Building configuration... Current configuration : 34685 bytes ! ! Last configuration change at 13:13:24 MSK Wed Jul 20 2022 by akhmetzyanovrr_adm ! NVRAM config last updated at 13:13:26 MSK Wed Jul 20 2022 by akhmetzyanovrr_adm ! version 16.3 no service pad service timestamps debug datetime msec localtime show-timezone year service timestamps log datetime msec localtime show-timezone year no platform punt-keepalive disable-kernel-core ! hostname IZH-MLK-IZM-SW-1-4 ! ! vrf definition Mgmt-vrf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family ! logging userinfo logging buffered 128000 enable secret 5 $1$8Ye.$2052cyes0PP1QlT7T0Qcu0 ! aaa new-model ! ! aaa group server radius NPS server name IZH-RDS002 server name P11-RDS003 ip radius source-interface Vlan300 load-balance method least-outstanding ! aaa authentication login default group NPS local enable aaa authentication login CONSOLE local group NPS aaa authorization exec default group NPS local if-authenticated ! ! ! ! ! ! aaa session-id common clock timezone MSK 4 0 switch 1 provision ws-c3850-48t switch 2 provision ws-c3850-48t ! ! ! ! no ip source-route no ip gratuitous-arps ! ! ! ip host tftp 10.4.0.214 ip name-server 192.168.8.200 192.168.8.201 no ip domain lookup ip domain name milkom-komos.ru ! ! ! login on-failure log login on-success log ! ! ! ! ! qos queue-softmax-multiplier 1200 ! ! vtp mode off ! flow record NETFLOW_IN match flow direction match interface input match ipv4 destination address match ipv4 protocol match ipv4 source address match ipv4 tos match transport destination-port match transport source-port collect counter bytes long collect counter packets long collect interface output ! ! flow record NETFLOW_OUT match flow direction match interface output match ipv4 destination address match ipv4 protocol match ipv4 source address match ipv4 tos match transport destination-port match transport source-port collect interface input collect counter bytes long collect counter packets long ! ! flow record FLOW-RECORD-INPUT description IPv4 NetFlow IN match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match ipv4 protocol match interface input match ipv4 tos match flow direction collect interface output collect counter bytes long collect counter packets long collect transport tcp flags ! ! flow record FLOW-RECORD-OUTPUT description IPv4 NetFlow OUT match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match ipv4 protocol match interface output match ipv4 tos match flow direction collect interface input collect counter bytes long collect counter packets long collect transport tcp flags ! ! flow monitor NETFLOW_MONITOR_IN cache timeout inactive 10 cache timeout active 60 record NETFLOW_IN ! ! flow monitor NETFLOW_MONITOR_OUT cache timeout inactive 10 cache timeout active 60 record NETFLOW_OUT ! ! flow monitor FLOW-MONITOR-INPUT description ingress cache timeout inactive 10 cache timeout active 60 record FLOW-RECORD-INPUT ! ! flow monitor FLOW-MONITOR-OUTPUT description egress cache timeout inactive 10 cache timeout active 60 record FLOW-RECORD-OUTPUT ! ! ! ! port-channel load-balance src-dst-mixed-ip-port errdisable recovery cause udld errdisable recovery cause bpduguard errdisable recovery cause security-violation errdisable recovery cause channel-misconfig errdisable recovery cause pagp-flap errdisable recovery cause dtp-flap errdisable recovery cause link-flap errdisable recovery cause sfp-config-mismatch errdisable recovery cause l2ptguard errdisable recovery cause psecure-violation errdisable recovery cause port-mode-failure errdisable recovery cause dhcp-rate-limit errdisable recovery cause pppoe-ia-rate-limit errdisable recovery cause mac-limit errdisable recovery cause vmps errdisable recovery cause storm-control errdisable recovery cause inline-power errdisable recovery cause arp-inspection errdisable recovery cause link-monitor-failure errdisable recovery cause oam-remote-failure errdisable recovery cause loopback errdisable recovery cause psp errdisable recovery interval 600 license boot level ipservicesk9 diagnostic bootup level minimal ! spanning-tree mode pvst spanning-tree logging spanning-tree extend system-id spanning-tree vlan 