Building configuration... Current configuration : 12316 bytes ! ! Last configuration change at 09:02:48 MSK Fri Jul 1 2022 by akhmetzyanovrr_adm ! NVRAM config last updated at 01:00:03 MSK Thu Jul 28 2022 ! version 15.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname KZN-MLK-KMK-SW-1-7 ! boot-start-marker boot-end-marker ! ! username netadmin privilege 15 secret 5 $1$KndH$cfO8bwEDMOTsETRnuOM4/. aaa new-model ! ! aaa group server radius NPS server name IZH-RDS002 server name P11-RDS003 load-balance method least-outstanding ! aaa authentication login default group NPS local enable aaa authentication login CONSOLE local group NPS aaa authorization exec default group NPS local if-authenticated ! ! ! ! ! ! aaa session-id common clock timezone MSK 3 0 switch 1 provision ws-c2960s-48fps-l ! ! no ip domain-lookup ip domain-name milkom-komos.ru ip host tftp 10.4.0.214 ip device tracking vtp mode off ! ! crypto pki trustpoint TP-self-signed-1740317184 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1740317184 revocation-check none rsakeypair TP-self-signed-1740317184 ! ! crypto pki certificate chain TP-self-signed-1740317184 certificate self-signed 01 3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 31373430 33313731 3834301E 170D3131 30333330 30343038 31305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37343033 31373138 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100A474 BCFD8653 76A26B01 E478B7DF 96B6492A 81B12F9B 0B841C06 039E03CF 73ED0FC6 F7D5998A 896B0FCB 71B80B3B 08132324 4D44BAA9 B7FE14A6 9968368C 6EC2AEC9 749056DD 95DEE8D9 FEAF0537 C5090573 165A51DD A05CA918 7BBD7B05 0928197F A4CF2515 74D51A9E 5B8B9359 0ED50022 CD442E64 9D14FA56 6D2AB020 89210203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 551D2304 18301680 14B19B12 04747B85 6F1E9272 CDC6B521 0980F5C4 78301D06 03551D0E 04160414 B19B1204 747B856F 1E9272CD C6B52109 80F5C478 300D0609 2A864886 F70D0101 05050003 81810034 BDB2D7FE 76FCDCF7 59B7BCFB 502C4ADD E830AF0F 320266C4 06A59F1D B5BDE97D 60DCACF2 B239EFEF FEB8BEC7 64DAE236 BC633A4C A84C49BE DCB5D13C D4FA0B3E 4DBBF310 E0208B89 FB00EA71 647521A3 E996F4FB 60823A24 4C37523C 049157A0 35AB24FC 6E1DCF59 040D5D61 0EEBB787 AB513E8C 69F38062 63E546EB 075C97 quit archive log config logging enable logging size 900 notify syslog contenttype plaintext hidekeys path tftp://tftp/KZN/MLK/KMK-SW_L2/$H-$T write-memory time-period 10080 ! spanning-tree mode rapid-pvst spanning-tree logging no spanning-tree etherchannel guard misconfig spanning-tree extend system-id spanning-tree vlan 2-4094 priority 12288 ! ! ! ! ! errdisable recovery cause udld errdisable recovery cause bpduguard errdisable recovery cause security-violation errdisable recovery cause channel-misconfig errdisable recovery cause pagp-flap errdisable recovery cause dtp-flap errdisable recovery cause link-flap errdisable recovery cause sfp-config-mismatch errdisable recovery cause gbic-invalid errdisable recovery cause psecure-violation errdisable recovery cause port-mode-failure errdisable recovery cause dhcp-rate-limit errdisable recovery cause mac-limit errdisable recovery cause vmps errdisable recovery cause storm-control errdisable recovery cause inline-power errdisable recovery cause loopback errdisable recovery cause small-frame errdisable recovery interval 60 ! ! ! ! vlan internal allocation policy ascending ! vlan 13 name --Users-KU13-- ! vlan 16 name --Users_KU16-- ! vlan 101 name --PRINTERS-- ! vlan 111 name INTERCONNECT ! vlan 150 name --Wi-Fi_WORK-- ! vlan 200 name Guest_WiFi ! vlan 201 name test ! vlan 220 ! vlan 250 name --SERVERS_37.0/24-- ! vlan 251 name --SERVERS_BACKUP-- ! vlan 252 name --SERVERS_VIDEO-- ! vlan 300 name --MANAGMENT-- ! vlan 301 name --Wi-Fi_MANAGEMENT-- ! vlan 350 name --VOICE-- ! vlan 450 name --Wi-Fi_SKLAD-- ! vlan 500 name --Wi-Fi_GUEST-- ! vlan 550 name --PRODACTION_TRANSFER-- ! vlan 555 name --BGP_TRANSIT-- ! vlan 603 name CRPT_Markirovka ! vlan 4093 name DOMRU_FOR_KOMOS_STROY ! vlan 4094 name L2VPN_Tattelecom_for_MCHS ! ip tftp source-interface Vlan300 ip ssh authentication-retries 2 ip ssh logging events ip ssh version 2 lldp run ! ! ! ! ! ! ! ! ! ! interface Port-channel1 description [CORE] SW-1-1 switchport mode trunk ! interface FastEthernet0 no ip address ! interface GigabitEthernet1/0/1 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/2 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/3 description [CAM] Trassir switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/4 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/5 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/6 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/7 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/8 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/9 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/10 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/11 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/12 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/13 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/14 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/15 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/16 description [ACC] switchport mode access no snmp trap link-status spanning-tree bpduguard enable ! interface GigabitEthernet1/0/17 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/18 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/19 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/20 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/21 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/22 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/23 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/24 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/25 description [ACC] KOMOSSTROY switchport access vlan 4093 switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/26 description [WIFI] AP-1-4-k405 switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/27 description [ACC] L2VPN Tattelecom switchport access vlan 4094 switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/28 switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/29 switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/30 description [ACC] switchport trunk native vlan 301 switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/31 description [ACC] switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/32 description [SRV] switchport mode trunk no snmp trap link-status storm-control multicast level pps 500 storm-control action trap ! interface GigabitEthernet1/0/33 description [SRV] switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/34 description [SRV] switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/35 description [SRV] switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/36 description [SRV] switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/37 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/38 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/39 description [WIFI] Yurchenko AP switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/40 description [WIFI] AP-1-4-Kozhura switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/41 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/42 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/43 description [WIFI] AP-1-4-Peregovorka switchport trunk native vlan 301 switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/44 description [KU] KU1-3_4_5 switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/45 description [KU] switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/46 description [ACC] switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/47 description [CORE] Po1 switchport mode trunk no snmp trap link-status channel-group 1 mode active ! interface GigabitEthernet1/0/48 description [CORE] Po1 switchport mode trunk no snmp trap link-status channel-group 1 mode active ! interface GigabitEthernet1/0/49 switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/50 switchport mode trunk ! interface GigabitEthernet1/0/51 switchport mode trunk ! interface GigabitEthernet1/0/52 switchport mode trunk ! interface Vlan1 no ip address ! interface Vlan111 description INTERCONNECT no ip address ! interface Vlan200 description GuestWiFI no ip address ! interface Vlan220 description SkladWiFi no ip address ! interface Vlan300 description --MGM-- ip address 10.5.62.7 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ! ip default-gateway 10.5.62.254 no ip http server ip http secure-server ! ! ip radius source-interface Vlan300 kron occurrence EveryDay at 1:00 recurring policy-list SaveBackup ! kron policy-list SaveBackup cli write memory ! logging trap debugging logging origin-id hostname logging facility local6 logging source-interface Vlan300 logging host 10.4.244.4 transport udp port 515 ! snmp-server community lmTUEsk6Yvlv RO ! ! radius server IZH-RDS002 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646 timeout 3 retransmit 2 key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN ! radius server P11-RDS003 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646 timeout 3 retransmit 2 key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN ! ! banner login ^CCC ***************************************************************************** * * * UNAUTHORIZED ACCESS IS PROHIBITED * * * * You have accessed network equipment. * * You must have authorized permission to access or configure this device. * * All activities performed on this device are logged and monitored. * * * ***************************************************************************** ^C ! line con 0 logging synchronous login authentication CONSOLE line vty 0 4 exec-timeout 120 0 logging synchronous login authentication NPS length 0 transport input ssh line vty 5 15 exec-timeout 120 0 logging synchronous login authentication NPS transport input ssh ! ntp server 192.168.8.200 ntp server 192.168.8.201 end