24PinTechSwitch Config

From 24PinTech Wiki
Revision as of 14:54, 28 August 2019 by IGarza (talk | contribs) (Added page: running config for 24pintechswitch in the back)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Running Configuration

Current configuration : 10784 bytes

!

! Last configuration change at 06:02:24 UTC Thu Aug 15 2019

!

version 16.3

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

no platform punt-keepalive disable-kernel-core

!

hostname 24PinTech_Switch

!

!

vrf definition Mgmt-vrf

!

address-family ipv4

exit-address-family

!

address-family ipv6

exit-address-family

!

enable secret 5 $1$W8fz$yoZKAzoRMefe/h6hlXo741

!

no aaa new-model

switch 1 provision ws-c3650-24ps

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

crypto pki trustpoint TP-self-signed-833429682

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-833429682

revocation-check none

rsakeypair TP-self-signed-833429682

!

!

crypto pki certificate chain TP-self-signed-833429682

certificate self-signed 01

3082032E 30820216 A0030201 02020101 300D0609 2A864886 F70D0101 05050030

30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 38333334 32393638 32301E17 0D313831 32313331 34323034

315A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F

532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3833 33343239

36383230 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 82010A02

82010100 B0D39D58 2D4C7FDC 841C4218 351FC504 04982D66 D288F9D9 2287404A

426EF5F2 BCCBD1EE 68213925 2B0551D2 A2C86084 E8043697 B26007BF 64A60A27

2EB662BD 8D4C199B D5A07C54 D4A41271 41F05D79 B48D0EB5 E1A032DC E8FF89E1

AD67D152 E900359C F27E2327 1D911B5C 6FB1DFFF 48B0F08D 66BD092A 98D5E202

5A0522FC 31841F0F C6487E92 3C58F9E4 D99C6E45 9DFD7B68 6223AB65 A9654FB2

5FE2AD3B A352B11E D1DBC8E5 F210E03E 3CCA4DFB 80B841B0 7B2A8238 C77DBEFD

3784B083 2BAEB87C D9183E27 C8F60CB8 A3AD1BE0 DED3CD52 3C82AF6B 4FC14D76

F8BA171E 3AA82EDE B8596838 24292619 1CCE85FD FC3E9ED3 12EED95A DEE225CB

F3CFD15B 02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F

0603551D 23041830 1680142E 5138154C 63A9B7C5 338C1741 26388AD6 728D4F30

1D060355 1D0E0416 04142E51 38154C63 A9B7C533 8C174126 388AD672 8D4F300D

06092A86 4886F70D 01010505 00038201 01000634 C6E71494 3E25D7CB C11C089E

76F5F7C5 48696B0F 2BE03824 E470023A 3407097A F4713D1B E0988AA2 00C90BA1

369F4428 E122C209 43DBDBE2 8D43FB09 DB3210DE 3873C291 723F2B99 99CD1DFE

76DE7D32 48AF3C12 14135336 485594BB B3507EED 0D710F9B 2365C689 D9A26282

ED7BEBB7 37552D79 62B21B47 65B09A08 BE71F5E0 F8F4986E 04309DA1 03B98E2D

8CD86595 0D068E47 AAE5C52A 62291A8F B84AC6DF 2D43F067 A9CEB8F1 A1347850

0167914E 1FC2BA95 173E2634 108C32E4 0C787DD9 5FD096BB 178CB93C CEB90BD7

723A0372 94E83318 BF2CD70E 40DFDD2D 8190B0A4 297A0168 0A629F12 DC659693

ACE9F8BA 1B270E40 207F25CB E3F9ABCE BE48

quit

!

license boot level ipbasek9

diagnostic bootup level minimal

spanning-tree mode rapid-pvst

spanning-tree extend system-id

!

!

!

redundancy

mode sso

!

!

!

class-map match-any system-cpp-police-topology-control

description Topology control

class-map match-any system-cpp-police-sw-forward

description Sw forwarding, SGT Cache Full, LOGGING

class-map match-any system-cpp-default

description DHCP snooping, show forward and rest of traffic

class-map match-any system-cpp-police-sys-data

description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL

SAMPLED DATA, Gold Pkt, RPF Failed

class-map match-any system-cpp-police-punt-webauth

description Punt Webauth

class-map match-any system-cpp-police-forus

description Forus Address resolution and Forus traffic

class-map match-any system-cpp-police-multicast-end-station

description MCAST END STATION

class-map match-any system-cpp-police-multicast

description Transit Traffic and MCAST Data

class-map match-any system-cpp-police-l2-control

description L2 control

class-map match-any system-cpp-police-dot1x-auth

description DOT1X Auth

class-map match-any system-cpp-police-data

description ICMP_GEN and BROADCAST

class-map match-any system-cpp-police-control-low-priority

description ICMP redirect and general punt

class-map match-any system-cpp-police-wireless-priority1

description Wireless priority 1

class-map match-any system-cpp-police-wireless-priority2

description Wireless priority 2

class-map match-any system-cpp-police-wireless-priority3-4-5

description Wireless priority 3,4 and 5

class-map match-any non-client-nrt-class

class-map match-any system-cpp-police-routing-control

description Routing control

class-map match-any system-cpp-police-protocol-snooping

description Protocol snooping

!

policy-map port_child_policy

class non-client-nrt-class

bandwidth remaining ratio 10

policy-map system-cpp-policy

class system-cpp-police-data

police rate 200 pps

class system-cpp-police-sys-data

police rate 100 pps

class system-cpp-police-sw-forward

police rate 1000 pps

class system-cpp-police-multicast

police rate 500 pps

class system-cpp-police-multicast-end-station

police rate 2000 pps

class system-cpp-police-punt-webauth

class system-cpp-police-l2-control

class system-cpp-police-routing-control

police rate 1800 pps

class system-cpp-police-control-low-priority

class system-cpp-police-wireless-priority1

class system-cpp-police-wireless-priority2

class system-cpp-police-wireless-priority3-4-5

class system-cpp-police-topology-control

class system-cpp-police-dot1x-auth

class system-cpp-police-protocol-snooping

class system-cpp-police-forus

class system-cpp-default

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface Port-channel1

switchport access vlan 25

switchport mode access

!

interface Port-channel2

switchport access vlan 25

switchport mode access

!

interface Port-channel3

switchport trunk allowed vlan 25

switchport mode trunk

!

interface Port-channel4

switchport access vlan 25

switchport mode access

!

interface Port-channel5

switchport access vlan 25

switchport mode access

!

interface Port-channel6

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet0/0

vrf forwarding Mgmt-vrf

no ip address

negotiation auto

!

interface GigabitEthernet1/0/1

switchport trunk allowed vlan 25

switchport mode trunk

channel-group 3 mode active

!

interface GigabitEthernet1/0/2

switchport trunk allowed vlan 25

switchport mode trunk

channel-group 3 mode active

!

interface GigabitEthernet1/0/3

switchport access vlan 25

switchport mode access

channel-group 1 mode passive

!

interface GigabitEthernet1/0/4

switchport access vlan 25

switchport mode access

channel-group 1 mode passive

!

interface GigabitEthernet1/0/5

switchport access vlan 25

switchport mode access

channel-group 1 mode passive

!

interface GigabitEthernet1/0/6

switchport access vlan 25

switchport mode access

channel-group 1 mode passive

!

interface GigabitEthernet1/0/7

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/8

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/9

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/10

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/11

switchport access vlan 25

switchport mode access

channel-group 4 mode passive

!

interface GigabitEthernet1/0/12

switchport access vlan 25

switchport mode access

channel-group 4 mode passive

!

interface GigabitEthernet1/0/13

switchport access vlan 25

switchport mode access

channel-group 5 mode passive

!

interface GigabitEthernet1/0/14

switchport access vlan 25

switchport mode access

channel-group 5 mode passive

!

interface GigabitEthernet1/0/15

switchport access vlan 25

switchport mode access

channel-group 5 mode passive

!

interface GigabitEthernet1/0/16

switchport access vlan 25

switchport mode access

channel-group 5 mode passive

!

interface GigabitEthernet1/0/17

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/18

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/19

switchport access vlan 25

switchport mode access

channel-group 6 mode passive

!

interface GigabitEthernet1/0/20

switchport access vlan 25

switchport mode access

channel-group 6 mode passive

!

interface GigabitEthernet1/0/21

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/22

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/23

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/24

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/1/1

!

interface GigabitEthernet1/1/2

!

interface GigabitEthernet1/1/3

!

interface GigabitEthernet1/1/4

!

interface Vlan1

no ip address

shutdown

!

interface Vlan99

ip address 10.21.25.2 255.255.255.0

!

ip default-gateway 10.21.25.1

ip forward-protocol nd

ip http server

ip http authentication local

ip http secure-server

!

ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data

permit tcp any any eq 22

permit tcp any any eq 465

permit tcp any any eq 143

permit tcp any any eq 993

permit tcp any any eq 995

permit tcp any any eq 1914

permit tcp any any eq ftp

permit tcp any any eq ftp-data

permit tcp any any eq smtp

permit tcp any any eq pop3

ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf

permit udp any any range 16384 32767

permit tcp any any range 50000 59999

ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger

permit tcp any any range 2300 2400

permit udp any any range 2300 2400

permit tcp any any range 6881 6999

permit tcp any any range 28800 29100

permit tcp any any eq 1214

permit udp any any eq 1214

permit tcp any any eq 3689

permit udp any any eq 3689

permit tcp any any eq 11999

ip access-list extended AutoQos-4.0-wlan-Acl-Signaling

permit tcp any any range 2000 2002

permit tcp any any range 5060 5061

permit udp any any range 5060 5061

ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data

permit tcp any any eq 443

permit tcp any any eq 1521

permit udp any any eq 1521

permit tcp any any eq 1526

permit udp any any eq 1526

permit tcp any any eq 1575

permit udp any any eq 1575

permit tcp any any eq 1630

permit udp any any eq 1630

permit tcp any any eq 1527

permit tcp any any eq 6200

permit tcp any any eq 3389

permit tcp any any eq 5985

permit tcp any any eq 8080

!

