS003
 load-balance method least-outstanding
!
aaa authentication login default group NPS local enable
aaa authentication login CONSOLE local group NPS
aaa authorization exec default group NPS local if-authenticated 
!
!
!
!
!
!
aaa session-id common
clock timezone MSK 4 0
system mtu routing 1500
no ip source-route
no ip gratuitous-arps
!
!
ip dhcp snooping vlan 2,150,300,350,500
ip dhcp snooping
!
ip domain-list komos.local
no ip domain-lookup
ip domain-name komos.ru
ip host tftp 10.4.0.214
ip host VM-KG-NET 10.1.12.70
login on-failure log
login on-success log
vtp mode transparent
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-3156969216
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3156969216
 revocation-check none
 rsakeypair TP-self-signed-3156969216
!
!
crypto pki certificate chain TP-self-signed-3156969216
 certificate self-signed 01
  30820249 308201B2 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 33313536 39363932 3136301E 170D3933 30333031 30303035 
  32385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 31353639 
  36393231 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100D8F4 6703B3DB DC58B907 B09E6F38 9EB7D326 949F88DF 5B2D43D0 50E74AAA 
  B02B2D00 3AB4EB13 A6EB9E35 C6C42E59 45271B5C AEEB107D 7BE9367D D62ED77F 
  4A9B9CAF A25716A5 25D334E3 F79205C0 9478B375 0E2396BE D3BFEF9A 5308EA8B 
  323192D1 8F54D87E 11CF6ED1 C6E41493 9FB1CC1C F893D413 B78C4732 8200E59E 
  91E50203 010001A3 71306F30 0F060355 1D130101 FF040530 030101FF 301C0603 
  551D1104 15301382 114F322D 5377322D 332E6B6F 6D6F732E 7275301F 0603551D 
  23041830 1680143E 9F0213FE 14160179 BC8C9F8B 15AE0AE9 B5C53330 1D060355 
  1D0E0416 04143E9F 0213FE14 160179BC 8C9F8B15 AE0AE9B5 C533300D 06092A86 
  4886F70D 01010405 00038181 000DA2BC 29E16F71 5B95FD00 FE6D9866 831949DF 
  263174D3 A1B3AD6B 8E6CAEE6 B8069AFD 08875020 F846DEAF 1F7B31F8 B60556C7 
  A79D7F2F CAF928C0 2F6FDD3F 5F1471CB 475B2732 87458EBF EFA61358 7F54E9AC 
  64172996 878EF6AD FF5A1942 E04C7E4E 6D88FAB4 F3AFE6D0 6F0B6C9D 9106E335 
  E89E866E 46D40286 9667A6D9 43
  	quit
archive
 log config
  logging enable
  logging size 900
  notify syslog contenttype plaintext
  hidekeys
 path tftp://tftp/IZH/TK/M44-SW_L2/$H.$T.conf
 write-memory
 time-period 10080
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause loopback
errdisable recovery interval 600
!
!
!
!
vlan internal allocation policy ascending
!
vlan 2
 name TK-LAN-USERS-AREA
!
vlan 25
 name VOICE_AREA
!
vlan 150
 name TK-WIFI-USERS-AREA
!
vlan 300
 name NETWORK_MANAGEMENT
!
vlan 350
 name TK-VOICE-AREA
!
vlan 500
 name TK-WIFI-GUEST-AREA
!
lldp run
!
! 
!
!
!
!
!
!
!
!
interface Loopback7777
 description FTK4600
 no ip address
 shutdown
!
interface FastEthernet0/1
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/2
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/3
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/4
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/5
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/6
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/7
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 logging event trunk-status
 logging event spanning-tree
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface FastEthernet0/8
 description ACCESS
 switchport access vlan 2
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 logging event trunk-status
 logging event spanning-tree
 no snmp trap link-status
 storm-control broadcast level 30.00
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/1
 description [CORE] M44-SW-1-3
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
 ip dhcp snooping trust
!
interface GigabitEthernet0/2
 description TRUNK_PORT
 switchport mode trunk
 logging event trunk-status
 logging event spanning-tree
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan300
 ip address 10.0.5.243 255.255.255.0
 no ip route-cache
!
ip default-gateway 10.0.5.254
no ip http server
no ip http secure-server
!
ip tftp source-interface Vlan300
ip ssh authentication-retries 2
ip ssh version 2
!
kron occurrence EveryDay at 1:00 recurring
 policy-list SaveBackup
!
kron policy-list SaveBackup
 cli write memory
!
logging trap debugging
logging origin-id hostname
logging facility local1
logging source-interface Vlan300
logging host 192.168.2.25
logging host 10.4.244.4 transport udp port 515
access-list 23 permit any
access-list 23 deny   any log
snmp-server community lmTUEsk6Yvlv RO
snmp-server host 10.1.122.227 lmTUEsk6Yvlv 
!
