783 lines
17 KiB
Plaintext
783 lines
17 KiB
Plaintext
Building configuration...
|
|
|
|
Current configuration : 17639 bytes
|
|
!
|
|
! Last configuration change at 13:12:55 MSK Thu Jul 28 2022 by adm_kapustinal
|
|
! NVRAM config last updated at 10:59:49 MSK Thu Jul 28 2022 by adm_kapustinal
|
|
!
|
|
version 15.2
|
|
service nagle
|
|
no service pad
|
|
service tcp-keepalives-in
|
|
service tcp-keepalives-out
|
|
service timestamps debug datetime msec localtime show-timezone year
|
|
service timestamps log datetime msec localtime show-timezone year
|
|
service password-encryption
|
|
service sequence-numbers
|
|
service unsupported-transceiver
|
|
!
|
|
hostname IZH-KG-P11-SW-1-3
|
|
!
|
|
boot-start-marker
|
|
boot-end-marker
|
|
!
|
|
logging buffered 65536
|
|
no logging console
|
|
enable secret 5 $1$.tEz$Hutes7k4bUis4LgJ26hPn/
|
|
!
|
|
username netadmin privilege 15 secret 5 $1$sBep$BrbjThNMOKPqlMxpDm4u7.
|
|
username akhmetzyanovrr_adm
|
|
aaa new-model
|
|
!
|
|
!
|
|
aaa group server radius NPS
|
|
server name IZH-RDS002
|
|
server name P11-RDS003
|
|
load-balance method least-outstanding
|
|
!
|
|
aaa authentication login default group NPS local enable
|
|
aaa authentication login CONSOLE local group NPS
|
|
aaa authorization console
|
|
aaa authorization exec default group NPS local if-authenticated
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
aaa session-id common
|
|
clock timezone MSK 4 0
|
|
switch 1 provision ws-c2960x-48lps-l
|
|
no ip source-route
|
|
no ip gratuitous-arps
|
|
!
|
|
!
|
|
ip domain-name komos.ru
|
|
ip host VM-KG-NET 10.1.12.70
|
|
ip host tftp 10.4.0.214
|
|
login on-failure log
|
|
login on-success log
|
|
vtp mode transparent
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
flow record FLOW-RECORD-L2VPN-INPUT
|
|
description IPv4 NetFlow L2VPN IN
|
|
match ipv4 tos
|
|
match ipv4 protocol
|
|
match ipv4 source address
|
|
match ipv4 destination address
|
|
match transport source-port
|
|
match transport destination-port
|
|
collect transport tcp flags
|
|
collect interface output
|
|
collect counter bytes long
|
|
collect counter packets long
|
|
!
|
|
!
|
|
flow record FLOW-RECORD-L2VPN-OUTPUT
|
|
description IPv4 NetFlow L2VPN OUT
|
|
match ipv4 tos
|
|
match ipv4 protocol
|
|
match ipv4 source address
|
|
match ipv4 destination address
|
|
match transport source-port
|
|
match transport destination-port
|
|
collect transport tcp flags
|
|
collect interface input
|
|
collect counter bytes long
|
|
collect counter packets long
|
|
!
|
|
!
|
|
flow monitor FLOW-MONITOR-L2VPN-INPUT
|
|
description ingress
|
|
cache timeout active 60
|
|
record FLOW-RECORD-L2VPN-INPUT
|
|
!
|
|
!
|
|
flow monitor FLOW-MONITOR-L2VPN-OUTPUT
|
|
description egress
|
|
cache timeout active 60
|
|
record FLOW-RECORD-L2VPN-OUTPUT
|
|
!
|
|
!
|
|
crypto pki trustpoint TP-self-signed-2890218112
|
|
enrollment selfsigned
|
|
subject-name cn=IOS-Self-Signed-Certificate-2890218112
|
|
revocation-check none
|
|
rsakeypair TP-self-signed-2890218112
|
|
!
|
|
!
