jaraddowning · May 17, 2019 15:08
diff --git a/cswitch.conf b/cswitch.conf
 version 15.2
 no service pad
 no service timestamps debug uptime
 service timestamps log datetime msec
 service password-encryption
 service sequence-numbers
 !
 hostname cswitch
 !
 boot-start-marker
 boot-end-marker
 !
 enable secret 5 supersecrethash
 !
 username admin privilege 15 secret 5 supersecrethash
 username user1 secret 5 supersecrethash
 username user2 privilege 15 secret 5 supersecrethash
 aaa new-model
 !
 !
 aaa group server tacacs+ someauth
 server name SOMESERVER
 !         
 aaa authentication login default group tacacs+ local
 aaa authentication enable default group tacacs+ enable
 aaa authorization config-commands
 aaa authorization commands 0 default group tacacs+ none 
 aaa authorization commands 15 default group tacacs+ none 
 aaa accounting send stop-record authentication failure
 aaa accounting update newinfo periodic 5
 aaa accounting exec default start-stop group tacacs+
 aaa accounting commands 0 default start-stop group tacacs+
 aaa accounting commands 15 default start-stop group tacacs+
 aaa accounting network default start-stop group tacacs+
 !
 !
 !
 !
 !
 !
 aaa session-id common
 process cpu threshold type total rising 75 interval 30 falling 70 interval 10
 clock timezone EST -5 0
 clock summer-time EDT date Apr 11 2019 1:00 Nov 3 2019 1:00
 no ip source-route
 !
 !
 ip domain-name local.lan
 login block-for 120 attempts 5 within 100
 login delay 10
 !         
 !
 !
 !
 !
 !
 mls qos srr-queue output cos-map queue 1 threshold 3 5
 mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7
 mls qos srr-queue output cos-map queue 3 threshold 3 2 4
 mls qos srr-queue output cos-map queue 4 threshold 2 1
 mls qos srr-queue output cos-map queue 4 threshold 3 0
 mls qos
 !
 crypto pki trustpoint TP-self-signed-3641022720
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3641022720
 revocation-check none
 rsakeypair TP-self-signed-3641022720
 !
 !
 crypto pki certificate chain TP-self-signed-3641022720
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 
  -- snip --
  A6AD3EAA 0B6A28F7 816E276E 5598B0
        quit
 spanning-tree mode pvst
 spanning-tree extend system-id
 !
 !
 !
 !
 vlan internal allocation policy ascending
 !
 !
 ! 
 !
 !
 !
 !
 !
 !         
 !
 !
 interface Loopback0
 no ip address
 !
 interface Port-channel1
 description ESXi_PoCh_Trunk
 switchport mode access
 !
 interface FastEthernet0
 no ip address
 shutdown
 !
 interface GigabitEthernet0/1
 spanning-tree portfast
 switchport access vlan 20
 !
 interface GigabitEthernet0/2
 description computer1
 switchport access vlan 50
 spanning-tree portfast
 !
 interface GigabitEthernet0/3
 description raspberrypi
 switchport access vlan 50
 spanning-tree portfast
 !
 interface GigabitEthernet0/4
 description Dock
 switchport access vlan 20
 spanning-tree portfast
 !
 interface GigabitEthernet0/5
 description computer2
 switchport access vlan 20
 spanning-tree portfast
 !
 interface GigabitEthernet0/6
 description WOPR
 switchport access vlan 20
 switchport mode trunk
 !
 interface GigabitEthernet0/7
 description computer4
 switchport access vlan 20
 switchport mode access
 !
 interface GigabitEthernet0/8
 description computer5
 switchport access vlan 20
 spanning-tree portfast
 !
 interface GigabitEthernet0/9
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
 !
 interface GigabitEthernet0/10
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
 !
 interface GigabitEthernet0/11
 switchport mode trunk
 !
 interface GigabitEthernet0/12
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
 !
 interface GigabitEthernet0/13
 switchport access vlan 50
 switchport mode access
 spanning-tree portfast
 !
 interface GigabitEthernet0/14
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
 !
 interface GigabitEthernet0/15
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
 !
 interface GigabitEthernet0/16
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
 !
 interface GigabitEthernet0/17
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
 !
 interface GigabitEthernet0/18
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
 !
 interface GigabitEthernet0/19
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
 !
 interface GigabitEthernet0/20
 description vmnic0
 switchport mode trunk
 !
 interface GigabitEthernet0/21
 description vmnic1
 switchport mode trunk
 !
 interface GigabitEthernet0/22
 description vmnic2
 switchport mode trunk
 !         
 interface GigabitEthernet0/23
 description vmnic3
 switchport mode trunk
 !
 interface GigabitEthernet0/24
 description AP
 switchport mode trunk
 !
 interface GigabitEthernet0/25
 switchport mode trunk
 mls qos trust cos
 macro description cisco-switch
 spanning-tree link-type point-to-point
 !
 interface GigabitEthernet0/26
 switchport mode trunk
 mls qos trust cos
 macro description cisco-switch
 spanning-tree link-type point-to-point
 !
 interface Vlan1
 ip address 192.168.1.252 255.255.255.0
 ip access-group 10 in
 !
 interface Vlan10
 ip address 10.0.10.252 255.255.255.0
 ip helper-address 10.0.10.254
 !         
 interface Vlan20
 ip address 10.0.21.252 255.255.254.0
 ip helper-address 10.0.21.254
 !
 interface Vlan30
 ip address 10.0.30.252 255.255.255.0
 ip helper-address 10.0.30.254
 !
 interface Vlan40
 ip address 10.0.40.252 255.255.255.0
 ip helper-address 10.0.40.254
 !
 interface Vlan50
 ip address 10.0.50.252 255.255.255.0
 ip helper-address 10.0.50.254
 !
 ip default-gateway 192.168.1.254
 no ip http server
 no ip http secure-server
 !
 ip ssh version 2
 ip ssh pubkey-chain
  username user2
   key-hash ssh-rsa FB1-- snip --E3A1 AAAAB3-- snip --998jj user2@wopr
   key-hash ssh-rsa 4F3A-- snip --97FB8
 ip tacacs source-interface Vlan20
 !
 ip access-list standard ACL-SNMP
 permit any
 !
 logging trap notifications
 logging host 10.0.20.11
 snmp-server group LOCALAUTHGROUP v3 priv 
 snmp-server view cutdown iso included
 snmp-server view cutdown at excluded
 snmp-server view cutdown snmpUsmMIB excluded
 snmp-server view cutdown snmpVacmMIB excluded
 snmp-server view cutdown snmpCommunityMIB excluded
 snmp-server view cutdown ip.21 excluded
 snmp-server view cutdown ip.22 excluded
 snmp-server community localsnmp view cutdown RO
 snmp-server location upstairs
 snmp-server contact [email protected]
 tacacs-server key 7 1309070600091D7B
 tacacs server SOMESERVER
 address ipv4 10.0.20.13
 key 7 07033158450C0054
 !
 !
 line con 0
 line vty 5 15
 !
 ntp server 204.11.201.12
 end
	version 15.2
	no service pad
	no service timestamps debug uptime
	service timestamps log datetime msec
	service password-encryption
	service sequence-numbers
	!
	hostname cswitch
	!
	boot-start-marker
	boot-end-marker
	!
	enable secret 5 supersecrethash
	!
	username admin privilege 15 secret 5 supersecrethash
	username user1 secret 5 supersecrethash
	username user2 privilege 15 secret 5 supersecrethash
	aaa new-model
	!
	!
	aaa group server tacacs+ someauth
	server name SOMESERVER
	!
	aaa authentication login default group tacacs+ local
	aaa authentication enable default group tacacs+ enable
	aaa authorization config-commands
	aaa authorization commands 0 default group tacacs+ none
	aaa authorization commands 15 default group tacacs+ none
	aaa accounting send stop-record authentication failure
	aaa accounting update newinfo periodic 5
	aaa accounting exec default start-stop group tacacs+
	aaa accounting commands 0 default start-stop group tacacs+
	aaa accounting commands 15 default start-stop group tacacs+
	aaa accounting network default start-stop group tacacs+
	!
	!
	!
	!
	!
	!
	aaa session-id common
	process cpu threshold type total rising 75 interval 30 falling 70 interval 10
	clock timezone EST -5 0
	clock summer-time EDT date Apr 11 2019 1:00 Nov 3 2019 1:00
	no ip source-route
	!
	!
	ip domain-name local.lan
	login block-for 120 attempts 5 within 100
	login delay 10
	!
	!
	!
	!
	!
	!
	mls qos srr-queue output cos-map queue 1 threshold 3 5
	mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7
	mls qos srr-queue output cos-map queue 3 threshold 3 2 4
	mls qos srr-queue output cos-map queue 4 threshold 2 1
	mls qos srr-queue output cos-map queue 4 threshold 3 0
	mls qos
	!
	crypto pki trustpoint TP-self-signed-3641022720
	enrollment selfsigned
	subject-name cn=IOS-Self-Signed-Certificate-3641022720
	revocation-check none
	rsakeypair TP-self-signed-3641022720
	!
	!
	crypto pki certificate chain TP-self-signed-3641022720
	certificate self-signed 01
	3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
	-- snip --
	A6AD3EAA 0B6A28F7 816E276E 5598B0
	quit
	spanning-tree mode pvst
	spanning-tree extend system-id
	!
	!
	!
	!
	vlan internal allocation policy ascending
	!
	!
	!
	!
	!
	!
	!
	!
	!
	!
	!
	interface Loopback0
	no ip address
	!
	interface Port-channel1
	description ESXi_PoCh_Trunk
	switchport mode access
	!
	interface FastEthernet0
	no ip address
	shutdown
	!
	interface GigabitEthernet0/1
	spanning-tree portfast
	switchport access vlan 20
	!
	interface GigabitEthernet0/2
	description computer1
	switchport access vlan 50
	spanning-tree portfast
	!
	interface GigabitEthernet0/3
	description raspberrypi
	switchport access vlan 50
	spanning-tree portfast
	!
	interface GigabitEthernet0/4
	description Dock
	switchport access vlan 20
	spanning-tree portfast
	!
	interface GigabitEthernet0/5
	description computer2
	switchport access vlan 20
	spanning-tree portfast
	!
	interface GigabitEthernet0/6
	description WOPR
	switchport access vlan 20
	switchport mode trunk
	!
	interface GigabitEthernet0/7
	description computer4
	switchport access vlan 20
	switchport mode access
	!
	interface GigabitEthernet0/8
	description computer5
	switchport access vlan 20
	spanning-tree portfast
	!
	interface GigabitEthernet0/9
	switchport access vlan 20
	switchport mode access
	spanning-tree portfast
	!
	interface GigabitEthernet0/10
	switchport access vlan 20
	switchport mode access
	spanning-tree portfast
	!
	interface GigabitEthernet0/11
	switchport mode trunk
	!
	interface GigabitEthernet0/12
	switchport access vlan 20
	switchport mode access
	spanning-tree portfast
	!
	interface GigabitEthernet0/13
	switchport access vlan 50
	switchport mode access
	spanning-tree portfast
	!
	interface GigabitEthernet0/14
	switchport access vlan 20
	switchport mode access
	spanning-tree portfast
	!
	interface GigabitEthernet0/15
	switchport access vlan 20
	switchport mode access
	spanning-tree portfast
	!
	interface GigabitEthernet0/16
	switchport access vlan 20
	switchport mode access
	spanning-tree portfast
	!
	interface GigabitEthernet0/17
	switchport access vlan 20
	switchport mode access
	spanning-tree portfast
	!
	interface GigabitEthernet0/18
	switchport access vlan 20
	switchport mode access
	spanning-tree portfast
	!
	interface GigabitEthernet0/19
	switchport access vlan 20
	switchport mode access
	spanning-tree portfast
	!
	interface GigabitEthernet0/20
	description vmnic0
	switchport mode trunk
	!
	interface GigabitEthernet0/21
	description vmnic1
	switchport mode trunk
	!
	interface GigabitEthernet0/22
	description vmnic2
	switchport mode trunk
	!
	interface GigabitEthernet0/23
	description vmnic3
	switchport mode trunk
	!
	interface GigabitEthernet0/24
	description AP
	switchport mode trunk
	!
	interface GigabitEthernet0/25
	switchport mode trunk
	mls qos trust cos
	macro description cisco-switch
	spanning-tree link-type point-to-point
	!
	interface GigabitEthernet0/26
	switchport mode trunk
	mls qos trust cos
	macro description cisco-switch
	spanning-tree link-type point-to-point
	!
	interface Vlan1
	ip address 192.168.1.252 255.255.255.0
	ip access-group 10 in
	!
	interface Vlan10
	ip address 10.0.10.252 255.255.255.0
	ip helper-address 10.0.10.254
	!
	interface Vlan20
	ip address 10.0.21.252 255.255.254.0
	ip helper-address 10.0.21.254
	!
	interface Vlan30
	ip address 10.0.30.252 255.255.255.0
	ip helper-address 10.0.30.254
	!
	interface Vlan40
	ip address 10.0.40.252 255.255.255.0
	ip helper-address 10.0.40.254
	!
	interface Vlan50
	ip address 10.0.50.252 255.255.255.0
	ip helper-address 10.0.50.254
	!
	ip default-gateway 192.168.1.254
	no ip http server
	no ip http secure-server
	!
	ip ssh version 2
	ip ssh pubkey-chain
	username user2
	key-hash ssh-rsa FB1-- snip --E3A1 AAAAB3-- snip --998jj user2@wopr
	key-hash ssh-rsa 4F3A-- snip --97FB8
	ip tacacs source-interface Vlan20
	!
	ip access-list standard ACL-SNMP
	permit any
	!
	logging trap notifications
	logging host 10.0.20.11
	snmp-server group LOCALAUTHGROUP v3 priv
	snmp-server view cutdown iso included
	snmp-server view cutdown at excluded
	snmp-server view cutdown snmpUsmMIB excluded
	snmp-server view cutdown snmpVacmMIB excluded
	snmp-server view cutdown snmpCommunityMIB excluded
	snmp-server view cutdown ip.21 excluded
	snmp-server view cutdown ip.22 excluded
	snmp-server community localsnmp view cutdown RO
	snmp-server location upstairs
	snmp-server contact [email protected]
	tacacs-server key 7 1309070600091D7B
	tacacs server SOMESERVER
	address ipv4 10.0.20.13
	key 7 07033158450C0054
	!
	!
	line con 0
	line vty 5 15
	!
	ntp server 204.11.201.12
	end