Building configuration... Current configuration : 8581 bytes ! ! Last configuration change at 04:00:44 SAMT Mon Jan 2 2006 ! version 15.2 no service pad service timestamps debug datetime msec localtime show-timezone year service timestamps log datetime msec localtime show-timezone year service password-encryption ! hostname KEZ-MLK-KZS-SW-13-1 ! boot-start-marker boot-end-marker ! logging userinfo logging buffered 64000 enable secret 5 $1$L7fK$k/MCEtLn2e68JjkqKNFz10 ! username netadmin privilege 15 secret 5 $1$F5w6$HO0izzJXl1L6meBYGmfFo. aaa new-model ! ! aaa group server radius NPS server name IZH-RDS002 server name P11-RDS003 load-balance method least-outstanding ! aaa authentication login default group NPS local enable aaa authentication login CONSOLE local group NPS aaa authorization exec default group NPS local if-authenticated ! ! ! ! ! ! aaa session-id common clock timezone SAMT 4 0 switch 1 provision ws-c2960s-24ps-l ! ! ip dhcp snooping vlan 1-4094 ip dhcp snooping no ip domain-lookup ip domain-name milkom-komos.ru ip host tftp 10.4.0.214 vtp mode transparent ! ! ! ! ! ! ! crypto pki trustpoint TP-self-signed-2250283648 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-2250283648 revocation-check none rsakeypair TP-self-signed-2250283648 ! ! crypto pki certificate chain TP-self-signed-2250283648 archive log config logging enable logging size 900 notify syslog contenttype plaintext hidekeys path tftp://tftp/KEZ/MLK/KSZ-SW_L2/$H-$T write-memory time-period 10080 spanning-tree mode pvst spanning-tree logging spanning-tree extend system-id errdisable recovery cause udld errdisable recovery cause bpduguard errdisable recovery cause security-violation errdisable recovery cause channel-misconfig errdisable recovery cause pagp-flap errdisable recovery cause dtp-flap errdisable recovery cause link-flap errdisable recovery cause sfp-config-mismatch errdisable recovery cause gbic-invalid errdisable recovery cause psecure-violation errdisable recovery cause port-mode-failure errdisable recovery cause dhcp-rate-limit errdisable recovery cause pppoe-ia-rate-limit errdisable recovery cause mac-limit errdisable recovery cause vmps errdisable recovery cause storm-control errdisable recovery cause inline-power errdisable recovery cause arp-inspection errdisable recovery cause loopback errdisable recovery cause small-frame errdisable recovery cause psp errdisable recovery interval 600 ! ! ! ! vlan internal allocation policy ascending ! vlan 101 name --PRINTERS-- ! vlan 150 name --Wi-Fi_WORK-- ! vlan 300 name --MANAGEMENT-- ! vlan 301 name --Wi-Fi_MANAGEMENT-- ! vlan 350 name --VOICE-- ! vlan 450 name --Wi-Fi_SKLAD-- ! vlan 500 name --Wi-Fi_GUEST-- ! lldp run ! ! ! ! ! ! ! ! ! ! interface Port-channel1 description [KU] SW-2-3 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0 description --MGMT Port-- no ip address ! interface GigabitEthernet1/0/1 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/2 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/3 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/4 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/5 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/6 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/7 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/8 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/9 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/10 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/11 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/12 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/13 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/14 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/15 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/16 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/17 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/18 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/19 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/20 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/21 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/22 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/23 description NONE switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/24 description --MANAGEMENT-- switchport access vlan 300 switchport mode access switchport voice vlan 350 no snmp trap link-status ! interface GigabitEthernet1/0/25 description [KU] Po1 SW-2-3 switchport mode trunk channel-group 1 mode active ip dhcp snooping trust ! interface GigabitEthernet1/0/26 switchport mode trunk channel-group 1 mode active ip dhcp snooping trust ! interface GigabitEthernet1/0/27 ! interface GigabitEthernet1/0/28 ! interface Vlan1 no ip address shutdown ! interface Vlan300 description --MANAGEMENT-- ip address 10.5.94.131 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ! ip default-gateway 10.5.94.254 no ip http server no ip http secure-server ! ip ssh version 2 ! logging origin-id hostname logging source-interface Vlan300 logging host 192.168.8.119 transport udp port 5544 logging host 10.4.244.4 transport udp port 515 ! snmp-server community lmTUEsk6Yvlv RO snmp ifmib ifindex persist ! ! radius server P11-RDS003 address ipv4 10.1.122.248 auth-port 1645 acct-port 1646 timeout 3 retransmit 2 key 7 03556C595F01657B54015F2F362C4D230B33260619233A635724372F275B1D4C777921510D39016075647745510F480F22697637190E09565D2D24071C7B5F172B ! radius server IZH-RDS002 address ipv4 10.4.0.248 auth-port 1645 acct-port 1646 timeout 3 retransmit 2 key 7 0257330952084B1656464F3324295424031D270915383C746630263A250C124D7C7E7B5C16374E617A60764250501852233679640E1B0B090D202D297179180737 ! banner exec ^C Hello! I'm $(hostname). You are connected on line $(line) on domain $(domain) ^C banner login ^C ***************************************************************************** * * * UNAUTHORIZED ACCESS IS PROHIBITED * * * * You have accessed network equipment. * * You must have authorized permission to access or configure this device. * * All activities performed on this device are logged and monitored. * * * ***************************************************************************** ^C ! line con 0 exec-timeout 60 0 logging synchronous login authentication CONSOLE line vty 0 4 exec-timeout 120 0 logging synchronous login authentication NPS transport input ssh line vty 5 15 exec-timeout 120 0 logging synchronous login authentication NPS transport input ssh ! ntp server 192.168.8.200 prefer ntp server 192.168.8.201 mac address-table notification change mac address-table notification mac-move mac address-table aging-time 900 end