ansible/backup/files/cisco/KEZ-MLK-KZS-SW-5-1.txt

Building configuration...

Current configuration : 11480 bytes
!
! Last configuration change at 14:11:56 SAMT Wed Jun 22 2022 by adm_ivanovas
! NVRAM config last updated at 14:11:58 SAMT Wed Jun 22 2022 by adm_ivanovas
!
version 15.2
no service pad
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
no service password-encryption
service unsupported-transceiver
!
hostname KEZ-MLK-KZS-SW-5-1
!
boot-start-marker
boot-end-marker
!
logging userinfo
logging buffered 64000
enable secret 5 $1$4Ll6$fz5arwcTSEtrnw9OOBVdU/
!
username netadmin privilege 15 secret 5 $1$V9JL$uMD/HQvj.PQYCsOr14jI41
aaa new-model
!
!
aaa group server radius NPS
 server name IZH-RDS002
 server name P11-RDS003
 retransmit 2
 timeout 3
 load-balance method least-outstanding
!
aaa authentication login default group NPS local enable
aaa authentication login NPS group NPS local
aaa authentication login CONSOLE local group NPS
aaa authorization console
aaa authorization exec default group NPS local if-authenticated 
aaa authorization exec NPS group NPS local if-authenticated 
!
!
!
!
!
!
aaa session-id common
clock timezone SAMT 4 0
switch 1 provision ws-c2960s-24ps-l
!
!
ip dhcp snooping vlan 1-4094
ip dhcp snooping
no ip domain-lookup
ip domain-name milkom-komos.ru
ip host tftp 10.4.0.214
vtp mode transparent
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-3549053440
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3549053440
 revocation-check none
 rsakeypair TP-self-signed-3549053440
!
!
crypto pki certificate chain TP-self-signed-3549053440
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 33353439 30353334 3430301E 170D3933 30333031 30303031 
  30385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 35343930 
  35333434 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100D724 3B1595D3 2E9CF583 441CF38B 692A3CFC 6A380C53 956ED845 215811F5 
  AC03B7FC 92822101 3E22003E 8AA62C66 B089A625 1E2F37A9 CEF01668 23F0BF6C 
  F94982F6 5864D1A8 B1D87976 2B5E5320 6BBA7E95 18CDBB38 3A562EDA 3B883AFD 
  88E80E2D 2BF20F7B 15FDF296 B9C77C75 320FADC1 DA12B95F FD955062 2B5DEE4B 
  C57D0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 
  551D2304 18301680 143EAA4A 05DDA0D1 A69558A0 B1E6B9C3 A976C012 31301D06 
  03551D0E 04160414 3EAA4A05 DDA0D1A6 9558A0B1 E6B9C3A9 76C01231 300D0609 
  2A864886 F70D0101 05050003 81810065 903B851A 3F1FDBB1 D476F594 2F255FAF 
  FD0110DF AB1234CD 00000000 00000000 02BE9E48 004BA8D4 05F069F0 05EFB6E8 
  00005884 00000000 0D0D0D0D DEADBEEF 0D0D0D0D 0D0D0D0D 0D0D0D0D 034A7B30 
  034A7B2C 0D0D0D0D 0D0D0D0D 0D0D0D0D 0D0D0D0D 0D0D0D0D 0D0D0D0D 0D0D0D0D 
  0D0D0D0D 0D0D0D0D 0D0D0D0D 0D0D0D
  	quit
archive
 log config
  logging enable
  logging size 900
  notify syslog contenttype plaintext
  hidekeys
 path tftp://tftp/KEZ/MLK/KSZ-SW_L2/$H-$T
 write-memory
 time-period 10080
!
spanning-tree mode rapid-pvst
spanning-tree logging
spanning-tree extend system-id
no errdisable detect cause gbic-invalid
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause sfp-config-mismatch
errdisable recovery cause gbic-invalid
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause pppoe-ia-rate-limit
errdisable recovery cause mac-limit
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery cause inline-power
errdisable recovery cause arp-inspection
errdisable recovery cause loopback
errdisable recovery cause small-frame
errdisable recovery cause psp
errdisable recovery interval 600
!
!
!
!
vlan internal allocation policy ascending
!
vlan 101
 name --PRINTERS--
!
vlan 150
 name --Wi-Fi_WORK--
!
vlan 300
 name --MANAGEMENT--
!
vlan 301
 name --Wi-Fi_MANAGEMENT--
!
vlan 310
 name --UPS_managment--
!
vlan 350
 name --VOICE--
!
vlan 450
 name --Wi-Fi_SKLAD--
!
vlan 500
 name --Wi-Fi_GUEST--
!
vlan 601
 name PRD_L2VPN_for_KIP
!
vlan 603
 name --CRPT-MARK--
!
lldp run
!
! 
!
!
!
!
!
!
!
!
interface Port-channel1
 description [CORE] SW-1-1
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0
 description --MGMT Port--
 no ip address
!
interface GigabitEthernet1/0/1
 description [UPS]
 switchport access vlan 310
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/2
 description NONE
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/3
 description [PRN]
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/4
 description [PRN]
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/5
 description NONE
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/6
 description NONE
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/7
 description NONE
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/8
 description NONE
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/9
 description [PRN]
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/10
 description NONE
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/11
 description NONE
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/12
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/13
 description [WIFI]
 switchport trunk native vlan 301
 switchport trunk allowed vlan 1,150,200,220,301,450,500
 switchport mode trunk
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/14
 description [WIFI]
 switchport trunk native vlan 301
 switchport trunk allowed vlan 1,150,200,220,301,450,500
 switchport mode trunk
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/15
 description NONE
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/16
 description NONE
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/17
 description NONE
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/18
 description NONE
 switchport mode access
 switchport voice vlan 350
 no snmp trap link-status
!
interface GigabitEthernet1/0/19
 description NONE
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/20
 description --Wi-Fi_AP--
 switchport trunk native vlan 301
 switchport trunk allowed vlan 1,150,200,301,450,500
 switchport mode trunk
 switchport voice vlan 350
 no logging event link-status
 logging event trunk-status
 logging event spanning-tree
 no snmp trap link-status
!
interface GigabitEthernet1/0/21
 description NONE
 switchport mode access
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/22
 description --Wi-Fi_AP--
 switchport trunk native vlan 301
 switchport trunk allowed vlan 1,150,200,301,450,500
 switchport mode trunk
 switchport voice vlan 350
 no logging event link-status
 no snmp trap link-status
!
interface GigabitEthernet1/0/23
 description [PRD] L2VPN_for_KIP
 switchport access vlan 601
 switchport mode access
 switchport voice vlan 601
 no logging event link-status
 no snmp trap link-status
 spanning-tree portfast
 spanning-tree bpdufilter enable
!
interface GigabitEthernet1/0/24
 description [PRD] CRPT-MARK
 switchport access vlan 603
 switchport mode access
 no logging event link-status
 no snmp trap link-status
 spanning-tree portfast
!
interface GigabitEthernet1/0/25
 description [CORE] Po1 SW-1-1
 switchport mode trunk
 channel-group 1 mode active
 ip dhcp snooping trust
!
interface GigabitEthernet1/0/26
 description [CORE] Po1 SW-1-1
 switchport mode trunk
 channel-group 1 mode active
 ip dhcp snooping trust
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan300
 description --MANAGEMENT--
 ip address 10.5.94.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
!
ip default-gateway 10.5.94.254
ip http server
no ip http secure-server
!
ip ssh version 2
!
logging origin-id hostname
logging source-interface Vlan300
logging host 192.168.8.119 transport udp port 5544
logging host 10.4.244.4 transport udp port 515
!
snmp-server community lmTUEsk6Yvlv RO
snmp ifmib ifindex persist
!
!
radius server P11-RDS003
 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN
!
radius server IZH-RDS002
 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
 timeout 3
 retransmit 2
 key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN
!
banner exec ^C
Hello! I'm $(hostname). You are connected on line $(line) on domain $(domain)
^C
banner login ^C
*****************************************************************************
*                                                                           *
*                    UNAUTHORIZED ACCESS IS PROHIBITED                      *
*                                                                           *
*                     You have accessed network equipment.                  *
*  You must have authorized permission to access or configure this device.  *
*     All activities performed on this device are logged and monitored.     *
*                                                                           *
*****************************************************************************
^C
!
line con 0
 exec-timeout 60 0
 logging synchronous
 login authentication CONSOLE
line vty 0 4
 exec-timeout 120 0
 logging synchronous
 login authentication NPS
 transport input ssh
line vty 5 15
 exec-timeout 120 0
 logging synchronous
 login authentication NPS
 transport input ssh
!
ntp server 192.168.8.200
ntp server 192.168.8.201
mac address-table notification change
mac address-table notification mac-move
mac address-table aging-time 900
end
first commit 2025-10-31 08:47:26 +04:00			`Building configuration...`

			`Current configuration : 11480 bytes`
			`!`
			`! Last configuration change at 14:11:56 SAMT Wed Jun 22 2022 by adm_ivanovas`
			`! NVRAM config last updated at 14:11:58 SAMT Wed Jun 22 2022 by adm_ivanovas`
			`!`
			`version 15.2`
			`no service pad`
			`service timestamps debug datetime msec localtime show-timezone year`
			`service timestamps log datetime msec localtime show-timezone year`
			`no service password-encryption`
			`service unsupported-transceiver`
			`!`
			`hostname KEZ-MLK-KZS-SW-5-1`
			`!`
			`boot-start-marker`
			`boot-end-marker`
			`!`
			`logging userinfo`
			`logging buffered 64000`
			`enable secret 5 $1$4Ll6$fz5arwcTSEtrnw9OOBVdU/`
			`!`
			`username netadmin privilege 15 secret 5 $1$V9JL$uMD/HQvj.PQYCsOr14jI41`
			`aaa new-model`
			`!`
			`!`
			`aaa group server radius NPS`
			`server name IZH-RDS002`
			`server name P11-RDS003`
			`retransmit 2`
			`timeout 3`
			`load-balance method least-outstanding`
			`!`
			`aaa authentication login default group NPS local enable`
			`aaa authentication login NPS group NPS local`
			`aaa authentication login CONSOLE local group NPS`
			`aaa authorization console`
			`aaa authorization exec default group NPS local if-authenticated`
			`aaa authorization exec NPS group NPS local if-authenticated`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`aaa session-id common`
			`clock timezone SAMT 4 0`
			`switch 1 provision ws-c2960s-24ps-l`
			`!`
			`!`
			`ip dhcp snooping vlan 1-4094`
			`ip dhcp snooping`
			`no ip domain-lookup`
			`ip domain-name milkom-komos.ru`
			`ip host tftp 10.4.0.214`
			`vtp mode transparent`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`crypto pki trustpoint TP-self-signed-3549053440`
			`enrollment selfsigned`
			`subject-name cn=IOS-Self-Signed-Certificate-3549053440`
			`revocation-check none`
			`rsakeypair TP-self-signed-3549053440`
			`!`
			`!`
			`crypto pki certificate chain TP-self-signed-3549053440`
			`certificate self-signed 01`
			`3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030`
			`31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274`
			`69666963 6174652D 33353439 30353334 3430301E 170D3933 30333031 30303031`
			`30385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649`
			`4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 35343930`
			`35333434 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281`
			`8100D724 3B1595D3 2E9CF583 441CF38B 692A3CFC 6A380C53 956ED845 215811F5`
			`AC03B7FC 92822101 3E22003E 8AA62C66 B089A625 1E2F37A9 CEF01668 23F0BF6C`
			`F94982F6 5864D1A8 B1D87976 2B5E5320 6BBA7E95 18CDBB38 3A562EDA 3B883AFD`
			`88E80E2D 2BF20F7B 15FDF296 B9C77C75 320FADC1 DA12B95F FD955062 2B5DEE4B`
			`C57D0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603`
			`551D2304 18301680 143EAA4A 05DDA0D1 A69558A0 B1E6B9C3 A976C012 31301D06`
			`03551D0E 04160414 3EAA4A05 DDA0D1A6 9558A0B1 E6B9C3A9 76C01231 300D0609`
			`2A864886 F70D0101 05050003 81810065 903B851A 3F1FDBB1 D476F594 2F255FAF`
			`FD0110DF AB1234CD 00000000 00000000 02BE9E48 004BA8D4 05F069F0 05EFB6E8`
			`00005884 00000000 0D0D0D0D DEADBEEF 0D0D0D0D 0D0D0D0D 0D0D0D0D 034A7B30`
			`034A7B2C 0D0D0D0D 0D0D0D0D 0D0D0D0D 0D0D0D0D 0D0D0D0D 0D0D0D0D 0D0D0D0D`
			`0D0D0D0D 0D0D0D0D 0D0D0D0D 0D0D0D`
			`quit`
			`archive`
			`log config`
			`logging enable`
			`logging size 900`
			`notify syslog contenttype plaintext`
			`hidekeys`
			`path tftp://tftp/KEZ/MLK/KSZ-SW_L2/$H-$T`
			`write-memory`
			`time-period 10080`
			`!`
			`spanning-tree mode rapid-pvst`
			`spanning-tree logging`
			`spanning-tree extend system-id`
			`no errdisable detect cause gbic-invalid`
			`errdisable recovery cause udld`
			`errdisable recovery cause bpduguard`
			`errdisable recovery cause security-violation`
			`errdisable recovery cause channel-misconfig`
			`errdisable recovery cause pagp-flap`
			`errdisable recovery cause dtp-flap`
			`errdisable recovery cause link-flap`
			`errdisable recovery cause sfp-config-mismatch`
			`errdisable recovery cause gbic-invalid`
			`errdisable recovery cause psecure-violation`
			`errdisable recovery cause port-mode-failure`
			`errdisable recovery cause dhcp-rate-limit`
			`errdisable recovery cause pppoe-ia-rate-limit`
			`errdisable recovery cause mac-limit`
			`errdisable recovery cause vmps`
			`errdisable recovery cause storm-control`
			`errdisable recovery cause inline-power`
			`errdisable recovery cause arp-inspection`
			`errdisable recovery cause loopback`
			`errdisable recovery cause small-frame`
			`errdisable recovery cause psp`
			`errdisable recovery interval 600`
			`!`
			`!`
			`!`
			`!`
			`vlan internal allocation policy ascending`
			`!`
			`vlan 101`
			`name --PRINTERS--`
			`!`
			`vlan 150`
			`name --Wi-Fi_WORK--`
			`!`
			`vlan 300`
			`name --MANAGEMENT--`
			`!`
			`vlan 301`
			`name --Wi-Fi_MANAGEMENT--`
			`!`
			`vlan 310`
			`name --UPS_managment--`
			`!`
			`vlan 350`
			`name --VOICE--`
			`!`
			`vlan 450`
			`name --Wi-Fi_SKLAD--`
			`!`
			`vlan 500`
			`name --Wi-Fi_GUEST--`
			`!`
			`vlan 601`
			`name PRD_L2VPN_for_KIP`
			`!`
			`vlan 603`
			`name --CRPT-MARK--`
			`!`
			`lldp run`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`!`
			`interface Port-channel1`
			`description [CORE] SW-1-1`
			`switchport mode trunk`
			`ip dhcp snooping trust`
			`!`
			`interface FastEthernet0`
			`description --MGMT Port--`
			`no ip address`
			`!`
			`interface GigabitEthernet1/0/1`
			`description [UPS]`
			`switchport access vlan 310`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/2`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/3`
			`description [PRN]`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/4`
			`description [PRN]`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/5`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/6`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/7`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/8`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/9`
			`description [PRN]`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/10`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/11`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/12`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/13`
			`description [WIFI]`
			`switchport trunk native vlan 301`
			`switchport trunk allowed vlan 1,150,200,220,301,450,500`
			`switchport mode trunk`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/14`
			`description [WIFI]`
			`switchport trunk native vlan 301`
			`switchport trunk allowed vlan 1,150,200,220,301,450,500`
			`switchport mode trunk`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/15`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/16`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/17`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/18`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/19`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/20`
			`description --Wi-Fi_AP--`
			`switchport trunk native vlan 301`
			`switchport trunk allowed vlan 1,150,200,301,450,500`
			`switchport mode trunk`
			`switchport voice vlan 350`
			`no logging event link-status`
			`logging event trunk-status`
			`logging event spanning-tree`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/21`
			`description NONE`
			`switchport mode access`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/22`
			`description --Wi-Fi_AP--`
			`switchport trunk native vlan 301`
			`switchport trunk allowed vlan 1,150,200,301,450,500`
			`switchport mode trunk`
			`switchport voice vlan 350`
			`no logging event link-status`
			`no snmp trap link-status`
			`!`
			`interface GigabitEthernet1/0/23`
			`description [PRD] L2VPN_for_KIP`
			`switchport access vlan 601`
			`switchport mode access`
			`switchport voice vlan 601`
			`no logging event link-status`
			`no snmp trap link-status`
			`spanning-tree portfast`
			`spanning-tree bpdufilter enable`
			`!`
			`interface GigabitEthernet1/0/24`
			`description [PRD] CRPT-MARK`
			`switchport access vlan 603`
			`switchport mode access`
			`no logging event link-status`
			`no snmp trap link-status`
			`spanning-tree portfast`
			`!`
			`interface GigabitEthernet1/0/25`
			`description [CORE] Po1 SW-1-1`
			`switchport mode trunk`
			`channel-group 1 mode active`
			`ip dhcp snooping trust`
			`!`
			`interface GigabitEthernet1/0/26`
			`description [CORE] Po1 SW-1-1`
			`switchport mode trunk`
			`channel-group 1 mode active`
			`ip dhcp snooping trust`
			`!`
			`interface GigabitEthernet1/0/27`
			`!`
			`interface GigabitEthernet1/0/28`
			`!`
			`interface Vlan1`
			`no ip address`
			`shutdown`
			`!`
			`interface Vlan300`
			`description --MANAGEMENT--`
			`ip address 10.5.94.1 255.255.255.0`
			`no ip redirects`
			`no ip unreachables`
			`no ip proxy-arp`
			`!`
			`ip default-gateway 10.5.94.254`
			`ip http server`
			`no ip http secure-server`
			`!`
			`ip ssh version 2`
			`!`
			`logging origin-id hostname`
			`logging source-interface Vlan300`
			`logging host 192.168.8.119 transport udp port 5544`
			`logging host 10.4.244.4 transport udp port 515`
			`!`
			`snmp-server community lmTUEsk6Yvlv RO`
			`snmp ifmib ifindex persist`
			`!`
			`!`
			`radius server P11-RDS003`
			`address ipv4 10.1.122.248 auth-port 1645 acct-port 1646`
			`timeout 3`
			`retransmit 2`
			`key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN`
			`!`
			`radius server IZH-RDS002`
			`address ipv4 10.4.0.248 auth-port 1645 acct-port 1646`
			`timeout 3`
			`retransmit 2`
			`key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN`
			`!`
			`banner exec ^C`
			`Hello! I'm $(hostname). You are connected on line $(line) on domain $(domain)`
			`^C`
			`banner login ^C`
			`*****************************************************************************`
			`* *`
			`* UNAUTHORIZED ACCESS IS PROHIBITED *`
			`* *`
			`* You have accessed network equipment. *`
			`* You must have authorized permission to access or configure this device. *`
			`* All activities performed on this device are logged and monitored. *`
			`* *`
			`*****************************************************************************`
			`^C`
			`!`
			`line con 0`
			`exec-timeout 60 0`
			`logging synchronous`
			`login authentication CONSOLE`
			`line vty 0 4`
			`exec-timeout 120 0`
			`logging synchronous`
			`login authentication NPS`
			`transport input ssh`
			`line vty 5 15`
			`exec-timeout 120 0`
			`logging synchronous`
			`login authentication NPS`
			`transport input ssh`
			`!`
			`ntp server 192.168.8.200`
			`ntp server 192.168.8.201`
			`mac address-table notification change`
			`mac address-table notification mac-move`
			`mac address-table aging-time 900`
			`end`