460 lines
10 KiB
Plaintext
460 lines
10 KiB
Plaintext
Building configuration...
|
|
|
|
Current configuration : 10504 bytes
|
|
!
|
|
! Last configuration change at 08:06:34 UTC Thu Jul 28 2022 by konovalov
|
|
! NVRAM config last updated at 07:54:43 UTC Thu Jul 28 2022 by konovalov
|
|
!
|
|
version 15.2
|
|
no service pad
|
|
service tcp-keepalives-in
|
|
service tcp-keepalives-out
|
|
service timestamps debug datetime msec localtime show-timezone year
|
|
service timestamps log datetime msec localtime show-timezone year
|
|
no service password-encryption
|
|
service unsupported-transceiver
|
|
!
|
|
hostname PRM-MLK-PHK-SW-1-3
|
|
!
|
|
boot-start-marker
|
|
boot-end-marker
|
|
!
|
|
logging buffered 512000 informational
|
|
no logging console
|
|
no logging monitor
|
|
enable secret 5 $1$ISn2$0ytlcfXUzfcyFrNwPb7hP0
|
|
!
|
|
username admin privilege 15 secret 5 $1$WJaB$GdDz6635MFz1vuqq9t4ur0
|
|
username netadmin privilege 15 secret 5 $1$31v6$JKStMHniI.80OSsrP.cYK0
|
|
aaa new-model
|
|
!
|
|
!
|
|
aaa group server radius NPS
|
|
server name IZH-RDS002
|
|
server name P11-RDS003
|
|
load-balance method least-outstanding
|
|
!
|
|
aaa authentication login default group NPS local enable
|
|
aaa authentication login CONSOLE local group NPS
|
|
aaa authorization exec default group NPS local if-authenticated
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
aaa session-id common
|
|
switch 1 provision ws-c2960x-48fps-l
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
no ip domain-lookup
|
|
ip domain-name milkom-komos.ru
|
|
ip host VM-KG-NET 10.1.1.250
|
|
ip host tftp 10.4.0.214
|
|
vtp mode off
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
crypto pki trustpoint TP-self-signed-2897901440
|
|
enrollment selfsigned
|
|
subject-name cn=IOS-Self-Signed-Certificate-2897901440
|
|
revocation-check none
|
|
rsakeypair TP-self-signed-2897901440
|
|
!
|
|
!
|
|
crypto pki certificate chain TP-self-signed-2897901440
|
|
certificate self-signed 01
|
|
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
|
|
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
|
|
69666963 6174652D 32383937 39303134 3430301E 170D3030 30313031 30303232
|
|
35345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
|
|
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 38393739
|
|
30313434 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
|
|
8100D653 8FA9785B FF1850A5 63B5F434 DA0D4F04 ED296598 F09D9FC0 FB9D08E8
|
|
3931569B FC539D26 D47D7DFB 9BD9961E 4B50A571 4090E369 B518FCF2 3B1E8F88
|
|
D863EF45 E3ECC27A 8FFE8BF7 7E899975 CEB89280 54562E88 389B05F5 1E9E4322
|
|
29393BB9 D3C45528 E1F715B4 D2786E25 A49A26DB F9F419CA B8FECED7 681DB161
|
|
00770203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
|
|
551D2304 18301680 14D71056 81DCA929 66EA1069 84EDBC0E BBD8BCCC 17301D06
|
|
03551D0E 04160414 D7105681 DCA92966 EA106984 EDBC0EBB D8BCCC17 300D0609
|
|
2A864886 F70D0101 05050003 818100D3 D0936F56 AF811FB5 FFAA2291 518C29AC
|
|
2CC07FE3 E6864675 B683FB1C DC93DBE5 9C0E4A2D AE2AE56E E1267140 45E1E340
|
|
38062895 FC72A3E0 0359F67F BC0C213B 58DE964D 26916C32 20FC46BA 3F2FA30F
|
|
C40A928D E928F259 FCEE2425 D8180B2C 1FC9FF5D 3FB47436 1B65FFAE 08A521B0
|
|
1C014D05 B48B8E10 AFD9BB2C A752AF
|
|
quit
|
|
archive
|
|
log config
|
|
logging enable
|
|
logging size 900
|
|
notify syslog contenttype plaintext
|
|
hidekeys
|
|
path tftp://tftp/PRM/MLk/PHK-SW_L2/$H-$T
|
|
write-memory
|
|
time-period 10080
|
|
!
|
|
spanning-tree mode rapid-pvst
|
|
spanning-tree logging
|
|
spanning-tree extend system-id
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
vlan 2
|
|
name --USERS_102.0/24--
|
|
!
|
|
vlan 101
|
|
name --PRINTERS--
|
|
!
|
|
vlan 150
|
|
!
|
|
vlan 200
|
|
name --GUEST_WiFi--
|
|
!
|
|
vlan 259
|
|
name SOZVEZDIE
|
|
!
|
|
vlan 300
|
|
name --MANAGEMENT--
|
|
!
|
|
vlan 301
|
|
!
|
|
vlan 308
|
|
name video_sw
|
|
!
|
|
vlan 310
|
|
name --UPS managment--
|
|
!
|
|
vlan 350
|
|
!
|
|
vlan 400
|
|
name VIDEO
|
|
!
|
|
vlan 450,500
|
|
!
|
|
vlan 604
|
|
name --PROD_L2VPN--
|
|
!
|
|
lldp run
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
!
|
|
interface Port-channel1
|
|
description LINK_TO_PHK-Sw1-1
|
|
switchport mode trunk
|
|
!
|
|
interface Port-channel2
|
|
description LINK_TO_PHK-Sw1-2
|
|
switchport mode trunk
|
|
!
|
|
interface Port-channel3
|
|
description LINK_TO_PHK-Sw1-3
|
|
switchport mode trunk
|
|
!
|
|
interface Port-channel4
|
|
description [CORE] SW-1-1
|
|
switchport mode trunk
|
|
!
|
|
interface FastEthernet0
|
|
no ip address
|
|
!
|
|
interface GigabitEthernet1/0/1
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/2
|
|
description [SRV] Sozvezdie
|
|
switchport access vlan 259
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/3
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/4
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/5
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/6
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/7
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/8
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/9
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/10
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/11
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/12
|
|
description -=WMV-PHK003-eth3=-
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/13
|
|
switchport mode access
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
!
|
|
interface GigabitEthernet1/0/14
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/15
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/16
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/17
|
|
description [WIFI] phk_fm
|
|
switchport trunk allowed vlan 1,2,150,301,450,500
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
no logging event link-status
|
|
duplex full
|
|
no snmp trap link-status
|
|
!
|
|
interface GigabitEthernet1/0/18
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/19
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/20
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/21
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/22
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/23
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/24
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/25
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/26
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/27
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/28
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/29
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/30
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/31
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/32
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/33
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/34
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/35
|
|
description [ACC] PC ChrnenkoNV
|
|
switchport access vlan 2
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
!
|
|
interface GigabitEthernet1/0/36
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/37
|
|
switchport access vlan 2
|
|
switchport mode access
|
|
switchport voice vlan 350
|
|
spanning-tree portfast edge
|
|
spanning-tree bpduguard enable
|
|
!
|
|
interface GigabitEthernet1/0/38
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/39
|
|
description Sozvezdie_PRN
|
|
switchport access vlan 259
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/40
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/41
|
|
switchport mode trunk
|
|
!
|
|
interface GigabitEthernet1/0/42
|
|
switchport mode trunk
|
|
!
|
|
interface GigabitEthernet1/0/43
|
|
description From_d-link
|
|
switchport mode trunk
|
|
power inline never
|
|
!
|
|
interface GigabitEthernet1/0/44
|
|
description [UPS]phk-ups002
|
|
switchport access vlan 310
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/45
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/46
|
|
description From_d-link
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/47
|
|
description From_d-link_Shkaf
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/48
|
|
description From_d-link
|
|
switchport mode access
|
|
!
|
|
interface GigabitEthernet1/0/49
|
|
description [KU] SW-4A-1
|
|
switchport mode trunk
|
|
switchport voice vlan 350
|
|
no snmp trap link-status
|
|
no lldp transmit
|
|
no lldp receive
|
|
spanning-tree portfast edge
|
|
!
|
|
interface GigabitEthernet1/0/50
|
|
switchport mode trunk
|
|
channel-group 2 mode active
|
|
!
|
|
interface GigabitEthernet1/0/51
|
|
description [-CORE] Po4 SW-1-1
|
|
switchport mode trunk
|
|
channel-group 4 mode active
|
|
!
|
|
interface GigabitEthernet1/0/52
|
|
description [CORE] Po4 SW-1-1
|
|
switchport mode trunk
|
|
channel-group 4 mode active
|
|
!
|
|
interface Vlan1
|
|
no ip address
|
|
!
|
|
interface Vlan300
|
|
description --MANAGEMENT--
|
|
ip address 10.5.126.13 255.255.255.0
|
|
no ip redirects
|
|
no ip unreachables
|
|
no ip proxy-arp
|
|
no ip route-cache
|
|
!
|
|
ip default-gateway 10.5.126.254
|
|
!
|
|
ip http server
|
|
ip http secure-server
|
|
ip ssh time-out 30
|
|
ip ssh logging events
|
|
ip ssh version 2
|
|
!
|
|
logging trap debugging
|
|
logging origin-id hostname
|
|
logging facility local1
|
|
logging source-interface Vlan300
|
|
logging host 192.168.8.119 transport udp port 5544
|
|
logging host 10.4.244.4 transport udp port 515
|
|
access-list 23 permit any
|
|
access-list 23 deny any log
|
|
!
|
|
!
|
|
snmp-server community lmTUEsk6Yvlv RO
|
|
snmp ifmib ifindex persist
|
|
snmp mib flash cache
|
|
!
|
|
!
|
|
radius server IZH-RDS002
|
|
address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
|
|
timeout 3
|
|
retransmit 2
|
|
key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN
|
|
!
|
|
radius server P11-RDS003
|
|
address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
|
|
timeout 3
|
|
retransmit 2
|
|
key 1W29n$Wzh&JA^&OoymBQpo!$CALFm$tDMO2uO8XBWEpedsiEQASjhmm6KKF0U6nN
|
|
!
|
|
banner exec ^C
|
|
Welcome to $(hostname). You are connected on line $(line) on domain $(domain)
|
|
|
|
^C
|
|
banner login ^C
|
|
*****************************************************************************
|
|
* *
|
|
* UNAUTHORIZED ACCESS IS PROHIBITED *
|
|
* *
|
|
* You have accessed network equipment. *
|
|
* You must have authorized permission to access or configure this device. *
|
|
* All activities performed on this device are logged and monitored. *
|
|
* *
|
|
*****************************************************************************
|
|
^C
|
|
alias router x exit
|
|
alias subinterface x exit
|
|
alias interface x exit
|
|
alias configure x exit
|
|
alias exec ipconfig show ip interface brief | exclude unassigned
|
|
alias exec diff show archive config differences nvram:startup-config system:running-config
|
|
alias exec q exit
|
|
!
|
|
line con 0
|
|
logging synchronous
|
|
login authentication CONSOLE
|
|
line vty 0 4
|
|
logging synchronous
|
|
login authentication NPS
|
|
transport input telnet ssh
|
|
line vty 5 15
|
|
logging synchronous
|
|
login authentication NPS
|
|
transport input telnet ssh
|
|
!
|
|
ntp server 192.168.8.200
|
|
ntp server 192.168.8.201
|
|
mac address-table notification change
|
|
mac address-table notification mac-move
|
|
mac address-table aging-time 900
|
|
!
|
|
end |