! ! Last configuration change at 16:51:08 UTC Sun Oct 9 2016 ! version 16.1 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-recovery no platform punt-keepalive disable-kernel-core ! hostname PLPECNSW01 ! ! vrf definition Mgmt-vrf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family ! no logging console enable secret 5 $1$0mSy$Rp0cgb48qOEVVojz1TGo4/ enable password FilerPLC1 ! no aaa new-model facility-alarm critical exceed-action shutdown switch 1 provision ws-c3850-24s switch 2 provision ws-c3850-24s ip routing ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! table-map policed-dscp map from 0 to 8 map from 10 to 8 map from 18 to 8 map from 24 to 8 map from 34 to 8 map from 46 to 8 default copy table-map AutoConf-4.0-Trust-Cos-Table default copy table-map AutoConf-4.0-Trust-Dscp-Table default copy ! ! crypto pki trustpoint TP-self-signed-552620687 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-552620687 revocation-check none rsakeypair TP-self-signed-552620687 ! ! crypto pki certificate chain TP-self-signed-552620687 certificate self-signed 01 30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 35353236 32303638 37301E17 0D313630 36313531 35343930 345A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3535 32363230 36383730 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 C7344AD7 50808CF4 BA20D3A8 6C75F563 5C6A4F92 316D6D5E C91836C0 8F70725C C8D2CD25 58236DB1 50F6182D 21613EED EFE8B1B1 EBD77EA5 A344CE83 5CE12FC6 019EF8A8 FF404CED 91B34FCE B27C9E79 D18A5E78 4745C476 B09EEC36 B58709E9 4579B315 4370C1A6 660925D5 EA93AD75 2D70A77A 21BFD00E FC6A3362 94BF1EA1 02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D 23041830 168014A1 7AE993FD B2449FCC 5C00A532 2165AED2 9F8CCA30 1D060355 1D0E0416 0414A17A E993FDB2 449FCC5C 00A53221 65AED29F 8CCA300D 06092A86 4886F70D 01010505 00038181 008EE72A 199EB252 49BB15AE 2BECDF36 0ED1E7F1 97572187 E3ABE3D0 EC911CA0 D12066D9 6ABA1E44 93B08BB8 5B7F965B 4B3ECD60 6B28927A 8B52EA3F 46064017 C313D016 9DDBDB4A D663F975 BD6F79D1 DC6C81B5 F2874DA2 328CCBCB 75E3542A 4B376B34 4CBE2E83 BEB5A54E 4C5704D4 68C7F6AC D7BD0A6B 090ED675 64F5C855 48 quit license boot level ipbasek9 diagnostic bootup level minimal ! spanning-tree mode mst spanning-tree extend system-id username admin privilege 15 password 0 FilerPLC ! redundancy mode sso ! ! ! class-map match-any system-cpp-police-topology-control description Topology control class-map match-any system-cpp-police-sw-forward description Sw forwarding, SGT Cache Full, LOGGING class-map match-any AutoConf-4.0-Transaction-Class match access-group name AutoConf-4.0-Acl-Transactional-Data class-map match-any AutoConf-4.0-Output-Trans-Data-Queue match dscp af21 af22 af23 match cos 2 class-map match-any AutoConf-4.0-Default-Class match access-group name AutoConf-4.0-Acl-Default class-map match-any system-cpp-default description DHCP snooping, show forward and rest of traffic class-map match-any system-cpp-police-sys-data description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, Gold Pkt, RPF Failed class-map match-any AutoConf-4.0-Output-Scavenger-Queue match dscp cs1 class-map match-any AutoConf-4.0-Output-Control-Mgmt-Queue match dscp cs2 cs3 cs6 cs7 match cos 3 class-map match-any AutoConf-4.0-Scavanger-Class match access-group name AutoConf-4.0-Acl-Scavanger class-map match-any AutoQos-4.0-RT1-Class match dscp ef match dscp cs6 class-map match-any AutoConf-4.0-Signaling-Class match access-group name AutoConf-4.0-Acl-Signaling class-map match-any system-cpp-police-punt-webauth description Punt Webauth class-map match-any AutoQos-4.0-RT2-Class match dscp cs4 match dscp cs3 match dscp af41 class-map match-any system-cpp-police-forus description Forus Address resolution and Forus traffic class-map match-any system-cpp-police-multicast-end-station description MCAST END STATION class-map match-any AutoConf-4.0-Voip-Video-CiscoPhone-Class match cos 4 class-map match-any system-cpp-police-multicast