123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215 |
- service nagle
- no service pad
- service tcp-keepalives-in
- service tcp-keepalives-out
- service timestamps debug datetime msec localtime show-timezone
- service timestamps log datetime msec localtime show-timezone
- service password-encryption
- !
- hostname %%HOSTNAME%%
- !
- boot-start-marker
- boot-end-marker
- !
- !
- !
- logging count
- logging buffered 32768
- !
- username admin privilege 15 secret 5 %%ADMIN_SECRET%%
- aaa new-model
- !
- !
- aaa group server tacacs+ ACS
- server-private 63.231.220.18 key 7 %%TACACS_KEY%%
- server-private 63.231.220.19 key 7 %%TACACS_KEY%%
- ip tacacs source-interface %%MGMT_VLAN%%
- !
- aaa authentication login default group ACS local
- aaa authentication enable default group ACS enable
- aaa authorization exec default group ACS if-authenticated
- !
- !
- !
- !
- !
- aaa session-id common
- clock timezone PST -8 0
- clock summer-time PDT recurring
- %%STACK_CONFIG%%
- system mtu routing 1500
- no ip source-route
- ip icmp rate-limit unreachable 20
- ip options drop
- ip dhcp relay information trust-all
- !
- !
- !
- ip dhcp snooping vlan 2-4094
- ip dhcp snooping information option allow-untrusted
- ip dhcp snooping information option format remote-id hostname
- ip dhcp snooping
- no ip domain-lookup
- ip domain-name noc.ciscolive.com
- login on-failure log
- vtp domain %%VTP_DOMAIN%%
- vtp mode transparent
- !
- ipv6 nd raguard policy uplink-policy
- device-role router
- trusted-port
- !
- !
- mls qos
- !
- energywise domain %%EW_DOMAIN%% security shared-secret 0 %%EW_SHARED_SECRET%% protocol udp port 43440 interface %%MGMT_VLAN%%
- energywise role %%EW_ROLE%%
- energywise management security shared-secret 0 %%EW_MGMT_SHARED_SECRET%%
- energywise keywords %%EW_KEYWORDS%%
- energywise allow query save
- !
- energywise endpoint security none
- !
- !
- !
- !
- !
- !
- spanning-tree mode rapid-pvst
- spanning-tree extend system-id
- spanning-tree vlan 1-4094 priority 61440
- !
- !
- !
- !
- !
- errdisable recovery cause udld
- errdisable recovery cause bpduguard
- errdisable recovery cause psecure-violation
- errdisable recovery cause storm-control
- errdisable recovery cause inline-power
- errdisable recovery interval 30
- !
- !
- !
- !
- vlan internal allocation policy ascending
- !
- %%VLAN_TMPL%%
- !
- !
- ip tcp selective-ack
- ip tcp window-size 65535
- ip tcp queuemax 50
- ip tcp synwait-time 5
- ip tcp path-mtu-discovery age-timer 10
- ip telnet source-interface %%MGMT_VLAN%%
- ip ftp source-interface %%MGMT_VLAN%%
- ip ssh source-interface %%MGMT_VLAN%%
- ip ssh logging events
- ip ssh version 2
- ip ssh dscp 48
- lldp run
- !
- !
- %%PORT_CONFIG%%
- !
- interface Vlan1
- no ip address
- no ip route-cache
- shutdown
- !
- interface %%MGMT_VLAN%%
- ip address %%MGMT_IP%% %%MGMT_MASK%%
- no ip redirects
- no ip unreachables
- no ip proxy-arp
- no ip route-cache
- no ipv6 redirects
- no ipv6 unreachables
- !
- ip default-gateway %%MGMT_GW%%
- !
- no ip http server
- no ip http secure-server
- !
- !
- ip access-list standard MGMT
- permit 63.231.220.0 0.0.0.127
- permit 10.101.0.0 0.0.255.255
- permit 10.63.231.0 0.0.0.255
- permit 10.111.0.0 0.0.255.255
- permit 10.112.0.0 0.0.255.255
- permit 10.113.0.0 0.0.255.255
- permit 10.114.0.0 0.0.255.255
- permit 10.121.0.0 0.0.255.255
- permit 10.102.0.0 0.0.255.255
- permit 10.103.0.0 0.0.255.255
- permit 10.104.0.0 0.0.255.255
- !
- ip sla responder
- ip sla enable reaction-alerts
- logging trap debugging
- logging source-interface %%MGMT_VLAN%%
- logging 63.231.220.47
- cdp timer 5
- cdp holdtime 15
- !
- !
- snmp-server group CLNOC v3 priv write v1default notify v1default access MGMT
- snmp-server group CLNOC v3 priv context vlan- match prefix access MGMT
- snmp-server user %%SNMPV3_USER%% CLNOC v3 auth sha %%SNMPV3_PASS%% priv des %%SNMPV3_PASS%% access MGMT
- snmp-server trap-source %%MGMT_VLAN%%
- snmp-server system-shutdown
- snmp-server location %%SNMP_LOCATION%%
- snmp-server contact ciscolivenoc@cisco.com
- snmp ifmib ifindex persist
- !
- !
- !
- banner login &
- ##############################################################
- ## Hostname: $(hostname) ##
- ## ##
- ## Cisco Live 2015 Team ##
- ## ##
- ## UNAUTHORIZED ACCESS IS PROHIBITED ##
- ## ##
- ## All sessions to this device are being monitored. ##
- ## If unauthorized access is detected, your address ##
- ## will be logged and the authorities will be ##
- ## notified to take appropriate actions. ##
- ## ##
- ## If you require access to this device please ##
- ## email the NOC team on ciscolivenoc@cisco.com ##
- ## ##
- ## For urgent issues contact: ##
- ## - Joe Clarke +1-919-345-5369 ##
- ## ##
- ##############################################################
- &
- !
- !
- line con 0
- logging synchronous
- privilege level 15
- line vty 0 4
- access-class MGMT in
- logging synchronous
- exec prompt timestamp
- privilege level 15
- transport input telnet ssh
- transport output telnet ssh
- line vty 5 15
- access-class MGMT in
- logging synchronous
- exec prompt timestamp
- privilege level 15
- transport input telnet ssh
- transport output telnet ssh
- !
- event manager scheduler applet thread class default number 8
- %%EEM_CONFIG%%
- !
- no exception crashinfo
- ntp server 63.231.220.15 source %%MGMT_VLAN%%
|