MarcusCom
/
switch-ztp


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889
							#event manager applet auto-config-port authorization bypass
# event neighbor-discovery interface regexp ^GigabitEthernet0/[1-8]$ cdp add
 cli command "enable"
 cli command "show int $_nd_local_intf_name | inc Description:"
 regexp "STATIC:" $_cli_result
 if $_regexp_result eq 1
  exit 0
 end
 cli command "config t"
 cli command "default interface $_nd_local_intf_name"
 cli command "interface $_nd_local_intf_name"
 cli command "description $_nd_cdp_entry_name:$_nd_port_id"
  cli command "switchport access vlan %%WIRED_NAT_VLAN%%"
  cli command "switchport mode access"
  cli command "switchport nonegotiate"
  cli command "switchport port-security maximum %%MAX_MACS%%"
  cli command "switchport port-security"
  cli command "switchport port-security aging time 20"
  cli command "no logging event power-inline-status"
  cli command "load-interval 30"
  cli command "srr-queue bandwidth share 1 30 35 5"
  cli command "priority-queue out"
  cli command "ipv6 nd raguard"
  cli command "ipv6 dhcp guard"
  cli command "mls qos trust dscp"
  cli command "spanning-tree portfast"
  cli command "spanning-tree bpduguard enable"
  cli command "spanning-tree link-type point-to-point"
  regexp "K9W8-" $_nd_cdp_version
  if $_regexp_result eq 1
   cli command "switchport access vlan %%WIRELESS_AP_VLAN%%"
   cli command "storm-control broadcast level pps 100"
   cli command "storm-control multicast level pps 10k"
   exit 0
  end
  regexp "(Cisco IP Phone|Cisco IP Conference Station|CTS-CODEC-EX90)" $_nd_cdp_platform
  if $_regexp_result eq 1
   cli command "switchport access vlan %%VOICE_TP_VLAN%%"
   cli command "storm-control broadcast level pps 100"
   cli command "storm-control multicast level pps 2k"
  end
  regexp "CIVS-IPC-" $_nd_cdp_platform
  if $_regexp_result eq 1
   cli command "switchport access vlan %%VIDEO_SURVEILLANCE_VLAN%%"
   cli command "storm-control broadcast level pps 100"
   cli command "storm-control multicast level pps 2k"
   cli command "mls qos trust device ip-camera"
  end
  regexp "Cisco-DMP-" $_nd_cdp_platform
  if $_regexp_result eq 1
   cli command "switchport access vlan %%CISCOTV_DMP_VLAN%%"
   cli command "storm-control broadcast level pps 100"
  end
  regexp "CTS-CODEC-C90" $_nd_cdp_platform
  if $_regexp_result eq 1
   cli command "switchport access vlan %%SESSION_CAPTURE_VLAN%%"
   cli command "storm-control broadcast level pps 100"
   cli command "storm-control multicast level pps 2k"
  end
!
#event manager applet reset-port authorization bypass
# event syslog pattern "LINK-3-UPDOWN.*Interface GigabitEthernet0/[1-8], changed state to down"
 regexp "Interface ([^,]+)" $_syslog_msg match intf
 cli command "enable"
 cli command "show int $intf | inc Description:"
 regexp "STATIC:" $_cli_result
 if $_regexp_result eq 1
  exit 0
 end
 cli command "config t"
 cli command "default interface $intf"
 cli command "interface $intf"
 cli command "switchport access vlan %%WIRED_NAT_VLAN%%"
 cli command "switchport mode access"
 cli command "switchport nonegotiate"
 cli command "switchport port-security maximum %%MAX_MACS%%"
 cli command "switchport port-security"
 cli command "switchport port-security aging time 20"
 cli command "load-interval 30"
 cli command "srr-queue bandwidth share 1 30 35 5"
 cli command "priority-queue out"
 cli command "ipv6 nd raguard"
 cli command "ipv6 dhcp guard"
 cli command "storm-control broadcast level pps 100"
 cli command "storm-control multicast level pps 2k"
 cli command "spanning-tree portfast"
 cli command "spanning-tree bpduguard enable"
 cli command "spanning-tree link-type point-to-point"
 cli command "end"