switches claro
version 16.11 no service pad service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers service call-home no platform punt-keepalive disable-kernel-core ! hostname [[hostname_switch]] ! ! vrf definition Mgmt-vrf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family ! logging userinfo logging buffered 65536 logging trap no logging trap notifications logging console emergencies enable secret 9 $9$XLKSATPhyxIZGE$B9oVNOLlHDQa5cQLNYGv8A1RSYrb9OTIUJYS4Ims/ZQ ! ! ! ! aaa new-model ! ! aaa group server tacacs+ tac_admin server [[ip_tacacs]] ! aaa group server radius ise-group server name ise01 server name ise02 ! aaa authentication login default group tac_admin local aaa authentication enable default group tac_admin enable aaa authentication dot1x default group ise-group aaa authorization exec default group tac_admin local aaa authorization network default group ise-group aaa authorization network auth-list group ise-group aaa authorization auth-proxy default group ise-group aaa accounting delay-start all aaa accounting update periodic 5 aaa accounting auth-proxy default start-stop group ise-group aaa accounting dot1x default start-stop group ise-group aaa accounting exec default start-stop group tac_admin aaa accounting commands 15 default start-stop group tac_admin aaa accounting network default start-stop group tac_admin aaa accounting connection default start-stop group tac_admin aaa accounting system default start-stop group tac_admin ! ! ! ! ! aaa server radius dynamic-author client [[ip_ise_policy]] server-key 7 035559065701351F5C0B4D0B1C53 server-key 7 11581B08461C1F5F16287F2A2372 ! aaa server radius dynamic-author client [[ip_ise_policy2]] server-key 7 035559065701351F5C0B4D0B1C53 server-key 7 11581B08461C1F5F16287F2A2372 ! aaa session-id common boot system switch all flash:packages.conf clock timezone GMT-5 -5 0 switch 1 provision c9200l-24p-4g switch 2 provision c9200l-24p-4g ntp clock-period 22518310 ! ! ! ! vtp mode transparent ! device-sensor filter-list cdp list cdp-list tlv name device-name tlv name platform-type ! device-sensor filter-list lldp list lldp-list tlv name system-description device-sensor filter-spec lldp include list lldp-list device-sensor filter-spec cdp include list cdp-list device-sensor accounting device-sensor notify all-changes ! ! ! no ip source-route ip routing ip arp entry learn 10240 ! ip name-server 130.30.2.2 130.30.2.147 ip domain name grupoib.local ip dhcp excluded-address [[first_ip_excluded_1]] [[last_ip_excluded_1]] ip dhcp excluded-address [[first_ip_excluded_2]] [[last_ip_excluded_2]] ip dhcp excluded-address [[first_ip_excluded_3]] [[last_ip_excluded_3]] ip dhcp excluded-address [[first_ip_excluded_4]] [[last_ip_excluded_4]] ! ip dhcp pool v10 network [[segmento_datos_v10]] 255.255.255.128 next-server 141.0.0.150 default-router [[gw_datos_v10]] dns-server 130.30.2.2 130.30.2.147 option 66 ip 141.0.0.150 lease 0 1 ! ip dhcp pool v70 network [[segmento_v70]] 255.255.255.128 default-router [[gw_v70]] dns-server 130.30.2.2 130.30.2.147 lease 0 1 ! ip dhcp pool v60 network [[segmento_v60]] 255.255.255.248 default-router [[gw_v60]] dns-server 130.30.2.2 130.30.2.147 option 43 hex f104.0a0f.39a4 ! ip dhcp pool v1-1 network [[segmento_dhcpv1]] 255.255.255.0 default-router [[gw_datos_v1]] dns-server 130.30.2.2 130.30.2.147 lease 0 1 ! ! login on-failure log login on-success log ipv6 unicast-routing ipv6 mld snooping call-home ! If contact email address in call-home is configured as sch-smart-licensing@cisco.com ! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications. contact-email-addr sch-smart-licensing@cisco.com profile "CiscoTAC-1" active destination transport-method http no destination transport-method email authentication mac-move permit no device-tracking logging theft device-tracking tracking ! device-tracking policy IPDT_MAX_10 limit address-count 10 no protocol mdp tracking enable ! ! crypto pki trustpoint SLA-TrustPoint enrollment pkcs12 revocation-check cal ! crypto pki trustpoint TP-self-signed-2991175108 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-2991175108 revocation-check none rsakeypair TP-self-signed-2991175108 ! crypto pki trustpoint pnplabel enrollment url flash://PnP-cert_00_59_39_UTC_Wed_Sep_4_2019 pem revocation-check none ! crypto pki trustpoint TP-self-signed-2713654403 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-2713654403 revocation-check none rsakeypair TP-self-signed-2713654403 ! !crypto pki certificate chain TP-self-signed-2713654403 ! dot1x system-auth-control license boot level network-essentials addon dna-essentials ! ! diagnostic bootup level minimal ! spanning-tree mode rapid-pvst spanning-tree extend system-id spanning-tree vlan 1,5-7,8,10,20,30,40,50,60,70 priority 4096 archive log config logging enable logging size 200 notify syslog contenttype plaintext hidekeys memory free low-watermark processor 10117 ! ! ! ! ! ! object-group network hosts_platino host 130.30.3.218 host 130.30.2.181 host 130.30.4.143 host 130.30.2.182 host 130.30.8.219 host 130.30.4.21 host 130.30.4.52 host 130.30.5.13 host 130.30.22.8 host 130.30.2.143 host 130.30.3.219 host 130.30.4.85 host 130.30.5.14 host 130.30.2.7 host 130.30.2.75 host 130.30.2.14 host 130.30.2.1 host 130.30.23.35 host 130.30.22.209 host 130.30.22.233 host 130.30.22.234 host 130.30.23.31 host 130.30.23.181 host 130.30.22.228 host 130.30.24.87 host 130.30.24.89 host 130.30.24.90 host 130.30.24.91 host 130.30.24.92 host 130.30.24.93 host 130.30.22.229 host 130.30.22.230 host 130.30.22.231 host 130.30.7.46 host 130.30.22.201 host 130.30.22.210 host 130.30.22.211 host 130.30.23.38 host 130.30.22.212 host 130.30.23.27 host 130.30.23.28 host 130.30.23.29 host 130.30.23.30 host 130.30.23.182 host 130.30.24.94 host 130.30.24.95 host 130.30.24.96 host 130.30.24.97 host 130.30.24.98 host 130.30.24.99 host 130.30.24.100 host 130.30.6.185 host 130.30.2.38 host 130.30.2.39 host 130.30.2.40 host 130.30.6.151 host 130.30.6.186 host 130.30.23.25 host 130.30.22.188 host 130.30.7.16 host 130.30.6.231 host 130.30.28.101 host 130.30.30.211 ! object-group network internet_outlook365 13.107.6.152 255.255.255.254 13.107.18.10 255.255.255.254 13.107.128.0 255.255.252.0 23.103.160.0 255.255.240.0 40.96.0.0 255.248.0.0 40.104.0.0 255.254.0.0 52.96.0.0 255.252.0.0 host 131.253.33.215 132.245.0.0 255.255.0.0 150.171.32.0 255.255.252.0 191.234.140.0 255.255.252.0 host 204.79.197.215 40.90.23.0 255.255.255.0 40.90.137.0 255.255.255.0 13.68.93.0 255.255.255.0 13.74.179.0 255.255.255.0 52.114.74.0 255.255.255.0 52.114.128.0 255.255.192.0 ! object-group network redes-dc 130.30.0.0 255.255.0.0 10.0.0.0 255.255.0.0 192.168.1.0 255.255.255.0 192.168.52.0 255.255.254.0 10.11.0.0 255.255.192.0 10.11.188.0 255.255.252.0 10.11.192.0 255.255.254.0 10.11.194.0 255.255.255.0 10.11.96.0 255.255.252.0 10.11.104.0 255.255.252.0 10.11.108.0 255.255.252.0 10.11.112.0 255.255.252.0 10.11.124.0 255.255.255.0 10.10.42.0 255.255.254.0 10.11.100.0 255.255.255.0 10.11.184.0 255.255.255.0 10.20.41.0 255.255.255.0 10.13.66.0 255.255.255.0 140.40.24.0 255.255.255.0 172.18.21.0 255.255.255.0 ! errdisable recovery cause udld errdisable recovery cause bpduguard errdisable recovery cause security-violation errdisable recovery cause channel-misconfig errdisable recovery cause pagp-flap errdisable recovery cause dtp-flap errdisable recovery cause link-flap errdisable recovery cause sfp-config-mismatch errdisable recovery cause gbic-invalid errdisable recovery cause l2ptguard errdisable recovery cause psecure-violation errdisable recovery cause port-mode-failure errdisable recovery cause dhcp-rate-limit errdisable recovery cause pppoe-ia-rate-limit errdisable recovery cause mac-limit errdisable recovery cause storm-control errdisable recovery cause inline-power errdisable recovery cause arp-inspection errdisable recovery cause loopback errdisable recovery cause psp ! username failsafe privilege 15 secret 9 $9$TEslYevBOapVX.