-
Notifications
You must be signed in to change notification settings - Fork 0
/
S1BuzzNick
342 lines (342 loc) · 8 KB
/
S1BuzzNick
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
Current configuration : 8153 bytes
!
! Last configuration change at 18:17:20 NZST Mon Apr 8 2019 by BuzzAdmin1
! NVRAM config last updated at 18:17:38 NZST Mon Apr 8 2019 by BuzzAdmin1
!
version 15.2
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime
service timestamps log datetime msec
service password-encryption
service compress-config
!
hostname S1BuzzNick
!
boot-start-marker
boot-end-marker
!
!
logging buffered 524288 errors
logging console critical
enable secret 9 $9$9OOvvGvobBkGFI$U72RjYaHL/Bi6TKP0y86KR9gOy0fvcIWFQqlQEAS.OQ
!
username admin privilege 15 secret 9 $9$t/extqUPRiBh02$iGd.CoHkegDiSpNZSztzKottS8eFJx0BBTupapJNVHo
aaa new-model
!
!
aaa authentication login AAALIST group tacacs+ local
aaa authentication enable default group tacacs+ enable
!
!
!
!
!
!
aaa session-id common
clock timezone NZST 12 0
clock summer-time NZDT recurring last Sun Sep 2:00 1 Sun Apr 3:00
!
!
!
!
!
no ip source-route
no ip routing
!
!
!
no ip bootp server
no ip domain-lookup
ip domain-name buzz.co.nz
no ip cef
login on-failure log every 3
no ipv6 cef
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
no cdp run
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
switchport access vlan 5
switchport mode access
switchport nonegotiate
switchport port-security mac-address sticky
switchport port-security mac-address sticky 000c.299a.e41c
switchport port-security
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet0/1
switchport trunk allowed vlan 4,5,91,100
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport mode trunk
switchport nonegotiate
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
switchport access vlan 4
switchport mode access
switchport nonegotiate
switchport port-security mac-address sticky
switchport port-security mac-address sticky 000c.2976.8ea4
switchport port-security
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet0/3
switchport access vlan 404
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet1/0
switchport access vlan 404
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet1/1
switchport access vlan 404
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet1/2
switchport access vlan 404
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet1/3
switchport access vlan 404
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet2/0
switchport access vlan 404
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet2/1
switchport access vlan 404
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet2/2
switchport access vlan 404
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet2/3
switchport access vlan 404
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet3/0
switchport access vlan 404
switchport mode access
switchport nonegotiate
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet3/1
switchport access vlan 404
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet3/2
switchport access vlan 404
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface GigabitEthernet3/3
switchport access vlan 404
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
media-type rj45
negotiation auto
spanning-tree portfast edge
spanning-tree bpduguard enable
spanning-tree guard root
!
interface Vlan91
ip address 192.168.1.2 255.255.255.224
!
ip default-gateway 192.168.1.1
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip ssh time-out 90
ip ssh authentication-retries 5
ip ssh version 2
!
ip access-list standard SNMP-ACCESS
permit 192.168.2.32 0.0.0.31
!
ip access-list extended ALLOWVTYACCESS
permit tcp 192.168.1.0 0.0.0.31 any eq 22
permit tcp 192.168.1.32 0.0.0.31 any eq 22
permit tcp 192.168.2.0 0.0.0.31 any eq 22
!
logging source-interface GigabitEthernet0/1
logging host 192.168.2.34
!
!
snmp-server group SNMP-BUZZ-GROUP v3 priv read SNMP-RO access SNMP-ACCESS
snmp-server view SNMP-RO iso included
snmp-server enable traps snmp authentication linkdown linkup coldstart
snmp-server host 192.168.2.34 version 3 priv SNMP-Admin snmp
tacacs server BuzzTACACS
address ipv4 192.168.1.98
key 7 08035954132D243433283F527A7A72
!
!
!
control-plane
!
banner exec ^C UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
All activities performed on this device are logged and monitored. ^C
banner incoming ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner login ^C UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
You must have explicit, authorized permission to access or configure this device.
Unauthorized attempts and actions to access or use this system may result in civil and/or
criminal penalties.
All activities performed on this device are logged and monitored. ^C
banner motd ^C UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
Unauthorized attempts and actions to access or use this system may result in civil and/or
criminal penalties. ^C
!
line con 0
password 7 03264E111C2C2E421859485356
logging synchronous
login authentication AAALIST
line aux 0
no exec
line vty 0 4
access-class ALLOWVTYACCESS in
password 7 0131131E411D1216771C1F5F58
login authentication AAALIST
transport input ssh
!
ntp authentication-key 6016 md5 0224114111283B11 7
ntp authenticate
ntp trusted-key 6016
ntp update-calendar
ntp server 192.168.0.30 key 6016 source GigabitEthernet0/0
!
end