Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
117 lines (96 sloc) 2.31 KB
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
no service dhcp
! Change this to your organization's naming convention
hostname sw01
boot-start-marker
boot-end-marker
logging buffered 32768
logging console critical
! Change this to your organization's requirements
enable secret PLEASE-change-this!
username this-is-temp privilege 0 secret CHANGE-this-4-Urself!
aaa new-model
aaa authentication login default local
aaa authentication enable default enable
aaa session-id common
system mtu routing 1500
vtp domain vtp1.corp.example.com
vtp mode transparent
no ip gratuitous-arps
no ip domain-lookup
ip domain-name corp.example.com
spanning-tree mode rapid-pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
vlan internal allocation policy ascending
vlan 999
name unused-ports
exit
ip tcp synwait-time 10
crypto key generate rsa general-keys modulus 2048
ip ssh time-out 10
ip ssh authentication-retries 2
ip ssh version 2
interface range g0/1 - 48
description not-in-use
switchport access vlan 999
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
no cdp enable
spanning-tree bpduguard enable
exit
interface Vlan1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
shutdown
exit
no ip http server
no ip http secure-server
! Change the IPs to your management network's subnet
ip access-list extended mgmt-access
permit tcp 10.1.2.00 0.0.0.255 gt 1023 any eq 22 log-input
deny ip any any log-input
exit
ip sla enable reaction-alerts
logging esm config
! Change the IP to your log server
logging 10.1.1.21
! Change the IP to your SNMP poller
access-list 20 permit 10.1.1.41
snmp-server group netadmins v3 auth read adminview write adminview access 20
banner exec ^C
MYBANNER EXEC
^C
banner login ^C
MYBANNER LOGIN
^C
banner motd ^C
MYBANNER MOTD
^C
line con 0
logging synchronous
exit
line vty 0 4
access-class mgmt-access in
privilege level 0
transport input ssh
transport output none
exit
line vty 5 15
access-class mgmt-access in
privilege level 0
transport input ssh
transport output none
exit
scheduler interval 500
ntp server 10.1.1.31 prefer
You can’t perform that action at this time.