# sysname location_1 # undo password-control aging enable undo password-control length enable undo password-control history enable password-control login-attempt 3 exceed lock-time 120 # super password level 1 simple 1234567890 super password level 2 simple 1234567890 super password level 3 simple 1234567890 # local-server nas-ip 127.0.0.1 key 3com # igmp-snooping enable # fabric member-auto-update software enable # radius scheme system # domain system # local-user admin password simple 1234567890 service-type lan-access service-type ssh telnet terminal level 3 local-user manager password simple 1234567890 service-type lan-access service-type ssh telnet terminal level 2 local-user monitor password simple S4nl0r3nz0 service-type lan-access service-type ssh telnet terminal level 1 # stp mode stp stp disable # acl number 3700 description deny Guest subnet from internal access except for portal and icmp to portal rule 0 permit tcp destination 10.12.50.91 0 destination-port eq 8843 rule 1 permit tcp destination 10.12.50.91 0 destination-port eq 8880 rule 2 permit tcp source 10.12.50.91 0 destination-port eq echo rule 4 deny ip destination 10.0.0.0 0.255.255.255 rule 5 permit ip source 192.168.0.0 0.0.255.255 rule 6 permit ip rule 7 deny ip # acl number 3997 rule 0 permit ip dscp ef rule 1 permit tcp destination-port eq www rule 2 permit udp destination-port eq snmp rule 3 permit udp destination-port eq snmptrap rule 4 permit ip dscp cs6 rule 5 permit ip dscp cs7 # acl number 4999 rule 0 permit type 8868 ffff rule 1 permit source 00e0-bb00-0000 ffff-ff00-0000 rule 2 permit source 0003-6b00-0000 ffff-ff00-0000 rule 3 permit source 00e0-7500-0000 ffff-ff00-0000 rule 4 permit source 00d0-1e00-0000 ffff-ff00-0000 rule 5 permit source 0001-e300-0000 ffff-ff00-0000 rule 6 permit source 000f-e200-0000 ffff-ff00-0000 rule 7 permit source 0060-b900-0000 ffff-ff00-0000 rule 8 deny dest 0000-0000-0000 ffff-ffff-ffff # qos-profile default packet-filter inbound link-group 4999 rule 8 traffic-priority inbound ip-group 3997 rule 0 cos voice traffic-priority inbound ip-group 3997 rule 4 cos network-management traffic-priority inbound ip-group 3997 rule 5 cos network-management traffic-priority inbound link-group 4999 rule 0 dscp ef cos voice traffic-priority inbound link-group 4999 rule 1 dscp ef cos voice traffic-priority inbound link-group 4999 rule 2 dscp ef cos voice traffic-priority inbound link-group 4999 rule 3 dscp ef cos voice traffic-priority inbound link-group 4999 rule 4 dscp ef cos voice traffic-priority inbound link-group 4999 rule 5 dscp ef cos voice traffic-priority inbound link-group 4999 rule 6 dscp ef cos voice traffic-priority inbound link-group 4999 rule 7 dscp ef cos voice # vlan 1 description Default name Default igmp-snooping enable # vlan 32 description Devices name Devices igmp-snooping enable # vlan 34 description Wireless name Wireless igmp-snooping enable # vlan 36 description Servers name Servers igmp-snooping enable # vlan 38 description User name Usuarios igmp-snooping enable # vlan 40 description Printers name Printers igmp-snooping enable # vlan 42 description VoIP name VoIP igmp-snooping enable # vlan 44 description CCTV name CCTV igmp-snooping enable # vlan 46 description DMZ name DMZ igmp-snooping enable # vlan 48 description Internet1 name Internet1 igmp-snooping enable # vlan 50 description Internet2 name Internet2 igmp-snooping enable # vlan 52 description Name name Name igmp-snooping enable # vlan 54 description Radius-LAN name Radius-LAN igmp-snooping enable # vlan 56 description INT VLAN 1 Default name Radius-UTM igmp-snooping enable # vlan 58 description vlan 58 name vlan 58 igmp-snooping enable # vlan 70 description vlan 70 # interface Vlan-interface32 description VLAN 32 DEVICES ip address 1.1.1.1 255.255.255.0 # interface Aux1/0/0 # interface GigabitEthernet1/0/1 stp edged-port enable port link-type hybrid port hybrid vlan 44 untagged undo port hybrid vlan 1 port hybrid pvid vlan 44 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/2 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 38 untagged undo port hybrid vlan 1 port hybrid pvid vlan 38 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/3 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 38 untagged undo port hybrid vlan 1 port hybrid pvid vlan 38 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/4 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 38 untagged undo port hybrid vlan 1 port hybrid pvid vlan 38 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/5 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 70 untagged undo port hybrid vlan 1 port hybrid pvid vlan 70 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/6 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 38 untagged undo port hybrid vlan 1 port hybrid pvid vlan 38 broadcast-suppression pps 3000 description PC_IP_PUBLICA apply qos-profile default # interface GigabitEthernet1/0/7 stp edged-port enable port link-type hybrid port hybrid vlan 32 untagged undo port hybrid vlan 1 port hybrid pvid vlan 32 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/8 stp edged-port enable broadcast-suppression pps 3000 port access vlan 32 description vlan 32 apply qos-profile default # interface GigabitEthernet1/0/9 broadcast-suppression pps 3000 port access vlan 32 description vlan 32 apply qos-profile default # interface GigabitEthernet1/0/10 stp edged-port enable broadcast-suppression pps 3000 port access vlan 40 