ITC/3AV WIKI

User Tools

Site Tools

Trace: configuration_example_script_4 configuration_example_script_2
hpe:switch:5900:configuration:configuration_example_script_2
#
 version 7.1.045, Release 2311P05
#
 sysname oma01hpegwn41
#
 clock timezone GMT add 00:00:00
 clock protocol ntp
#
 irf mac-address persistent timer
 irf auto-update enable
 undo irf link-delay
 irf member 1 priority 1
#
ospf 65505 router-id 10.65.17.12
 import-route static route-policy static-ospf
 silent-interface all
 undo silent-interface Ten-GigabitEthernet1/0/16
 undo silent-interface Ten-GigabitEthernet1/0/48
 undo silent-interface Vlan-interface75
 preference 110
 preference ase 255
 area 0.0.0.0
  authentication-mode md5 15 cipher $c$3$BJnfdj58IcsOVgwG4Ivf5clH+yhG9J9QY5u3KA==
  network 10.33.21.129 0.0.0.0
  network 10.64.141.1 0.0.0.0
  network 10.64.197.50 0.0.0.0
  network 10.64.198.213 0.0.0.0
  network 10.65.17.12 0.0.0.0
  network 10.65.82.1 0.0.0.0
  network 10.68.29.65 0.0.0.0
  network 10.68.235.1 0.0.0.0
  network 10.128.212.129 0.0.0.0
  network 10.141.240.1 0.0.0.0
  network 10.192.118.1 0.0.0.0
  network 10.193.50.129 0.0.0.0
  network 10.193.62.1 0.0.0.0
  network 192.168.3.170 0.0.0.0
#
 ip unreachables enable
 ip ttl-expires enable
#
 dhcp enable
#
 dns domain ams.hpecore.net
 dns server 16.110.135.51
 dns server 16.110.135.52
#
 lldp global enable
 lldp compliance cdp
#
 system-working-mode standard
 fan prefer-direction slot 1 port-to-power 
 password-recovery enable
#
vlan 1
#
vlan 10
 description vlan 10
#
vlan 12
 description vlan 12
#
vlan 30
 description vlan 30
#
vlan 75
 description vlan 75
#
vlan 248
 description vlan 248
#
vlan 249
 description vlan 249
#
vlan 350
description vlan 350
#
vlan 399
 description vlan 399
#
vlan 990
 description vlan 990
#
vlan 1350
 description vlan 1350
#
vlan 1399
 description vlan 1399
#
stp region-configuration
 region-name HP
 revision-level 1
 instance 1 vlan 2 to 9 30 to 49 
 instance 2 vlan 10 to 29 50 to 149 1020 to 1039 
 instance 3 vlan 150 to 249 
 instance 4 vlan 250 to 349 
 instance 5 vlan 350 to 399 
 instance 6 vlan 400 to 449 
 instance 7 vlan 450 to 549 
 instance 8 vlan 550 to 774 
 instance 9 vlan 775 to 784 
 instance 10 vlan 785 to 998 
 instance 11 vlan 1040 to 1059 
 instance 12 vlan 2002 to 2999 
 instance 13 vlan 3000 to 3999 
 instance 16 vlan 999 to 1019 1060 to 2001 4000 to 4094 
 active region-configuration
#
 stp instance 0 to 13 16 root primary
 stp bpdu-protection
 stp pathcost-standard dot1t
 stp global enable
#
interface NULL0
#
interface LoopBack0
 ip address 10.65.17.12 255.255.255.255
 ospf cost 10
 pim sm
 igmp enable
 igmp version 3
#
interface Vlan-interface10
 description name
 ip address 10.64.141.1 255.255.255.192
 ospf cost 10
 ospf authentication-mode md5 15 cipher $c$3$pRKUpCFkv1sBaR89z5gSBg6Krl8HMNKflOEW1A==
 pim sm
 igmp enable
 igmp version 3
#
interface Vlan-interface12
 description name
 ip address 10.128.212.129 255.255.255.224
 ospf cost 10
 ospf authentication-mode md5 15 cipher $c$3$SwcYZPJEoM3PKGzLRFg/UcRE0QWjbXzbkQgjXw==
 pim sm
 igmp enable
 igmp version 3
#
interface Vlan-interface30
 description name
 ip address 10.65.82.1 255.255.255.224
 ospf cost 10
 ospf authentication-mode md5 15 cipher $c$3$BJnfdj58IcsOVgwG4Ivf5clH+yhG9J9QY5u3KA==
 pim sm
 igmp enable
 igmp version 3
#
interface Vlan-interface75
 description name
 ip address 192.168.3.170 255.255.255.248
 ospf cost 10
 ospf authentication-mode md5 15 cipher $c$3$OP7KrxinAweMX9//PqYSZ+dv4aOoOFGSpHMciQ==
 ospf bfd enable
 pim sm
 igmp enable
 igmp version 3
 bfd min-transmit-interval 1000
 bfd min-receive-interval 1000
 bfd detect-multiplier 3
#
interface Vlan-interface248
 description name
 ip address 10.68.29.65 255.255.255.224
 ospf cost 10
 ospf authentication-mode md5 15 cipher $c$3$UxMn1cE4TbPKf+BEyzAaFsDR8DTNyK5KBzTH+g==
 pim sm
 igmp enable
 igmp version 3