!

!

control-plane

service-policy input system-cpp-policy

!

!

line con 0

password 7 0132323C1F59565F71

logging synchronous

login

stopbits 1

line aux 0

stopbits 1

line vty 0 4

login

line vty 5 15

login

!

!

wsma agent exec

!

wsma agent config

!

wsma agent filesys

!

wsma agent notify

!

!

ap dot11 airtime-fairness policy-name Default 0

ap group default-group

ap hyperlocation ble-beacon 0

ap hyperlocation ble-beacon 1

ap hyperlocation ble-beacon 2

ap hyperlocation ble-beacon 3

ap hyperlocation ble-beacon 4

end

24PinTech_Switch# show start

Using 8883 out of 2097152 bytes

!

! Last configuration change at 17:30:47 UTC Fri Dec 14 2018

!

version 16.3

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

no platform punt-keepalive disable-kernel-core

!

hostname 24PinTech_Switch

!

!

vrf definition Mgmt-vrf

!

address-family ipv4

exit-address-family

!

address-family ipv6

exit-address-family

!

enable secret 5 $1$W8fz$yoZKAzoRMefe/h6hlXo741

!

no aaa new-model

switch 1 provision ws-c3650-24ps

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

crypto pki trustpoint TP-self-signed-833429682

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-833429682

revocation-check none

rsakeypair TP-self-signed-833429682

!

!

crypto pki certificate chain TP-self-signed-833429682

certificate self-signed 01 nvram:IOS-Self-Sig#2.cer

!

license boot level ipbasek9

diagnostic bootup level minimal

spanning-tree mode rapid-pvst

spanning-tree extend system-id

!

!

!

redundancy

mode sso

!

!

!

class-map match-any system-cpp-police-topology-control

description Topology control

class-map match-any system-cpp-police-sw-forward

description Sw forwarding, SGT Cache Full, LOGGING

class-map match-any system-cpp-default

description DHCP snooping, show forward and rest of traffic

class-map match-any system-cpp-police-sys-data

description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL

SAMPLED DATA, Gold Pkt, RPF Failed

class-map match-any system-cpp-police-punt-webauth

description Punt Webauth

class-map match-any system-cpp-police-forus

description Forus Address resolution and Forus traffic

class-map match-any system-cpp-police-multicast-end-station

description MCAST END STATION

class-map match-any system-cpp-police-multicast

description Transit Traffic and MCAST Data

class-map match-any system-cpp-police-l2-control

description L2 control

class-map match-any system-cpp-police-dot1x-auth

description DOT1X Auth

class-map match-any system-cpp-police-data

description ICMP_GEN and BROADCAST

class-map match-any system-cpp-police-control-low-priority

description ICMP redirect and general punt

class-map match-any system-cpp-police-wireless-priority1

description Wireless priority 1

class-map match-any system-cpp-police-wireless-priority2

description Wireless priority 2

class-map match-any system-cpp-police-wireless-priority3-4-5

description Wireless priority 3,4 and 5

class-map match-any non-client-nrt-class

class-map match-any system-cpp-police-routing-control

description Routing control

class-map match-any system-cpp-police-protocol-snooping

description Protocol snooping

!

policy-map port_child_policy

class non-client-nrt-class

bandwidth remaining ratio 10

policy-map system-cpp-policy

class system-cpp-police-data

police rate 200 pps

class system-cpp-police-sys-data

police rate 100 pps

class system-cpp-police-sw-forward

police rate 1000 pps

class system-cpp-police-multicast

police rate 500 pps

class system-cpp-police-multicast-end-station

police rate 2000 pps

class system-cpp-police-punt-webauth

class system-cpp-police-l2-control

class system-cpp-police-routing-control

police rate 1800 pps

class system-cpp-police-control-low-priority

class system-cpp-police-wireless-priority1

class system-cpp-police-wireless-priority2

class system-cpp-police-wireless-priority3-4-5

class system-cpp-police-topology-control

class system-cpp-police-dot1x-auth

class system-cpp-police-protocol-snooping

class system-cpp-police-forus

class system-cpp-default

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface Port-channel1

switchport access vlan 25

switchport mode access

!

interface Port-channel2

switchport access vlan 25

switchport mode access

!

interface Port-channel3

switchport trunk allowed vlan 25

switchport mode trunk

!

interface Port-channel4

switchport access vlan 25

switchport mode access

!

interface Port-channel5

switchport access vlan 25

switchport mode access

!

interface Port-channel6

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet0/0

vrf forwarding Mgmt-vrf

no ip address

negotiation auto

!

interface GigabitEthernet1/0/1

switchport trunk allowed vlan 25

switchport mode trunk

channel-group 3 mode active

!

interface GigabitEthernet1/0/2

switchport trunk allowed vlan 25

switchport mode trunk

channel-group 3 mode active

!

interface GigabitEthernet1/0/3

switchport access vlan 25

switchport mode access

channel-group 1 mode passive

!

interface GigabitEthernet1/0/4

switchport access vlan 25

switchport mode access

channel-group 1 mode passive

!

interface GigabitEthernet1/0/5

switchport access vlan 25

switchport mode access

channel-group 1 mode passive

!

interface GigabitEthernet1/0/6

switchport access vlan 25

switchport mode access

channel-group 1 mode passive

!

interface GigabitEthernet1/0/7

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/8

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/9

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/10

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/11

switchport access vlan 25

switchport mode access

channel-group 4 mode passive

!

interface GigabitEthernet1/0/12

switchport access vlan 25

switchport mode access

channel-group 4 mode passive

!

interface GigabitEthernet1/0/13

switchport access vlan 25

switchport mode access

channel-group 5 mode passive

!

interface GigabitEthernet1/0/14

switchport access vlan 25

switchport mode access

channel-group 5 mode passive

!

interface GigabitEthernet1/0/15

switchport access vlan 25

switchport mode access

channel-group 5 mode passive

!

interface GigabitEthernet1/0/16

switchport access vlan 25

switchport mode access

channel-group 5 mode passive

!

interface GigabitEthernet1/0/17

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/18

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/19

switchport access vlan 25

switchport mode access

channel-group 6 mode passive

!

interface GigabitEthernet1/0/20

switchport access vlan 25

switchport mode access

channel-group 6 mode passive

!

interface GigabitEthernet1/0/21

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/22

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/23

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/0/24

switchport access vlan 25

switchport mode access

!

interface GigabitEthernet1/1/1

!

interface GigabitEthernet1/1/2

!

interface GigabitEthernet1/1/3

!

interface GigabitEthernet1/1/4

!

interface Vlan1

no ip address

shutdown

!

interface Vlan99

ip address 10.21.25.2 255.255.255.0

!

ip default-gateway 10.21.25.1

ip forward-protocol nd

ip http server

ip http authentication local

ip http secure-server

!

ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data

permit tcp any any eq 22

permit tcp any any eq 465

permit tcp any any eq 143

permit tcp any any eq 993

permit tcp any any eq 995

permit tcp any any eq 1914

permit tcp any any eq ftp

permit tcp any any eq ftp-data

permit tcp any any eq smtp

permit tcp any any eq pop3

ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf

permit udp any any range 16384 32767

permit tcp any any range 50000 59999

ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger

permit tcp any any range 2300 2400

permit udp any any range 2300 2400

permit tcp any any range 6881 6999

permit tcp any any range 28800 29100

permit tcp any any eq 1214

permit udp any any eq 1214

permit tcp any any eq 3689

permit udp any any eq 3689

permit tcp any any eq 11999

ip access-list extended AutoQos-4.0-wlan-Acl-Signaling

permit tcp any any range 2000 2002

permit tcp any any range 5060 5061

permit udp any any range 5060 5061

ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data

permit tcp any any eq 443

permit tcp any any eq 1521

permit udp any any eq 1521

permit tcp any any eq 1526

permit udp any any eq 1526

permit tcp any any eq 1575

permit udp any any eq 1575

permit tcp any any eq 1630

permit udp any any eq 1630

permit tcp any any eq 1527

permit tcp any any eq 6200

permit tcp any any eq 3389

permit tcp any any eq 5985

permit tcp any any eq 8080

!

!

!

control-plane

service-policy input system-cpp-policy

!

!

line con 0

password 7 0132323C1F59565F71

logging synchronous

login

stopbits 1

line aux 0

stopbits 1

line vty 0 4

login

line vty 5 15

login

!

!

wsma agent exec

!

wsma agent config

!

wsma agent filesys

!

wsma agent notify

!

!

ap dot11 airtime-fairness policy-name Default 0

ap group default-group

ap hyperlocation ble-beacon 0

ap hyperlocation ble-beacon 1

ap hyperlocation ble-beacon 2

ap hyperlocation ble-beacon 3

ap hyperlocation ble-beacon 4

end

Retrieved from "https://wiki.24pin.tech/index.php?title=24PinTechSwitch_Config&oldid=981"