description vlan 40 apply qos-profile default # interface GigabitEthernet1/0/11 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 38 untagged undo port hybrid vlan 1 port hybrid pvid vlan 38 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/12 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 38 untagged undo port hybrid vlan 1 port hybrid pvid vlan 38 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/13 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 38 untagged undo port hybrid vlan 1 port hybrid pvid vlan 38 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/14 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 70 untagged undo port hybrid vlan 1 port hybrid pvid vlan 32 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/15 stp edged-port enable port link-type hybrid port hybrid vlan 32 untagged undo port hybrid vlan 1 port hybrid pvid vlan 32 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/16 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 38 untagged undo port hybrid vlan 1 port hybrid pvid vlan 38 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/17 stp edged-port enable port link-type hybrid port hybrid vlan 44 untagged undo port hybrid vlan 1 port hybrid pvid vlan 44 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/18 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 70 untagged undo port hybrid vlan 1 port hybrid pvid vlan 70 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/19 stp edged-port enable broadcast-suppression pps 3000 port access vlan 32 apply qos-profile default # interface GigabitEthernet1/0/20 stp edged-port enable broadcast-suppression pps 3000 port access vlan 40 apply qos-profile default # interface GigabitEthernet1/0/21 stp edged-port enable broadcast-suppression pps 3000 port access vlan 32 description vlan 32 apply qos-profile default # interface GigabitEthernet1/0/22 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 38 untagged undo port hybrid vlan 1 port hybrid pvid vlan 38 broadcast-suppression pps 3000 apply qos-profile default # interface GigabitEthernet1/0/23 port link-type trunk undo port trunk permit vlan 1 broadcast-suppression pps 3000 description name # interface GigabitEthernet1/0/24 stp edged-port enable port link-type trunk port trunk permit vlan all broadcast-suppression pps 3000 description name apply qos-profile default # interface GigabitEthernet1/0/25 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 38 untagged undo port hybrid vlan 1 port hybrid pvid vlan 38 broadcast-suppression pps 3000 shutdown description name apply qos-profile default # interface GigabitEthernet1/0/26 stp edged-port enable port link-type hybrid port hybrid vlan 42 tagged port hybrid vlan 38 untagged undo port hybrid vlan 1 port hybrid pvid vlan 38 broadcast-suppression pps 3000 shutdown description name apply qos-profile default # interface GigabitEthernet1/0/27 port link-type trunk undo port trunk permit vlan 1 broadcast-suppression pps 3000 shutdown description name # interface GigabitEthernet1/0/28 stp edged-port enable port link-type trunk port trunk permit vlan all broadcast-suppression pps 3000 shutdown description name apply qos-profile default # interface Cascade1/2/1 # interface Cascade1/2/2 # interface NULL0 # voice vlan 42 enable # ip route-static 0.0.0.0 0.0.0.0 10.245.32.1 preference 60 # snmp-agent snmp-agent local-engineid 8000002B000FCBB87D406877 snmp-agent community read public snmp-agent community write private snmp-agent community write SWCSLI2019 snmp-agent sys-info contact Ingeniero de Infraestructura snmp-agent sys-info location CCZonaFranca snmp-agent sys-info version all snmp-agent group v3 managev3group write-view internet snmp-agent mib-view included internet internet snmp-agent usm-user v3 managev3user managev3group # ssh authentication-type default all ssh user admin authentication-type all ssh user admin service-type all # header shell %************************************ATENCION*********************************** * Computer unit supported by I.T.Corporation. * * This is a computer resource for the exclusive use of Enterprise Name. * * If you are not an authorized user to enter this device * * refrain from doing so, as all activities can be monitored * * or recorded. And if evidence of unauthorized access is discovered, * * modifications to the information, attacks against the integrity of the * * Information such as the entity, among others, will be reported to the * * competent authorities. * ********************************************************************************************** % header login %************************************ATENCION*********************************** * Computer unit supported by I.T.Corporation. * * This is a computer resource for the exclusive use of Enterprise Name. * * If you are not an authorized user to enter this device * * refrain from doing so, as all activities can be monitored * * or recorded. And if evidence of unauthorized access is discovered, * * modifications to the information, attacks against the integrity of the * * Information such as the entity, among others, will be reported to the * * competent authorities. * ********************************************************************************************** % # user-interface aux 0 7 authentication-mode scheme screen-length 22 user-interface vty 0 4 authentication-mode scheme user privilege level 3 set authentication password simple 1234567890 idle-timeout 60 0 # return