 dhcp select relay
 dhcp relay server-address 16.232.7.250
 dhcp relay server-address 16.236.105.250
 dhcp relay server-address 16.216.3.250
#
interface Vlan-interface249
 description name
 ip address 10.68.235.1 255.255.255.0
 ospf cost 10
 ospf authentication-mode md5 15 cipher $c$3$L9t7xWzaB0U+QJ7sAPDXLcYPe0UGGCFKVBFXjw==
 pim sm
 igmp enable
 igmp version 3
 dhcp select relay
 dhcp relay server-address 16.232.7.250
 dhcp relay server-address 16.236.105.250
 dhcp relay server-address 16.216.3.250
#
interface Vlan-interface350
 description name
 ip address 10.141.240.1 255.255.254.0
 ospf cost 10
 ospf authentication-mode md5 15 cipher $c$3$/fjohU9LAx6TeiwlTkCx87E9vud+/5ERKZsVPQ==
 pim sm
 igmp enable
 igmp version 3
 dhcp select relay
 dhcp relay server-address 16.232.7.250
 dhcp relay server-address 16.236.105.250
 dhcp relay server-address 16.216.3.250
#
interface Vlan-interface399
 description name
 ip address 10.33.21.129 255.255.255.128
 ospf cost 10
 ospf authentication-mode md5 15 cipher $c$3$PSlfAh6L9q052xBiRYf4BcM4euv5tSPatIAv5g==
 pim sm
 igmp enable
 igmp version 3
 dhcp select relay
 dhcp relay server-address 16.232.7.250
 dhcp relay server-address 16.236.105.250
 dhcp relay server-address 16.216.3.250
#
interface Vlan-interface990
 description name
 ip address 192.168.128.1 255.255.252.0
 ospf cost 10
 ospf authentication-mode md5 15 cipher $c$3$8Bol8jPEnkGflWJhzpXZS0MHVJuy+tZv5nAW8g==
 pim sm
 igmp enable
 igmp version 3
#
interface Vlan-interface1350
 description name
 ip address 10.193.62.1 255.255.255.0
 ospf cost 10
 ospf authentication-mode md5 15 cipher $c$3$fbz1faIK+wK2VEq9gpg6h56ml7NaiQdcLJ5edA==
 pim sm
 igmp enable
 igmp version 3
 dhcp select relay
 dhcp relay server-address 16.232.7.250
 dhcp relay server-address 16.236.105.250
 dhcp relay server-address 16.216.3.250
#
interface Vlan-interface1399
 description name
 ip address 10.193.50.129 255.255.255.192
 ospf cost 10
 ospf authentication-mode md5 15 cipher $c$3$p9tPk/jLiELjkcFLO4etuFWoqzsL/Z/fMYtDvA==
 pim sm
 igmp enable
 igmp version 3
 dhcp select relay
 dhcp relay server-address 16.232.7.250
 dhcp relay server-address 16.236.105.250
 dhcp relay server-address 16.216.3.250
#
interface FortyGigE1/0/49
 port link-mode bridge
 shutdown
#
interface FortyGigE1/0/50
 port link-mode bridge
 shutdown
#
interface FortyGigE1/0/51
 port link-mode bridge
 shutdown
#
interface FortyGigE1/0/52
 port link-mode bridge
 shutdown
#
interface M-GigabitEthernet0/0/0
 shutdown
#
interface Ten-GigabitEthernet1/0/16
 port link-mode route
 description name
 link-delay 10
 ip address 10.64.198.213 255.255.255.252
 ospf cost 10
 ospf authentication-mode md5 15 cipher $c$3$VFh2fMR64Z37C4iSARJoHnU5t709XFcLi9rDFQ==
 ospf bfd enable
 pim sm
 igmp enable
 igmp version 3
 qos trust dscp
 bfd min-transmit-interval 1000
 bfd min-receive-interval 1000
 bfd detect-multiplier 3
# 
interface Ten-GigabitEthernet1/0/48
 port link-mode route
 description name
 link-delay 10
 ip address 10.64.197.50 255.255.255.252
 ospf cost 10000
 ospf authentication-mode md5 15 cipher $c$3$nlhAaEJ74gxW6QwoDlVmKGKr7DDSiVH4lxAdKw==
 ospf bfd enable
 pim sm
 igmp enable
 igmp version 3
 qos trust dscp
 bfd min-transmit-interval 1000
 bfd min-receive-interval 1000
 bfd detect-multiplier 3
#
interface Ten-GigabitEthernet1/0/1
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/2
 port link-mode bridge
 description name
 port link-type trunk
 port trunk permit vlan 1 10 12 30 248 to 249 350 399 to 400 990 1350 1399 
 stp root-protection
 qos trust dscp
#
interface Ten-GigabitEthernet1/0/3
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/4
 port link-mode bridge
 description name
 port link-type trunk
 port trunk permit vlan 1 10 350 399 to 400 1350 1399 
 stp root-protection
#
interface Ten-GigabitEthernet1/0/5
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/6