!
radius server IZH-RDS002
 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405
!
radius server P11-RDS003
 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405
!
banner login ^C
*****************************************************************************
*                                                                           *
*                             KOMOS GROUP LLC                               *
*                        Izhevsk, Ordzhonikidze, 2                          *
*                                2st FLOOR                                  *
*                                CROSS ROOM                                 *
*                                                                           *
*                    UNAUTHORIZED ACCESS IS PROHIBITED                      *
*                                                                           *
*                     You have accessed network equipment.                  *
*  You must have authorized permission to access or configure this device.  *
*     All activities performed on this device are logged and monitored.     *
*                                                                           *
*****************************************************************************^C
!
line con 0
 logging synchronous
 login authentication CONSOLE
line vty 0 4
 logging synchronous
 login authentication NPS
 length 0
 transport input ssh
line vty 5 15
 logging synchronous
 login authentication NPS
 transport input ssh
!
ntp source Vlan300
ntp server 10.0.5.254
end
first commit 2025-10-31 08:47:26 +04:00			`Building configuration...`

			`Current configuration : 9107 bytes`
			`!`
			`! Last configuration change at 04:00:58 MSK Mon Jan 2 2006`
			`! NVRAM config last updated at 01:00:02 MSK Thu Jul 28 2022`
			`!`
			`version 15.2`
			`service nagle`
			`no service pad`
			`service tcp-keepalives-in`
			`service tcp-keepalives-out`
			`service timestamps debug datetime msec localtime show-timezone year`
			`service timestamps log datetime msec localtime show-timezone year`
			`service password-encryption`
			`service sequence-numbers`
			`!`
			`hostname IZH-TK-M44-SW-6-1`
			`!`
			`boot-start-marker`
			`boot-end-marker`
			`!`
			`!`
			`logging buffered 51200 warnings`
			`logging rate-limit 10000`
			`enable secret 5 $1$j4UP$Wgs2xMeWlYNzcOvcwfmE90`
			`!`
			`username netadmin privilege 15 secret 5 $1$J.Qt$Hr5EAHwQ2BJA4L4FGJYUi/`
			`aaa new-model`
			`!`
			`!`
			`aaa group server radius NPS`
			`server name IZH-RDS002`
			`server name P11-RDS003`
			`load-balance method least-outstanding`
			`!`
			`aaa authentication login default group NPS local enable`
			`aaa authentication login CONSOLE local group NPS`
			`aaa authorization exec default group NPS local if-authenticated`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`aaa session-id common`
			`clock timezone MSK 4 0`
			`system mtu routing 1500`
			`no ip source-route`
			`no ip gratuitous-arps`
			`!`
			`!`
			`ip dhcp snooping vlan 2,150,300,350,500`
			`ip dhcp snooping`
			`!`
			`ip domain-list komos.local`
			`no ip domain-lookup`
			`ip domain-name komos.ru`
			`ip host tftp 10.4.0.214`
			`ip host VM-KG-NET 10.1.12.70`
			`login on-failure log`
			`login on-success log`
			`vtp mode transparent`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`crypto pki trustpoint TP-self-signed-3156969216`
			`enrollment selfsigned`
			`subject-name cn=IOS-Self-Signed-Certificate-3156969216`
			`revocation-check none`
			`rsakeypair TP-self-signed-3156969216`
			`!`
			`!`
			`crypto pki certificate chain TP-self-signed-3156969216`
			`certificate self-signed 01`
			`30820249 308201B2 A0030201 02020101 300D0609 2A864886 F70D0101 04050030`
			`31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274`
			`69666963 6174652D 33313536 39363932 3136301E 170D3933 30333031 30303035`
			`32385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649`
			`4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 31353639`
			`36393231 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281`
			`8100D8F4 6703B3DB DC58B907 B09E6F38 9EB7D326 949F88DF 5B2D43D0 50E74AAA`
			`B02B2D00 3AB4EB13 A6EB9E35 C6C42E59 45271B5C AEEB107D 7BE9367D D62ED77F`
			`4A9B9CAF A25716A5 25D334E3 F79205C0 9478B375 0E2396BE D3BFEF9A 5308EA8B`
			`323192D1 8F54D87E 11CF6ED1 C6E41493 9FB1CC1C F893D413 B78C4732 8200E59E`
			`91E50203 010001A3 71306F30 0F060355 1D130101 FF040530 030101FF 301C0603`
			`551D1104 15301382 114F322D 5377322D 332E6B6F 6D6F732E 7275301F 0603551D`
			`23041830 1680143E 9F0213FE 14160179 BC8C9F8B 15AE0AE9 B5C53330 1D060355`
			`1D0E0416 04143E9F 0213FE14 160179BC 8C9F8B15 AE0AE9B5 C533300D 06092A86`
			`4886F70D 01010405 00038181 000DA2BC 29E16F71 5B95FD00 FE6D9866 831949DF`
			`263174D3 A1B3AD6B 8E6CAEE6 B8069AFD 08875020 F846DEAF 1F7B31F8 B60556C7`
