config-file-header Sechenov-DSW01 v2.4.5.71 / RTESLA2.4.5_930_181_144 CLI v1.0 file SSD indicator encrypted @ ssd-control-start ssd config ssd file passphrase control unrestricted no ssd file integrity control ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0 ! ! unit-type-control-start unit-type unit 1 network te uplink none unit-type unit 2 network te uplink none unit-type unit 3 network gi uplink te unit-type unit 4 network gi uplink te unit-type-control-end ! no cdp run spanning-tree mode mst spanning-tree loopback-guard spanning-tree priority 12288 spanning-tree mst configuration instance 1 vlan 1-4094 name Sechenov-LAN revision 1 exit spanning-tree mst 1 priority 12288 port jumbo-frame bridge multicast filtering vlan database vlan 2,10,48,99-101,110-112 exit voice vlan oui-table add 0001e3 Siemens_AG_phone________ voice vlan oui-table add 00036b Cisco_phone_____________ voice vlan oui-table add 00096e Avaya___________________ voice vlan oui-table add 000fe2 H3C_Aolynk______________ voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone voice vlan oui-table add 00d01e Pingtel_phone___________ voice vlan oui-table add 00e075 Polycom/Veritel_phone___ voice vlan oui-table add 00e0bb 3Com_phone______________ loopback-detection interval 10 errdisable recovery interval 30 errdisable recovery cause loopback-detection errdisable recovery cause port-security errdisable recovery cause dot1x-src-address errdisable recovery cause acl-deny errdisable recovery cause stp-bpdu-guard errdisable recovery cause stp-loopback-guard errdisable recovery cause udld errdisable recovery cause storm-control no eee enable link-flap prevention disable ip dhcp relay address 10.100.2.1 ip dhcp relay enable no bonjour enable bonjour interface range vlan 1 ip access-list extended prn01 deny ip any 192.168.1.196 0.0.0.0 ace-priority 40 exit hostname Sechenov-DSW01 line telnet exec-timeout 0 exit logging host 192.168.1.3 logging origin-id hostname username cisco password encrypted 0a53915cb1fd99eb17d8abdbf1d8f95646e050ec privilege 15 snmp-server server snmp-server community public ro view Default clock timezone " " +3 sntp server 10.100.2.1 clock dhcp timezone ip name-server 10.100.2.4 10.100.2.5 ip telnet server ! interface vlan 1 shutdown no snmp trap link-status ! interface vlan 2 name "p-t-p to R0x" ip address 10.100.2.254 255.255.255.0 ! interface vlan 10 name Servers ip address 192.168.1.1 255.255.255.0 ip dhcp relay enable ! interface vlan 48 name MCAST ip address 192.168.48.1 255.255.255.0 bridge multicast mode ipv4-group bridge multicast ipv6 mode ip-group ! interface vlan 99 name mgmt ip address 192.168.99.1 255.255.255.0 ! interface vlan 100 name LAN ip address 192.168.100.1 255.255.255.0 ip dhcp relay enable ! interface vlan 101 name MAXX ip address 192.168.101.1 255.255.255.0 ip dhcp relay enable ! interface vlan 110 name WIFI ip address 192.168.110.1 255.255.255.0 ip dhcp relay enable ! interface vlan 111 name Eric ip address 192.168.111.1 255.255.255.0 ip dhcp relay enable ! interface vlan 112 name Ivan ip address 192.168.112.1 255.255.255.0 ip dhcp relay enable ! interface TengigabitEthernet1/0/1 speed 1000 no negotiation description "R01 gi3" no spanning-tree portfast channel-group 2 mode auto ! interface TengigabitEthernet1/0/2 speed 1000 no negotiation description "R02 gi3" ip arp inspection trust ip dhcp snooping trust spanning-tree disable no spanning-tree portfast switchport mode trunk switchport trunk allowed vlan remove 1,3-4094 ! interface TengigabitEthernet1/0/3 description "SRV01 Te1" channel-group 8 mode auto ! interface TengigabitEthernet1/0/4 description "SW04-10GE-Eric te1" spanning-tree guard root channel-group 1 mode auto ! interface TengigabitEthernet1/0/5 description "SW09-10GE-Ivan Te7" spanning-tree guard root channel-group 4 mode auto ! interface TengigabitEthernet1/0/7 switchport access vlan 99 ! interface TengigabitEthernet1/0/8 switchport access vlan 112 ! interface TengigabitEthernet2/0/1 speed 1000 no negotiation description "R01 gi4" ip dhcp snooping trust channel-group 2 mode auto ! interface TengigabitEthernet2/0/2 speed 1000 negotiation 1000f description "R02 gi4" ip arp inspection trust ip dhcp snooping trust spanning-tree disable switchport mode trunk switchport trunk allowed vlan remove 1,3-4094 ! interface TengigabitEthernet2/0/3 description "SRV01 Te2" channel-group 8 mode auto ! interface TengigabitEthernet2/0/4 description "SW04-10GE-Eric te2" spanning-tree guard root channel-group 1 mode auto ! interface TengigabitEthernet2/0/5 description "SW09-10GE-Ivan Te8" spanning-tree guard root channel-group 4 mode auto ! interface GigabitEthernet3/0/2 description "SW05 gi24 Stol Sechenova" no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/3 description "SRV02 gi1" spanning-tree portfast switchport access vlan 10 ! interface GigabitEthernet3/0/4 description Alena storm-control broadcast kbps 5000 storm-control multicast kbps 20000 spanning-tree bpdu filtering switchport access vlan 10 ! interface GigabitEthernet3/0/5 description "STORAGE1 gi1" channel-group 5 mode auto ! interface GigabitEthernet3/0/6 description "STORAGE2 gi1" channel-group 6 mode auto ! interface GigabitEthernet3/0/7 description "BIGRAID mgmt" storm-control broadcast kbps 15000 storm-control multicast kbps 20000 port security max 5 port security mode max-addresses spanning-tree portfast switchport access vlan 10 ! interface GigabitEthernet3/0/9 shutdown switchport access vlan 48 ! interface GigabitEthernet3/0/13 description "AP02 Vor-Metla gi5" switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/14 description Kaliny4 storm-control broadcast kbps 5000 storm-control multicast kbps 15000 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 100 ! interface GigabitEthernet3/0/15 description "smb near Eis" storm-control broadcast kbps 5000 storm-control multicast kbps 15000 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 100 ! interface GigabitEthernet3/0/16 description Pasha storm-control broadcast kbps 5000 storm-control multicast kbps 15000 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 100 ! interface GigabitEthernet3/0/17 description "Leha Ryzen Laptop" storm-control broadcast kbps 5000 storm-control multicast kbps 15000 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 100 ! interface GigabitEthernet3/0/18 description "SW08 gi8 Timashuk" no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/19 description "SRV01 Gi1" storm-control broadcast kbps 5000 storm-control multicast kbps 20000 spanning-tree disable switchport access vlan 10 switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/20 description "SW10 gi8 room 210" no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/21 shutdown no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root no switchport switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/23 no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/24 speed 1000 no negotiation no spanning-tree portfast spanning-tree link-type point-to-point switchport access vlan 100 switchport trunk allowed vlan remove 1 ! interface GigabitEthernet3/0/26 description "SW11 Max gi24" storm-control broadcast kbps 5120 storm-control multicast level 2 no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/27 spanning-tree portfast spanning-tree link-type point-to-point switchport access vlan 10 switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/28 no spanning-tree portfast spanning-tree link-type point-to-point switchport access vlan 10 switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/29 shutdown no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/30 speed 1000 no negotiation description "SW06 gi8 Lexa-Anton" no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/31 description "PRN01 HP B-W" spanning-tree portfast spanning-tree link-type point-to-point switchport access vlan 10 ! interface GigabitEthernet3/0/32 description "PRN02 HP Color" spanning-tree portfast spanning-tree link-type point-to-point switchport access vlan 10 ! interface GigabitEthernet3/0/33 shutdown switchport access vlan 10 ! interface GigabitEthernet3/0/34 shutdown storm-control broadcast kbps 5000 storm-control multicast kbps 20000 spanning-tree disable switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/35 shutdown spanning-tree portfast switchport access vlan 10 ! interface GigabitEthernet3/0/36 description Kurilka storm-control broadcast level 10 storm-control multicast level 10 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 10 ! interface GigabitEthernet3/0/37 description Timchenko storm-control broadcast level 10 storm-control multicast level 10 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 100 ! interface GigabitEthernet3/0/38 description Toma storm-control broadcast level 10 storm-control multicast level 10 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 100 switchport access multicast-tv vlan 48 ! interface GigabitEthernet3/0/39 description Eis storm-control broadcast level 10 storm-control multicast level 10 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 100 ! interface GigabitEthernet3/0/40 description "Leha Ryzen" storm-control broadcast level 10 storm-control multicast level 10 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 100 ! interface GigabitEthernet3/0/41 description "ONT Gi4 MCAST" switchport access vlan 48 ! interface GigabitEthernet3/0/42 description "SW02 gi8 Alla" no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/43 description "SYNOLOGY gi1" spanning-tree portfast switchport access vlan 10 ! interface GigabitEthernet3/0/45 description "SW07 gi8 Buxgalteriya" spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/46 shutdown spanning-tree link-type point-to-point switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet3/0/47 ip source-guard switchport access vlan 100 ! interface GigabitEthernet3/0/48 description "VL99 mgmt test" switchport access vlan 99 ! interface TengigabitEthernet3/0/1 description "NAS01 Te1" channel-group 7 mode auto ! interface TengigabitEthernet3/0/2 speed 10000 description "Montazhka NEW" storm-control broadcast kbps 1000 storm-control multicast kbps 10000 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 112 ! interface GigabitEthernet4/0/2 description "SW05 gi23 Stol Sechenova" no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/3 description "SRV02 Gi2" storm-control broadcast kbps 5000 storm-control multicast kbps 20000 switchport access vlan 48 ! interface GigabitEthernet4/0/4 description "Alena backup" storm-control broadcast kbps 5000 storm-control multicast kbps 20000 spanning-tree bpdu filtering switchport access vlan 10 ! interface GigabitEthernet4/0/5 description "STORAGE1 gi2" channel-group 5 mode auto ! interface GigabitEthernet4/0/6 description "STARAGE2 gi2" channel-group 6 mode auto ! interface GigabitEthernet4/0/7 description "BIGRAID mgmt backup" storm-control broadcast kbps 15000 storm-control multicast kbps 20000 port security max 5 port security mode max-addresses spanning-tree portfast switchport access vlan 10 ! interface GigabitEthernet4/0/13 description "AP02 Vor-Metla gi5 backup" switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/14 description "Kaliny4 backup" storm-control broadcast kbps 5000 storm-control multicast kbps 15000 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 100 ! interface GigabitEthernet4/0/15 description "smb near Eis backup" storm-control broadcast kbps 5000 storm-control multicast kbps 15000 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 100 ! interface GigabitEthernet4/0/16 description "Pasha backup" storm-control broadcast kbps 5000 storm-control multicast kbps 15000 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 100 ! interface GigabitEthernet4/0/17 description "Leha Ryzen Laptop backup" storm-control broadcast kbps 5000 storm-control multicast kbps 15000 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 100 ! interface GigabitEthernet4/0/18 description "SW08 gi8 Timashuk backup" no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/19 description "SRV01 Gi2" storm-control broadcast kbps 5000 storm-control multicast kbps 20000 spanning-tree disable switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/20 description "SW10 gi7 room 210" no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/23 no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/26 description "SW11 Max gi23" storm-control broadcast kbps 5120 storm-control multicast level 2 no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/27 shutdown spanning-tree portfast spanning-tree link-type point-to-point switchport access vlan 10 switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/28 shutdown no spanning-tree portfast spanning-tree link-type point-to-point switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/30 no negotiation description "SW06 gi7 Lexa-Anton" no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/31 description "PRN01 HP B-W backup" spanning-tree portfast spanning-tree link-type point-to-point switchport access vlan 10 ! interface GigabitEthernet4/0/32 description "PRN02 HP Color backup" spanning-tree portfast spanning-tree link-type point-to-point switchport access vlan 10 ! interface GigabitEthernet4/0/34 shutdown storm-control broadcast kbps 5000 storm-control multicast kbps 20000 spanning-tree disable switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/35 shutdown spanning-tree portfast switchport access vlan 10 ! interface GigabitEthernet4/0/36 description "Kurilka bckup" storm-control broadcast level 10 storm-control multicast level 10 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 10 ! interface GigabitEthernet4/0/41 description "ONT Gi4 MCAST backup" switchport access vlan 48 ! interface GigabitEthernet4/0/42 description "SW02 gi8 Alla backup" no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/43 description "SYNOLOGY gi2 backup" spanning-tree portfast switchport access vlan 10 ! interface GigabitEthernet4/0/45 description "SW07 gi7 Buxgalteriya" spanning-tree link-type point-to-point spanning-tree port-priority 16 spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface GigabitEthernet4/0/48 description "VL99 mgmt test" switchport access vlan 99 ! interface TengigabitEthernet4/0/1 description "NAS01 Te2" channel-group 7 mode auto ! interface TengigabitEthernet4/0/2 speed 10000 description "Montazhka NEW backup" storm-control broadcast kbps 1000 storm-control multicast kbps 10000 port security max 5 port security mode max-addresses spanning-tree portfast spanning-tree bpduguard enable switchport access vlan 112 ! interface Port-Channel1 description SW04-10G-Eric no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk native vlan 99 switchport trunk allowed vlan remove 1-2 ! interface Port-Channel2 description R01 ip arp inspection trust ip dhcp snooping trust spanning-tree link-type point-to-point switchport mode trunk switchport trunk allowed vlan remove 1,3-4094 ! interface Port-Channel3 spanning-tree link-type point-to-point switchport mode trunk switchport trunk allowed vlan remove 1,3-4094 ! interface Port-Channel4 description SW09-10G-Ivan no spanning-tree portfast spanning-tree link-type point-to-point spanning-tree guard root switchport mode trunk switchport trunk allowed vlan remove 1-2 ! interface Port-Channel5 description "STORAGE1 LACP" spanning-tree portfast switchport access vlan 10 ! interface Port-Channel6 description "STORAGE2 LACP" spanning-tree portfast switchport access vlan 10 ! interface Port-Channel7 description NAS01 spanning-tree portfast switchport access vlan 111 ! interface Port-Channel8 description SRV01-10GE switchport mode trunk switchport trunk allowed vlan remove 1-2 ! exit no macro description condense macro auto disabled no macro auto processing cdp no macro auto processing lldp ip igmp snooping ip igmp snooping vlan 10 ip igmp snooping vlan 48 ip igmp snooping vlan 48 immediate-leave ip igmp snooping vlan 100 ip igmp snooping vlan 48 multicast-tv 239.255.0.0 count 25855 ip igmp snooping vlan 48 querier version 3 ip igmp snooping vlan 48 querier ip dhcp snooping ip dhcp snooping database ip dhcp snooping vlan 10 ip dhcp snooping vlan 99 ip dhcp snooping vlan 100 ip dhcp snooping vlan 101 ip dhcp snooping vlan 110 ip dhcp snooping vlan 111 ip dhcp snooping vlan 112 ip arp inspection ip arp inspection validate ip arp inspection vlan 100 ip arp inspection vlan 111 ip arp inspection vlan 112 ip arp inspection list create Switches ip 192.168.99.247 mac-address 00:ad:24:3b:96:64 ip 192.168.99.249 mac-address 0c:b6:d2:a1:7d:c4 exit ip source-guard ip default-gateway 10.100.2.1 encrypted ip ssh-client key rsa key-pair