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/7
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/8
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/9
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/10
 port link-mode bridge
 shutdown
# 
interface Ten-GigabitEthernet1/0/11
 port link-mode bridge
 shutdown
# 
interface Ten-GigabitEthernet1/0/12
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/13
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/14
 port link-mode bridge
 shutdown
# 
interface Ten-GigabitEthernet1/0/15
 port link-mode bridge
 description name
 port access vlan 10
#
interface Ten-GigabitEthernet1/0/17
 port link-mode bridge
 description name
 port link-type trunk
 undo port trunk permit vlan 1
 port trunk permit vlan 75 
 undo stp enable
 qos trust dscp
#
interface Ten-GigabitEthernet1/0/18
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/19
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/20
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/21
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/22
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/23
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/24
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/25
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/26
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/27
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/28
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/29
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/30
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/31
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/32
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/33
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/34
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/35
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/36
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/37
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/38
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/39
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/40
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/41
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/42
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/43
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/44
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/45
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/46
 port link-mode bridge
 shutdown
#
interface Ten-GigabitEthernet1/0/47
 port link-mode bridge
 shutdown
#
multicast routing
#
pim
static-rp 192.168.243.254 2026 preferred
hello-option dr-priority 2
#
route-policy static-ospf permit node 10
 if-match tag 0
 apply cost 650
 apply cost-type type-1
#
route-policy static-ospf permit node 20
 if-match tag 1000
 apply cost 650
 apply cost-type type-1
#
route-policy static-ospf permit node 30
 if-match tag 3000
 apply cost 650
 apply cost-type type-1
#
route-policy static-ospf permit node 40
 if-match tag 4000
 apply cost 650
 apply cost-type type-1
#
route-policy static-ospf permit node 50
 if-match tag 3010
 apply cost 10000
 apply cost-type type-1
#
route-policy static-ospf permit node 60
 if-match tag 4010
 apply cost 10000
 apply cost-type type-1
#
scheduler logfile size 16
#
line class aux
 authentication-mode scheme
 user-role level-0
 idle-timeout 15 0
#
line class vty
 authentication-mode scheme
 user-role level-0
 protocol inbound ssh
 idle-timeout 15 0
#
line aux 0
 user-role level-0
#
line vty 0 14
 authentication-mode scheme
 user-role level-0
 user-role level-1
 user-role network-operator
 protocol inbound ssh
 idle-timeout 15 0
#
line vty 15
 authentication-mode scheme
 user-role level-0
 user-role level-1
 user-role network-operator
 protocol inbound telnet
 idle-timeout 15 0
#
line vty 16 63
 user-role level-0
#
 ip route-static default-preference 1
