MarcusCom
/
switch-ztp


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215
							service nagle
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname %%HOSTNAME%%
!
boot-start-marker
boot-end-marker
!
!
!
logging count
logging buffered 32768
!
username admin privilege 15 secret 5 %%ADMIN_SECRET%%
aaa new-model
!
!
aaa group server tacacs+ ACS
 server-private 63.231.220.18 key 7 %%TACACS_KEY%%
 server-private 63.231.220.19 key 7 %%TACACS_KEY%%
 ip tacacs source-interface %%MGMT_VLAN%%
!
aaa authentication login default group ACS local
aaa authentication enable default group ACS enable
aaa authorization exec default group ACS if-authenticated
!
!
!
!
!
aaa session-id common
clock timezone PST -8 0
clock summer-time PDT recurring
%%STACK_CONFIG%%
system mtu routing 1500
no ip source-route
ip icmp rate-limit unreachable 20
ip options drop
ip dhcp relay information trust-all
!
!
!
ip dhcp snooping vlan 2-4094
ip dhcp snooping information option allow-untrusted
ip dhcp snooping information option format remote-id hostname
ip dhcp snooping
no ip domain-lookup
ip domain-name noc.ciscolive.com
login on-failure log
vtp domain %%VTP_DOMAIN%%
vtp mode transparent
!
ipv6 nd raguard policy uplink-policy
 device-role router
 trusted-port
!
!
mls qos
!
energywise domain %%EW_DOMAIN%% security shared-secret 0 %%EW_SHARED_SECRET%% protocol udp port 43440 interface %%MGMT_VLAN%%
energywise role %%EW_ROLE%%
energywise management security shared-secret 0 %%EW_MGMT_SHARED_SECRET%%
energywise keywords %%EW_KEYWORDS%%
energywise allow query save
!
energywise endpoint security none
!
!
!
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 1-4094 priority 61440
!
!
!
!
!
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause psecure-violation
errdisable recovery cause storm-control
errdisable recovery cause inline-power
errdisable recovery interval 30
!
!
!
!
vlan internal allocation policy ascending
!
%%VLAN_TMPL%%
!
!
ip tcp selective-ack
ip tcp window-size 65535
ip tcp queuemax 50
ip tcp synwait-time 5
ip tcp path-mtu-discovery age-timer 10
ip telnet source-interface %%MGMT_VLAN%%
ip ftp source-interface %%MGMT_VLAN%%
ip ssh source-interface %%MGMT_VLAN%%
ip ssh logging events
ip ssh version 2
ip ssh dscp 48
lldp run
! 
!
%%PORT_CONFIG%%
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface %%MGMT_VLAN%%
 ip address %%MGMT_IP%% %%MGMT_MASK%%
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 no ip route-cache
 no ipv6 redirects
 no ipv6 unreachables
!
ip default-gateway %%MGMT_GW%%
!
no ip http server
no ip http secure-server
!
!
ip access-list standard MGMT
 permit 63.231.220.0 0.0.0.127
 permit 10.101.0.0 0.0.255.255
 permit 10.63.231.0 0.0.0.255
 permit 10.111.0.0 0.0.255.255
 permit 10.112.0.0 0.0.255.255
 permit 10.113.0.0 0.0.255.255
 permit 10.114.0.0 0.0.255.255
 permit 10.121.0.0 0.0.255.255
 permit 10.102.0.0 0.0.255.255
 permit 10.103.0.0 0.0.255.255
 permit 10.104.0.0 0.0.255.255
!
ip sla responder
ip sla enable reaction-alerts
logging trap debugging
logging source-interface %%MGMT_VLAN%%
logging 63.231.220.47
cdp timer 5
cdp holdtime 15
!
!
snmp-server group CLNOC v3 priv write v1default notify v1default access MGMT
snmp-server group CLNOC v3 priv context vlan- match prefix access MGMT
snmp-server user %%SNMPV3_USER%% CLNOC v3 auth sha %%SNMPV3_PASS%% priv des %%SNMPV3_PASS%% access MGMT
snmp-server trap-source %%MGMT_VLAN%%
snmp-server system-shutdown
snmp-server location %%SNMP_LOCATION%%
snmp-server contact ciscolivenoc@cisco.com
snmp ifmib ifindex persist
!
!
!
banner login &
##############################################################
##                  Hostname: $(hostname)                     ##
##                                                          ##
##                 Cisco Live 2015 Team                     ##
##                                                          ##
##           UNAUTHORIZED ACCESS IS PROHIBITED              ##
##                                                          ##
##      All sessions to this device are being monitored.    ##
##      If unauthorized access is detected, your address    ##
##      will be logged and the authorities will be          ##
##      notified to take appropriate actions.               ##
##                                                          ##
##      If you require access to this device please         ##
##      email the NOC team on ciscolivenoc@cisco.com        ##
##                                                          ##
##      For urgent issues contact:                          ##
##        - Joe Clarke +1-919-345-5369                      ##
##                                                          ##
##############################################################
&
!
!
line con 0
 logging synchronous
 privilege level 15
line vty 0 4
 access-class MGMT in
 logging synchronous
 exec prompt timestamp
 privilege level 15
 transport input telnet ssh
 transport output telnet ssh
line vty 5 15
 access-class MGMT in
 logging synchronous
 exec prompt timestamp
 privilege level 15
 transport input telnet ssh
 transport output telnet ssh
!
event manager scheduler applet thread class default number 8
%%EEM_CONFIG%%
!
no exception crashinfo
ntp server 63.231.220.15 source %%MGMT_VLAN%%