1-4094 priority 12288 archive log config logging enable logging size 900 notify syslog contenttype plaintext hidekeys path tftp://tftp/IZH/MLK/IZM-SW_L3/$H-$T write-memory time-period 10080 ! ! username netadmin privilege 15 secret 5 $1$CJcs$KdKLEShFyyvUiOSSRtOMs. ! redundancy mode sso ! ! vlan 8 name --UserNet_8.0/24-- ! vlan 9 name --UserNet_9.0/24-- ! vlan 10 name --UserNet_10.0/24-- ! vlan 11 name --UserNet_11.0/24-- ! vlan 12 name --UserNet_12.0/24-- ! vlan 13 name --UserNet_13.0/24-- ! vlan 14 name --UserNet_14.0/24-- ! vlan 15 name --UserNet_15.0/24-- ! vlan 16 name --UserNet_16.0/24-- ! vlan 17 name --UserNet_17.0/24-- ! vlan 18 name --UserNet_18.0/24-- ! vlan 19 name --UserNet_19.0/24-- ! vlan 20 name --UserNet_20.0/24-- ! vlan 22 name MILKOM_Nobel_Users ! vlan 23 ! vlan 50 name RCOD ! vlan 93 name VideoNetToStolovaya ! vlan 96 name --ERTELEKOM-- ! vlan 99 name --MARK_ASTERISK-- ! vlan 101 name --PRINTERS-- ! vlan 113 name TRANSIT_TO_MIKROTIK ! vlan 150 name --Wi-Fi_Users_32.0/24-- ! vlan 151 name --Wi-Fi_Prod_33.0/24-- ! vlan 172 name TelephotiNet ! vlan 173 name telephonyTest ! vlan 200-201 ! vlan 202 name --DMZ-- ! vlan 207 name VCOD_Servers_DMZ_Frontend ! vlan 208 name VCOD_Servers_Backend ! vlan 229 ! vlan 248 name --SANDBOX_ELAR-- ! vlan 249 name --ServTestC_36.0/24-- ! vlan 250 name --ServerNet_0.0/24-- ! vlan 251 name -=ServMail_7.0/28=- ! vlan 252 name --VOICE_ATS-- ! vlan 253 name exchange_komos-group ! vlan 254 name SRV_SharePint_1.0/24 ! vlan 255 name --ServerNet_2.0/24-- ! vlan 256 name Server_Mon_1C_3.0/24 ! vlan 257 name KONTUR_DEV_SQL5.0/27 ! vlan 288 name SERVERS_DEV ! vlan 289 name -=SRVBakNet_245.0_24=- ! vlan 290 name -=SrvVmwVMon_242.0/26=- ! vlan 291 name -=SrvVmwVSan_242.64/26=- ! vlan 292 name -=SrvBakNet_243.0/24=- ! vlan 294 name --SRV_iLO_iDrack_etc-- ! vlan 299 name --SrvMng_240.0\24-- ! vlan 300 name --MANAGMENT-- ! vlan 301 name --Wi-Fi_MANAGMENT-- ! vlan 302 name -=Wi-Fi_MANAGMENT=- ! vlan 350 name --VOICE_28.0/24-- ! vlan 500 name --Wi-Fi_Guest_35.0/24-- ! vlan 550 name --CISCO_ASA-- ! vlan 551 name --TRANSIT_HSRP-- ! vlan 556 name P2P_iBGP_KOMOS_AS_over_ER_Tel ! vlan 557 name P2P_iBGP_KOMOS_AS_over_MTS ! vlan 596 name P2P_RCOD-OCOD_ER_Telecom ! vlan 597 name TRANSIT_TO_ISR4431 ! vlan 599 name --MTS_KOMOS_599-- ! vlan 601 name --KMK_PRODACTION-- ! vlan 650 name --ISCSI-- ! vlan 666 name NOT_ROUTED ! vlan 1000 name --ELAR-TEST-- ! vlan 1100 name TEST_ARR_ESR-10 ! vlan 1113 name PI_RT-1-3 ! vlan 1500 name dmz_env_1C_WMS_MLK ! vlan 1501 name safe_env_1C_WMS_MLK ! vlan 1999 name env_1C_Licensing ! vlan 3915 name IZM_VLAN3915_SPLUNK ! vlan 4030 name --MTS_KOMOS_4030-- ! vlan 4031 name -VeamRepl_172.31.31.0/24- ! vlan 4032 name -SQLRepl_172.31.33.0/24- ! vlan 4033 name -SrvVCHA_172.31.33.0/24- ! vlan 4034 name -ExchRepl_172.31.34.0/24- ! vlan 4035 name -SrvVCMg_172.31.35.0/24- ! ! class-map match-any CM_QoS_Q2 match qos-group 2 class-map match-any CM_QoS_Q3 match qos-group 3 class-map match-any CM_QoS_Q0 match qos-group 0 class-map match-any CM_QoS_Q1 match qos-group 1 class-map match-any system-cpp-police-topology-control description Topology control class-map match-any CM_QoS_Q6 match qos-group 6 match qos-group 7 class-map match-any system-cpp-police-sw-forward description Sw forwarding, SGT Cache Full, LOGGING class-map match-any CM_QoS_Q4 match qos-group 4 class-map match-any CM_QoS_Q5 match qos-group 5 class-map match-any system-cpp-default description DHCP snooping, show forward and rest of traffic class-map match-any system-cpp-police-sys-data description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, Gold Pkt, RPF Failed class-map match-any CM_RDP match access-group name RDP class-map match-any system-cpp-police-punt-webauth description Punt Webauth class-map match-any system-cpp-police-forus description Forus Address resolution and Forus traffic class-map match-any system-cpp-police-multicast-end-station description MCAST END STATION class-map match-any system-cpp-police-multicast description Transit Traffic and MCAST Data class-map match-any CM_QoS_CS3 match dscp cs3 af31 af32 af33 class-map match-any CM_QoS_CS2 match dscp cs2 af21 af22 af23 class-map match-any CM_QoS_CS1 