			`A79D7F2F CAF928C0 2F6FDD3F 5F1471CB 475B2732 87458EBF EFA61358 7F54E9AC`
			`64172996 878EF6AD FF5A1942 E04C7E4E 6D88FAB4 F3AFE6D0 6F0B6C9D 9106E335`
			`E89E866E 46D40286 9667A6D9 43`
			`quit`
			`archive`
			`log config`
			`logging enable`
			`logging size 900`
			`notify syslog contenttype plaintext`
			`hidekeys`
			`path tftp://tftp/IZH/TK/M44-SW_L2/$H.$T.conf`
			`write-memory`
			`time-period 10080`
			`!`
			`spanning-tree mode rapid-pvst`
			`spanning-tree loopguard default`
			`no spanning-tree optimize bpdu transmission`
			`spanning-tree extend system-id`
			`errdisable recovery cause bpduguard`
			`errdisable recovery cause security-violation`
			`errdisable recovery cause channel-misconfig`
			`errdisable recovery cause dtp-flap`
			`errdisable recovery cause link-flap`
			`errdisable recovery cause psecure-violation`
			`errdisable recovery cause port-mode-failure`
			`errdisable recovery cause loopback`
			`errdisable recovery interval 600`
			`!`
			`!`
			`!`
			`!`
			`vlan internal allocation policy ascending`
			`!`
			`vlan 2`
			`name TK-LAN-USERS-AREA`
			`!`
			`vlan 25`
			`name VOICE_AREA`
			`!`
			`vlan 150`
			`name TK-WIFI-USERS-AREA`
			`!`
			`vlan 300`
			`name NETWORK_MANAGEMENT`
			`!`
			`vlan 350`
			`name TK-VOICE-AREA`
			`!`
			`vlan 500`
			`name TK-WIFI-GUEST-AREA`
			`!`
			`lldp run`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`interface Loopback7777`
			`description FTK4600`
			`no ip address`
			`shutdown`
			`!`
			`interface FastEthernet0/1`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/2`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/3`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/4`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/5`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/6`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/7`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`logging event trunk-status`
			`logging event spanning-tree`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface FastEthernet0/8`
			`description ACCESS`
			`switchport access vlan 2`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`logging event trunk-status`
			`logging event spanning-tree`
			`no snmp trap link-status`
			`storm-control broadcast level 30.00`
			`no cdp enable`
			`spanning-tree portfast`
			`!`
			`interface GigabitEthernet0/1`
			`description [CORE] M44-SW-1-3`
			`switchport mode trunk`
			`logging event trunk-status`
			`logging event spanning-tree`
			`ip dhcp snooping trust`
			`!`
			`interface GigabitEthernet0/2`
			`description TRUNK_PORT`
			`switchport mode trunk`
			`logging event trunk-status`
			`logging event spanning-tree`
			`!`
			`interface Vlan1`
			`no ip address`
			`shutdown`
			`!`
			`interface Vlan300`
			`ip address 10.0.5.243 255.255.255.0`
			`no ip route-cache`
			`!`
			`ip default-gateway 10.0.5.254`
			`no ip http server`
			`no ip http secure-server`
			`!`
			`ip tftp source-interface Vlan300`
			`ip ssh authentication-retries 2`
			`ip ssh version 2`
			`!`
			`kron occurrence EveryDay at 1:00 recurring`
			`policy-list SaveBackup`
			`!`
			`kron policy-list SaveBackup`
			`cli write memory`
			`!`
			`logging trap debugging`
			`logging origin-id hostname`
			`logging facility local1`
			`logging source-interface Vlan300`
			`logging host 192.168.2.25`
			`logging host 10.4.244.4 transport udp port 515`
			`access-list 23 permit any`
			`access-list 23 deny any log`
			`snmp-server community lmTUEsk6Yvlv RO`
			`snmp-server host 10.1.122.227 lmTUEsk6Yvlv`
			`!`
			`!`
			`radius server IZH-RDS002`
			`address ipv4 10.4.0.248 auth-port 1645 acct-port 1646`
			`timeout 3`
			`retransmit 2`
			`key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405`
			`!`
			`radius server P11-RDS003`
			`address ipv4 10.1.122.248 auth-port 1645 acct-port 1646`
			`timeout 3`
			`retransmit 2`
			`key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405`
			`!`
			`banner login ^C`
			`*****************************************************************************`
			`* *`
			`* KOMOS GROUP LLC *`
			`* Izhevsk, Ordzhonikidze, 2 *`
			`* 2st FLOOR *`
			`* CROSS ROOM *`
			`* *`
			`* UNAUTHORIZED ACCESS IS PROHIBITED *`
			`* *`
			`* You have accessed network equipment. *`
			`* You must have authorized permission to access or configure this device. *`
			`* All activities performed on this device are logged and monitored. *`
			`* *`
			`*****************************************************************************^C`
			`!`
			`line con 0`
			`logging synchronous`
			`login authentication CONSOLE`
			`line vty 0 4`
			`logging synchronous`
			`login authentication NPS`
			`length 0`
			`transport input ssh`
			`line vty 5 15`
			`logging synchronous`
			`login authentication NPS`
			`transport input ssh`
			`!`
			`ntp source Vlan300`
			`ntp server 10.0.5.254`
			`end`