CS2

hostname CBE0006_00_CS01
enable secret 5 $1$Fa/N$GvzwvCTOuaeJwVgCu2TMA.
username CBEAdmin privilege 15 secret 5 $1$TZuy$pr3walyN5H.W5lhNQ5ZUB.
username Elshaday privilege 15 secret 5 $1$G1fx$Rl8WUow48JBaoaJhbkiHs1
aaa new-model
aaa group server tacacs+ DCAdmin
server 10.1.2.4
aaa authentication login default group DCAdmin local
aaa authentication enable default group DCAdmin enable
aaa authorization console
aaa authorization config-commands
aaa authorization exec default group DCAdmin local
aaa authorization exec test group DCAdmin local
aaa authorization commands 10 default group DCAdmin local
aaa authorization commands 10 test group DCAdmin local
aaa authorization commands 10 CBEAdmin group DCAdmin local
aaa authorization commands 15 default group DCAdmin local
aaa authorization commands 15 CBEAdmin group DCAdmin local
aaa authorization commands 15 test group DCAdmin local
aaa authorization network default group DCAdmin

aaa authorization configuration default group DCAdmin
aaa accounting exec default start-stop group DCAdmin
aaa accounting commands 15 CDEAdmin start-stop group DCAdmin
aaa accounting network default start-stop group DCAdmin
aaa accounting connection default start-stop group DCAdmin
aaa accounting system default start-stop group DCAdmin
aaa session-id common
clock timezone EAT 3
system mtu routing 1500
no ip source-route
ip routing
no ip gratuitous-arps
ip domain-name cbe.com.et
ip name-server 10.1.11.13
ip name-server 10.1.11.16
ip dhcp excluded-address 10.6.20.1 10.6.20.27

ip dhcp excluded-address 10.6.30.1. 10.6.30.127
ip dhcp excluded-address 10. 6.16.1 10. 6.16.127
ip dhcp pool vlan16
network 10.6.16.0 255.255.254.0
domain-name cbe.com.et
default-router 10.6.16.1
dns-server 10.1.11.13 10.1.11.16
ip dhcp pool vlan317
network 10.6.17.0 255.255.254.0
dns-server 10.1.11.13 10.1.11.16
network 10.6.18.0 255.255.254.0
dns-server 10.1.11.13 10.1.11.16
network 10.6.19.0 255.255.254.0
dns-server 10.1.11.13
ip dhcp pool vlan20
network 10. 6.20.0 255.255.255.0
default-router 10. 6.20.1
dns-server 10.1.11.13 10.1.11.16
ip dhcp pool vlan25
network 10. 6.21.0 255.255.255.0
dns-server 10.1.11.13 10.1.11.16
ip dhcp pool vlan30
network 10. 6.22.0 255.255.255.0

dns-server 10.1.11.13 10.1.11.16
ip dhcp pool vlan35
network 10.6.23.0 255.255.255.0
dns-server 10.1.11.13 10.1.11.16
ip dhcp pool vlan40
network 10. 6.24.0 255.255.255.0
dns-server 10.1.11.13 10.1.11.16
ip dhcp pool vlan45
network 10. 6.25.0 255.255.255.0
dns-server 10.1.11.13 10.1.11.16
ip dhcp pool vlan50
network 10.6.26.0 255.255.255.0

dns-server 10.1.11.13 10.1.11.16
ip dhcp pool vlan55
network 10.6.27.0 255.255.255.0
dns-server 10.1.11.13 10.1.11.16
ip dhcp pool vlan60
network 10.6.28.0 255.255.255.0
dns-server 10.1.11.13 10.1.11.16
ip dhcp pool vlan65
network 10. 6.29.0 255.255.255.0
dns-server 10.1.11.13 10.1.11.16
ip dhcp pool vlan70
network 10. 6.30.0 255.255.255.0
dns-server 10.1.11.13 10.1.11.16

!
ip dhcp pool vlan75
network 10. 6.31.0 255.255.255.0
dns-server 10.1.11.13 10.1.11.16
ip dhcp snooping vlan 16,20,25,30,35,40,45,50,55,60,65,70,75,80
ip dhcp snooping
key chain HSRPKEY
key 100
key-string 7 15312929240218141A
spanning-tree mode mst
spanning-tree loopguard default
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree mst configuration

name MSTR8
revision 1
instance 1 vlan 2, 16, 20, 25, 30, 35, 40, 45
instance 2 vlan 50, 55, 60, 65, 70, 75, 317, 318, 319
spanning-tree mst 0-1 priority 24576
spanning-tree mst 2 priority 28672
vlan internal allocation policy ascending
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2
interface Loopback0
ip address 10.6.0.1 255.255.255.255
interface Port-channel10
description TO_CBE0006_00_CS02
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet1/0/1
description To CBE0006_01_AS01_Gig 0/2
switchport trunk encapsulation dot1q
switchport trunk native vlan 35
switchport mode access
switchport nonegotiate
ip verify source port-security
ip dhcp snooping trust
interface Vlan1
no ip address
shutdown
interface Vlan2
ip address 10.6.0.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 7 045809031C244F5C0C0D
standby 10 ip 10.6.0.2
standby 10 timers msec 100 msec 300
standby 10 priority 90
standby 10 preempt
standby 10 authentication md5 key-string 7 0327792E2627127E7E

spanning-tree guard root
interface Vlan16
ip address 10.6.16.1 255.255.254.0
ip access-group INTERNET_USERS in
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf message-digest-key 1 md5 7 13061517180907382E30
standby 10 ip 10.6.16.2
standby 10 preempt
interface Vlan20
ip address 10.6.20.1 255.255.255.0
ip access-group DATA_USERS in
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf message-digest-key 1 md5 7 13061517180907382E30
standby 10 ip 10.6.20.2
standby 10 preempt
interface Vlan25
ip address 10.6.21.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf message-digest-key 1 md5 7 1414100E1F012939213C
standby 10 ip 10.6.21.1
standby 10 preempt
interface Vlan30
ip address 10.6.22.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf message-digest-key 1 md5 7 0508040A32494D1B1C11
standby 10 ip 10.6.22.1
standby 10 preempt
interface Vlan35
ip address 10.6.23.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
standby 10 ip 10.6.23.1
standby 10 preempt
interface Vlan40
ip address 10.6.24.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf message-digest-key 1 md5 7 121A0712010E0F162F3F
standby 10 ip 10.6.24.1
standby 10 preempt
interface Vlan45
ip address 10.6.25.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
standby 10 ip 10.6.25.1
standby 10 preempt
!
interface Vlan50
ip address 10.6.26.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
standby 10 ip 10.6.26.1
standby 10 preempt
interface Vlan55
ip address 10.6.27.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
standby 10 ip 10.6.27.1

standby 10 preempt
interface Vlan60
ip address 10.6.28.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
standby 10 ip 10.6.28.1
standby 10 preempt
interface Vlan65
ip address 10.6.29.2 255.255.254.0
no ip redirects
no ip unreachables
no ip proxy-arp
standby 10 ip 10.6.29.1
standby 10 preempt
interface Vlan70
ip address 10.6.30.2 255.255.254.0
no ip redirects
no ip unreachables
no ip proxy-arp
standby 10 ip 10.6.30.1
standby 10 preempt
interface Vlan75
ip address 10.6.31.2 255.255.254.0
no ip redirects
no ip unreachables
no ip proxy-arp
standby 10 ip 10.6.31.1
standby 10 preempt
interface 317
ip address 10.6.17.2 255.255.254.0
ip access-group WIRELESS_USERS in
no ip redirects
no ip unreachables
no ip proxy-arp
standby 10 ip 10.6.17.1

standby 10 preempt
interface Vlan318
ip address 10.6.18.2 255.255.254.0
ip access-group DTV_USERS in
no ip redirects
no ip unreachables
no ip proxy-arp
standby 10 ip 10.6.18.1
standby 10 preempt
interface Vlan319
ip address 10.6.19.2 255.255.254.0
ip access-group CAMERA_USERS in
no ip redirects
no ip unreachables
no ip proxy-arp
standby 10 ip 10.6.19.1
standby 10 preempt
interface Vlan608
description Between_CS01_ER01
ip address
router ospf 1
router-id 10.6.16.1
ip access-list extended DATA_USERS
deny ip 10.6.0.0 0.0.255.255 host 10.1.11.7
deny ip 10.6.0.0 0.0.255.255 host 10.1.11.8
permit ip 10.6.0.0 0.0.255.255 172.31.6.0 0.0.0.255
permit ip 10.6.0.0 0.0.255.255 172.30.10.0 0.0.0.255
ip access-list extended INTERNET_USERS
permit ip 10.6.16.0 0.0.1.255 host 10.1.11.7

permit ip 10.6.16.0 0.0.1.255 host 10.1.11.8
permit ip 10.6.16.0 0.0.1.255 10.1.11.0 0.0.0.255
permit ip 10.6.16.0 0.0.1.255 10.3.11.0 0.0.0.255
permit tcp 10.6.16.0 0.0.1.255 10.1.11.0 0.0.0.255 eq www
permit tcp 10.6.16.0 0.0.1.255 10.1.11.0 0.0.0.255 eq domain
permit tcp 10.6.16.0 0.0.1.255 10.1.11.0 0.0.0.255 eq 443
permit tcp 10.6.16.0 0.0.1.255 10.3.11.0 0.0.0.255 eq 443
permit tcp 10.6.16.0 0.0.1.255 10.3.11.0 0.0.0.255 eq www
permit ip host 10.6.16.30 any
deny ip any 10.0.0.0 0.255.255.255
deny ip any 172.31.0.0 0.0.255.255
ip access-list extended WIRELESS_USERS
permit ip 10.6.17.0 0.0.1.255 host 10.1.11.7
permit ip 10.6.17.0 0.0.1.255 host 10.1.11.8
permit ip 10.6.17.0 0.0.1.255 10.1.11.0 0.0.0.255
permit ip 10.6.17.0 0.0.1.255 10.3.11.0 0.0.0.255
permit tcp 10.6.17.0 0.0.1.255 10.1.11.0 0.0.0.255 eq www
permit tcp 10.6.17.0 0.0.1.255 10.1.11.0 0.0.0.255 eq 443
permit tcp 10.6.17.0 0.0.1.255 10.3.11.0 0.0.0.255 eq 443
permit tcp 10.6.17.0 0.0.1.255 10.3.11.0 0.0.0.255 eq www
permit ip host 10.6.17.30 any

deny ip any 10.0.0.0 0.255.255.255
deny ip any 172.31.0.0 0.0.255.255
ip access-list extended DTV_USERS
deny ip 10.6.0.0 0.0.255.255 host 10.1.11.7
deny ip 10.6.0.0 0.0.255.255 host 10.1.11.8
permit ip 10.6.0.0 0.0.255.255 172.31.6.0 0.0.0.255
permit ip 10.6.0.0 0.0.255.255 172.30.10.0 0.0.0.255
ip sla enable reaction-alerts
logging source-interface Vlan2
logging 10.1.2.5
logging 10.1.2.2
logging 10.1.2.3
access-list 10 permit 10.8.55.138
access-list 10 permit 10.1.2.0 0.0.0.255
snmp-server enable traps
snmp-server host 10.1.2.2 version 3 priv CBEAdmin udp-port 161 snmp

snmp-server host 10.3.70.100 version 3 priv CBEAdmin snmp
snmp-server host 10.3.70.101 version 3 priv CBEAdmin snmp
snmp mib community-map CBESNMPCBE engineid 1234567890
tacacs-server host 10.1.2.4 single-connection
tacacs-server directed-request
line con 0
exec-timeout 5 0
password 7 013024217B22283C00
authorization commands 15 CBEAdmin
accounting commands 15 CBEAdmin
logging synchronous
stopbits 1
line vty 0 4
access-class 10 in
exec-timeout 5 0
password 7 112A3B20373B253F25
authorization commands 15 CBEAdmin
accounting commands 15 CBEAdmin
transport input ssh
line vty 5 15
transport input none
ntp authentication-key 10 md5 0225267E25323F 7

ntp authenticate
ntp trusted-key 10
ntp clock-period 36028564
ntp server 10.1.2.10 key 10
end

CS2

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

CS2

Încărcat de

Drepturi de autor:

Formate disponibile

hostname CBE0006_00_CS01

enable secret 5 $1$Fa/N$GvzwvCTOuaeJwVgCu2TMA.

username CBEAdmin privilege 15 secret 5 $1$TZuy$pr3walyN5H.W5lhNQ5ZUB.

username Elshaday privilege 15 secret 5 $1$G1fx$Rl8WUow48JBaoaJhbkiHs1

aaa group server tacacs+ DCAdmin

aaa authentication login default group DCAdmin local

aaa authentication enable default group DCAdmin enable

aaa authorization console

aaa authorization config-commands

aaa authorization exec default group DCAdmin local

aaa authorization exec test group DCAdmin local

aaa authorization commands 10 default group DCAdmin local

aaa authorization commands 10 test group DCAdmin local

aaa authorization commands 10 CBEAdmin group DCAdmin local

aaa authorization commands 15 default group DCAdmin local

aaa authorization commands 15 CBEAdmin group DCAdmin local

aaa authorization commands 15 test group DCAdmin local

aaa authorization network default group DCAdmin

aaa accounting exec default start-stop group DCAdmin

aaa accounting commands 15 CDEAdmin start-stop group DCAdmin

aaa accounting network default start-stop group DCAdmin

aaa accounting connection default start-stop group DCAdmin

aaa accounting system default start-stop group DCAdmin

aaa session-id common

clock timezone EAT 3

system mtu routing 1500

ip dhcp excluded-address 10.6.20.1 10.6.20.27

ip dhcp excluded-address 10.6.21.1 10.6.21.127

ip dhcp excluded-address 10.6.22.1 10.6.22.127

ip dhcp excluded-address 10.6.23.1 10.6.23.127

ip dhcp excluded-address 10.6.24.1 10.6.24.127

ip dhcp excluded-address 10.6.25.1 10.6.25.127

ip dhcp excluded-address 10.6.26.1 10.6.26.127

ip dhcp excluded-address 10.6.28.1 10.6.28.127

ip dhcp excluded-address 10.6.29.1 10.6.29.127

ip dhcp excluded-address 10.6.30.1. 10.6.30.127

ip dhcp excluded-address 10.6.31.1 10.6.31.127

ip dhcp excluded-address 10. 6.16.1 10. 6.16.127

ip dhcp excluded-address 10. 6.17.1 10. 6.16.127

ip dhcp excluded-address 10. 6.18.1 10. 6.18.127

ip dhcp excluded-address 10. 6.19.1 10. 6.19.127

ip dhcp pool vlan16

network 10.6.16.0 255.255.254.0

dns-server 10.1.11.13 10.1.11.16

ip dhcp pool vlan317

network 10.6.17.0 255.255.254.0

dns-server 10.1.11.13 10.1.11.16

ip dhcp pool vlan318

network 10.6.18.0 255.255.254.0

dns-server 10.1.11.13 10.1.11.16

ip dhcp pool vlan319

network 10.6.19.0 255.255.254.0

ip dhcp pool vlan20

network 10. 6.20.0 255.255.255.0

default-router 10. 6.20.1

dns-server 10.1.11.13 10.1.11.16

ip dhcp pool vlan25

network 10. 6.21.0 255.255.255.0

default-router 10. 6.21.1

dns-server 10.1.11.13 10.1.11.16

ip dhcp pool vlan30

network 10. 6.22.0 255.255.255.0

default-router 10. 6.22.1

ip dhcp pool vlan35