match dscp cs1 af11 af12 af13 class-map match-any system-cpp-police-l2-control description L2 control class-map match-any CM_QoS_CS0 match dscp default 1 2 3 class-map match-any system-cpp-police-dot1x-auth description DOT1X Auth class-map match-any CM_QoS_CS7 match dscp cs7 class-map match-any CM_QoS_CS6 match dscp cs6 49 class-map match-any CM_QoS_CS5 match dscp cs5 41 42 45 ef 47 class-map match-any system-cpp-police-data description ICMP_GEN and BROADCAST class-map match-any CM_QoS_CS4 match dscp cs4 af41 af42 af43 class-map match-any system-cpp-police-control-low-priority description ICMP redirect and general punt class-map match-any system-cpp-police-wireless-priority1 description Wireless priority 1 class-map match-any system-cpp-police-wireless-priority2 description Wireless priority 2 class-map match-any system-cpp-police-wireless-priority3-4-5 description Wireless priority 3,4 and 5 class-map match-any non-client-nrt-class class-map match-any CM_COS_1 match cos 1 class-map match-any system-cpp-police-routing-control description Routing control class-map match-any system-cpp-police-protocol-snooping description Protocol snooping class-map match-any CM_COS_0 match cos 0 class-map match-any CM_COS_3 match cos 3 class-map match-any CM_COS_2 match cos 2 class-map match-any CM_COS_5 match cos 5 class-map match-any CM_COS_4 match cos 4 class-map match-any CM_COS_7 match cos 7 class-map match-any CM_COS_6 match cos 6 ! policy-map port_child_policy class non-client-nrt-class bandwidth remaining ratio 10 policy-map system-cpp-policy class system-cpp-police-data police rate 200 pps class system-cpp-police-sys-data police rate 100 pps class system-cpp-police-sw-forward police rate 1000 pps class system-cpp-police-multicast police rate 500 pps class system-cpp-police-multicast-end-station police rate 2000 pps class system-cpp-police-punt-webauth class system-cpp-police-l2-control class system-cpp-police-routing-control police rate 1800 pps class system-cpp-police-control-low-priority class system-cpp-police-wireless-priority1 class system-cpp-police-wireless-priority2 class system-cpp-police-wireless-priority3-4-5 class system-cpp-police-topology-control class system-cpp-police-dot1x-auth class system-cpp-police-protocol-snooping class system-cpp-police-forus class system-cpp-default policy-map PM_QoS_CLASS_IN class CM_QoS_CS7 set qos-group 7 class CM_COS_7 set qos-group 7 class CM_QoS_CS6 set qos-group 6 class CM_COS_6 set qos-group 6 class CM_QoS_CS5 set qos-group 5 class CM_COS_5 set qos-group 5 class CM_QoS_CS4 set qos-group 4 class CM_COS_4 set qos-group 4 class CM_QoS_CS3 set qos-group 3 class CM_COS_3 set qos-group 3 class CM_QoS_CS2 set qos-group 2 class CM_COS_2 set qos-group 2 class CM_QoS_CS1 set qos-group 1 class CM_COS_1 set qos-group 1 class CM_QoS_CS0 set qos-group 0 class CM_COS_0 set qos-group 0 class CM_RDP set dscp cs4 class class-default set qos-group 0 ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Port-channel1 description [CORE] SW-1-1 switchport mode trunk ! interface Port-channel2 description [SRV] izh-vmw004_srv switchport mode trunk ! interface Port-channel3 description [SRV] izh-vmw005_mgt switchport mode trunk ! interface Port-channel4 description [SRV] izh-vmw005_srv switchport mode trunk ! interface Port-channel5 description [SRV] izh-vmw006_mgt switchport mode trunk ! interface Port-channel6 description [SRV] izh-vmw006_srv switchport mode trunk ! interface Port-channel7 description [SRV] izh-vmw007_mgt switchport mode trunk ! interface Port-channel8 description [SRV] izh-vmw007_srv switchport mode trunk ! interface Port-channel9 description [SRV] izh-vmw008_mgt switchport mode trunk ! interface Port-channel10 description [SRV] izh-vmw008_srv switchport mode trunk ! interface Port-channel11 description [SRV] izh-vmw011_mgt switchport mode trunk ! interface Port-channel12 description [SRV] izh-vmw011_srv switchport mode trunk ! interface Port-channel13 description [SRV] izh-vmw012_mgt switchport mode trunk ! interface Port-channel14 description [SRV] izh-vmw012_srv switchport mode trunk ! interface Port-channel15 description [SRV] izh-vmw013_mgt switchport mode trunk ! interface Port-channel16 