version 16.11 no service pad service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers service call-home no platform punt-keepalive disable-kernel-core ! hostname [[hostname_switch]] ! ! vrf definition Mgmt-vrf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family ! logging userinfo logging buffered 65536 logging trap no logging trap notifications logging console emergencies enable secret [[enable_password]] ! ! ! ! aaa new-model ! ! aaa authentication login default group radius local aaa authentication enable default group radius enable aaa authorization console aaa authorization exec default group radius local ! ! ! ! ! aaa session-id common boot system switch all flash:packages.conf clock timezone GMT-5 -5 0 switch 1 provision c9200l-24p-4g switch 2 provision c9200l-24p-4g no ip domain-lookup ! ! ! ! vtp mode transparent ! device-sensor filter-list cdp list cdp-list tlv name device-name tlv name platform-type ! device-sensor filter-list lldp list lldp-list tlv name system-description device-sensor filter-spec lldp include list lldp-list device-sensor filter-spec cdp include list cdp-list device-sensor accounting device-sensor notify all-changes ! ! ! no ip source-route ip routing ip arp entry learn 10240 ! ip domain-name clinicainternacional.com ! ! login on-failure log login on-success log ipv6 unicast-routing ipv6 mld snooping call-home ! If contact email address in call-home is configured as sch-smart-licensing@cisco.com ! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications. contact-email-addr sch-smart-licensing@cisco.com profile "CiscoTAC-1" active destination transport-method http no destination transport-method email authentication mac-move permit no device-tracking logging theft device-tracking tracking ! device-tracking policy IPDT_MAX_10 limit address-count 10 no protocol mdp tracking enable ! ! ! ! dot1x system-auth-control license boot level network-essentials addon dna-essentials ! ! diagnostic bootup level minimal ! spanning-tree mode rapid-pvst spanning-tree extend system-id spanning-tree loopguard default spanning-tree portfast bpduguard default spanning-tree extend system-id archive log config logging enable logging size 200 notify syslog contenttype plaintext hidekeys memory free low-watermark processor 10117 ! ! ! ! ! ! ! errdisable recovery interval 900 errdisable recovery cause udld errdisable recovery cause bpduguard errdisable recovery cause security-violation errdisable recovery cause channel-misconfig errdisable recovery cause pagp-flap errdisable recovery cause dtp-flap errdisable recovery cause link-flap errdisable recovery cause sfp-config-mismatch errdisable recovery cause gbic-invalid errdisable recovery cause l2ptguard errdisable recovery cause psecure-violation errdisable recovery cause port-mode-failure errdisable recovery cause dhcp-rate-limit errdisable recovery cause pppoe-ia-rate-limit errdisable recovery cause mac-limit errdisable recovery cause storm-control errdisable recovery cause inline-power errdisable recovery cause arp-inspection errdisable recovery cause loopback errdisable recovery cause psp ! admin privilege 15 secret [[password_admin]] ! redundancy mode sso ! ! lldp run ! ! class-map match-any system-cpp-police-ewlc-control description EWLC Control class-map match-any system-cpp-police-topology-control description Topology control class-map match-any system-cpp-police-sw-forward description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic class-map match-any system-cpp-default description EWLC data, Inter FED Traffic class-map match-any system-cpp-police-sys-data description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed class-map match-any system-cpp-police-punt-webauth description Punt Webauth class-map match-any system-cpp-police-l2lvx-control description L2 LVX control packets class-map match-any qos-class-priority3 match access-group name priority3-class-acl class-map match-any system-cpp-police-forus description Forus Address resolution and Forus traffic class-map match-any system-cpp-police-multicast-end-station description MCAST END STATION class-map match-any system-cpp-police-high-rate-app description High Rate Applications class-map match-any system-cpp-police-multicast description MCAST Data class-map match-any system-cpp-police-l2-control description L2 control class-map match-any system-cpp-police-dot1x-auth description DOT1X Auth class-map match-any system-cpp-police-data description ICMP redirect, ICMP_GEN and BROADCAST class-map match-any system-cpp-police-stackwise-virt-control description Stackwise Virtual OOB class-map match-any non-client-nrt-class class-map match-any qos-class-voz match access-group name acl-voz class-map match-any system-cpp-police-routing-control description Routing control and Low Latency class-map match-any system-cpp-police-protocol-snooping description Protocol snooping class-map match-any qos-class-platino match access-group name acl-platino class-map match-any system-cpp-police-dhcp-snooping description DHCP snooping class-map match-all default match protocol ip class-map match-any system-cpp-police-ios-routing description L2 control, Topology control, Routing control, Low Latency class-map match-any system-cpp-police-system-critical description System Critical and Gold Pkt class-map match-all p1-test match access-group 10 ! ! ! ! ! ! interface Loopback1 no ip address ! interface GigabitEthernet0/0 vrf forwarding Mgmt-vrf ip address dhcp speed 1000 negotiation auto ! ! ip forward-protocol nd No ip http server ip http authentication local No ip http secure-server ip http client source-interface GigabitEthernet0/0 ip route 0.0.0.0 0.0.0.0 [[def_gateway]] ip ssh version 2 ip ssh server algorithm encryption aes128-cbc aes128-ctr aes192-ctr aes256-ctr aes192-cbc aes256-cbc ip ssh client algorithm