|
|
crypto pki certificate chain TP-self-signed-2890218112
|
|
certificate self-signed 01
|
|
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
|
|
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
|
|
69666963 6174652D 32383930 32313831 3132301E 170D3030 30373133 30343433
|
|
35335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
|
|
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 38393032
|
|
31383131 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
|
|
8100A2FF 9A166990 248A868C 132D49C8 EF357969 DE5AABCF BCC0EB12 D0AF43C7
|
|
BECD39C1 827CA980 9D8F1864 9D995D9D CC9A82F6 25A4AABA F7747EDA 62403E18
|
|
BC43B725 6AA3CCCB DA0F40B4 3E1A9E21 22CEC796 9FB1AEF0 F0DCE02F 92951898
|
|
9DCADDE6 43D00E6D FB2AE32F 617B378D 4115AD5F 72482292 220DD6D8 E73C6CFE
|
|
37C90203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
|
|
551D2304 18301680 147D1068 716D81C1 6D2DBF01 B421D06A 6BE74719 96301D06
|
|
03551D0E 04160414 7D106871 6D81C16D 2DBF01B4 21D06A6B E7471996 300D0609
|
|
2A864886 F70D0101 05050003 8181003C 3E229CB8 16EE1017 AF712FE7 1E3092CE
|
|
3FF13297 283E634A B8DC9C02 FACA6DAB 324A8ED5 65CF05E3 076E407E 79A34240
|
|
9A5AAD04 3B1C1AC3 168DB4DA 15E6B692 741DE779 B51E7683 F152141F 556FF7B3
|
|
5D9EB431 B067E16B EDBF826A DDCFD2E5 D0C433A5 8FF201F3 B26393BD 22C85D0A
|
|
CD6632B9 FE0B0B5F A046F73B 864371
|
|
quit
|
|
archive
|
|
log config
|
|
logging enable
|
|
logging size 900
|
|
notify syslog contenttype plaintext
|
|
hidekeys
|
|
path tftp://tftp/IZH/KG/P11-SW_L2/$H.$T.conf
|
|
write-memory
|
|
time-period 10080
|
|
!
|
|
spanning-tree mode rapid-pvst
|
|
spanning-tree loopguard default
|
|
spanning-tree logging
|
|
spanning-tree extend system-id
|
|
no errdisable detect cause gbic-invalid
|
|
errdisable recovery cause bpduguard
|
|
errdisable recovery cause dtp-flap
|
|
errdisable recovery cause link-flap
|
|
errdisable recovery cause sfp-config-mismatch
|
|
errdisable recovery cause port-mode-failure
|
|
errdisable recovery cause loopback
|
|
errdisable recovery interval 600
|
|
!
|
|
!
|
|
!
|
|
!
|
|
vlan internal allocation policy ascending
|
|
!
|
|
vlan 2
|
|
name KG_LAN-USER
|
|
!
|
|
vlan 4
|
|
name KG_LAN-VDI
|
|
!
|
|
vlan 5
|
|
name KG_LAN-ADMIN
|
|
!
|
|
vlan 6
|
|
!
|
|
vlan 11
|
|
name KG_LAN-AS199014
|
|
!
|
|
vlan 12
|
|
name UNIFI_NETWORK
|
|
!
|
|
vlan 20
|
|
name DMZ-1
|
|
!
|
|
vlan 25
|
|
name VoIP
|
|
!
|
|
vlan 100
|
|
name Inbound_management
|
|
!
|
|
vlan 101
|
|
name WDS
|
|
!
|
|
vlan 149
|
|
name -KG-MGMT-INT-10.1.254.0/24-
|
|
!
|
|
vlan 150
|
|
!
|
|
vlan 152
|
|
name KG-ARUBA-USERS
|
|
!
|
|
vlan 153
|
|
name KG-ARUBA-USERS-GUEST
|
|
!
|
|
vlan 200
|
|
name KG_MGMT-SRV
|
|
!
|
|
vlan 201
|
|
name KG_LAN-SRV
|
|
!
|
|
vlan 202
|
|
name KG_LAN-SRV-DMZ
|
|
!
|
|
vlan 249
|
|
name --KG-SRV-BKP-10.1.249.0/26--
|
|
!
|
|
vlan 253
|
|
name exchange_komos-group
|
|
!
|
|
vlan 289
|
|
name --OCOD_VLAN_1--
|
|
!
|
|
vlan 296
|
|
name -MLK-KCOD-SRV-All_10.1.123.0/24-
|
|
!
|
|
vlan 297
|
|
name -MLK-KCOD-SRV-Exchange_10.1.122.
|
|
!
|
|
vlan 298
|
|
name -KG-COD-Transit-Core-
|
|
!
|
|
vlan 300
|
|
name KG_MGMT-NET
|
|
!
|
|
vlan 301
|
|
name KG_MGMT-WIFI
|
|
!
|
|
vlan 302
|
|
name WiFi_MGM_Aruba_test
|
|
!
|
|
vlan 349
|
|
name MLK_LAN-DATACENTER-2
|
|
!
|
|
vlan 351
|
|
name KG_VOIP
|
|
!
|
|
vlan 500
|
|
name WIFI Guesrt KG
|
|
!
|
|
vlan 556
|
|
name P2P_iBGP_KOMOS_AS_over_ER_Tel
|
|
!
|
|
vlan 557
|
|
name P2P_iBGP_KOMOS_AS_over_MTS
|
|
!
|
|
vlan 558
|
|
name -L2VPN-PVE_HA_ERTLC-
|
|
!
|
|
vlan 559
|
|
name -L2VPN-PVE_HA_MTS-
|
|
!
|
|
vlan 598
|
|
name BGP_KG_COD_TRANSIT
|
|
!
|
|
vlan 599
|
|
name -MLK-KCOD-Trunk_172.30.30.0/27-
|
|
!
|
|
vlan 3001
|
|
name -KG-ISOLATED-VLAN-
|
|
!
|
|
vlan 3900
|
|
name -mlk_izh-vLab_net-servers-3900-
|
|
!
|
|
vlan 3901
|
|
name -mlk_izh-vLab_net-servers-3901-
|
|
!
|
|
vlan 3902
|
|
name -mlk_izh-vLab_net-servers-3902-
|
|
!
|
|
vlan 3903
|
|
name -mlk_izh-vLab_net-servers-3903-
|
|
!
|
|
vlan 3904
|
|
name -mlk_izh-vLab_net-servers-3904-
|
|
!
|
|
vlan 3905
|
|
name -mlk_izh-vLab_net-servers-3905-
|
|
!
|
|
vlan 3906
|
|
name -mlk_izh-vLab_net-servers-3906-
|
|
!
|
|
vlan 3907
|
|
name -mlk_izh-vLab_net-servers-3907-
|
|
!
|
|
vlan 3908
|
|
name -mlk_izh-vLab_net-servers-3908-
|
|
!
|
|
vlan 3909
|
|
name -mlk_izh-vLab_net-servers-3909-
|
|
!
|
|
vlan 3910
|
|
name -mlk_izh-vLab_net-servers-3910-
|
|
!
|
|
vlan 3911
|
|
name -mlk_izh-vLab_net-servers-3911-
|
|
!
|
|
vlan 3912
|
|
name -mlk_izh-vLab_net-servers-3912-
|
|
!
|
|
vlan 3913
|
|
name -mlk_izh-vLab_net-servers-3913-
|
|
!
|
|
vlan 3914
|
|
name -mlk_izh-vLab_net-servers-3914-
|
|
!
|
|
vlan 3915
|
|
name -mlk_izh-vLab_net-servers-3915-
|
|
!
|
|
vlan 3916
|
|
name -mlk_izh-vLab_net-servers-3916-
|
|
!
|
|
vlan 3917
|
|
name -mlk_izh-vLab_net-servers-3917-
|
|
!
|
|
vlan 3918
|
|
name -mlk_izh-vLab_net-servers-3918-
|
|
!
|
|
vlan 3919
|
|
name -mlk_izh-vLab_net-servers-3919-
|
|
!
|
|
vlan 4030
|
|
name -MLK-KCOD-Native-
|
|
!
|
|
vlan 4031
|
|
name -MLK-KCOD-VeamRepl_172.31.31.0/2
|
|
!
|
|
vlan 4032
|
|
name -MLK-KCOD-SQLRepl_172.31.33.0/24
|
|
!
|
|
vlan 4033
|
|
name -MLK-KCOD-SrvVCHA_172.31.33.0/24
|
|
!
|
|
vlan 4034
|
|
name -MLK-KCOD-ExchRepl_172.31.34.0/2
|
|
!
|
|
vlan 4035
|
|
name -MLK-KCOD-Reserv_172.31.35.0/24-
|
|
!
|
|
vlan 4040
|
|
name KG_LAN-SZB
|
|
!
|
|
vlan 4093
|
|
name ISP-IMP_ERTEL
|
|
!
|
|
ip tftp source-interface Vlan100
|
|
ip ssh version 2
|
|
!
|
|
class-map match-any CM_QoS_CS3
|
|
match ip dscp cs3 af31 af32 af33
|
|
class-map match-any CM_QoS_CS2
|
|
match ip dscp cs2 af21 af22 af23
|
|
class-map match-any CM_QoS_CS1
|
|
match ip dscp cs1 af11 af12 af13
|
|
class-map match-any CM_QoS_CS0
|
|
match ip dscp default 1 2 3
|
|
class-map match-any CM_QoS_CS7
|
|
match ip dscp cs7
|
|
class-map match-any CM_QoS_CS6
|
|
match ip dscp cs6 49
|
|
class-map match-any CM_QoS_CS5
|
|
match ip dscp cs5 41 42 45 ef 47
|
|
class-map match-any CM_QoS_CS4
|
|
match ip dscp cs4 af41 af42 af43
|
|
!
|
|
policy-map PM_QoS_CLASS_IN
|
|
class CM_QoS_CS7
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
interface Loopback7777
|
|
description TK7239m
|
|
no ip address
|
|
shutdown
|
|
!
|
|
interface Port-channel1
|
|
description LINK_TO_6500
|
|
switchport mode trunk
|
|
shutdown
|
|
!
|
|
interface Port-channel2
|
|
description [CORE] SW-1-2
|
|
switchport trunk allowed vlan 4030-4034
|
|
switchport mode trunk
|
|
logging event trunk-status
|
|
logging event spanning-tree
|
|
!
|
|
interface Port-channel7
|
|
description [SRV] Po7 cisco PVE2 ORSSI eth1
|
|
switchport trunk native vlan 201
|
|
switchport trunk allowed vlan 2,5,201,500,558,559
|
|
switchport mode trunk
|
|
no snmp trap link-status
|
|
!
|
|
interface FastEthernet0
|
|
no ip address
|
|
!
|
|
interface GigabitEthernet1/0/1
|
|
description [SRV] p11-vmw001_eth0
|
|
switchport mode trunk
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/2
|
|
description [SRV] p11-vmw002_eth0
|
|
switchport mode trunk
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/3
|
|
description [SRV] p11-vmw003_eth0
|
|
switchport mode trunk
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/4
|
|
description [SRV] p11-vmw004_eth0
|
|
switchport mode trunk
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/5
|
|
description [SRV] p11-vmw005_eth0
|
|
switchport mode trunk
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/6
|
|
description [SRV] ORSI_Cisco_Server
|
|
switchport access vlan 5
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/7
|
|
description NONE
|
|
switchport access vlan 298
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/8
|
|
description NONE
|
|
switchport access vlan 298
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/9
|
|
description NONE
|
|
switchport access vlan 298
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/10
|
|
description NONE
|
|
switchport access vlan 298
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/11
|
|
description NONE
|
|
switchport access vlan 298
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/12
|
|
description NONE
|
|
switchport access vlan 298
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/13
|
|
description NONE
|
|
switchport access vlan 298
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/14
|
|
description [SRV] p11-shd001_mg1
|
|
switchport access vlan 298
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/15
|
|
description [SRV] PVE2-eth1
|
|
switchport trunk native vlan 201
|
|
switchport trunk allowed vlan 2,5,201,500,558,559
|
|
switchport mode trunk
|
|
no snmp trap link-status
|
|
channel-group 7 mode active
|
|
!
|
|
interface GigabitEthernet1/0/16
|
|
description NONE
|
|
switchport mode trunk
|
|
no snmp trap link-status
|
|
!
|
|
interface GigabitEthernet1/0/17
|
|
description [SRV] p11-vmw004_eth3
|
|
switchport mode trunk
|
|
no snmp trap link-status
|
|
!
|
|
interface GigabitEthernet1/0/18
|
|
description NONE
|
|
switchport mode trunk
|
|
no snmp trap link-status
|
|
!
|
|
interface GigabitEthernet1/0/19
|
|
description NONE
|
|
switchport mode trunk
|
|
no snmp trap link-status
|
|
!
|
|
interface GigabitEthernet1/0/20
|
|
description [SRV] p11-vmw001_eth2
|
|
switchport mode trunk
|
|
no snmp trap link-status
|
|
!
|
|
interface GigabitEthernet1/0/21
|
|
description [SRV] Cisco IMC_PVE2
|
|
switchport access vlan 5
|
|
switchport mode access
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/22
|
|
description NONE
|
|
switchport access vlan 5
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/23
|
|
description NONE
|
|
switchport access vlan 349
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/24
|
|
description NONE
|
|
switchport access vlan 349
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/25
|
|
switchport access vlan 201
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/26
|
|
switchport access vlan 201
|
|
switchport mode access
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/27
|
|
!
|
|
interface GigabitEthernet1/0/28
|
|
!
|
|
interface GigabitEthernet1/0/29
|
|
!
|
|
interface GigabitEthernet1/0/30
|
|
!
|
|
interface GigabitEthernet1/0/31
|
|
!
|
|
interface GigabitEthernet1/0/32
|
|
!
|
|
interface GigabitEthernet1/0/33
|
|
!
|
|
interface GigabitEthernet1/0/34
|
|
!
|
|
interface GigabitEthernet1/0/35
|
|
!
|
|
interface GigabitEthernet1/0/36
|
|
!
|
|
interface GigabitEthernet1/0/37
|
|
!
|
|
interface GigabitEthernet1/0/38
|
|
!
|
|
interface GigabitEthernet1/0/39
|
|
!
|
|
interface GigabitEthernet1/0/40
|
|
!
|
|
interface GigabitEthernet1/0/41
|
|
!
|
|
interface GigabitEthernet1/0/42
|
|
!
|
|
interface GigabitEthernet1/0/43
|
|
!
|
|
interface GigabitEthernet1/0/44
|
|
!
|
|
interface GigabitEthernet1/0/45
|
|
!
|
|
interface GigabitEthernet1/0/46
|
|
!
|
|
interface GigabitEthernet1/0/47
|
|
description TEST_DORADO_MGM
|
|
switchport trunk native vlan 200
|
|
switchport trunk allowed vlan 200
|
|
switchport mode trunk
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/48
|
|
description TEST_DORADO_MGM
|
|
switchport trunk native vlan 200
|
|
switchport trunk allowed vlan 200
|
|
switchport mode trunk
|
|
no logging event link-status
|
|
no snmp trap link-status
|
|
spanning-tree portfast
|
|
!
|
|
interface GigabitEthernet1/0/49
|
|
description [CORE] SW-1-1
|
|
switchport trunk allowed vlan 1-4029,4035-4090
|
|
switchport mode trunk
|
|
logging event trunk-status
|
|
logging event spanning-tree
|
|
hold-queue 4096 in
|
|
hold-queue 4096 out
|
|
!
|
|
interface GigabitEthernet1/0/50
|
|
description [ISP-1G] L2VPN-to-MLK-IZM_MTS
|
|
switchport trunk native vlan 4030
|
|
switchport trunk allowed vlan 557,599,4031-4035
|
|
switchport mode trunk
|
|
logging event trunk-status
|
|
logging event spanning-tree
|
|
no cdp enable
|
|
no lldp transmit
|
|
no lldp receive
|
|
hold-queue 4096 in
|
|
hold-queue 4096 out
|
|
!
|
|
interface GigabitEthernet1/0/51
|
|
description [CORE] Po2 SW-1-2
|
|
switchport trunk allowed vlan 4030-4034
|
|
switchport mode trunk
|
|
logging event trunk-status
|
|
logging event spanning-tree
|
|
channel-group 2 mode active
|
|
!
|
|
interface GigabitEthernet1/0/52
|
|
description [CORE] Po2 SW-1-2
|
|
switchport trunk allowed vlan 4030-4034
|
|
switchport mode trunk
|
|
logging event trunk-status
|
|
logging event spanning-tree
|
|
channel-group 2 mode active
|
|
!
|
|
interface Vlan1
|
|
no ip address
|
|
shutdown
|
|
!
|
|
interface Vlan100
|
|
ip address 10.1.1.6 255.255.255.0
|
|
no ip redirects
|
|
no ip unreachables
|
|
no ip proxy-arp
|
|
!
|
|
interface Vlan152
|
|
ip address 10.1.34.100 255.255.254.0
|
|
!
|
|
ip default-gateway 10.1.1.1
|
|
no ip http server
|
|
ip http authentication local
|
|
no ip http secure-server
|
|
!
|
|
!
|
|
kron occurrence EveryDay at 1:00 recurring
|
|
policy-list SaveBackup
|
|
!
|
|
kron policy-list SaveBackup
|
|
cli write memory
|
|
!
|
|
logging trap debugging
|
|
logging origin-id hostname
|
|
logging facility local6
|
|
logging source-interface Vlan100
|
|
logging host 192.168.2.25
|
|
logging host 10.4.244.4 transport udp port 515
|
|
access-list 23 permit any
|
|
access-list 23 deny any log
|
|
!
|
|
snmp-server community lmTUEsk6Yvlv RO
|
|
snmp-server host 10.1.122.227 lmTUEsk6Yvlv
|
|
!
|
|
!
|
|
radius server IZH-RDS002
|
|
address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
|
|
timeout 3
|
|
retransmit 2
|
|
key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405
|
|
!
|
|
radius server P11-RDS003
|
|
address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
|
|
timeout 3
|
|
retransmit 2
|
|
key 7 101F3E4B5C19563C160C6C010516751A2D0A0A34321159181C7075222515524D7C7A7C00407B536324307D470117150D7E3A273C2B4443044F2E3C345B39522405
|
|
!
|
|
!
|
|
privilege exec all level 7 show cdp
|
|
privilege exec all level 7 show running-config
|
|
privilege exec all level 7 show configuration
|
|
privilege exec level 7 show
|
|
banner login ^CCC
|
|
*****************************************************************************
|
|
* *
|
|
* OOO "KOMOS GROUP" *
|
|
* Pesochnaya 11 *
|
|
* 1st FLOOR *
|
|
* DATACENTER-3 *
|
|
* *
|
|
* UNAUTHORIZED ACCESS IS PROHIBITED *
|
|
* *
|
|
* You have accessed network equipment. *
|
|
* You must have authorized permission to access or configure this device. *
|
|
* All activities performed on this device are logged and monitored. *
|
|
* *
|
|
*****************************************************************************^C
|
|
!
|
|
line con 0
|
|
login authentication CONSOLE
|
|
stopbits 1
|
|
line vty 0 4
|
|
access-class 23 in
|
|
exec-timeout 120 0
|
|
login authentication NPS
|
|
length 0
|
|
transport input ssh
|
|
line vty 5 15
|
|
access-class 23 in
|
|
exec-timeout 120 0
|
|
login authentication NPS
|
|
transport input ssh
|
|
!
|
|
ntp source Vlan100
|
|
ntp server 10.1.1.1
|
|
end |