description Transit Traffic and MCAST Data class-map match-any system-cpp-police-l2-control description L2 control class-map match-any system-cpp-police-dot1x-auth description DOT1X Auth class-map match-any AutoConf-4.0-Output-Multimedia-ConfQueue match dscp af41 af42 af43 match cos 4 class-map match-any system-cpp-police-data description ICMP_GEN and BROADCAST class-map match-any system-cpp-police-control-low-priority description ICMP redirect and general punt class-map match-any system-cpp-police-wireless-priority1 description Wireless priority 1 class-map match-any system-cpp-police-wireless-priority2 description Wireless priority 2 class-map match-any system-cpp-police-wireless-priority3-4-5 description Wireless priority 3,4 and 5 class-map match-any AutoConf-4.0-Output-Multimedia-StrmQueue match dscp af31 af32 af33 class-map match-any AutoConf-4.0-Voip-Data-CiscoPhone-Class match cos 5 class-map match-any AutoConf-4.0-Voip-SignalClass match dscp cs3 match cos 3 class-map match-any non-client-nrt-class class-map match-any system-cpp-police-routing-control description Routing control class-map match-any system-cpp-police-protocol-snooping description Protocol snooping class-map match-any AutoConf-4.0-Output-Bulk-Data-Queue match dscp af11 af12 af13 match cos 1 class-map match-any AutoConf-4.0-Multimedia-Conf-Class match access-group name AutoConf-4.0-Acl-MultiEnhanced-Conf class-map match-any AutoConf-4.0-Bulk-Data-Class match access-group name AutoConf-4.0-Acl-Bulk-Data class-map match-any AutoConf-4.0-VoipSignal-CiscoPhone-Class match cos 3 class-map match-any AutoConf-4.0-Output-Priority-Queue match dscp cs4 cs5 ef match cos 5 class-map match-any AutoConf-4.0-Voip-Data-Class match dscp ef match cos 5 ! policy-map port_child_policy class non-client-nrt-class bandwidth remaining ratio 10 policy-map AutoConf-4.0-Trust-Cos-Input-Policy class class-default set cos cos table AutoConf-4.0-Trust-Cos-Table policy-map AutoConf-4.0-Output-Policy class AutoConf-4.0-Output-Priority-Queue priority level 1 percent 30 class AutoConf-4.0-Output-Control-Mgmt-Queue bandwidth remaining percent 10 queue-limit dscp cs2 percent 80 queue-limit dscp cs3 percent 90 queue-limit dscp cs6 percent 100 queue-limit dscp cs7 percent 100 queue-buffers ratio 10 class AutoConf-4.0-Output-Multimedia-ConfQueue bandwidth remaining percent 10 queue-buffers ratio 10 class AutoConf-4.0-Output-Trans-Data-Queue bandwidth remaining percent 10 queue-buffers ratio 10 class AutoConf-4.0-Output-Bulk-Data-Queue bandwidth remaining percent 4 queue-buffers ratio 10 class AutoConf-4.0-Output-Scavenger-Queue bandwidth remaining percent 1 queue-buffers ratio 10 class AutoConf-4.0-Output-Multimedia-StrmQueue bandwidth remaining percent 10 queue-buffers ratio 10 class class-default bandwidth remaining percent 25 queue-buffers ratio 25 policy-map AutoConf-4.0-CiscoSoftPhone-Input-Policy class AutoConf-4.0-Voip-Data-Class set dscp ef police cir 128000 bc 8000 conform-action transmit exceed-action set-dscp-transmit dscp table policed-dscp class AutoConf-4.0-Voip-SignalClass set dscp cs3 police cir 32000 bc 8000 conform-action transmit exceed-action set-dscp-transmit dscp table policed-dscp class AutoConf-4.0-Multimedia-Conf-Class set dscp af41 police cir 5000000 conform-action transmit exceed-action drop class AutoConf-4.0-Bulk-Data-Class set dscp af11 police cir 10000000 conform-action transmit exceed-action set-dscp-transmit dscp table policed-dscp class AutoConf-4.0-Transaction-Class set dscp af21 police cir 10000000 conform-action transmit exceed-action set-dscp-transmit dscp table policed-dscp class AutoConf-4.0-Scavanger-Class set dscp cs1 police cir 10000000 conform-action transmit exceed-action drop class AutoConf-4.0-Signaling-Class set dscp cs3 police cir 32000 bc 8000 conform-action transmit exceed-action drop class AutoConf-4.0-Default-Class set dscp default police cir 10000000 conform-action transmit exceed-action set-dscp-transmit dscp table policed-dscp policy-map system-cpp-policy class system-cpp-police-data police rate 200 pps class system-cpp-police-sys-data police rate 100 pps class system-cpp-police-sw-forward police rate 1000 pps class system-cpp-police-multicast police rate 500 pps class system-cpp-police-multicast-end-station police rate 2000 pps class system-cpp-police-punt-webauth class system-cpp-police-l2-control class system-cpp-police-routing-control police rate 500 pps class system-cpp-police-control-low-priority class system-cpp-police-wireless-priority1 class system-cpp-police-wireless-priority2 class system-cpp-police-wireless-priority3-4-5 class system-cpp-police-topology-control class system-cpp-police-dot1x-auth class system-cpp-police-protocol-snooping class system-cpp-police-forus class system-cpp-default policy-map AutoConf-4.0-Trust-Dscp-Input-Policy class class-default set dscp dscp table AutoConf-4.0-Trust-Dscp-Table policy-map AutoConf-4.0-CiscoPhone-Input-Policy class AutoConf-4.0-Voip-Data-CiscoPhone-Class set dscp ef police cir 128000 bc 8000 conform-action transmit exceed-action set-dscp-transmit dscp table policed-dscp class AutoConf-4.0-Voip-Video-CiscoPhone-Class set dscp af41 police cir 10000000 bc 8000 conform-action transmit exceed-action set-dscp-transmit dscp table policed-dscp class AutoConf-4.0-VoipSignal-CiscoPhone-Class set dscp cs3 police cir 32000 bc 8000 conform-action transmit exceed-action set-dscp-transmit dscp table policed-dscp class AutoConf-4.0-Default-Class set dscp default ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Port-channel2 description SW02 Uplink switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk spanning-tree portfast disable ! interface Port-channel3 description SW03 Uplink switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk spanning-tree portfast disable ! interface Port-channel4 description SW04 Uplink switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk spanning-tree portfast disable ! interface Port-channel5 description SW05 Uplink switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk spanning-tree portfast disable ! interface Port-channel6 description SW06 Uplink switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk spanning-tree portfast disable ! interface GigabitEthernet0/0 vrf forwarding Mgmt-vrf no ip address shutdown negotiation auto ! interface GigabitEthernet1/0/1 ! interface GigabitEthernet1/0/2 description PLPECNSW02 switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk channel-group 2 mode active ! interface GigabitEthernet1/0/3 description PLPECNSW03 switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk channel-group 3 mode active ! interface GigabitEthernet1/0/4 description PLPECNSW04 switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk channel-group 4 mode active ! interface GigabitEthernet1/0/5 description PLPECNSW05 switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk channel-group 5 mode active ! interface GigabitEthernet1/0/6 description PLPECNSW06 switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk channel-group 6 mode active ! interface GigabitEthernet1/0/7 ! interface GigabitEthernet1/0/8 ! interface GigabitEthernet1/0/9 ! interface GigabitEthernet1/0/10 ! interface GigabitEthernet1/0/11 ! interface GigabitEthernet1/0/12 ! interface GigabitEthernet1/0/13 ! interface GigabitEthernet1/0/14 ! interface GigabitEthernet1/0/15 ! interface GigabitEthernet1/0/16 ! interface GigabitEthernet1/0/17 ! interface GigabitEthernet1/0/18 ! interface GigabitEthernet1/0/19 ! interface GigabitEthernet1/0/20 ! interface GigabitEthernet1/0/21 ! interface GigabitEthernet1/0/22 ! interface GigabitEthernet1/0/23 ! interface GigabitEthernet1/0/24 switchport access vlan 9 ! interface GigabitEthernet1/1/1 ! interface GigabitEthernet1/1/2 ! interface GigabitEthernet1/1/3 ! interface GigabitEthernet1/1/4 ! interface TenGigabitEthernet1/1/1 ! interface TenGigabitEthernet1/1/2 ! interface TenGigabitEthernet1/1/3 ! interface TenGigabitEthernet1/1/4 ! interface GigabitEthernet2/0/1 ! interface GigabitEthernet2/0/2 description PLPECNSW02 switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk channel-group 2 mode active ! interface GigabitEthernet2/0/3 description PLPECNSW03 switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk channel-group 3 mode active ! interface GigabitEthernet2/0/4 description PLPECNSW04 switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk channel-group 4 mode active ! interface GigabitEthernet2/0/5 description PLPECNSW05 switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk channel-group 5 mode active ! interface GigabitEthernet2/0/6 description PLPECNSW06 switchport trunk native vlan 60 switchport trunk allowed vlan 9,60-62,64,69 switchport mode trunk channel-group 6 mode active ! interface GigabitEthernet2/0/7 ! interface GigabitEthernet2/0/8 ! interface GigabitEthernet2/0/9 ! interface GigabitEthernet2/0/10 ! interface GigabitEthernet2/0/11 ! interface GigabitEthernet2/0/12 ! interface GigabitEthernet2/0/13 ! interface GigabitEthernet2/0/14 ! interface GigabitEthernet2/0/15 ! interface GigabitEthernet2/0/16 ! interface GigabitEthernet2/0/17 ! interface GigabitEthernet2/0/18 ! interface GigabitEthernet2/0/19 ! interface GigabitEthernet2/0/20 ! interface GigabitEthernet2/0/21 ! interface GigabitEthernet2/0/22 ! interface GigabitEthernet2/0/23 ! interface GigabitEthernet2/0/24 ! interface GigabitEthernet2/1/1 ! interface GigabitEthernet2/1/2 ! interface GigabitEthernet2/1/3 ! interface GigabitEthernet2/1/4 ! interface TenGigabitEthernet2/1/1 ! interface TenGigabitEthernet2/1/2 ! interface TenGigabitEthernet2/1/3 ! interface TenGigabitEthernet2/1/4 ! interface Vlan1 no ip address shutdown ! interface Vlan9 description Management ip address 192.168.9.29 255.255.255.0 ! interface Vlan61 description Drives ip address 192.168.61.1 255.255.255.0 ! interface Vlan62 description HMI/Programming ip address 192.168.62.1 255.255.255.0 ! interface Vlan64 description IO ip address 192.168.64.1 255.255.255.0 ! interface Vlan69 description Peer ip address 192.168.69.1 255.255.255.0 ! ip forward-protocol nd ip http server ip http authentication local ip http secure-server ! ! ip access-list extended AutoConf-4.0-Acl-Default permit ip any any ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data permit tcp any any eq 22 permit tcp any any eq 465 permit tcp any any eq 143 permit tcp any any eq 993 permit tcp any any eq 995 permit tcp any any eq 1914 permit tcp any any eq ftp permit tcp any any eq ftp-data permit tcp any any eq smtp permit tcp any any eq pop3 ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf permit udp any any range 16384 32767 permit tcp any any range 50000 59999 ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger permit tcp any any range 2300 2400 permit udp any any range 2300 2400 permit tcp any any range 6881 6999 permit tcp any any range 28800 29100 permit tcp any any eq 1214 permit udp any any eq 1214 permit tcp any any eq 3689 permit udp any any eq 3689 permit tcp any any eq 11999 ip access-list extended AutoQos-4.0-wlan-Acl-Signaling permit tcp any any range 2000 2002 permit tcp any any range 5060 5061 permit udp any any range 5060 5061 ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data permit tcp any any eq 443 permit tcp any any eq 1521 permit udp any any eq 1521 permit tcp any any eq 1526 permit udp any any eq 1526 permit tcp any any eq 1575 permit udp any any eq 1575 permit tcp any any eq 1630 permit udp any any eq 1630 permit tcp any any eq 1527 permit tcp any any eq 6200 permit tcp any any eq 3389 permit tcp any any eq 5985 permit tcp any any eq 8080 ! ! ! control-plane service-policy input system-cpp-policy ! ! ! line con 0 line aux 0 line vty 0 4 password FilerPLC login length 0 line vty 5 15 password FilerPLC login ! ntp server 192.168.62.45 ! ! ! ! ! ap group default-group end