#
 info-center loghost source LoopBack0
 info-center loghost 16.227.116.39
#
 snmp-agent
 snmp-agent local-engineid 800063A280BCEAFAB16B7900000001
 snmp-agent community read alwsdKstb4dn# mib-view readView acl 2089
 snmp-agent community write keptol5uNlkd# mib-view writeView acl 2087
 snmp-agent community write l0Katbrltsd3# mib-view writeView acl 2088
 snmp-agent community read os5fmoglfmKl# mib-view readView acl 2088
 snmp-agent community write radlD5anblds# mib-view writeView acl 2089
 snmp-agent community read stngot0Pwrld# mib-view readView acl 2087
 snmp-agent sys-info contact Americas Ops Bridge West; 24x7x365, 1-281-518-8500 Opt. 3
 snmp-agent sys-info location oma01, Omaha, Nebraska
 snmp-agent sys-info version all 
 snmp-agent mib-view included notifyView iso 
 snmp-agent mib-view included readView iso 
 snmp-agent mib-view excluded readView snmpUsmMIB 
 snmp-agent mib-view excluded readView snmpVacmMIB 
 snmp-agent mib-view excluded readView hh3cUserName 
 snmp-agent mib-view excluded readView hh3cUserPassword 
 snmp-agent mib-view included writeView iso 
 snmp-agent mib-view excluded writeView snmpUsmMIB 
 snmp-agent mib-view excluded writeView snmpVacmMIB 
 snmp-agent mib-view excluded writeView hh3cUserName 
 snmp-agent mib-view excluded writeView hh3cUserPassword 
 snmp-agent trap source LoopBack0
#
 ssh server enable
 undo ssh server compatible-ssh1x enable
 ssh server acl 2001
#
 ftp client source interface LoopBack0
#
 sftp client source interface LoopBack0
#
 ntp-service enable
 ntp-service source LoopBack0
 ntp-service peer acl 2321
 ntp-service unicast-server 16.110.135.123
#
acl number 2001 name vty-standard-acl
 description name
 rule 0 permit source 16.226.6.0 0.1.241.255
 rule 5 deny source 16.109.192.0 0.0.31.255
 rule 10 deny source 16.194.208.0 0.0.7.255
 rule 15 deny source 16.198.128.0 0.0.7.255
 rule 20 deny source 16.198.184.0 0.0.7.255
 rule 25 deny source 16.218.216.0 0.0.7.255
 rule 30 permit source 16.0.0.0 0.255.255.255
 rule 35 permit source 127.0.0.0 0.0.0.255
 rule 40 deny source 15.1.0.0 0.0.255.255
 rule 45 deny source 15.85.240.0 0.0.15.255
 rule 50 permit source 15.0.0.0 0.63.255.255
 rule 55 permit source 15.64.0.0 0.31.255.255
 rule 60 permit source 15.96.0.0 0.7.255.255
 rule 65 permit source 15.104.0.0 0.7.255.255
 rule 70 permit source 15.112.0.0 0.15.255.255
 rule 75 permit source 15.128.0.0 0.127.255.255
 rule 80 permit source 10.0.0.0 0.255.255.255
 rule 100 deny
#
acl number 2026 name hpq-mgroups-sparse
 rule 100 permit source 239.192.0.0 0.0.255.255
 rule 105 permit source 239.196.0.0 0.0.255.255
 rule 110 permit source 239.197.0.0 0.0.127.255
#
acl number 2087 name snmp-global
 description name
 rule 0 permit source 16.224.6.0 0.1.241.255
 rule 5 permit source 16.226.6.0 0.1.241.255
 rule 10 permit source 16.35.6.0 0.0.241.255
 rule 15 permit source 16.96.6.0 0.1.241.255
 rule 20 permit source 16.160.6.0 0.0.17.255
 rule 25 permit source 16.160.38.0 0.0.1.255
 rule 30 permit source 16.161.134.0 0.0.49.255
 rule 35 permit source 16.161.198.0 0.0.17.255
 rule 40 permit source 16.161.230.0 0.0.1.255
 rule 45 permit source 16.232.64.0 0.0.31.255
 rule 100 deny
#
acl number 2088
 description name
 rule 0 deny
#
acl number 2089
 description SNMP Local Access List
 rule 0 deny
#
acl number 2321 name ntp-restrict
 rule 5 permit source 16.110.135.123 0
 rule 10 permit source 15.64.64.123 0
 rule 15 permit source 15.122.222.123 0
 rule 100 deny
#
tftp client source interface LoopBack0
#
header login %
header shell %************************************ATENTION************************************
* Computer unit supported by I.T.Corporation.                                                 *
* This is a computer resource for the exclusive use of Enterprise Name.                       *
* If you are not an authorized user to enter this device                                      *
* refrain from doing so, as all activities can be monitored                                   *
* or recorded. And if evidence of unauthorized access is discovered,                          *
* modifications to the information, attacks against the integrity of the                      *
* Information such as the entity, among others, will be reported to the                       *
* competent authorities.                                                                      *
***********************************************************************************************
 header shell %************************************ATENTION************************************
* Computer unit supported by I.T.Corporation.                                                 *
* This is a computer resource for the exclusive use of Enterprise Name.                       *
* If you are not an authorized user to enter this device                                      *
* refrain from doing so, as all activities can be monitored                                   *
* or recorded. And if evidence of unauthorized access is discovered,                          *
* modifications to the information, attacks against the integrity of the                      *
* Information such as the entity, among others, will be reported to the                       *
* competent authorities.                                                                      *
***********************************************************************************************
#
 super authentication-mode scheme local
 super password role level-15 hash $h$6$uh+jTtfqFdA/q5aO$lPrELtOW8NEUODKpKT6t30JOfotMsL8TaE241PqsL09gwE8qgkf6ndMwnDEAEQqtgf5gLDwTqWDJ6YXTLA8GoA==
#
hwtacacs scheme tacacs
 primary authentication 16.225.166.20
 primary authorization 16.225.166.20
 primary accounting 16.225.166.20
 secondary authentication 16.227.38.20
 secondary authorization 16.227.38.20
 secondary accounting 16.227.38.20
 key authentication cipher $c$3$h1yLo2mQ9ctawtpMZV0zcZrCBbSj55O+r1o=
 key authorization cipher $c$3$BSQxl1JYGpUTvKiM/cw0v9trzyAseLYiUVI=
 key accounting cipher $c$3$rYc8qR007tgX7DZRDAXGRhRkJvvxzYnECAA=
 timer response-timeout 3
 user-name-format without-domain
 nas-ip 10.65.17.12
#
radius scheme system
 user-name-format without-domain
#
domain system
#
domain tacacs
 accounting command hwtacacs-scheme tacacs
 authentication default hwtacacs-scheme tacacs local
 authorization default hwtacacs-scheme tacacs local
 accounting default hwtacacs-scheme tacacs local
#
 domain default enable tacacs
#
role name level-0
 description Predefined level-0 role
#
role name level-1
 description Predefined level-1 role
#
role name level-2
 description Predefined level-2 role
#
role name level-3
 description Predefined level-3 role
#
role name level-4
 description Predefined level-4 role
#
role name level-5
 description Predefined level-5 role
#
role name level-6
 description Predefined level-6 role
#
role name level-7
 description Predefined level-7 role
#
role name level-8
 description Predefined level-8 role
#
role name level-9
 description Predefined level-9 role
#
role name level-10
 description Predefined level-10 role
#
role name level-11
 description Predefined level-11 role
#
role name level-12
 description Predefined level-12 role
#
role name level-13
 description Predefined level-13 role
#
role name level-14
 description Predefined level-14 role
#
user-group system
#
local-user netmgmt class manage
 password hash $h$6$n0Kz9/YsoKJpGYPB$l8ZPx7u73jIf8/TvqIkOo8unON/nCLofCMZl3oBVffW08AeCsB0+noJ3Ee1P6rb+HGDpccB9gcic6B7PH84buQ==
 service-type ssh terminal
 authorization-attribute user-role level-0
#
return
hpe/switch/5900/configuration/configuration_example_script_2.txt · Last modified: 2021/03/20 09:31 by dgonzalez
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki