311 lines
8.2 KiB
Plaintext
311 lines
8.2 KiB
Plaintext
Building configuration...
|
|
|
|
Current configuration : 8372 bytes
|
|
!
|
|
! No configuration change since last restart
|
|
!
|
|
version 15.0
|
|
no service pad
|
|
service timestamps debug datetime msec localtime show-timezone year
|
|
service timestamps log datetime msec localtime show-timezone year
|
|
no service password-encryption
|
|
!
|
|
hostname IZH-MLK-IZM-SW-20-1
|
|
!
|
|
boot-start-marker
|
|
boot-end-marker
|
|
!
|
|
logging userinfo
|
|
logging buffered 64000
|
|
enable secret 5 $1$2vfT$dT0PqXqhdg/HU7POkpya4/
|
|
!
|
|
username root privilege 15 secret 5 $1$p4VN$8fG2JBXN5CgAINiGH6aWJ.
|
|
username netadmin privilege 15 secret 5 $1$Q8IM$Ne6wkzNcjIcvtFMiuYKF0.
|
|
aaa new-model
|
|
!
|
|
!
|
|
aaa group server radius NPS
|
|
server name IZH-RDS002
|
|
server name P11-RDS003
|
|
load-balance method least-outstanding
|
|
!
|
|
aaa authentication login default group NPS local enable
|
|
aaa authentication login CONSOLE local group NPS
|
|
aaa authorization exec default group NPS local if-authenticated
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
aaa session-id common
|
|
clock timezone SAMT 4 0
|
|
system mtu routing 1500
|
|
!
|
|
!
|
|
no ip domain-lookup
|
|
ip domain-name milkom-komos.ru
|
|
ip host tftp 10.4.0.214
|
|
login on-failure
|
|
login on-success
|
|
!
|
|
!
|
|
crypto pki trustpoint TP-self-signed-1012187136
|
|
enrollment selfsigned
|
|
subject-name cn=IOS-Self-Signed-Certificate-1012187136
|
|
revocation-check none
|
|
rsakeypair TP-self-signed-1012187136
|
|
!
|
|
!
|
|
crypto pki certificate chain TP-self-signed-1012187136
|
|
certificate self-signed 01
|
|
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
|
|
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
|
|
69666963 6174652D 31303132 31383731 3336301E 170D3036 30313032 30303031
|
|
31335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
|
|
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30313231
|
|
38373133 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
|
|
8100B7CD 59FCD589 DC6A854B FFE01E09 72F3D33F EF1C6EB8 D9303D8E 155D79B5
|
|
45A880AA E822F7A6 7BFAF662 6C1DF222 078EC3A8 C1D7C677 5F7918DA DA26B866
|
|
AF232FF6 1B6ED459 D9C970DF F09F67A8 3F6238C3 78BE8631 61959315 F0DAE4D3
|
|
2CEE795E 781062F2 371F08D8 B0986EEF 2079CDD3 A2D03866 BE521044 29CFC864
|
|
6EC10203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
|
|
551D2304 18301680 142D9731 C9396C77 5AF118C2 7D71B3AB 3DFCEF68 1D301D06
|
|
03551D0E 04160414 2D9731C9 396C775A F118C27D 71B3AB3D FCEF681D 300D0609
|
|
2A864886 F70D0101 05050003 8181007E 17FFC9BD 5CAE0036 4F72A474 378BE743
|
|
FE28598B BA8E9C7D 56C32BFC 1ED7A5D0 78066AD7 0B14AB4B 42A232AE 2AAEB7C4
|
|
5E914A6F 57874145 5AF1A18C FA03303C 5C4E7ED0 08ACC64B E190C47E CF9A8609
|
|
D01F8C9C EF8A2190 C21B12F2 42FB356D 2490FC6D F37689FF F929D3AE 18F0CCF3
|
|
7F2E2475 B3CBDC9A 8861AC29 16B488
|
|
quit
|
|
archive
|
|
log config
|
|
logging enable
|
|
logging size 900
|
|
notify syslog contenttype plaintext
|
|
hidekeys
|
|
path tftp://tftp/IZH/MLK/IZM-SW_L2/$H-$T
|
|
write-memory
|
|
time-period 10080
|
|
spanning-tree mode pvst
|
|
spanning-tree logging
|
|
spanning-tree extend system-id
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
errdisable recovery cause udld
|
|
errdisable recovery cause bpduguard
|
|
errdisable recovery cause security-violation
|
|
errdisable recovery cause channel-misconfig (STP)
|
|
errdisable recovery cause pagp-flap
|
|
errdisable recovery cause dtp-flap
|
|
errdisable recovery cause link-flap
|
|
errdisable recovery cause sfp-config-mismatch
|
|
errdisable recovery cause gbic-invalid
|
|
errdisable recovery cause psecure-violation
|
|
errdisable recovery cause port-mode-failure
|
|
errdisable recovery cause dhcp-rate-limit
|
|
errdisable recovery cause pppoe-ia-rate-limit
|
|
errdisable recovery cause mac-limit
|
|
errdisable recovery cause vmps
|
|
errdisable recovery cause storm-control
|
|
errdisable recovery cause inline-power
|
|
errdisable recovery cause arp-inspection
|
|
errdisable recovery cause loopback
|
|
errdisable recovery cause small-frame
|
|
errdisable recovery cause psp
|
|
errdisable recovery interval 600
|
|
!
|
|
!
|
|
!
|
|
!
|
|
vlan internal allocation policy ascending
|
|
!
|
|
ip tcp synwait-time 5
|
|
ip ssh version 2
|
|
lldp run
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
interface Port-channel1
|
|
description ---LINK_TO_CORE---
|
|
switchport mode trunk
|
|
!
|
|
interface FastEthernet0/1
|
|
description [CAM] VK162
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
!
|
|
interface FastEthernet0/2
|
|
description [CAM] VK160
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
!
|
|
interface FastEthernet0/3
|
|
description [CAM] VK163
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
!
|
|
interface FastEthernet0/4
|
|
description [CAM] VK161
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
!
|
|
interface FastEthernet0/5
|
|
description [CAM] VK165
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
!
|
|
interface FastEthernet0/6
|
|
description [CAM] VK155
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
!
|
|
interface FastEthernet0/7
|
|
description [CAM] VK166
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
!
|
|
interface FastEthernet0/8
|
|
description NONE
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
!
|
|
interface FastEthernet0/9
|
|
description NONE
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
!
|
|
interface FastEthernet0/10
|
|
description NONE
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
!
|
|
interface FastEthernet0/11
|
|
description [WIFI] AP-20-1-Angar
|
|
switchport trunk native vlan 302
|
|
switchport trunk allowed vlan 150,151,301,302,500
|
|
switchport mode trunk
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
no lldp transmit
|
|
no lldp receive
|
|
!
|
|
interface FastEthernet0/12
|
|
description [SKD] Controller_192.168.8.94
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
no lldp transmit
|
|
no lldp receive
|
|
!
|
|
interface GigabitEthernet0/1
|
|
description [CORE] SW-1-1
|
|
switchport mode trunk
|
|
channel-group 1 mode on
|
|
!
|
|
interface GigabitEthernet0/2
|
|
description -=Po1=-
|
|
switchport mode trunk
|
|
channel-group 1 mode on
|
|
!
|
|
interface Vlan1
|
|
no ip address
|
|
shutdown
|
|
!
|
|
interface Vlan300
|
|
description --MANAGMENT--
|
|
ip address 10.4.254.59 255.255.255.0
|
|
no ip redirects
|
|
no ip unreachables
|
|
no ip proxy-arp
|
|
!
|
|
ip default-gateway 10.4.254.254
|
|
no ip http server
|
|
no ip http secure-server
|
|
!
|
|
logging origin-id hostname
|
|
logging source-interface Vlan300
|
|
logging host 192.168.8.119 transport udp port 5544
|
|
logging host 10.4.244.4 transport udp port 515
|
|
snmp-server community lmTUEsk6Yvlv RO
|
|
snmp-server enable traps mac-notification change move threshold
|
|
snmp ifmib ifindex persist
|
|
!
|
|
!
|
|
radius server IZH-RDS002
|
|
address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
|
|
timeout 3
|
|
retransmit 2
|
|
key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN
|
|
!
|
|
radius server P11-RDS003
|
|
address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
|
|
timeout 3
|
|
retransmit 2
|
|
key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN
|
|
!
|
|
!
|
|
banner exec ^C
|
|
Welcome to $(hostname). You are connected on line $(line) on domain $(domain)
|
|
|
|
^C
|
|
banner login ^C
|
|
*****************************************************************************
|
|
* *
|
|
* UNAUTHORIZED ACCESS IS PROHIBITED *
|
|
* *
|
|
* You have accessed network equipment. *
|
|
* You must have authorized permission to access or configure this device. *
|
|
* All activities performed on this device are logged and monitored. *
|
|
* *
|
|
*****************************************************************************
|
|
^C
|
|
banner motd ^C
|
|
########################################################################
|
|
# I would tell you a joke about UDP, but you probably wouldn't get it. #
|
|
########################################################################
|
|
^C
|
|
alias exec ipconfig show ip interface brief | exclude unassigned
|
|
!
|
|
line con 0
|
|
logging synchronous
|
|
login authentication CONSOLE
|
|
line vty 0 4
|
|
access-class 23 in
|
|
exec-timeout 120 0
|
|
logging synchronous
|
|
terminal-type mon
|
|
transport input ssh
|
|
line vty 5 15
|
|
access-class 23 in
|
|
exec-timeout 120 0
|
|
logging synchronous
|
|
terminal-type mon
|
|
transport input ssh
|
|
!
|
|
ntp server 192.168.8.200
|
|
ntp server 192.168.8.201
|
|
mac address-table notification change
|
|
mac address-table notification mac-move
|
|
mac address-table aging-time 900
|
|
end |