10-15-2019 05:38 AM
10-15-2019 10:41 AM
10-15-2019 12:59 PM
10-15-2019 10:46 AM
ver 08.0.80caT211
!
stack unit 1
module 1 icx7150-c12-poe-port-management-module
module 2 icx7150-2-copper-port-2g-module
module 3 icx7150-2-sfp-plus-port-20g-module
!
!
no global-stp
!
!
!
vlan 1 name DEFAULT-VLAN by port
no untagged ethe 1/1/2 to 1/1/12
no spanning-tree
!
vlan 123 name Data by port
tagged ethe 1/2/2 ethe 1/3/1 to 1/3/2
untagged ethe 1/1/1 ethe 1/2/1
no spanning-tree
!
vlan 401 name voice by port
tagged ethe 1/1/1 to 1/1/2 ethe 1/1/4 to 1/1/12 ethe 1/2/1 to 1/2/2 ethe 1/3/1 to 1/3/2
no spanning-tree
!
!
vlan 666 name Restricted-Data by port
no spanning-tree
!
!
!
!
!
!
!
!
!
!
authentication
auth-default-vlan 123
restricted-vlan 666
dot1x enable
dot1x enable ethe 1/1/2 to 1/1/12
dot1x port-control auto ethe 1/1/2 to 1/1/12
!
!
aaa authentication web-server default local
aaa authentication enable default local
aaa authentication dot1x default radius
aaa authentication login default local
aaa authentication login privilege-mode
console timeout 30
enable aaa console
hostname TESTSW02
ip address 10.1.13.15 255.255.255.0
ip dns domain-list test.testdomain.state.us
ip dns server-address 10.1.5.40 10.1.5.41
no ip dhcp-client auto-update enable
no ip dhcp-client enable
ip default-gateway 10.1.13.1
!
logging host 10.1.2.3
logging console
logging persistence
mirror-port ethernet 1/1/1
!
no telnet server
username testwan password .....
radius-server host 10.1.120.221 auth-port 1812 acct-port 1813 default key 2 $b24zbw== dot1x
cdp run
fdp run
snmp-server contact Network Operations Center
snmp-server host 10.1.2.3 version v3 priv testwan
snmp-server group testv3 v3 priv access 99 read all write all
snmp-server user testwan testv3 v3 access 99 encrypted auth sha 6974065afb9f99927806e01c6ae2175104870138 priv encrypted aes 6974065bfb9f99927806e01c6ae21751
!
!
clock summer-time
clock timezone us Eastern
!
!
ntp
server 10.220.1.1
!
!
web access-group 99
no web-management http
web-management https
banner motd ^C
------------------------------------------------------------------------^C
^C
Temporary Infrastructure Test Switch^C
^C
This system is solely for the use of authorized test personnel.^C
The information contained herein is the property of test and subject to^C
non-disclosure, security, and confidentiality requirements.^C
test will monitor system usage for unauthorized activities.^C
Any user accessing this system expressly consents to such monitoring.^C
^C
Asset xxxxxxxx^C
^C
------------------------------------------------------------------------^C
^C
!
ssh access-group 99
!
!
!
interface ethernet 1/1/1
trust dscp
!
interface ethernet 1/1/2
trust dscp
!
interface ethernet 1/1/3
trust dscp
!
interface ethernet 1/1/4
trust dscp
!
interface ethernet 1/1/5
trust dscp
!
interface ethernet 1/1/6
trust dscp
!
interface ethernet 1/1/7
trust dscp
!
interface ethernet 1/1/8
trust dscp
!
interface ethernet 1/1/9
trust dscp
!
interface ethernet 1/1/10
trust dscp
!
interface ethernet 1/1/11
trust dscp
!
interface ethernet 1/1/12
trust dscp
!
interface ethernet 1/2/1
mon ethernet 1/1/1 both
trust dscp
!
interface ethernet 1/2/2
trust dscp
!
interface ethernet 1/3/1
speed-duplex 1000-full
trust dscp
!
interface ethernet 1/3/2
speed-duplex 1000-full
trust dscp
!
!
!
ip access-list standard 99
sequence 10 permit host 10.1.4.5
sequence 20 permit host 10.6.7.8
sequence 30 permit host 10.9.10.11
!
sflow destination 10.1.2.3 2055
!
lldp run
!
!
ip ssh authentication-retries 2
ip ssh timeout 30
ip ssh idle-time 30
ip ssh scp disable
ip ssh encryption disable-aes-cbc
!
!
!
end
10-15-2019 12:55 PM