description [SRV] izh-vmw013_srv switchport mode trunk ! interface Port-channel17 description [SRV] izh-vmw016_mgt switchport mode trunk ! interface Port-channel18 description [SRV] izh-vmw016_srv switchport mode trunk ! interface Port-channel19 description [SRV] izh-vmw015_mgt switchport mode trunk ! interface Port-channel20 description [SRV] izh-vmw015_srv switchport mode trunk ! interface Port-channel21 description [SRV] izh-vmw014_mgt switchport mode trunk ! interface Port-channel22 description [SRV] izh-vmw014_srv switchport mode trunk ! interface Port-channel23 description [SRV] izh-vmw020_mgt switchport mode trunk ! interface Port-channel24 description [SRV] izh-vmw020_srv switchport mode trunk ! interface Port-channel25 description [SRV] izh-vmw021_mgt switchport mode trunk ! interface Port-channel26 description [SRV] izh-vmw021_srv switchport mode trunk ! interface Port-channel27 description NONE switchport access vlan 294 switchport mode access ! interface Port-channel29 description izh-vmw017_mgt switchport mode trunk ! interface Port-channel33 description [SRV] izh-bkp007_p2 switchport access vlan 292 switchport mode access ! interface Port-channel35 description [SRV] izm-vmw022_mgt switchport mode trunk ! interface Port-channel36 description [SRV] izm-vmw022_srv switchport mode trunk ! interface Port-channel37 description [SRV] izm-vmw023_mgt switchport mode trunk ! interface Port-channel38 description [SRV] izm-vmw023_srv switchport mode trunk ! interface Port-channel39 description [SRV] izm-vmw025_mgt switchport mode trunk ! interface Port-channel40 description [SRV] izm-vmw025_srv switchport access vlan 8 switchport mode trunk ! interface Port-channel41 description [SRV] izm-vmw024_mgt switchport mode trunk ! interface Port-channel42 description [SRV] izm-vmw024_srv switchport mode trunk ! interface Port-channel43 description [SRV] izm-vmw026_mgt switchport mode trunk ! interface Port-channel44 description [SRV] izm-vmw026_srv switchport mode trunk ! interface Port-channel45 description [SRV] izm-vmw028_srv switchport mode trunk ! interface Port-channel46 description [SRV] izm-vmw027_srv switchport access vlan 294 switchport mode trunk ! interface Port-channel101 description [SRV] izh-vmw004_mgt switchport mode trunk ! interface Port-channel102 description izh-vmw017_srv switchport mode trunk ! interface GigabitEthernet0/0 vrf forwarding Mgmt-vrf no ip address negotiation auto ! interface GigabitEthernet1/0/1 description [SRV] Po101 izh-vmw004-p00 switchport mode trunk no snmp trap link-status channel-group 101 mode active service-policy input PM_QoS_CLASS_IN ! interface GigabitEthernet1/0/2 description [SRV] Po2 izh-vmw004-p01 switchport mode trunk no snmp trap link-status channel-group 2 mode active ! interface GigabitEthernet1/0/3 description [SRV] Po3 izh-vmw005-p00 switchport mode trunk no snmp trap link-status channel-group 3 mode active ! interface GigabitEthernet1/0/4 description [SRV] Po4 izh-vmw005-p01 switchport mode trunk no snmp trap link-status channel-group 4 mode active ! interface GigabitEthernet1/0/5 description [SRV] Po5 izh-vmw006-p00 switchport mode trunk no snmp trap link-status channel-group 5 mode active ! interface GigabitEthernet1/0/6 description [SRV] Po6 izh-vmw006-p01 switchport mode trunk no snmp trap link-status channel-group 6 mode active ! interface GigabitEthernet1/0/7 description [SRV] Po7 izh-vmw007-p00 switchport mode trunk no snmp trap link-status channel-group 7 mode active ! interface GigabitEthernet1/0/8 description [SRV] Po8 izh-vmw007-p01 switchport mode trunk no snmp trap link-status channel-group 8 mode active ! interface GigabitEthernet1/0/9 description [SRV] Po9 izh-vmw008-p00 switchport mode trunk no snmp trap link-status channel-group 9 mode active ! interface GigabitEthernet1/0/10 description [SRV] Po10 izh-vmw008-p01 switchport mode trunk no snmp trap link-status channel-group 10 mode active service-policy input PM_QoS_CLASS_IN ! interface GigabitEthernet1/0/11 description [SRV] Po11 izh-vmw011-p00 switchport mode trunk no snmp trap link-status channel-group 11 mode active ! interface GigabitEthernet1/0/12 description [SRV] Po12 izh-vmw011-p01 switchport mode trunk no snmp trap link-status channel-group 12 mode active ! interface GigabitEthernet1/0/13 description [SRV] Po13 izh-vmw012-p00 switchport mode trunk no snmp trap link-status channel-group 13 mode active ! interface GigabitEthernet1/0/14 description [SRV] Po14 izh-vmw012-p01 switchport mode trunk no snmp trap link-status channel-group 14 mode active ! interface GigabitEthernet1/0/15 description [SRV] Po15 izh-vmw013-p00 switchport mode trunk no snmp trap link-status channel-group 15 mode active ! interface GigabitEthernet1/0/16 description [SRV] Po16 izh-vmw013-p01 switchport mode trunk no snmp trap link-status channel-group 16 mode active ! interface GigabitEthernet1/0/17 description [SRV] Po17 izh-vmw016-p00 switchport mode trunk no snmp trap link-status channel-group 17 mode active ! interface GigabitEthernet1/0/18 description [SRV] Po18 izh-vmw016-p01 switchport mode trunk no snmp trap link-status channel-group 18 mode active ! interface GigabitEthernet1/0/19 description [SRV] Po19 izh-vmw015-p00 switchport mode trunk no snmp trap link-status channel-group 19 mode active ! interface GigabitEthernet1/0/20 description [SRV] Po20 izh-vmw015-p01 switchport mode trunk no snmp trap link-status channel-group 20 mode active ! interface GigabitEthernet1/0/21 description [SRV] Po21 izh-vmw014-p00 switchport mode trunk no snmp trap link-status channel-group 21 mode active ! interface GigabitEthernet1/0/22 description [SRV] Po22 izh-vmw014-p01 switchport mode trunk no snmp trap link-status channel-group 22 mode active ! interface GigabitEthernet1/0/23 description [SRV] Po23 izh-vmw020-p00 switchport mode trunk no snmp trap link-status channel-group 23 mode active ! interface GigabitEthernet1/0/24 description [SRV] Po24 izh-vmw020-p01 switchport mode trunk no snmp trap link-status channel-group 24 mode active ! interface GigabitEthernet1/0/25 description [SRV] Po25 izh-vmw021-p00 switchport mode trunk no snmp trap link-status channel-group 25 mode active ! interface GigabitEthernet1/0/26 description [SRV] Po26 izh-vmw021-p01 switchport mode trunk no snmp trap link-status channel-group 26 mode active ! interface GigabitEthernet1/0/27 description [SRV] izh-vmw027_p0 switchport access vlan 294 switchport mode trunk no snmp trap link-status channel-group 46 mode active ! interface GigabitEthernet1/0/28 description NONE switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/29 description [SRV] izh-vmw028_p0 switchport mode trunk channel-group 45 mode active ! interface GigabitEthernet1/0/30 description [SRV] izh-shd002_Qsan switchport mode trunk no snmp trap link-status ! interface GigabitEthernet1/0/31 description [SRV] izh-bkp006_p switchport access vlan 292 switchport mode access no snmp trap link-status service-policy input PM_QoS_CLASS_IN ! interface GigabitEthernet1/0/32 description [SRV] izh-bkp006_p2 switchport access vlan 289 switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/33 description [SRV] Po33 izh-bkp007-p01 switchport access vlan 292 switchport mode access no snmp trap link-status no cdp enable channel-group 33 mode active ! interface GigabitEthernet1/0/34 description [SRV] izh-bkp007_p4 switchport access vlan 250 switchport mode access no snmp trap link-status ! interface GigabitEthernet1/0/35 description [SRV] Po35 kg-izm-vmw022-p00 switchport mode trunk channel-group 35 mode active ! interface GigabitEthernet1/0/36 description [SRV] Po36 kg-izm-vmw022-p02 switchport mode trunk channel-group 36 mode active ! interface GigabitEthernet1/0/37 description [SRV] Po37 kg-izm-vmw023-p00 switchport mode trunk channel-group 37 mode active ! interface GigabitEthernet1/0/38 description [SRV] Po38 kg-izm-vmw023-p02 switchport mode trunk channel-group 38 mode active ! interface GigabitEthernet1/0/39 description [SRV] Po39 kg-izm-vmw025-p00 switchport mode trunk channel-group 39 mode active ! interface GigabitEthernet1/0/40 description [SRV] Po40 kg-izm-vmw025-p02 switchport mode trunk channel-group 40 mode active ! interface GigabitEthernet1/0/41 description [SRV] Po41 kg-izm-vmw024-p00 switchport mode trunk channel-group 41 mode active ! interface GigabitEthernet1/0/42 description kg-izm-vmw024-p02 switchport mode trunk channel-group 42 mode active ! interface GigabitEthernet1/0/43 description [SRV] Po43 kg-izm-vmw026-p00 switchport mode trunk channel-group 43 mode active ! interface GigabitEthernet1/0/44 description [SRV] Po44 kg-izm-vmw026-p02 switchport mode trunk channel-group 44 mode active ! interface GigabitEthernet1/0/45 description --TEST_DORADO-- switchport access vlan 294 switchport mode access ! interface GigabitEthernet1/0/46 description [WIFI] AP-1-2-COD switchport trunk native vlan 302 switchport trunk allowed vlan 150,151,301,302,500 switchport mode trunk switchport voice vlan 350 load-interval 60 no snmp trap link-status no lldp transmit no lldp receive spanning-tree portfast service-policy input PM_QoS_CLASS_IN ! interface GigabitEthernet1/0/47 description [CORE] RT-1-3 switchport mode trunk no snmp trap link-status service-policy input PM_QoS_CLASS_IN ! interface GigabitEthernet1/0/48 description [ISP-1G] L2VPN-to-KG-P11_MTS switchport trunk native vlan 4030 switchport trunk allowed vlan 557,599,4030-4035 switchport mode trunk logging event trunk-status logging event spanning-tree load-interval 60 no snmp trap link-status no lldp transmit no lldp receive no cdp enable service-policy input PM_QoS_CLASS_IN hold-queue 240000 in hold-queue 240000 out ! interface GigabitEthernet1/1/1 ! interface GigabitEthernet1/1/2 ! interface GigabitEthernet1/1/3 ! interface GigabitEthernet1/1/4 ! interface TenGigabitEthernet1/1/1 description [CORE] Po1 SW-1-1 switchport mode trunk channel-group 1 mode active service-policy input PM_QoS_CLASS_IN ! interface TenGigabitEthernet1/1/2 description -=shd007 10GethP0 B=- switchport mode trunk ! interface TenGigabitEthernet1/1/3 description =-shd007 10GethP0 A=- switchport mode trunk ! interface TenGigabitEthernet1/1/4 description -=vmw028 10Geth01=- switchport mode trunk ! interface GigabitEthernet2/0/1 description [SRV] Po101 izh-vmw004-p02 switchport mode trunk no snmp trap link-status channel-group 101 mode active service-policy input PM_QoS_CLASS_IN ! interface GigabitEthernet2/0/2 description [SRV] Po2 izh-vmw004-p03 switchport mode trunk no snmp trap link-status channel-group 2 mode active ! interface GigabitEthernet2/0/3 description [SRV] Po3 izh-vmw005-p02 switchport mode trunk no snmp trap link-status channel-group 3 mode active ! interface GigabitEthernet2/0/4 description [SRV] Po4 izh-vmw005-p03 switchport mode trunk no snmp trap link-status channel-group 4 mode active ! interface GigabitEthernet2/0/5 description [SRV] Po5 izh-vmw006-p02 switchport mode trunk no snmp trap link-status channel-group 5 mode active ! interface GigabitEthernet2/0/6 description [SRV] Po6 izh-vmw006-p03 switchport mode trunk no snmp trap link-status channel-group 6 mode active ! interface GigabitEthernet2/0/7 description [SRV] Po7 izh-vmw007-p02 switchport mode trunk no snmp trap link-status channel-group 7 mode active ! interface GigabitEthernet2/0/8 description [SRV] Po8 izh-vmw007-p03 switchport mode trunk no snmp trap link-status channel-group 8 mode active ! interface GigabitEthernet2/0/9 description [SRV] Po9 izh-vmw008-p02 switchport mode trunk no snmp trap link-status channel-group 9 mode active ! interface GigabitEthernet2/0/10 description [SRV] Po10 izh-vmw008-p03 switchport mode trunk no snmp trap link-status channel-group 10 mode active service-policy input PM_QoS_CLASS_IN ! interface GigabitEthernet2/0/11 description [SRV] Po11 izh-vmw011-p02 switchport mode trunk no snmp trap link-status channel-group 11 mode active ! interface GigabitEthernet2/0/12 description [SRV] Po12 izh-vmw011-p03 switchport mode trunk no snmp trap link-status channel-group 12 mode active ! interface GigabitEthernet2/0/13 description [SRV] Po13 izh-vmw012-p02 switchport mode trunk no snmp trap link-status channel-group 13 mode active ! interface GigabitEthernet2/0/14 description [SRV] Po14 izh-vmw012-p03 switchport mode trunk no snmp trap link-status channel-group 14 mode active ! interface GigabitEthernet2/0/15 description [SRV] Po15 izh-vmw013-p02 switchport mode trunk no snmp trap link-status channel-group 15 mode active ! interface GigabitEthernet2/0/16 description [SRV] Po16 izh-vmw013-p03 switchport mode trunk no snmp trap link-status channel-group 16 mode active ! interface GigabitEthernet2/0/17 description [SRV] Po17 izh-vmw016-p02 switchport mode trunk no snmp trap link-status channel-group 17 mode active ! interface GigabitEthernet2/0/18 description [SRV] Po18 izh-vmw016-p03 switchport mode trunk no snmp trap link-status channel-group 18 mode active ! interface GigabitEthernet2/0/19 description [SRV] Po19 izh-vmw015-p02 switchport mode trunk no snmp trap link-status channel-group 19 mode active ! interface GigabitEthernet2/0/20 description [SRV] Po20 izh-vmw015-p03 switchport mode trunk no snmp trap link-status channel-group 20 mode active ! interface GigabitEthernet2/0/21 description [SRV] Po21 izh-vmw014-p02 switchport mode trunk no snmp trap link-status channel-group 21 mode active ! interface GigabitEthernet2/0/22 description [SRV] Po22 izh-vmw014-p03 switchport mode trunk no snmp trap link-status channel-group 22 mode active ! interface GigabitEthernet2/0/23 description [SRV] Po23 izh-vmw020-p02 switchport mode trunk no snmp trap link-status channel-group 23 mode active ! interface GigabitEthernet2/0/24 description [SRV] Po24 izh-vmw020-p03 switchport mode trunk no snmp trap link-status channel-group 24 mode active ! interface GigabitEthernet2/0/25 description [SRV] Po25 izh-vmw021-p02 switchport mode trunk no snmp trap link-status channel-group 25 mode active ! interface GigabitEthernet2/0/26 description [SRV] Po26 izh-vmw021-p03 switchport mode trunk no snmp trap link-status channel-group 26 mode active ! interface GigabitEthernet2/0/27 description [SRV] izh-vmw027_p1 switchport access vlan 294 switchport mode trunk no snmp trap link-status channel-group 46 mode active ! interface GigabitEthernet2/0/28 description [SRV] Po35 kg-izm-vmw022-p01 switchport mode trunk no snmp trap link-status channel-group 35 mode active ! interface GigabitEthernet2/0/29 description [SRV] izh-vmw028_p1 switchport mode trunk no snmp trap link-status channel-group 45 mode active ! interface GigabitEthernet2/0/30 description [SRV] Po36 kg-izm-vmw022-p03 switchport mode trunk channel-group 36 mode active ! interface GigabitEthernet2/0/31 description [SRV] izh-bkp006_p3 switchport access vlan 250 switchport mode access no snmp trap link-status ! interface GigabitEthernet2/0/32 description [SRV] Po37 kg-izm-vmw023-p01 switchport mode trunk channel-group 37 mode active ! interface GigabitEthernet2/0/33 description [SRV] Po33 izh-bkp007-p02 switchport access vlan 292 switchport mode access no snmp trap link-status channel-group 33 mode active ! interface GigabitEthernet2/0/34 description [SRV] Po38 kg-izm-vmw023-p03 switchport mode trunk channel-group 38 mode active service-policy input PM_QoS_CLASS_IN ! interface GigabitEthernet2/0/35 description [SRV] Po39 kg-izm-vmw025-p01 switchport mode trunk channel-group 39 mode active ! interface GigabitEthernet2/0/36 description [SRV] Po40 kg-izm-vmw025-p03 switchport access vlan 8 switchport mode trunk no snmp trap link-status channel-group 40 mode active ! interface GigabitEthernet2/0/37 description [SRV] izh-vsr001 switchport mode trunk no snmp trap link-status ! interface GigabitEthernet2/0/38 description [SRV] izh-vsr002 switchport mode trunk no snmp trap link-status ! interface GigabitEthernet2/0/39 description [SRV] izh-vsr003 switchport mode trunk no snmp trap link-status ! interface GigabitEthernet2/0/40 description [SRV] izh-vsr004 switchport mode trunk no snmp trap link-status ! interface GigabitEthernet2/0/41 description [SRV] izh-vsr006 switchport mode trunk no snmp trap link-status ! interface GigabitEthernet2/0/42 description kg-izm-vmw024-p01 switchport mode trunk channel-group 41 mode active ! interface GigabitEthernet2/0/43 description [SRV] Po42 kg-izm-vmw024-p03 switchport mode trunk channel-group 42 mode active ! interface GigabitEthernet2/0/44 description [SRV] Po43 kg-izm-vmw026-p01 switchport mode trunk channel-group 43 mode active ! interface GigabitEthernet2/0/45 description [SRV] Po44 kg-izm-vmw026-p03 switchport mode trunk channel-group 44 mode active ! interface GigabitEthernet2/0/46 switchport access vlan 294 switchport mode access ! interface GigabitEthernet2/0/47 description [CORE] RT-1-4 switchport mode trunk no snmp trap link-status service-policy input PM_QoS_CLASS_IN ! interface GigabitEthernet2/0/48 description [ISP-1G] L2VPN-to-KG-P11_ER-Telecom switchport trunk native vlan 4030 switchport trunk allowed vlan 556,596 switchport mode trunk logging event trunk-status logging event spanning-tree no snmp trap link-status no lldp transmit no lldp receive no cdp enable spanning-tree bpdufilter enable hold-queue 240000 in hold-queue 240000 out ! interface GigabitEthernet2/1/1 ! interface GigabitEthernet2/1/2 ! interface GigabitEthernet2/1/3 ! interface GigabitEthernet2/1/4 ! interface TenGigabitEthernet2/1/1 description [CORE] Po1 SW-1-1 switchport mode trunk channel-group 1 mode active service-policy input PM_QoS_CLASS_IN ! interface TenGigabitEthernet2/1/2 description -=shd007 10GethP1 A=- switchport mode trunk ! interface TenGigabitEthernet2/1/3 description -=shd007 10GethP1 B=- switchport mode trunk ! interface TenGigabitEthernet2/1/4 description -=vmw028 10Geth02=- switchport mode trunk ! interface Vlan1 no ip address shutdown ! interface Vlan22 ip address 192.168.255.253 255.255.255.0 ! interface Vlan300 description --MANAGMENT-- ip address 10.4.254.248 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ! ip default-gateway 10.4.254.254 ip forward-protocol nd no ip http server no ip http secure-server ip ssh version 2 ! ! ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data permit tcp any any eq 22 permit tcp any any eq 465 permit tcp any any eq 143 permit tcp any any eq 993 permit tcp any any eq 995 permit tcp any any eq 1914 permit tcp any any eq ftp permit tcp any any eq ftp-data permit tcp any any eq smtp permit tcp any any eq pop3 ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf permit udp any any range 16384 32767 permit tcp any any range 50000 59999 ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger permit tcp any any range 2300 2400 permit udp any any range 2300 2400 permit tcp any any range 6881 6999 permit tcp any any range 28800 29100 permit tcp any any eq 1214 permit udp any any eq 1214 permit tcp any any eq 3689 permit udp any any eq 3689 permit tcp any any eq 11999 ip access-list extended AutoQos-4.0-wlan-Acl-Signaling permit tcp any any range 2000 2002 permit tcp any any range 5060 5061 permit udp any any range 5060 5061 ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data permit tcp any any eq 443 permit tcp any any eq 1521 permit udp any any eq 1521 permit tcp any any eq 1526 permit udp any any eq 1526 permit tcp any any eq 1575 permit udp any any eq 1575 permit tcp any any eq 1630 permit udp any any eq 1630 permit tcp any any eq 1527 permit tcp any any eq 6200 permit tcp any any eq 3389 permit tcp any any eq 5985 permit tcp any any eq 8080 ip access-list extended RDP permit tcp any eq 3389 any permit tcp any any eq 3389 ! logging origin-id hostname logging facility local2 logging source-interface Vlan300 logging host 192.168.8.119 transport udp port 5544 logging host 10.4.244.4 transport udp port 515 access-list 5 permit 192.168.8.99 access-list 5 permit 10.4.0.58 access-list 5 permit 10.4.0.214 access-list 5 permit 10.2.1.245 ! snmp-server community lmTUEsk6Yvlv RO 5 snmp ifmib ifindex persist ! ! ! radius server IZH-RDS002 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646 timeout 3 retransmit 2 key hykFAA@Hg9X9fsokWh5q8wez#&^a9lIizldHKxlRer3RE7AbsTsJwdB^RESF$eJ0 ! radius server P11-RDS003 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646 timeout 3 retransmit 2 key hykFAA@Hg9X9fsokWh5q8wez#&^a9lIizldHKxlRer3RE7AbsTsJwdB^RESF$eJ0 ! ! control-plane service-policy input system-cpp-policy ! ! no vstack ! line con 0 login authentication CONSOLE stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 120 0 transport input ssh line vty 5 15 exec-timeout 120 0 transport input ssh ! ntp server 192.168.8.200 ntp server 192.168.8.201 ! wsma agent exec ! wsma agent config ! wsma agent filesys ! wsma agent notify ! ! ap dot11 airtime-fairness policy-name Default 0 ap group default-group ap hyperlocation ble-beacon 0 ap hyperlocation ble-beacon 1 ap hyperlocation ble-beacon 2 ap hyperlocation ble-beacon 3 ap hyperlocation ble-beacon 4 end