$y4Y9X2XNZp8uNbBC7zOPz5H4VsOvF57VzDyuULAZfys username cescorp privilege 15 secret C3sc0rp$152 ! redundancy mode sso ! ! vlan 5 name acceso-tx ! vlan 6 name acceso-rx ! vlan 7 name acceso-voz ! vlan 8 name acceso-md ! vlan 10 name DATOS ! vlan 20 name VOZ ! vlan 30 name ATM-CAJERO ! vlan 40 name MARKETING-D ! vlan 60 name WI-FI ! vlan 70 name DATOS_PCI lldp run ! ! class-map match-any system-cpp-police-ewlc-control description EWLC Control class-map match-any system-cpp-police-topology-control description Topology control class-map match-any system-cpp-police-sw-forward description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic class-map match-any system-cpp-default description EWLC data, Inter FED Traffic class-map match-any system-cpp-police-sys-data description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed class-map match-any system-cpp-police-punt-webauth description Punt Webauth class-map match-any system-cpp-police-l2lvx-control description L2 LVX control packets class-map match-any qos-class-priority3 match access-group name priority3-class-acl class-map match-any system-cpp-police-forus description Forus Address resolution and Forus traffic class-map match-any system-cpp-police-multicast-end-station description MCAST END STATION class-map match-any system-cpp-police-high-rate-app description High Rate Applications class-map match-any system-cpp-police-multicast description MCAST Data class-map match-any system-cpp-police-l2-control description L2 control class-map match-any system-cpp-police-dot1x-auth description DOT1X Auth class-map match-any system-cpp-police-data description ICMP redirect, ICMP_GEN and BROADCAST class-map match-any system-cpp-police-stackwise-virt-control description Stackwise Virtual OOB class-map match-any non-client-nrt-class class-map match-any qos-class-voz match access-group name acl-voz class-map match-any system-cpp-police-routing-control description Routing control and Low Latency class-map match-any system-cpp-police-protocol-snooping description Protocol snooping class-map match-any qos-class-platino match access-group name acl-platino class-map match-any system-cpp-police-dhcp-snooping description DHCP snooping class-map match-all default match protocol ip class-map match-any system-cpp-police-ios-routing description L2 control, Topology control, Routing control, Low Latency class-map match-any system-cpp-police-system-critical description System Critical and Gold Pkt class-map match-all p1-test match access-group 10 ! policy-map vlan70-in class qos-class-priority3 set ip dscp cs2 class class-default set ip dscp cs1 policy-map vlan10-in class qos-class-priority5 set ip dscp cs5 class qos-class-priority3 set ip dscp cs2 class class-default set ip dscp cs1 policy-map system-cpp-policy policy-map vlan1-in class qos-class-priority3 set precedence 3 class class-default set precedence 1 policy-map vlan40-in class class-default set ip dscp cs1 policy-map vlan20-in class class-default set ip dscp cs5 policy-map vlan30-in class class-default set ip dscp cs1 ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback1 no ip address ! interface GigabitEthernet0/0 vrf forwarding Mgmt-vrf ip address dhcp speed 1000 negotiation auto ! interface GigabitEthernet1/0/1 description ISE dot1x Port switchport access vlan 10 switchport mode access switchport voice vlan 20 device-tracking attach-policy IPDT_MAX_10 authentication event fail action next-method authentication event server dead action authorize voice authentication event server alive action reinitialize authentication host-mode multi-auth authentication open authentication order mab dot1x authentication priority mab dot1x authentication port-control auto authentication periodic authentication timer reauthenticate server authentication timer inactivity server authentication violation restrict mab snmp trap mac-notification change added snmp trap mac-notification change removed dot1x pae authenticator dot1x timeout tx-period 10 spanning-tree portfast spanning-tree bpduguard enable Default interface GigabitEthernet1/0/24 interface GigabitEthernet1/0/24 Description router-wan Switchport mode trunk Switchport nonegotiate Switchport trunk allowed vlan 5,6,7,8,10 No shut Exit ! Default interface GigabitEthernet2/0/24 interface GigabitEthernet2/0/24 Description router-wan Switchport mode trunk Switchport nonegotiate Switchport trunk allowed vlan 5,6,7,8,10 No shut Exit ! interface Vlan1 description datos ip address [[gw_datos_v1_sec1]] [[maskv1_sec1]] secondary ip address [[gw_datos_v1_sec2]] [[maskv1_sec2]] secondary ip address [[gw_datos_v1_pr]] [[maskv1_pr]] ip policy route-map IBK_VOZ service-policy input vlan10-in ! interface Vlan6 description acceso-rx ip address [[ip_acceso_rx]] 255.255.255.248 no ip redirects no ip unreachables no ip proxy-arp ! ! interface Vlan8 description acceso-md ip address [[ip_acceso_md]] 255.255.255.248 no ip redirects no ip unreachables no ip proxy-arp ! interface Vlan10 description datos ip address [[gw_datos_v10]] 255.255.255.128 no ip redirects no ip unreachables no ip proxy-arp service-policy input vlan10-in ! interface Vlan20 description datos ip address [[gw_v20]] 255.255.255.224 no ip redirects no ip unreachables no ip proxy-arp service-policy input vlan20-in ! interface Vlan30 description atm ip address [[gw_v30]] 255.255.255.240 no ip redirects no ip unreachables no ip proxy-arp ip access-group atm-in in service-policy input vlan30-in ! interface Vlan40 description md ip address [[gw_v40]] 255.255.255.248 no ip redirects no ip unreachables no ip proxy-arp ip policy route-map md-pbr service-policy input vlan40-in ! interface Vlan60 description wifi ip address [[gw_v60]] 255.255.255.248 no ip redirects no ip unreachables no ip proxy-arp ! interface Vlan70 description datos-psi ip address [[gw_v70]] 255.255.255.128 no ip redirects no ip unreachables no ip proxy-arp ip access-group datos-pci-in in shutdown service-policy input vlan70-in ! ip forward-protocol nd No ip http server ip http authentication local No ip http secure-server ip http client source-interface GigabitEthernet0/0 ip route 0.0.0.0 0.0.0.0 [[gw_vrf_rx]] name default_rx ip route 10.0.7.0 255.255.255.0 [[gw_vrf_md]] name md ip route 10.0.8.224 255.255.255.240 [[gw_vrf_md]] name md i ip tacacs source-interface Vlan10 ip ssh version 2 ip ssh server algorithm encryption aes128-cbc aes128-ctr aes192-ctr aes256-ctr aes192-cbc aes256-cbc ip ssh client algorithm encryption aes256-cbc aes128-cbc aes192-cbc ip scp server enable ! ! ip access-list extended DENY_ACCESS deny ip any any ip access-list extended GUEST_REDIRECT deny up any any eq domain deny icmp any any deny udp any eq bootpc any eq bootps deny tcp any any eq 8443 deny tcp any any eq 8905 permit ip any any ip access-list extended PERMIT_ACCESS permit ip any any ip access-list extended POSTURE_REDIRECT permit ip any any ip access-list extended acl-platino permit ip any object-group hosts_platino ip access-list extended acl-voz permit udp any any eq 5060 permit udp any any eq 1720 permit udp any any range 10000 32767 permit tcp any any eq telnet permit udp any eq 5060 any permit udp any range 10000 32767 any permit tcp any any eq 5060 permit tcp any eq 5060 any permit udp any eq 1720 any permit tcp any any eq 1720 permit tcp any eq 1720 any permit udp any range 16384 32767 any permit udp any any range 16384 32767 permit udp any range 32000 33000 any range 32000 33000 ip access-list extended acl-md deny ip [[segmento_v40]] 0.0.0.7 [[segmento_v40]] 0.0.0.7 permit ip [[segmento_v40]] 0.0.0.7 any access-list 10 permit 10.0.0.41 access-list 10 permit 10.11.100.167 access-list 10 permit 10.10.22.7 access-list 10 permit 10.10.22.50 access-list 10 permit 130.30.1.247 access-list 10 permit 130.30.5.228 access-list 10 permit 130.30.8.66 access-list 10 permit 130.30.1.248 0.0.0.7 access-list 10 permit 10.10.22.4 0.0.0.1 access-list 10 permit 130.30.5.224 0.0.0.3 access-list 10 permit 130.30.24.242 0.0.0.1 access-list 10 permit 130.30.4.70 0.0.0.1 access-list 10 permit 129.39.0.0 0.0.255.255 access-list 10 permit 10.10.63.2 0.0.0.1 access-list 10 permit 10.11.73.2 0.0.0.1 access-list 10 permit 10.11.73.3 0.0.0.1 access-list 10 deny any ! ACL para ATMs ip access-list extended atm-in permit icmp [[segmento_v30]] 0.0.0.15 any permit tcp [[segmento_v30]] 0.0.0.15 host 10.11.0.83 eq 7777 permit tcp [[segmento_v30]] 0.0.0.15 host 10.11.0.83 eq 8888 permit tcp [[segmento_v30]] 0.0.0.15 host 10.11.0.83 eq 9999 permit tcp [[segmento_v30]] 0.0.0.15 host 10.11.0.84 eq 7777 permit tcp [[segmento_v30]] 0.0.0.15 host 10.11.0.84 eq 8888 permit tcp [[segmento_v30]] 0.0.0.15 host 10.11.0.84 eq 9999 permit tcp [[segmento_v30]] 0.0.0.15 host 10.11.0.85 eq 7777 permit tcp [[segmento_v30]] 0.0.0.15 host 10.11.0.85 eq 8888 permit tcp [[segmento_v30]] 0.0.0.15 host 10.11.0.85 eq 9999 permit tcp [[segmento_v30]] 0.0.0.15 host 10.11.0.86 eq 7777 permit tcp [[segmento_v30]] 0.0.0.15 host 10.11.0.86 eq 8888 permit tcp [[segmento_v30]] 0.0.0.15 host 10.11.0.86 eq 9999 permit ip [[segmento_v30]] 0.0.0.15 host 10.11.65.7 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.1.175 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.1.63 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.15.35 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.2.147 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.2.2 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.2.63 permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.2.64 eq 7777 permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.2.64 eq 8888 permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.2.64 eq 9999 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.26.238 permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.27.107 eq www permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.27.107 eq 443 permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.27.62 eq www permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.27.62 eq 443 permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.4.206 eq 2221 permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.4.206 eq 2222 permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.4.206 eq 2223 permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.4.206 eq 2224 permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.4.206 eq 2846 permit tcp [[segmento_v30]] 0.0.0.15 host 130.30.4.206 eq 443 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.4.255 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.4.77 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.5.224 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.8.246 permit ip [[segmento_v30]] 0.0.0.15 host 192.168.254.9 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.4.221 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.4.222 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.4.223 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.32.2 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.32.3 permit ip [[segmento_v30]] 0.0.0.15 host 10.13.80.35 permit ip [[segmento_v30]] 0.0.0.15 host 10.13.80.36 permit ip [[segmento_v30]] 0.0.0.15 10.6.132.192 0.0.0.15 permit ip [[segmento_v30]] 0.0.0.15 host 10.11.0.136 permit tcp [[segmento_v30]] 0.0.0.15 host 10.13.82.55 eq www permit ip [[segmento_v30]] 0.0.0.15 host 130.30.1.61 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.30.221 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.30.222 permit ip [[segmento_v30]] 0.0.0.15 host 130.30.30.223 permit ip [[segmento_v30]] 0.0.0.15 10.13.6.0 0.0.0.255 permit ip [[segmento_v30]] 0.0.0.15 10.13.7.0 0.0.0.255 permit ip [[segmento_v30]] 0.0.0.15 10.13.8.0 0.0.0.255 ! ACL segmento PCI ip access-list extended datos-pci-in permit icmp [[segmento_v70]] 0.0.0.127 any permit ip [[segmento_v70]] 0.0.0.127 130.30.0.0 0.0.255.255 deny ip [[segmento_v70]] 0.0.0.127 [[segmento_v30]] 0.0.0.15 deny ip [[segmento_v70]] 0.0.0.127 10.13.2.136 0.0.0.7 deny ip [[segmento_v70]] 0.0.0.127 10.112.130.144 0.0.0.7 permit ip [[segmento_v70]] 0.0.0.127 object-group redes-dc ip access-list extended priority3-class-acl permit ip any object-group hosts_platino ip access-list extended qos5 ip access-list extended redes-voz_ibk permit udp any range 32000 33000 any range 32000 33000 permit tcp any eq 1720 any permit tcp any any eq 1720 permit udp any any range 16384 32767 permit udp any range 16384 32767 any ip access-list extended test permit ip any object-group hosts_platino ip radius source-interface Vlan10 logging history notifications logging host 10.11.100.125 logging host 10.11.100.168 ip access-list standard 10 permit 130.30.4.143 log ! route-map IBK_VOZ permit 10 match ip address acl-voz set ip next-hop [[gw_vrf_telefonia]] route-map md-pbr permit 10 match ip address acl-md set ip next-hop [[gw_vrf_md]] ! snmp-server engineID remote 10.11.100.126 8000000903007488BBB4FA80 snmp-server group V3User v3 auth snmp-server group V3Group v3 auth read V3Read write V3Write snmp-server user V3User V3Group v3 auth md5 Sc3k66p2019. snmp-server group v3group v3 auth notify V3Read snmp-server group v3group v3 priv read snmpv3view write snmpv3view snmp-server group v3group v3 priv context vlan match prefix snmp-server view V3Read iso included snmp-server view V3Write iso included snmp-server community snmpv3view RW snmp-server community ise-community RO snmp-server trap-source Vlan10 snmp-server user V3User V3Group remote 10.11.100.126 v3 auth md5 Sc3k66p2019. snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart snmp-server enable traps flowmon snmp-server enable traps entity-perf throughput-notif snmp-server enable traps call-home message-send-fail server-fail snmp-server enable traps tty snmp-server enable traps ospf state-change snmp-server enable traps ospf errors snmp-server enable traps ospf retransmit snmp-server enable traps ospf lsa snmp-server enable traps ospf cisco-specific state-change nssa-trans-change snmp-server enable traps ospf cisco-specific state-change shamlink interface snmp-server enable traps ospf cisco-specific state-change shamlink neighbor snmp-server enable traps ospf cisco-specific errors snmp-server enable traps ospf cisco-specific retransmit snmp-server enable traps ospf cisco-specific lsa snmp-server enable traps eigrp snmp-server enable traps ike policy add snmp-server enable traps ike policy delete snmp-server enable traps ike tunnel start snmp-server enable traps ike tunnel stop snmp-server enable traps ipsec cryptomap add snmp-server enable traps ipsec cryptomap delete snmp-server enable traps ipsec cryptomap attach snmp-server enable traps ipsec cryptomap detach snmp-server enable traps ipsec tunnel start snmp-server enable traps ipsec tunnel stop snmp-server enable traps ipsec too-many-sas snmp-server enable traps auth-framework sec-violation snmp-server enable traps rep snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps license snmp-server enable traps smart-license snmp-server enable traps cpu threshold snmp-server enable traps memory bufferpeak snmp-server enable traps stackwise snmp-server enable traps udld link-fail-rpt snmp-server enable traps udld status-change snmp-server enable traps fru-ctrl snmp-server enable traps flash insertion removal lowspace snmp-server enable traps energywise snmp-server enable traps power-ethernet group 1 snmp-server enable traps power-ethernet group 2 snmp-server enable traps power-ethernet group 3 snmp-server enable traps power-ethernet group 4 snmp-server enable traps power-ethernet police snmp-server enable traps entity snmp-server enable traps envmon snmp-server enable traps event-manager snmp-server enable traps bfd snmp-server enable traps dhcp snmp-server enable traps ospfv3 state-change snmp-server enable traps ospfv3 errors snmp-server enable traps ipmulticast snmp-server enable traps pimstdmib neighbor-loss invalid-register invalid-join-prune rp-mapping-change interface-election snmp-server enable traps msdp snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency snmp-server enable traps config-copy snmp-server enable traps config snmp-server enable traps config-ctid snmp-server enable traps bridge newroot topologychange snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency snmp-server enable traps syslog snmp-server enable traps vlan-membership snmp-server enable traps errdisable snmp-server enable traps vrfmib vrf-up vrf-down vnet-trunk-up vnet-trunk-down snmp-server enable traps transceiver all snmp-server enable traps rf snmp-server enable traps bulkstat collection transfer snmp-server enable traps mac-notification change move threshold snmp-server host [[ip_snmp_server]] version 3 auth V3User snmp-server host [[ip_ise_policy]] version 2c ise-community mac-notification snmp-server host [[ip_ise_policy2]] version 2c ise-community mac-notification snmp-server host [[ip_snmp_server]] version 2c snmpv3view snmp-server host 10.11.100.168 version 2c snmpv3view snmp-server inform retries 0 tacacs-server host [[ip_tacacs]] tacacs-server directed-request tacacs-server key 7 075E23411F070D5605105F020F6B tacacs-server administration radius-server attribute 6 on-for-login-auth radius-server attribute 6 support-multiple radius-server attribute 8 include-in-access-req radius-server attribute 25 access-request include radius-server attribute 31 mac format ietf upper-case radius-server attribute 31 send nas-port-detail radius-server dead-criteria tries 3 radius-server deadtime 30 ! radius server ise01 address ipv4 [[ip_ise_policy]] auth-port 1812 acct-port 1813 key 7 08704E43581711440009580A216A ! radius server ise02 address ipv4 [[ip_ise_policy2]] auth-port 1812 acct-port 1813 key 7 08704E43581711440009580A216A ! ! control-plane service-policy input system-cpp-policy ! banner login ^CCCC **************************************************************************** Este dispositivo es propiedad de INTERBANK y su uso debera ser exclusivo para propositos de su negocio. Cualquier informacion contenida en este equipo, pertenece a Interbank y podra ser monitoreada, auditada, usada y/o eliminada unicamente por personal autorizado por Interbank. Al hacer uso de este equipo, el uSuario acepta cumplir con las poLiticas del Banco y declara conocer que este podra realizar dicho monitoreo, auditoria, uso y/o eliminacion a discrecion del personal autorizado. El uso no autorizado, o incorrecto o irregular de este sistema facultara a Interbank a aplicar medidas disciplinarias e, interponer las acciones legales que considere pertinentes. **************************************************************************** ^C ! line con 0 exec-timeout 30 0 password 7 1424115807527C3B6A logging synchronous stopbits 1 line aux 0 password 7 1424115807527C3B6A logging synchronous stopbits 1 line vty 0 4 password 7 1424115807527C3B6A exec-timeout 30 0 logging synchronous length 0 transport preferred none transport input ssh line vty 5 15 password 7 1424115807527C3B6A exec-timeout 30 0 logging synchronous transport preferred none transport input ssh ! ntp server [[ip_ntp]] prefer source Vlan10 ! mac address-table notification change interval 0 mac address-table notification change ! ! ! ! ! pnp profile pnp-zero-touch transport https ipv4 10.11.100.167 port 443 vrf Mgmt-vrf ! end



hostname_switch:
ip_tacacs:
ip_ise_policy:
ip_ise_policy2:
first_ip_excluded_1:
last_ip_excluded_1:
first_ip_excluded_2:
last_ip_excluded_2:
first_ip_excluded_3:
last_ip_excluded_3:
first_ip_excluded_4:
last_ip_excluded_4:
segmento_datos_v10:
gw_datos_v10:
segmento_v70:
gw_v70:
segmento_v60:
gw_v60:
segmento_dhcpv1:
gw_datos_v1:
gw_datos_v1_sec1:
maskv1_sec1:
gw_datos_v1_sec2:
maskv1_sec2:
gw_datos_v1_pr:
maskv1_pr:
ip_acceso_rx:
ip_acceso_md:
gw_v20:
gw_v30:
gw_v40:
gw_vrf_rx:
gw_vrf_md:
segmento_v40:
segmento_v30:
gw_vrf_telefonia:
ip_snmp_server:
ip_ntp:


Use this code to post the full script to your own page:



Use this code to post only the variables to your own page: