hpe:switch:5510:5510_script_l3
version 7.1.070, Release 3506
#
sysname US008RTLAN01
#
undo copyright-info enable
#
undo voice-vlan security enable
voice-vlan track lldp
undo voice-vlan mac-address 00d0-1e00-0000
undo voice-vlan mac-address 00e0-bb00-0000
undo voice-vlan mac-address 00e0-7500-0000
undo voice-vlan mac-address 0001-e300-0000
undo voice-vlan mac-address 0003-6b00-0000
undo voice-vlan mac-address 0004-0d00-0000
undo voice-vlan mac-address 0060-b900-0000
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 3 priority 30
#
acl logging interval 5
#
link-aggregation lacp traffic-redirect-notification enable
#
dot1x authentication-method eap
#
mac-authentication domain 8021x
#
port-security enable
#
ospf 1 router-id 10.129.17.1
silent-interface all
undo silent-interface Vlan-interface2
undo silent-interface Vlan-interface3
area 0.0.0.22
network 10.130.3.4 0.0.0.3
network 10.130.3.16 0.0.0.7
network 10.130.3.32 0.0.0.31
network 10.130.6.0 0.0.0.255
network 10.130.7.0 0.0.0.255
network 10.130.8.0 0.0.0.31
network 10.130.8.128 0.0.0.127
network 10.130.10.0 0.0.0.255
network 10.130.50.0 0.0.0.31
network 10.131.225.0 0.0.0.127
network 10.131.226.0 0.0.0.127
network 10.131.226.128 0.0.0.127
#
ip unreachables enable
ip ttl-expires enable
#
igmp-snooping
fast-leave vlan 1 to 4094
#
dhcp enable
dhcp server forbidden-ip 10.130.7.1 10.130.7.10
#
dhcp snooping enable
#
mac-address mac-roaming enable
mac-address information mode syslog
mac-address information enable
#
mirroring-group 1 remote-source
mirroring-group 1 remote-probe vlan 100
#
lldp compliance cdp
lldp ignore-pvid-inconsistency
lldp global enable
#
dldp global enable
#
loopback-detection global enable vlan 1 to 4094
#
burst-mode enable
#
password-recovery enable
#
vlan 1
name Do_Not_Use
#
vlan 2
name Interco_Verizon
#
vlan 3
name Interco_Carlstadt
#
vlan 4
name Users_data
description Users_data
#
vlan 5
name Users_voice
description Users_voice
#
vlan 6
name IT_Admin
description IT_Admin
#
vlan 7
name IT_Dev
description IT_Dev
#
vlan 8
name AP_WIFI
description AP_WIFI
#
vlan 9
name IPC
description IPC
#
vlan 10
name Servers
description Servers
#
vlan 11
name Servers_iLO
description Servers_iLO
#
vlan 12
name Admin_Infra
description Admin_Infra
#
vlan 15
name Users_Wifi_Corp_Flex
#
vlan 16
name Users_Wifi_Guest_Cloud
#
vlan 50
name Build_PC
description Build_PC
#
vlan 100
name Remote_Probe
#
irf-port 3/1
port group interface Ten-GigabitEthernet3/1/1
#
irf-port 3/2
port group interface Ten-GigabitEthernet3/1/2
#
traffic classifier cl-rtp-voice operator and
if-match dscp ef
#
traffic classifier cl-sig-voice-video operator or
if-match dscp cs3
if-match acl 3005
#
traffic classifier cl-video-voice operator and
if-match dscp af41
#
traffic behavior be-rtp-voice
remark dot1p 5
remark local-precedence 5
#
traffic behavior be-sig-voice
remark dot1p 3
remark local-precedence 3
#
traffic behavior be-video
remark dot1p 4
remark local-precedence 4
#
qos policy qos-voice-PC
classifier cl-video-voice behavior be-video
classifier cl-sig-voice-video behavior be-sig-voice
classifier cl-rtp-voice behavior be-rtp-voice
#
stp instance 0 root primary
stp mode rstp
stp bpdu-protection
stp pathcost-standard dot1t
stp global enable
#
dhcp server ip-pool dhcpgreenwichtoip
gateway-list 10.130.7.1
network 10.130.7.0 mask 255.255.255.0
dns-list 10.130.37.35 10.130.42.22
domain-name axa-im.intraxa
option 150 ip-address 10.131.41.204 10.131.42.205
#
interface Bridge-Aggregation10
description PO to US008SWLAN01
port link-type trunk
port trunk permit vlan all
link-aggregation mode dynamic
mad enable
stp loop-protection
#
interface Bridge-Aggregation20
description US008VGLAN01
port access vlan 5
stp edged-port
loopback-detection enable vlan 1 to 4094
#
interface Bridge-Aggregation30
description US5AS2BK1-0001_Data
port access vlan 10
link-aggregation mode dynamic
stp edged-port
loopback-detection enable vlan 1 to 4094
#
interface NULL0
#
interface Vlan-interface1
shutdown
#
interface Vlan-interface2
description Interco_Verizon
ip address 10.130.3.18 255.255.255.248
#
interface Vlan-interface3
description Interco Carlstadt
ip address 10.130.3.6 255.255.255.252
ospf cost 50
ospf network-type p2p
#
interface Vlan-interface4
description Users
ip address 10.130.6.1 255.255.255.0
dhcp select relay
dhcp relay check mac-address
dhcp relay information enable
dhcp relay server-address 10.130.2.3
#
interface Vlan-interface5
description VOIP
ip address 10.130.7.1 255.255.255.0
dhcp server apply ip-pool dhcpgreenwichtoip
#
interface Vlan-interface6
description IT_Admin
ip address 10.130.10.1 255.255.255.128
dhcp select relay
dhcp relay server-address 10.130.2.3
#
interface Vlan-interface7
description IT_DEV
ip address 10.130.10.129 255.255.255.128
dhcp select relay
dhcp relay server-address 10.130.2.3
#
interface Vlan-interface8
description AP_WIFI
ip address 10.130.8.1 255.255.255.224
dhcp select relay
dhcp relay server-address 10.130.2.3
#
interface Vlan-interface9
description IPC
ip address 10.130.3.33 255.255.255.224
dhcp select relay
dhcp relay check mac-address
dhcp relay information enable
dhcp relay server-address 10.130.2.3
#
interface Vlan-interface10
description Servers
ip address 10.131.225.1 255.255.255.128
#
interface Vlan-interface11
description Servers_iLO
ip address 10.131.226.1 255.255.255.128
dhcp select relay
dhcp relay check mac-address
dhcp relay information enable
dhcp relay server-address 10.130.2.3
#
interface Vlan-interface12
description Admin_Infra
ip address 10.131.226.129 255.255.255.128
#
interface Vlan-interface15
description FLEX_Connect
ip address 10.130.8.129 255.255.255.128
dhcp select relay
dhcp relay server-address 10.130.2.3
#
interface Vlan-interface50
description Build PC
ip address 10.130.50.1 255.255.255.224
dhcp select relay
dhcp relay server-address 10.130.2.3
#
interface GigabitEthernet3/0/1
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/2
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/3
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/4
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/5
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/6
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/7
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/8
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/9
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/10
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/11
port link-mode bridge
description US5AI2AP1-0001_Mgnt
port access vlan 4
stp edged-port
stp port bpdu-protection enable
#
interface GigabitEthernet3/0/12
port link-mode bridge
description US5AI2AP1-0001_Monitor
port access vlan 100
undo lldp tlv-enable med-tlv network-policy
#
interface GigabitEthernet3/0/13
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/14
port link-mode bridge
description IPC_Turrets
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 9 untagged
port hybrid pvid vlan 9
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/15
port link-mode bridge
description IPC_Turrets
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 9 untagged
port hybrid pvid vlan 9
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/16
port link-mode bridge
description IPC_Turrets
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 9 untagged
port hybrid pvid vlan 9
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/17
port link-mode bridge
description IPC_Turrets
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 9 untagged
port hybrid pvid vlan 9
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/18
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/19
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/20
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/21
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/22
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/23
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/24
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/25
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/26
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/27
port link-mode bridge
description IPC_Turrets
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 9 untagged
port hybrid pvid vlan 9
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/28
port link-mode bridge
description IPC_Turrets
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 9 untagged
port hybrid pvid vlan 9
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/29
port link-mode bridge
description IPC_Turrets
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 9 untagged
port hybrid pvid vlan 9
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/30
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/31
port link-mode bridge
description IPC_Turrets
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 9 untagged
port hybrid pvid vlan 9
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/32
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/33
port link-mode bridge
description PRODSPEC Printer
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/34
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/35
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/36
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/37
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/38
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/39
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/40
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/41
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/42
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/43
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/44
port link-mode bridge
description Dot1x User
undo enable snmp trap updown
undo enable log updown
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 5 tagged
port hybrid vlan 4 untagged
port hybrid pvid vlan 4
voice-vlan qos trust
undo voice-vlan mode auto
voice-vlan 5 enable
mac-vlan enable
broadcast-suppression 10
stp edged-port
stp port bpdu-protection enable
mac-address max-mac-count 3
qos trust dscp
qos wrr ef group sp
poe enable
undo dot1x handshake
dot1x mandatory-domain 8021x
dot1x max-user 2
undo dot1x multicast-trigger
dot1x unicast-trigger
dot1x critical vlan 4
dot1x critical eapol
dot1x eapol untag
mac-authentication parallel-with-dot1x
port-security port-mode userlogin-secure-or-mac-ext
#
interface GigabitEthernet3/0/45
port link-mode bridge
description US1L1FS1-0001 (NIC)
port access vlan 4
speed 100
duplex full
undo stp enable
stp edged-port
qos trust dscp
#
interface GigabitEthernet3/0/46
port link-mode bridge
description US1L1FS1-0001 (ILO)
port access vlan 4
speed 100
duplex full
undo stp enable
stp edged-port
qos trust dscp
#
interface GigabitEthernet3/0/47
port link-mode bridge
description US008AGLAN01
port access vlan 5
speed 100
duplex full
undo stp enable
stp edged-port
qos trust dscp
#
interface GigabitEthernet3/0/48
port link-mode bridge
mirroring-group 1 reflector-port
#
interface M-GigabitEthernet0/0/0
ip address dhcp-alloc
ipv6 address auto
ipv6 address dhcp-alloc
#
interface Ten-GigabitEthernet3/0/49
port link-mode bridge
#
interface Ten-GigabitEthernet3/0/50
port link-mode bridge
#
interface Ten-GigabitEthernet3/0/51
port link-mode bridge
#
interface Ten-GigabitEthernet3/0/52
port link-mode bridge
#
interface Ten-GigabitEthernet3/1/1
#
interface Ten-GigabitEthernet3/1/2
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class vty
user-role network-operator
#
line aux 2
user-role network-admin
#
line vty 0 15
authentication-mode scheme
user-role network-operator
protocol inbound ssh
command accounting
#
line vty 16 63
user-role network-operator
#
info-center logbuffer size 1024
info-center logfile frequency 3600
info-center loghost 10.129.135.93
#
snmp-agent
snmp-agent local-engineid 800063A28040B93C23D2B000000001
snmp-agent community read persephone acl 2001
snmp-agent community write proserpine acl 2002
snmp-agent sys-info contact paritnetworking@axa-im.com
snmp-agent sys-info location Greenwich 100 West Putnam Avenue 3rd, Floor, Greenwich, CT 06830
snmp-agent sys-info version v2c v3
snmp-agent target-host trap address udp-domain 10.129.135.93 params securityname persephone v2c
#
ssh server enable
ssh server acl 2003
#
ntp-service enable
ntp-service source Vlan-interface4
ntp-service unicast-server 10.130.37.99
ntp-service unicast-server 10.130.42.99
#
acl number 2001
description ** Restrict SNMP Read Only **
rule 0 permit source 10.128.192.188 0
rule 1 permit source 10.131.9.31 0
rule 5 permit source 10.128.98.0 0.0.0.255
rule 10 permit source 10.129.135.0 0.0.0.255
rule 15 permit source 10.129.184.0 0.0.0.255
rule 20 permit source 10.131.148.0 0.0.0.255
rule 25 permit source 10.131.41.183 0
rule 30 permit source 10.131.42.183 0
rule 31 permit source 10.130.54.67 0
rule 32 permit source 10.130.75.56 0
rule 35 deny logging
#
acl number 2002
description ** Restrict SNMP Read Write **
rule 0 permit source 10.129.135.55 0
rule 5 permit source 10.129.135.93 0
rule 10 deny logging
#
acl number 2003
description ** Restrict vty SSH ACCESS **
rule 0 permit source 10.128.98.0 0.0.0.255
rule 5 permit source 10.129.135.0 0.0.0.255
rule 10 permit source 10.129.184.0 0.0.0.255
rule 15 permit source 10.131.148.0 0.0.0.255
rule 20 permit source 10.131.41.183 0
rule 25 permit source 10.131.42.183 0
rule 30 deny logging
#
acl basic name SNMP-RO
description ** Restrict SNMP Read Only **
rule 0 permit source 10.128.192.188 0
rule 5 permit source 10.128.98.0 0.0.0.255
rule 10 permit source 10.129.135.0 0.0.0.255
rule 15 permit source 10.129.184.0 0.0.0.255
rule 20 permit source 10.131.148.0 0.0.0.255
rule 25 permit source 10.131.41.183 0
rule 30 permit source 10.131.42.183 0
rule 35 deny logging
#
acl basic name SNMP-RW
description ** Restrict SNMP Read Write **
rule 0 permit source 10.129.135.55 0
rule 5 permit source 10.129.135.93 0
rule 10 deny logging
#
acl basic name SSH
description ** Restrict vty SSH ACCESS **
rule 5 permit source 10.128.98.0 0.0.0.255
rule 10 permit source 10.129.135.0 0.0.0.255
rule 15 permit source 10.129.184.0 0.0.0.255
rule 20 permit source 10.131.148.0 0.0.0.255
rule 25 permit source 10.131.41.183 0
rule 30 permit source 10.131.42.183 0
rule 35 deny logging
#
acl number 3005
description ** TOIP SIP TLSv1 **
rule 5 permit tcp destination-port eq 5061
#
acl advanced name SIP-TLS
description ** TOIP SIP TLSv1 **
rule 5 permit tcp destination-port eq 5061
#
header motd %
*******************************************************************
***** Unauthorised use of this system is prohibited. *****
***** Use of this system implies acceptance of AXA Investment *****
***** Managers code of conduct and security standards. *****
***** ACCESS RESTRICTED TO AUTHORIZED STAFF *****
*******************************************************************
%
#
hwtacacs scheme grp-tacacs
primary authentication 10.131.169.11 key cipher $c$3$NyYmfvTNhvBHEMH3ZNhT6JHDW6e3AnWUKSFnwg==
primary authorization 10.131.169.11 key cipher $c$3$KpovCyD2XH2rT+/H8lm0tpw8zfWXAFeyZKDK4g==
primary accounting 10.131.169.11 key cipher $c$3$l2PPDwKrrejEukFyEUlTgYCp+vGMbWRbGl/haA==
secondary authentication 10.130.42.108 key cipher $c$3$H2JWBOgW8JiRz7rT9QsOH1a2bS2HoKV3FyhfNg==
secondary authorization 10.130.42.108 key cipher $c$3$EVoRiv8KktprgaHv87uhlk82a1mT0U1dgX26JA==
secondary accounting 10.130.42.108 key cipher $c$3$u/jYgGoIas5UXOZNqEd375WgGNJNgXFlDeamEw==
key authentication cipher $c$3$Sn6R9ikjYJP6qJNpyqxlwSsWKITQ9DXQhB4B7g==
key authorization cipher $c$3$VnM9bk5wqNwb4AhgQb47tvOmwsbmxH/5G6shnA==
key accounting cipher $c$3$lsUtAANJf7pslIwYSZ5RwqGphOlE1bPOWgUmXg==
timer quiet 3
timer response-timeout 30
user-name-format without-domain
nas-ip 10.130.6.1
#
radius nas-ip 10.130.6.1
#
radius scheme grp-radius
primary authentication 10.131.169.11 key cipher $c$3$+y2zIzvvtBHhoXNN6DXoqv1ORcU+PTs7/avI7Q==
primary accounting 10.131.169.11 key cipher $c$3$rje62HIUEAwncDU+o8gf0SVholmmZnryqMv1hQ==
secondary authentication 10.130.42.108 key cipher $c$3$V1C9zL8Mo9LTlI2EMDi+UbyFx50OM6BbZPeYbw==
secondary accounting 10.130.42.108 key cipher $c$3$a/H3zTu0KXW1qlOUVEU8jAJtJhyDFe87gh8JfA==
accounting-on enable
timer quiet 3
timer response-timeout 5
user-name-format without-domain
nas-ip 10.130.6.1
server-load-sharing enable
#
radius scheme system
user-name-format without-domain
#
domain 8021x
authentication lan-access radius-scheme grp-radius
authorization lan-access radius-scheme grp-radius
accounting lan-access radius-scheme grp-radius
#
domain axaim
authentication login hwtacacs-scheme grp-tacacs local
authorization login hwtacacs-scheme grp-tacacs local
accounting login hwtacacs-scheme grp-tacacs local
#
domain system
#
domain default enable axaim
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user admin class manage
password hash $h$6$n0rK5CPQ8CQMm7C2$yylDM4A2d5aRTf2z+5Jf4YhxTPMtUnxI8f5slqed/huOdeoaWjd1hRlQz6JRBqvNI50McpWdl186KHj4YgCNyg==
service-type ssh terminal
authorization-attribute user-role level-15
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
local-user paritcomms class manage
password hash $h$6$G7x5n673TaahY+Gx$W4buRRf5fEQwiogtQQl60HPfI94d/WyZ4MNDAqTO6sEgU2rGv6fR+h58MOa7NzyXUmUtnyUigRZoeCTzwQkvhQ==
service-type ftp
service-type ssh terminal
authorization-attribute user-role level-15
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
return
hpe/switch/5510/5510_script_l3.txt · Last modified: 2024/12/05 15:25 by aperez