encryption aes256-cbc aes128-cbc aes192-cbc ip scp server enable ip ssh time-out 60 ip ssh authentication-retries 2 ! ! ip access-list extended DENY_ACCESS deny ip any any ip access-list extended GUEST_REDIRECT deny up any any eq domain deny icmp any any deny udp any eq bootpc any eq bootps deny tcp any any eq 8443 deny tcp any any eq 8905 permit ip any any ip access-list extended PERMIT_ACCESS permit ip any any ip access-list extended POSTURE_REDIRECT permit ip any any access-list 10 remark SNMP RO authorized servers - Solardwinds access-list 10 permit 172.24.145.28 access-list 10 deny any log access-list 20 remark SSH access access-list 20 permit 10.45.2.0 0.0.0.255 access-list 20 permit 10.35.1.0 0.0.0.255 access-list 20 deny any log snmp-server community cinternacional RO 10 snmp-server group V3User v3 auth snmp-server group V3Group v3 auth read V3Read write V3Write snmp-server user SNMPV3User V3Group v3 auth md5 [[snmp_v3_password]] !cln3B4M6p2020. snmp-server group v3group v3 auth notify V3Read snmp-server group v3group v3 priv read snmpv3view write snmpv3view snmp-server group v3group v3 priv context vlan match prefix snmp-server view V3Read iso included snmp-server view V3Write iso included snmp-server user V3User V3Group remote [[ip_snmp_server]] v3 auth md5 [[snmp_v3_password]] snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart snmp-server enable traps flowmon snmp-server enable traps entity-perf throughput-notif snmp-server enable traps call-home message-send-fail server-fail snmp-server enable traps tty snmp-server enable traps ospf state-change snmp-server enable traps ospf errors snmp-server enable traps ospf retransmit snmp-server enable traps ospf lsa snmp-server enable traps ospf cisco-specific state-change nssa-trans-change snmp-server enable traps ospf cisco-specific state-change shamlink interface snmp-server enable traps ospf cisco-specific state-change shamlink neighbor snmp-server enable traps ospf cisco-specific errors snmp-server enable traps ospf cisco-specific retransmit snmp-server enable traps ospf cisco-specific lsa snmp-server enable traps eigrp snmp-server enable traps ike policy add snmp-server enable traps ike policy delete snmp-server enable traps ike tunnel start snmp-server enable traps ike tunnel stop snmp-server enable traps ipsec cryptomap add snmp-server enable traps ipsec cryptomap delete snmp-server enable traps ipsec cryptomap attach snmp-server enable traps ipsec cryptomap detach snmp-server enable traps ipsec tunnel start snmp-server enable traps ipsec tunnel stop snmp-server enable traps ipsec too-many-sas snmp-server enable traps auth-framework sec-violation snmp-server enable traps rep snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps license snmp-server enable traps smart-license snmp-server enable traps cpu threshold snmp-server enable traps memory bufferpeak snmp-server enable traps stackwise snmp-server enable traps udld link-fail-rpt snmp-server enable traps udld status-change snmp-server enable traps fru-ctrl snmp-server enable traps flash insertion removal lowspace snmp-server enable traps energywise snmp-server enable traps power-ethernet group 1 snmp-server enable traps power-ethernet group 2 snmp-server enable traps power-ethernet group 3 snmp-server enable traps power-ethernet group 4 snmp-server enable traps power-ethernet police snmp-server enable traps entity snmp-server enable traps envmon snmp-server enable traps event-manager snmp-server enable traps bfd snmp-server enable traps dhcp snmp-server enable traps ospfv3 state-change snmp-server enable traps ospfv3 errors snmp-server enable traps ipmulticast snmp-server enable traps pimstdmib neighbor-loss invalid-register invalid-join-prune rp-mapping-change interface-election snmp-server enable traps msdp snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency snmp-server enable traps config-copy snmp-server enable traps config snmp-server enable traps config-ctid snmp-server enable traps bridge newroot topologychange snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency snmp-server enable traps syslog snmp-server enable traps vlan-membership snmp-server enable traps errdisable snmp-server enable traps vrfmib vrf-up vrf-down vnet-trunk-up vnet-trunk-down snmp-server enable traps transceiver all snmp-server enable traps rf snmp-server enable traps bulkstat collection transfer snmp-server enable traps mac-notification change move threshold snmp-server host [[ip_snmp_server]] version 3 auth V3User snmp-server host [[ip_snmp_server]] version 2c snmpv3view snmp-server inform retries 0 snmp-server host 172.24.145.28 version 2c cinternacional radius-server host 172.24.144.10 radius-server key 7 070C285F4D06485744 ! ! ! ! control-plane service-policy input system-cpp-policy ! banner login ^C --------------------------------------------- . . | | | | CINTERNACIONAL .|. .|. | SW_PISO[[Numero_de_piso]]-SEP .|||. .|||. | 9200L ..|||||||..|||||||.. | --------------------------------------------- ^C ! line con 0 exec-timeout 30 0 password [[enable_password]] logging synchronous stopbits 1 line aux 0 password [[enable_password]] logging synchronous stopbits 1 line vty 0 4 access-group 20 in password [[enable_password]] exec-timeout 30 0 logging synchronous length 0 transport preferred none transport input ssh line vty 5 15 access-group 20 in password [[enable_password]] exec-timeout 30 0 logging synchronous transport preferred none transport input ssh ! ntp server [[ip_ntp]] mac address-table notification change interval 0 mac address-table notification change ! !



hostname_switch:
enable_password:
password_admin:
def_gateway:
snmp_v3_password:
ip_snmp_server:
Numero_de_piso:
ip_ntp:


Use this code to post the full script to your own page:



Use this code to post only the variables to your own page: