Building configuration... Current configuration : 15434 bytes ! ! Last configuration change at 15:27:53 MSK Tue Jun 14 2022 by akhmetzyanovrr_adm ! NVRAM config last updated at 01:00:05 MSK Thu Jul 28 2022 ! version 15.2 no service pad service timestamps debug datetime msec localtime show-timezone year service timestamps log datetime msec localtime show-timezone year service password-encryption service unsupported-transceiver ! hostname IZH-KG-P11-SW-4-3 ! boot-start-marker boot-end-marker ! logging userinfo logging buffered 64000 no logging console enable secret 5 $1$/.6y$FEzDHFr0XLRbbXixa4fki. ! username netadmin privilege 15 secret 5 $1$eETu$TBoEPWZbRNBA7XoGQiL0I. aaa new-model ! ! aaa group server radius NPS server name IZH-RDS002 server name P11-RDS003 load-balance method least-outstanding ! aaa authentication login default group NPS local enable aaa authentication login CONSOLE local group NPS aaa authorization exec default group NPS local if-authenticated ! ! ! ! ! ! aaa session-id common clock timezone MSK 4 0 switch 1 provision ws-c2960s-24ts-l no ip source-route no ip gratuitous-arps ! ! ip dhcp snooping vlan 2,12,150,200,351,500 ip dhcp snooping no ip domain-lookup ip domain-name komos.ru ip host VM-KG-NET 10.1.12.70 ip host tftp 10.4.0.214 login on-failure log login on-success log vtp mode transparent ! ! ! ! ! ! ! crypto pki trustpoint TP-self-signed-2474567552 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-2474567552 revocation-check none rsakeypair TP-self-signed-2474567552 ! ! crypto pki certificate chain TP-self-signed-2474567552 certificate self-signed 01 3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 32343734 35363735 3532301E 170D3933 30333031 30303138 31345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 34373435 36373535 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100B109 F1A617F9 947564AC C692FE82 D420FB7F 8758C87A 704B88D2 18EF888C 34D37BDC 8BD07E13 3EF176BD 585C901E 2BC76BD8 0015C5DA 159D5B44 95451C87 FB2B0DED 53BD65D9 E6E8941E B7BD61C4 C57EA808 CED14269 526C26B2 8F210E24 2B15DBEF C34FD12F FD134BD0 25C5B0E7 9F22A33E 3C463CDA D087BF83 12754591 ED5D0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 551D2304 18301680 14AE7478 AA184165 3ADA5167 7BEF8ACF 9581E1EC 9C301D06 03551D0E 04160414 AE7478AA 1841653A DA51677B EF8ACF95 81E1EC9C 300D0609 2A864886 F70D0101 05050003 81810054 0F38CE65 2A2D944D F2D88C28 C7380B53 DC94E9F6 83A0EFF0 146A7FF8 B1E578E9 B70AFE01 21997470 DC18D35A FB43E414 B6AB8848 5A996045 738B1A1E D5AC501D 61980B9C 49620421 F2DC9C89 8E80B9CD 3DD5C702 3D559D8C 72809B89 2C14E2FE 89B8CF6B C498664A 8DEF8228 BBAC6C9B BE853B83 F8F241FB 3C5CF8DE 400D0A quit archive log config logging enable logging size 900 notify syslog contenttype plaintext hidekeys path tftp://tftp/IZH/KG/P11-SW_L2/$H.$T.conf write-memory time-period 10080 ! spanning-tree mode rapid-pvst spanning-tree logging spanning-tree extend system-id no errdisable detect cause gbic-invalid errdisable recovery cause udld errdisable recovery cause bpduguard errdisable recovery cause security-violation errdisable recovery cause channel-misconfig errdisable recovery cause pagp-flap errdisable recovery cause dtp-flap errdisable recovery cause link-flap errdisable recovery cause sfp-config-mismatch errdisable recovery cause gbic-invalid errdisable recovery cause psecure-violation errdisable recovery cause port-mode-failure errdisable recovery cause dhcp-rate-limit errdisable recovery cause pppoe-ia-rate-limit errdisable recovery cause mac-limit errdisable recovery cause vmps errdisable recovery cause storm-control errdisable recovery cause inline-power errdisable recovery cause arp-inspection errdisable recovery cause loopback errdisable recovery cause small-frame errdisable recovery cause psp errdisable recovery interval 600 ! ! ! ! vlan internal allocation policy ascending ! vlan 2 name KG_LAN-USER ! vlan 10 name Wireless ! vlan 12 name UNIFI_WIRELESS ! vlan 100 name Inbound_management ! vlan 150 name KG_WIFI-USER ! vlan 200 name KG_MGMT-SRV ! vlan 205 name SRV_UZB ! vlan 300 name KG_MGMT-NET ! vlan 301 name KG_MGMT-WIFI ! vlan 351 name KG_VOIP ! vlan 500 name KG_WIFI-GUEST ! lldp run ! ! ! ! ! ! ! ! ! ! interface Loopback7777 description TK01000679 no ip address shutdown ! interface Port-channel1 description [KU] SW-4-2 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0 no ip address shutdown ! interface GigabitEthernet1/0/1 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/2 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/3 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/4 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/5 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/6 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/7 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/8 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/9 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/10 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/11 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/12 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/13 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/14 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/15 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/16 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/17 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/18 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/19 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/20 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/21 description [SRV] KG-P11-UZBSRV-1_iLo switchport access vlan 200 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/22 description --ACCESS-- switchport access vlan 2 switchport mode access switchport voice vlan 351 no logging event link-status no snmp trap link-status storm-control broadcast level 30.00 spanning-tree portfast spanning-tree bpduguard enable ! interface GigabitEthernet1/0/23 description [-SRV] OSB switchport access vlan 205 switchport mode access no snmp trap link-status no cdp enable spanning-tree portfast ! interface GigabitEthernet1/0/24 description [-SRV] OSB switchport access vlan 2 switchport mode access no snmp trap link-status no cdp enable spanning-tree portfast ! interface GigabitEthernet1/0/25 description [KU] Po1 SW-4-2 switchport mode trunk no snmp trap link-status channel-group 1 mode active ip dhcp snooping trust ! interface GigabitEthernet1/0/26 description --PORT-CHANNEL1-- switchport mode trunk no snmp trap link-status channel-group 1 mode active ip dhcp snooping trust ! interface GigabitEthernet1/0/27 description --PORT-CHANNEL1-- switchport mode trunk no snmp trap link-status channel-group 1 mode active ip dhcp snooping trust ! interface GigabitEthernet1/0/28 description --PORT-CHANNEL1-- switchport mode trunk no snmp trap link-status channel-group 1 mode active ip dhcp snooping trust ! interface Vlan1 no ip address shutdown ! interface Vlan100 ip address 10.1.1.43 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ! ip default-gateway 10.1.1.1 no ip http server no ip http secure-server ! ! kron occurrence EveryDay at 1:00 recurring policy-list SaveBackup ! kron policy-list SaveBackup cli write memory ! logging origin-id hostname logging source-interface Vlan100 logging host 192.168.2.25 transport udp port 5544 logging host 10.4.244.4 transport udp port 515 ! snmp-server community lmTUEsk6Yvlv RO snmp-server host 10.1.122.227 lmTUEsk6Yvlv ! ! radius server IZH-RDS002 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646 timeout 3 retransmit 2 key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405 ! radius server P11-RDS003 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646 timeout 3 retransmit 2 key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405 ! privilege exec all level 7 show cdp privilege exec all level 7 show running-config privilege exec all level 7 show configuration privilege exec level 7 show banner exec ^C ***************************************************************************** * * * Welcome to OOO "KOMOS GROUP" * * Izhevsk, Pesochnaya 11 * * AVTO BLDG * * 4nd FLOOR, IT ROOM * * * * UNAUTHORIZED ACCESS IS PROHIBITED * * * * You have accessed network equipment. * * You must have authorized permission to access or configure this device. * * All activities performed on this device are logged and monitored. * * * ***************************************************************************** ^C banner login ^C ***************************************************************************** * * * UNAUTHORIZED ACCESS IS PROHIBITED * * * * You have accessed network equipment. * * You must have authorized permission to access or configure this device. * * All activities performed on this device are logged and monitored. * * * ***************************************************************************** ^C ! line con 0 logging synchronous login authentication CONSOLE line vty 0 4 exec-timeout 120 0 logging synchronous login authentication NPS length 0 transport input ssh line vty 5 15 exec-timeout 120 0 logging synchronous login authentication NPS transport input ssh ! ntp source Vlan100 ntp server 10.1.1.2 mac address-table notification change mac address-table notification mac-move mac address-table aging-time 900 end