Difference between revisions of "24PinTechSwitch Config"
(Current running configuration of the main switch for the CTE network as of 9/17/24) |
|||
| (8 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
==Running Configuration== | ==Running Configuration== | ||
24PinTech_Switch#show run | |||
Building configuration... | |||
Current configuration : 10730 bytes !! | |||
! | Last configuration change at 15:39:09 UTC Tue Sep 17 2024 by 24PinTech! | ||
version 16.3 | version 16.3 | ||
| Line 18: | Line 18: | ||
service password-encryption | service password-encryption | ||
no platform punt-keepalive disable-kernel-core | no platform punt-keepalive disable-kernel-core ! | ||
! | hostname 24PinTech_Switch !! | ||
vrf definition Mgmt-vrf ! | |||
vrf definition Mgmt-vrf | |||
! | |||
address-family ipv4 | address-family ipv4 | ||
exit-address-family | exit-address-family ! | ||
! | |||
address-family ipv6 | address-family ipv6 | ||
exit-address-family | exit-address-family ! | ||
! | |||
! | enable secret 5 $1$bibk$uwpxgKcUpBT0Qz.R1EfA50 ! | ||
no aaa new-model | no aaa new-model | ||
switch 1 provision ws-c3650-24ps | switch 1 provision ws-c3650-24ps !!!!!!!!!!!!!!!!! | ||
shutdown vlan 99 ! | |||
! | |||
crypto pki trustpoint TP-self-signed-833429682 | crypto pki trustpoint TP-self-signed-833429682 | ||
| Line 92: | Line 48: | ||
revocation-check none | revocation-check none | ||
rsakeypair TP-self-signed-833429682 | rsakeypair TP-self-signed-833429682 !! | ||
! | |||
crypto pki certificate chain TP-self-signed-833429682 ! | |||
crypto pki certificate chain TP-self-signed-833429682 | |||
! | |||
license boot level ipbasek9 | license boot level ipbasek9 | ||
diagnostic bootup level minimal | diagnostic bootup level minimal ! | ||
spanning-tree mode rapid-pvst | spanning-tree mode rapid-pvst | ||
| Line 110: | Line 60: | ||
spanning-tree extend system-id | spanning-tree extend system-id | ||
! | no spanning-tree vlan 25 !! | ||
username 24pintech privilege 15 password 7 03291A08345F6C6D7031395743025A0230792 80C ! | |||
! | |||
redundancy | redundancy | ||
mode sso | mode sso !!! | ||
! | |||
! | |||
! | |||
class-map match-any system-cpp-police-topology-control | class-map match-any system-cpp-police-topology-control | ||
description Topology control | description Topology control | ||
class-map match-any system-cpp-police-sw-forward | class-map match-any system-cpp-police-sw-forward | ||
description Sw forwarding, SGT Cache Full, LOGGING | description Sw forwarding, SGT Cache Full, LOGGING | ||
class-map match-any system-cpp-default | class-map match-any system-cpp-default | ||
description DHCP snooping, show forward and rest of traffic | description DHCP snooping, show forward and rest of traffic | ||
class-map match-any system-cpp-police-sys-data | class-map match-any system-cpp-police-sys-data | ||
description Learning cache ovfl, Crypto Control, Exception, EGR Exception, | description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, Gold Pkt, RPF Failed | ||
class-map match-any system-cpp-police-punt-webauth | class-map match-any system-cpp-police-punt-webauth | ||
description Punt Webauth | description Punt Webauth | ||
class-map match-any system-cpp-police-forus | class-map match-any system-cpp-police-forus | ||
description Forus Address resolution and Forus traffic | description Forus Address resolution and Forus traffic | ||
class-map match-any system-cpp-police-multicast-end-station | class-map match-any system-cpp-police-multicast-end-station | ||
description MCAST END STATION | description MCAST END STATION | ||
class-map match-any system-cpp-police-multicast | class-map match-any system-cpp-police-multicast | ||
description Transit Traffic and MCAST Data | description Transit Traffic and MCAST Data | ||
class-map match-any system-cpp-police-l2-control | class-map match-any system-cpp-police-l2-control | ||
description L2 control | description L2 control | ||
class-map match-any system-cpp-police-dot1x-auth | class-map match-any system-cpp-police-dot1x-auth | ||
description DOT1X Auth | description DOT1X Auth | ||
class-map match-any system-cpp-police-data | class-map match-any system-cpp-police-data | ||
description ICMP_GEN and BROADCAST | description ICMP_GEN and BROADCAST | ||
class-map match-any system-cpp-police-control-low-priority | class-map match-any system-cpp-police-control-low-priority | ||
description ICMP redirect and general punt | description ICMP redirect and general punt | ||
class-map match-any system-cpp-police-wireless-priority1 | class-map match-any system-cpp-police-wireless-priority1 | ||
description Wireless priority 1 | description Wireless priority 1 | ||
class-map match-any system-cpp-police-wireless-priority2 | class-map match-any system-cpp-police-wireless-priority2 | ||
description Wireless priority 2 | description Wireless priority 2 | ||
class-map match-any system-cpp-police-wireless-priority3-4-5 | class-map match-any system-cpp-police-wireless-priority3-4-5 | ||
description Wireless priority 3,4 and 5 | description Wireless priority 3,4 and 5 | ||
class-map match-any non-client-nrt-class | class-map match-any non-client-nrt-class | ||
| Line 190: | Line 132: | ||
class-map match-any system-cpp-police-routing-control | class-map match-any system-cpp-police-routing-control | ||
description Routing control | description Routing control | ||
class-map match-any system-cpp-police-protocol-snooping | class-map match-any system-cpp-police-protocol-snooping | ||
description Protocol snooping | description Protocol snooping ! | ||
! | |||
policy-map port_child_policy | policy-map port_child_policy | ||
| Line 202: | Line 142: | ||
class non-client-nrt-class | class non-client-nrt-class | ||
bandwidth remaining ratio 10 | bandwidth remaining ratio 10 | ||
policy-map system-cpp-policy | policy-map system-cpp-policy | ||
| Line 208: | Line 148: | ||
class system-cpp-police-data | class system-cpp-police-data | ||
police rate 200 pps | police rate 200 pps | ||
class system-cpp-police-sys-data | class system-cpp-police-sys-data | ||
police rate 100 pps | police rate 100 pps | ||
class system-cpp-police-sw-forward | class system-cpp-police-sw-forward | ||
police rate 1000 pps | police rate 1000 pps | ||
class system-cpp-police-multicast | class system-cpp-police-multicast | ||
police rate 500 pps | police rate 500 pps | ||
class system-cpp-police-multicast-end-station | class system-cpp-police-multicast-end-station | ||
police rate 2000 pps | police rate 2000 pps | ||
class system-cpp-police-punt-webauth | class system-cpp-police-punt-webauth | ||
| Line 232: | Line 172: | ||
class system-cpp-police-routing-control | class system-cpp-police-routing-control | ||
police rate 1800 pps | police rate 1800 pps | ||
class system-cpp-police-control-low-priority | class system-cpp-police-control-low-priority | ||
| Line 250: | Line 190: | ||
class system-cpp-police-forus | class system-cpp-police-forus | ||
class system-cpp-default | class system-cpp-default !!!!!!!!!!!!!! | ||
! | |||
! | |||
! | |||
! | |||
! | |||
! | |||
! | |||
! | |||
! | |||
! | |||
! | |||
! | |||
! | |||
! | |||
interface Port-channel1 | interface Port-channel1 | ||
description Ports: | description Ports: 9, 10, 11, 12 to Asgard | ||
switchport access vlan 25 | switchport access vlan 25 | ||
switchport mode access | switchport mode access ! | ||
! | |||
interface Port-channel2 | interface Port-channel2 | ||
description Ports: 3, 4, 5, 6 to | description Ports: 3, 4, 5, 6 to Valhalla | ||
switchport access vlan 25 | switchport access vlan 25 | ||
switchport mode access | switchport mode access ! | ||
! | |||
interface Port-channel3 | interface Port-channel3 | ||
| Line 306: | Line 214: | ||
switchport trunk allowed vlan 25 | switchport trunk allowed vlan 25 | ||
switchport mode trunk | switchport mode trunk ! | ||
! | |||
interface Port-channel4 | interface Port-channel4 | ||
description Ports | description Ports 13,14,15,16 to Charlie | ||
switchport access vlan 25 | switchport access vlan 25 | ||
switchport mode access | switchport mode access ! | ||
! | |||
interface Port-channel5 | interface Port-channel5 | ||
description Ports: | description Ports: 17, 18, 19, 20 to Open | ||
switchport access vlan 25 | switchport access vlan 25 | ||
switchport mode | switchport mode trunk ! | ||
! | |||
interface Port-channel6 | interface Port-channel6 | ||
description Ports: | description Ports: 21, 22, 23, 24 to Alpha | ||
switchport access vlan 25 | switchport access vlan 25 | ||
switchport mode access | switchport mode access ! | ||
! | |||
interface GigabitEthernet0/0 | interface GigabitEthernet0/0 | ||
| Line 346: | Line 246: | ||
no ip address | no ip address | ||
negotiation auto | negotiation auto ! | ||
! | |||
interface GigabitEthernet1/0/1 | interface GigabitEthernet1/0/1 | ||
| Line 358: | Line 256: | ||
switchport mode trunk | switchport mode trunk | ||
channel-group 3 mode active | channel-group 3 mode active ! | ||
! | |||
interface GigabitEthernet1/0/2 | interface GigabitEthernet1/0/2 | ||
| Line 370: | Line 266: | ||
switchport mode trunk | switchport mode trunk | ||
channel-group 3 mode active | channel-group 3 mode active ! | ||
! | |||
interface GigabitEthernet1/0/3 | interface GigabitEthernet1/0/3 | ||
description Ports: 3, 4, 5, 6 to | description Ports: 3, 4, 5, 6 to Valhalla | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 382: | Line 276: | ||
switchport mode access | switchport mode access | ||
channel-group 2 mode | channel-group 2 mode on ! | ||
! | |||
interface GigabitEthernet1/0/4 | interface GigabitEthernet1/0/4 | ||
description Ports: 3, 4, 5, 6 to | description Ports: 3, 4, 5, 6 to Valhalla | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 394: | Line 286: | ||
switchport mode access | switchport mode access | ||
channel-group 2 mode | channel-group 2 mode on ! | ||
! | |||
interface GigabitEthernet1/0/5 | interface GigabitEthernet1/0/5 | ||
description Ports: 3, 4, 5, 6 to | description Ports: 3, 4, 5, 6 to Valhalla | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 406: | Line 296: | ||
switchport mode access | switchport mode access | ||
channel-group 2 mode | channel-group 2 mode on ! | ||
! | |||
interface GigabitEthernet1/0/6 | interface GigabitEthernet1/0/6 | ||
description Ports: 3, 4, 5, 6 to | description Ports: 3, 4, 5, 6 to Valhalla | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 418: | Line 306: | ||
switchport mode access | switchport mode access | ||
channel-group 2 mode | channel-group 2 mode on ! | ||
! | |||
interface GigabitEthernet1/0/7 | interface GigabitEthernet1/0/7 | ||
description | description OPEN | ||
switchport access vlan 25 | switchport access vlan 25 | ||
switchport mode access | switchport mode access ! | ||
! | |||
interface GigabitEthernet1/0/8 | interface GigabitEthernet1/0/8 | ||
description | description OPEN | ||
switchport access vlan 25 | switchport access vlan 25 | ||
switchport mode access | switchport mode access ! | ||
interface GigabitEthernet1/0/9 | |||
description Ports: 9, 10, 11, 12 to Asgard | |||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 452: | Line 332: | ||
switchport mode access | switchport mode access | ||
! | channel-group 1 mode on ! | ||
interface GigabitEthernet1/0/10 | interface GigabitEthernet1/0/10 | ||
description Ports: 9, 10, 11, 12 to Asgard | |||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 460: | Line 342: | ||
switchport mode access | switchport mode access | ||
! | channel-group 1 mode on ! | ||
interface GigabitEthernet1/0/11 | interface GigabitEthernet1/0/11 | ||
description Ports: 9, 10, 11, 12 to Asgard | |||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 468: | Line 352: | ||
switchport mode access | switchport mode access | ||
! | channel-group 1 mode on ! | ||
interface GigabitEthernet1/0/12 | interface GigabitEthernet1/0/12 | ||
description Ports: 9, 10, 11, 12 to Asgard | |||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 476: | Line 362: | ||
switchport mode access | switchport mode access | ||
! | channel-group 1 mode on ! | ||
interface GigabitEthernet1/0/13 | interface GigabitEthernet1/0/13 | ||
description Ports | description Ports 13,14,15,16 to Charlie | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 486: | Line 372: | ||
switchport mode access | switchport mode access | ||
channel-group | channel-group 4 mode active ! | ||
! | |||
interface GigabitEthernet1/0/14 | interface GigabitEthernet1/0/14 | ||
description Ports | description Ports 13,14,15,16 to Charlie | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 498: | Line 382: | ||
switchport mode access | switchport mode access | ||
channel-group | channel-group 4 mode active ! | ||
! | |||
interface GigabitEthernet1/0/15 | interface GigabitEthernet1/0/15 | ||
description Ports | description Ports 13,14,15,16 to Charlie | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 510: | Line 392: | ||
switchport mode access | switchport mode access | ||
channel-group | channel-group 4 mode active ! | ||
! | |||
interface GigabitEthernet1/0/16 | interface GigabitEthernet1/0/16 | ||
description Ports | description Ports 13,14,15,16 to Charlie | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 522: | Line 402: | ||
switchport mode access | switchport mode access | ||
channel-group | channel-group 4 mode active ! | ||
! | |||
interface GigabitEthernet1/0/17 | interface GigabitEthernet1/0/17 | ||
description Ports | description Ports 17,18,19,20 to Open | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 534: | Line 412: | ||
switchport mode access | switchport mode access | ||
channel-group | channel-group 5 mode active ! | ||
! | |||
interface GigabitEthernet1/0/18 | interface GigabitEthernet1/0/18 | ||
description Ports | description Ports 17,18,19,20 to Open | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 546: | Line 422: | ||
switchport mode access | switchport mode access | ||
channel-group | channel-group 5 mode active ! | ||
! | |||
interface GigabitEthernet1/0/19 | interface GigabitEthernet1/0/19 | ||
description Ports | description Ports 17,18,19,20 to Open | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 558: | Line 432: | ||
switchport mode access | switchport mode access | ||
channel-group | channel-group 5 mode active ! | ||
! | |||
interface GigabitEthernet1/0/20 | interface GigabitEthernet1/0/20 | ||
description Ports | description Ports 17,18,19,20 to Open | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 570: | Line 442: | ||
switchport mode access | switchport mode access | ||
channel-group | channel-group 5 mode active ! | ||
! | |||
interface GigabitEthernet1/0/21 | interface GigabitEthernet1/0/21 | ||
description | description connecton to Alpha | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 582: | Line 452: | ||
switchport mode access | switchport mode access | ||
channel-group | channel-group 6 mode on | ||
! | ! | ||
| Line 588: | Line 458: | ||
interface GigabitEthernet1/0/22 | interface GigabitEthernet1/0/22 | ||
description | description connecton to Alpha | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 594: | Line 464: | ||
switchport mode access | switchport mode access | ||
channel-group | channel-group 6 mode on | ||
! | ! | ||
| Line 600: | Line 470: | ||
interface GigabitEthernet1/0/23 | interface GigabitEthernet1/0/23 | ||
description | description connecton to Alpha | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 606: | Line 476: | ||
switchport mode access | switchport mode access | ||
channel-group | channel-group 6 mode on ! | ||
! | |||
interface GigabitEthernet1/0/24 | interface GigabitEthernet1/0/24 | ||
description | description connecton to Alpha | ||
switchport access vlan 25 | switchport access vlan 25 | ||
| Line 618: | Line 486: | ||
switchport mode access | switchport mode access | ||
channel-group | channel-group 6 mode on ! | ||
! | interface GigabitEthernet1/1/1 ! | ||
interface GigabitEthernet1/1/ | interface GigabitEthernet1/1/2 ! | ||
! | interface GigabitEthernet1/1/3 ! | ||
interface GigabitEthernet1/1/ | interface GigabitEthernet1/1/4 ! | ||
interface Vlan1 | |||
no ip address | |||
! | shutdown ! | ||
interface | interface Vlan25 | ||
description Used to create active SVI | |||
! | ip address 10.21.25.28 255.255.255.0 ! | ||
interface Vlan99 | interface Vlan99 | ||
| Line 650: | Line 512: | ||
description Management VLAN for CISCOACA.local domain | description Management VLAN for CISCOACA.local domain | ||
ip address | no ip address ! | ||
ip default-gateway 10.21.25.1 | |||
ip forward-protocol nd | ip forward-protocol nd | ||
| Line 660: | Line 522: | ||
ip http authentication local | ip http authentication local | ||
ip http secure-server | ip http secure-server ! | ||
! | |||
ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data | ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data | ||
| Line 748: | Line 608: | ||
permit tcp any any eq 5985 | permit tcp any any eq 5985 | ||
permit tcp any any eq 8080 | permit tcp any any eq 8080 !!! | ||
! | |||
! | |||
! | |||
control-plane | control-plane | ||
service-policy input system-cpp-policy | service-policy input system-cpp-policy ! | ||
banner motd ^CAuthorized personnel only! Violators will be subject to the wrath of Chambie!^C ! | |||
banner motd ^CAuthorized personnel only! Violators will be subject to the wrath of Chambie!^C | |||
! | |||
line con 0 | line con 0 | ||
| Line 786: | Line 636: | ||
logging synchronous | logging synchronous | ||
login | login local | ||
line vty 5 15 | line vty 5 15 | ||
| Line 794: | Line 644: | ||
logging synchronous | logging synchronous | ||
login | login !! | ||
! | wsma agent exec ! | ||
! | wsma agent config ! | ||
wsma agent | wsma agent filesys ! | ||
wsma agent notify !! | |||
wsma agent notify | |||
! | |||
! | |||
ap dot11 airtime-fairness policy-name Default 0 | ap dot11 airtime-fairness policy-name Default 0 | ||
| Line 833: | Line 669: | ||
end | end | ||
==Notes:== | |||
When running an [https://unraid.net/ UnRaid] server the normal <code>{(C-IF)#channel-group on}</code>command may '''NOT''' work, instead use <code>{(C-IF)#channel-protocol lacp}</code>to independently force '''LACP''' on all ports in range. (THIS WILL USUALLY BE NEEDED WHEN USING BOND MODE "ACTIVE-BACKUP (#)" ON UNRAID.) | |||
Latest revision as of 19:33, 17 September 2024
Running Configuration
24PinTech_Switch#show run
Building configuration...
Current configuration : 10730 bytes !!
Last configuration change at 15:39:09 UTC Tue Sep 17 2024 by 24PinTech!
version 16.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no platform punt-keepalive disable-kernel-core !
hostname 24PinTech_Switch !!
vrf definition Mgmt-vrf !
address-family ipv4
exit-address-family !
address-family ipv6
exit-address-family !
enable secret 5 $1$bibk$uwpxgKcUpBT0Qz.R1EfA50 !
no aaa new-model
switch 1 provision ws-c3650-24ps !!!!!!!!!!!!!!!!!
shutdown vlan 99 !
crypto pki trustpoint TP-self-signed-833429682
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-833429682
revocation-check none
rsakeypair TP-self-signed-833429682 !!
crypto pki certificate chain TP-self-signed-833429682 !
license boot level ipbasek9
diagnostic bootup level minimal !
spanning-tree mode rapid-pvst
spanning-tree extend system-id
no spanning-tree vlan 25 !!
username 24pintech privilege 15 password 7 03291A08345F6C6D7031395743025A0230792 80C !
redundancy
mode sso !!!
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, SGT Cache Full, LOGGING
class-map match-any system-cpp-default
description DHCP snooping, show forward and rest of traffic
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, Gold Pkt, RPF Failed
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-control-low-priority
description ICMP redirect and general punt
class-map match-any system-cpp-police-wireless-priority1
description Wireless priority 1
class-map match-any system-cpp-police-wireless-priority2
description Wireless priority 2
class-map match-any system-cpp-police-wireless-priority3-4-5
description Wireless priority 3,4 and 5
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
description Routing control
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping !
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
policy-map system-cpp-policy
class system-cpp-police-data
police rate 200 pps
class system-cpp-police-sys-data
police rate 100 pps
class system-cpp-police-sw-forward
police rate 1000 pps
class system-cpp-police-multicast
police rate 500 pps
class system-cpp-police-multicast-end-station
police rate 2000 pps
class system-cpp-police-punt-webauth
class system-cpp-police-l2-control
class system-cpp-police-routing-control
police rate 1800 pps
class system-cpp-police-control-low-priority
class system-cpp-police-wireless-priority1
class system-cpp-police-wireless-priority2
class system-cpp-police-wireless-priority3-4-5
class system-cpp-police-topology-control
class system-cpp-police-dot1x-auth
class system-cpp-police-protocol-snooping
class system-cpp-police-forus
class system-cpp-default !!!!!!!!!!!!!!
interface Port-channel1
description Ports: 9, 10, 11, 12 to Asgard
switchport access vlan 25
switchport mode access !
interface Port-channel2
description Ports: 3, 4, 5, 6 to Valhalla
switchport access vlan 25
switchport mode access !
interface Port-channel3
description Ports: 1, 2 to School Network
switchport trunk allowed vlan 25
switchport mode trunk !
interface Port-channel4
description Ports 13,14,15,16 to Charlie
switchport access vlan 25
switchport mode access !
interface Port-channel5
description Ports: 17, 18, 19, 20 to Open
switchport access vlan 25
switchport mode trunk !
interface Port-channel6
description Ports: 21, 22, 23, 24 to Alpha
switchport access vlan 25
switchport mode access !
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto !
interface GigabitEthernet1/0/1
description Ports: 1, 2 to School Network
switchport trunk allowed vlan 25
switchport mode trunk
channel-group 3 mode active !
interface GigabitEthernet1/0/2
description Ports: 1, 2 to School Network
switchport trunk allowed vlan 25
switchport mode trunk
channel-group 3 mode active !
interface GigabitEthernet1/0/3
description Ports: 3, 4, 5, 6 to Valhalla
switchport access vlan 25
switchport mode access
channel-group 2 mode on !
interface GigabitEthernet1/0/4
description Ports: 3, 4, 5, 6 to Valhalla
switchport access vlan 25
switchport mode access
channel-group 2 mode on !
interface GigabitEthernet1/0/5
description Ports: 3, 4, 5, 6 to Valhalla
switchport access vlan 25
switchport mode access
channel-group 2 mode on !
interface GigabitEthernet1/0/6
description Ports: 3, 4, 5, 6 to Valhalla
switchport access vlan 25
switchport mode access
channel-group 2 mode on !
interface GigabitEthernet1/0/7
description OPEN
switchport access vlan 25
switchport mode access !
interface GigabitEthernet1/0/8
description OPEN
switchport access vlan 25
switchport mode access !
interface GigabitEthernet1/0/9
description Ports: 9, 10, 11, 12 to Asgard
switchport access vlan 25
switchport mode access
channel-group 1 mode on !
interface GigabitEthernet1/0/10
description Ports: 9, 10, 11, 12 to Asgard
switchport access vlan 25
switchport mode access
channel-group 1 mode on !
interface GigabitEthernet1/0/11
description Ports: 9, 10, 11, 12 to Asgard
switchport access vlan 25
switchport mode access
channel-group 1 mode on !
interface GigabitEthernet1/0/12
description Ports: 9, 10, 11, 12 to Asgard
switchport access vlan 25
switchport mode access
channel-group 1 mode on !
interface GigabitEthernet1/0/13
description Ports 13,14,15,16 to Charlie
switchport access vlan 25
switchport mode access
channel-group 4 mode active !
interface GigabitEthernet1/0/14
description Ports 13,14,15,16 to Charlie
switchport access vlan 25
switchport mode access
channel-group 4 mode active !
interface GigabitEthernet1/0/15
description Ports 13,14,15,16 to Charlie
switchport access vlan 25
switchport mode access
channel-group 4 mode active !
interface GigabitEthernet1/0/16
description Ports 13,14,15,16 to Charlie
switchport access vlan 25
switchport mode access
channel-group 4 mode active !
interface GigabitEthernet1/0/17
description Ports 17,18,19,20 to Open
switchport access vlan 25
switchport mode access
channel-group 5 mode active !
interface GigabitEthernet1/0/18
description Ports 17,18,19,20 to Open
switchport access vlan 25
switchport mode access
channel-group 5 mode active !
interface GigabitEthernet1/0/19
description Ports 17,18,19,20 to Open
switchport access vlan 25
switchport mode access
channel-group 5 mode active !
interface GigabitEthernet1/0/20
description Ports 17,18,19,20 to Open
switchport access vlan 25
switchport mode access
channel-group 5 mode active !
interface GigabitEthernet1/0/21
description connecton to Alpha
switchport access vlan 25
switchport mode access
channel-group 6 mode on
!
interface GigabitEthernet1/0/22
description connecton to Alpha
switchport access vlan 25
switchport mode access
channel-group 6 mode on
!
interface GigabitEthernet1/0/23
description connecton to Alpha
switchport access vlan 25
switchport mode access
channel-group 6 mode on !
interface GigabitEthernet1/0/24
description connecton to Alpha
switchport access vlan 25
switchport mode access
channel-group 6 mode on !
interface GigabitEthernet1/1/1 !
interface GigabitEthernet1/1/2 !
interface GigabitEthernet1/1/3 !
interface GigabitEthernet1/1/4 !
interface Vlan1
no ip address
shutdown !
interface Vlan25
description Used to create active SVI
ip address 10.21.25.28 255.255.255.0 !
interface Vlan99
description Management VLAN for CISCOACA.local domain
no ip address !
ip default-gateway 10.21.25.1
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server !
ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data
permit tcp any any eq 22
permit tcp any any eq 465
permit tcp any any eq 143
permit tcp any any eq 993
permit tcp any any eq 995
permit tcp any any eq 1914
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any any eq smtp
permit tcp any any eq pop3
ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf
permit udp any any range 16384 32767
permit tcp any any range 50000 59999
ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger
permit tcp any any range 2300 2400
permit udp any any range 2300 2400
permit tcp any any range 6881 6999
permit tcp any any range 28800 29100
permit tcp any any eq 1214
permit udp any any eq 1214
permit tcp any any eq 3689
permit udp any any eq 3689
permit tcp any any eq 11999
ip access-list extended AutoQos-4.0-wlan-Acl-Signaling
permit tcp any any range 2000 2002
permit tcp any any range 5060 5061
permit udp any any range 5060 5061
ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data
permit tcp any any eq 443
permit tcp any any eq 1521
permit udp any any eq 1521
permit tcp any any eq 1526
permit udp any any eq 1526
permit tcp any any eq 1575
permit udp any any eq 1575
permit tcp any any eq 1630
permit udp any any eq 1630
permit tcp any any eq 1527
permit tcp any any eq 6200
permit tcp any any eq 3389
permit tcp any any eq 5985
permit tcp any any eq 8080 !!!
control-plane
service-policy input system-cpp-policy !
banner motd ^CAuthorized personnel only! Violators will be subject to the wrath of Chambie!^C !
line con 0
password 7 080078764D4B554742
logging synchronous
login
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password 7 080878764A4A554742
logging synchronous
login local
line vty 5 15
password 7 080878764A4A554742
logging synchronous
login !!
wsma agent exec !
wsma agent config !
wsma agent filesys !
wsma agent notify !!
ap dot11 airtime-fairness policy-name Default 0
ap group default-group
ap hyperlocation ble-beacon 0
ap hyperlocation ble-beacon 1
ap hyperlocation ble-beacon 2
ap hyperlocation ble-beacon 3
ap hyperlocation ble-beacon 4
end
Notes:
When running an UnRaid server the normal {(C-IF)#channel-group on}command may NOT work, instead use {(C-IF)#channel-protocol lacp}to independently force LACP on all ports in range. (THIS WILL USUALLY BE NEEDED WHEN USING BOND MODE "ACTIVE-BACKUP (#)" ON UNRAID.)