Differences

This shows you the differences between two versions of the page.

--- hpe:switch:5500:5500a:configuration:configuration_example_script [2021/08/11 18:54] – aperez
+++ hpe:switch:5500:5500a:configuration:configuration_example_script [2021/08/12 07:50] (current) – aperez
@@ Line 39: / Line 39: @@
    stp mode stp
    stp disable
+  #
+   acl number 3700
+   description deny Guest subnet from internal access except for portal and icmp to portal
+   rule 0 permit tcp destination 10.12.50.91 0 destination-port eq 8843
+   rule 1 permit tcp destination 10.12.50.91 0 destination-port eq 8880
+   rule 2 permit tcp source 10.12.50.91 0 destination-port eq echo
+   rule 4 deny ip destination 10.0.0.0 0.255.255.255
+   rule 5 permit ip source 192.168.0.0 0.0.255.255
+   rule 6 permit ip
+   rule 7 deny ip
   #
   acl number 3997
@@ Line 466: / Line 476: @@
   #
   return
-----
-----
-#
- version 5.20, Release 2208P01
-#
- sysname test
-#
- undo password-control aging enable
- undo password-control length enable
- undo password-control history enable
- password-control login-attempt 3 exceed lock-time 120
-#
- voice vlan mac-address 0800-0f00-0000 mask ffff-ff00-0000 description mitel phone
-#
- irf mac-address persistent timer
- irf auto-update enable
- undo irf link-delay
-#
- domain default enable system
-#
- telnet server enable
-#
- poe legacy enable pse 4
-#
- multicast routing-enable
-#
-acl number 3700
- description deny Guest subnet from internal access except for portal and icmp to portal
- rule 0 permit tcp destination 10.12.50.91 0 destination-port eq 8843
- rule 1 permit tcp destination 10.12.50.91 0 destination-port eq 8880
- rule 2 permit tcp source 10.12.50.91 0 destination-port eq echo
- rule 4 deny ip destination 10.0.0.0 0.255.255.255
- rule 5 permit ip source 192.168.0.0 0.0.255.255
- rule 6 permit ip
- rule 7 deny ip
-acl number 3997
- rule 0 permit ip dscp ef
- rule 1 permit tcp destination-port eq www
- rule 2 permit udp destination-port eq snmp
- rule 3 permit udp destination-port eq snmptrap
- rule 4 permit ip dscp cs6
- rule 5 permit ip dscp cs7
-#
-acl number 4999
- rule 0 permit type 8868 ffff
- rule 1 permit source-mac 00e0-bb00-0000 ffff-ff00-0000
- rule 2 permit source-mac 0003-6b00-0000 ffff-ff00-0000
- rule 3 permit source-mac 00e0-7500-0000 ffff-ff00-0000
- rule 4 permit source-mac 00d0-1e00-0000 ffff-ff00-0000
- rule 5 permit source-mac 0001-e300-0000 ffff-ff00-0000
- rule 6 permit source-mac 000f-e200-0000 ffff-ff00-0000
- rule 7 permit source-mac 0060-b900-0000 ffff-ff00-0000
- rule 8 deny dest-mac 0000-0000-0000 ffff-ffff-ffff
-#
-igmp-snooping
-#
-vlan 1
- description  VLAN 0001
-#
-vlan 2
- description  VLAN 0002
-#
-vlan 3
- description  VLAN 0003
-#
-vlan 4
- description  VLAN 0004
-#
-vlan 66
- description  VLAN 0066
-#
-vlan 600
- description  VLAN 0600
-#
-vlan 700
- description  VLAN 0700
-#
-radius scheme system
- primary authentication 127.0.0.1 1645
- primary accounting 127.0.0.1 1646
- user-name-format without-domain
-#
-domain system
- access-limit disable
- state active
- idle-cut disable
- self-service-url disable
-#
-traffic classifier voice operator and
-#
-traffic behavior voice
-#
-qos policy default
- classifier voice behavior voice
-#
-user-group system
-#
-local-user admin
- password simple 123456
- authorization-attribute level 3
- service-type lan-access
- service-type ssh telnet terminal
- service-type portal
-local-user backup
- password simple 123456
- service-type telnet
-local-user epettit
- password simple 123456
- authorization-attribute level 3
- service-type telnet
- service-type ftp
-local-user manager
- password simple 123456
- authorization-attribute level 3
- access-limit 3
- service-type ssh telnet terminal
-local-user monitor
- password simple 123456
- service-type ssh telnet terminal
-#
-user-profile admin
-#
-interface NULL0
-#
-interface Vlan-interface1
- ip address 10.10.120.4 255.255.255.0
-#
-interface Vlan-interface2
- description Voice Vlan
-#
-interface Vlan-interface700
- description Guest-Subnet
- packet-filter 3700 inbound
-#
-interface GigabitEthernet1/0/1
- port link-mode bridge
- port link-type trunk
- port trunk permit vlan 1 3 600 700
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/2
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/3
- port link-mode bridge
- port link-type trunk
- port trunk permit vlan 1 3 600 700
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/4
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/5
- port link-mode bridge
- port link-type trunk
- port trunk permit vlan 1 3 600 700
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/6
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/7
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/8
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/9
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/10
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/11
- port link-mode bridge
- description reset
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/12
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/13
- port link-mode bridge
- port access vlan 2
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/14
- port link-mode bridge
- port link-type trunk
- port trunk permit vlan 1 3 600 700
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/15
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/16
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
-#
-interface GigabitEthernet1/0/17
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/18
- port link-mode bridge
- port access vlan 2
- undo voice vlan mode auto
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/19
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/20
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/21
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/22
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/23
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/24
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/25
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/26
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/27
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/28
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/29
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/30
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/31
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/32
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/33
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/34
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/35
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/36
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/37
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/38
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/39
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- duplex full
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/40
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/41
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/42
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/43
- port link-mode bridge
- port link-type trunk
- port trunk permit vlan 1 to 2 4 to 4094
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/44
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 untagged
- undo voice vlan mode auto
- voice vlan 2 enable
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/45
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 3 untagged
- undo voice vlan mode auto
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/46
- port link-mode bridge
- port link-type hybrid
- port hybrid vlan 2 tagged
- port hybrid vlan 1 3 untagged
- undo voice vlan mode auto
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
- stp edged-port enable
-#
-interface GigabitEthernet1/0/47
- port link-mode bridge
- port link-type trunk
- undo port trunk permit vlan 1
- port trunk permit vlan 4
- undo voice vlan mode auto
- duplex full
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
-#
-interface GigabitEthernet1/0/48
- port link-mode bridge
- port link-type trunk
- port trunk permit vlan 1 to 4 66 600 700
- undo voice vlan mode auto
- duplex full
- broadcast-suppression pps 3000
- undo jumboframe enable
- poe enable
-#
-interface GigabitEthernet1/0/49
- port link-mode bridge
- shutdown
-#
-interface GigabitEthernet1/0/50
- port link-mode bridge
- shutdown
-#
-interface GigabitEthernet1/0/51
- port link-mode bridge
- shutdown
-#
-interface GigabitEthernet1/0/52
- port link-mode bridge
- shutdown
-#
-interface Ten-GigabitEthernet1/2/1
- port link-mode bridge
-#
-interface Ten-GigabitEthernet1/2/2
- port link-mode bridge
-#
- snmp-agent
- snmp-agent local-engineid 8000002B001CC523C2006877
- snmp-agent community read public
- snmp-agent community write private
- snmp-agent sys-info version all
-#
- ssh server enable
-#
- qos vlan-policy default vlan 2 outbound
-#
- telnet client source interface Vlan-interface1
-#
- load xml-configuration
-#
-user-interface aux 0
-user-interface vty 0
- authentication-mode scheme
- set authentication password simple 123456
-user-interface vty 1 4
- authentication-mode scheme
-user-interface vty 5 15
-#
-return
-----
-----