Linton-Network-switchredzone
Jump to CustomersLinton > Linton > Network > switchredzone
Unit 1
# sysname switch-redzone # undo password-control aging enable undo password-control length enable undo password-control history enable password-control login-attempt 3 exceed lock-time 120 # local-server nas-ip 127.0.0.1 key cipher $c$3$3lbBxkrW9szhQ/beiXTpVVB8AfdzgQs= # igmp-snooping enable # link-aggregation group 1 mode static link-aggregation group 2 mode static # radius scheme system # domain system # local-user admin password cipher $c$3$oZmJp7MCvB/6a+8CwiDkM6tl/nQ1Ls8+Qw== service-type telnet terminal level 3 local-user manager password cipher $c$3$4E1k7FFTMtn+zVoMteTlrIG91F45/WzFf0M= service-type telnet terminal level 2 local-user monitor password cipher $c$3$uRq3Qqov/UdEzadcEQCLAYYYScHl0Y5g4E0= service-type telnet terminal level 1 # acl number 3997 rule 0 permit ip dscp ef rule 1 permit tcp destination-port eq www rule 2 permit udp destination-port eq snmp rule 3 permit udp destination-port eq snmptrap rule 4 permit ip dscp cs6 rule 5 permit ip dscp cs7 # acl number 4999 rule 0 permit type 8868 ffff rule 1 permit source 00e0-bb00-0000 ffff-ff00-0000 rule 2 permit source 0003-6b00-0000 ffff-ff00-0000 rule 3 permit source 00e0-7500-0000 ffff-ff00-0000 rule 4 permit source 00d0-1e00-0000 ffff-ff00-0000 rule 5 permit source 0001-e300-0000 ffff-ff00-0000 rule 6 permit source 000f-e200-0000 ffff-ff00-0000 rule 7 permit source 0060-b900-0000 ffff-ff00-0000 rule 8 deny dest 0000-0000-0000 ffff-ffff-ffff # qos-profile default packet-filter inbound link-group 4999 rule 8 traffic-priority inbound ip-group 3997 rule 0 cos voice traffic-priority inbound ip-group 3997 rule 4 cos network-management traffic-priority inbound ip-group 3997 rule 5 cos network-management traffic-priority inbound link-group 4999 rule 0 dscp ef cos voice traffic-priority inbound link-group 4999 rule 1 dscp ef cos voice traffic-priority inbound link-group 4999 rule 2 dscp ef cos voice traffic-priority inbound link-group 4999 rule 3 dscp ef cos voice traffic-priority inbound link-group 4999 rule 4 dscp ef cos voice traffic-priority inbound link-group 4999 rule 5 dscp ef cos voice traffic-priority inbound link-group 4999 rule 6 dscp ef cos voice traffic-priority inbound link-group 4999 rule 7 dscp ef cos voice # vlan 1 igmp-snooping enable # vlan 2 description Guest_Wireless # vlan 20 description Internet # vlan 28 description Catering # vlan 36 description Management # vlan 40 description Student # vlan 50 description Staff # vlan 55 description CCTV # vlan 60 description voip # vlan 70 description ATC guest # interface Vlan-interface36 ip address 10.36.0.204 255.255.255.0 #LOCCFG. MUST NOT DELETE # interface Aux1/0/0 # interface GigabitEthernet1/0/1 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/2 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/3 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/4 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/5 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 2 40 50 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/6 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/7 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/8 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/9 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/10 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/11 poe enable port link-type trunk port trunk permit vlan all broadcast-suppression pps 3000 shutdown undo jumboframe enable lacp enable port link-aggregation group 1 apply qos-profile default # interface GigabitEthernet1/0/12 poe enable port link-type trunk port trunk permit vlan all broadcast-suppression pps 3000 shutdown undo jumboframe enable lacp enable port link-aggregation group 1 apply qos-profile default # interface GigabitEthernet1/0/13 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/14 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/15 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/16 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/17 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 2 40 50 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/18 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 70 untagged undo port hybrid vlan 1 broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/19 poe enable stp edged-port enable broadcast-suppression pps 3000 port access vlan 55 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/20 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/21 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/22 poe enable stp edged-port enable port link-type hybrid port hybrid vlan 2 40 50 60 tagged port hybrid vlan 1 untagged broadcast-suppression pps 3000 undo jumboframe enable apply qos-profile default # interface GigabitEthernet1/0/23 poe enable stp edged-port enable port link-type trunk port trunk permit vlan all broadcast-suppression pps 3000 shutdown undo jumboframe enable lacp enable port link-aggregation group 2 apply qos-profile default # interface GigabitEthernet1/0/24 poe enable stp edged-port enable port link-type trunk port trunk permit vlan all broadcast-suppression pps 3000 shutdown undo jumboframe enable lacp enable port link-aggregation group 2 apply qos-profile default # interface GigabitEthernet1/0/25 port link-type trunk port trunk permit vlan all broadcast-suppression pps 3000 undo jumboframe enable lacp enable port link-aggregation group 1 apply qos-profile default # interface GigabitEthernet1/0/26 port link-type trunk port trunk permit vlan all broadcast-suppression pps 3000 undo jumboframe enable lacp enable port link-aggregation group 1 apply qos-profile default # interface GigabitEthernet1/0/27 stp edged-port enable port link-type trunk port trunk permit vlan all broadcast-suppression pps 3000 undo jumboframe enable lacp enable port link-aggregation group 2 apply qos-profile default # interface GigabitEthernet1/0/28 stp edged-port enable port link-type trunk port trunk permit vlan all broadcast-suppression pps 3000 undo jumboframe enable lacp enable port link-aggregation group 2 apply qos-profile default # interface Cascade1/2/1 # interface Cascade1/2/2 #TOPOLOGYCFG. MUST NOT DELETE #GLBCFG. MUST NOT DELETE # interface NULL0 # voice vlan mac-address 0001-e300-0000 mask ffff-ff00-0000 description Siemens AG phone voice vlan mac-address 0060-b900-0000 mask ffff-ff00-0000 description Philips and NEC AG phone voice vlan 60 enable # ip route-static 0.0.0.0 0.0.0.0 10.36.0.1 preference 60 ip route-static 172.1.2.0 255.255.255.0 10.28.3.254 preference 60 # snmp-agent snmp-agent local-engineid 8000002B001EC1E4B6806877 snmp-agent community read public snmp-agent community write private snmp-agent sys-info version all # user-interface aux 0 7 authentication-mode scheme user-interface vty 0 4 authentication-mode scheme # return
Unit 8
# sysname switch-redzone # undo password-control aging enable undo password-control length enable undo password-control history enable password-control login-attempt 3 exceed lock-time 120 # local-server nas-ip 127.0.0.1 key cipher $c$3$3lbBxkrW9szhQ/beiXTpVVB8AfdzgQs= # igmp-snooping enable # link-aggregation group 1 mode static link-aggregation group 2 mode static # radius scheme system # domain system # local-user admin password cipher $c$3$oZmJp7MCvB/6a+8CwiDkM6tl/nQ1Ls8+Qw== service-type telnet terminal level 3 local-user manager password cipher $c$3$4E1k7FFTMtn+zVoMteTlrIG91F45/WzFf0M= service-type telnet terminal level 2 local-user monitor password cipher $c$3$uRq3Qqov/UdEzadcEQCLAYYYScHl0Y5g4E0= service-type telnet terminal level 1 # acl number 3997 rule 0 permit ip dscp ef rule 1 permit tcp destination-port eq www rule 2 permit udp destination-port eq snmp rule 3 permit udp destination-port eq snmptrap rule 4 permit ip dscp cs6 rule 5 permit ip dscp cs7 # acl number 4999 rule 0 permit type 8868 ffff rule 1 permit source 00e0-bb00-0000 ffff-ff00-0000 rule 2 permit source 0003-6b00-0000 ffff-ff00-0000 rule 3 permit source 00e0-7500-0000 ffff-ff00-0000 rule 4 permit source 00d0-1e00-0000 ffff-ff00-0000 rule 5 permit source 0001-e300-0000 ffff-ff00-0000 rule 6 permit source 000f-e200-0000 ffff-ff00-0000 rule 7 permit source 0060-b900-0000 ffff-ff00-0000 rule 8 deny dest 0000-0000-0000 ffff-ffff-ffff # qos-profile default packet-filter inbound link-group 4999 rule 8 traffic-priority inbound ip-group 3997 rule 0 cos voice traffic-priority inbound ip-group 3997 rule 4 cos network-management traffic-priority inbound ip-group 3997 rule 5 cos network-management traffic-priority inbound link-group 4999 rule 0 dscp ef cos voice traffic-priority inbound link-group 4999 rule 1 dscp ef cos voice traffic-priority inbound link-group 4999 rule 2 dscp ef cos voice traffic-priority inbound link-group 4999 rule 3 dscp ef cos voice traffic-priority inbound link-group 4999 rule 4 dscp ef cos voice traffic-priority inbound link-group 4999 rule 5 dscp ef cos voice traffic-priority inbound link-group 4999 rule 6 dscp ef cos voice traffic-priority inbound link-group 4999 rule 7 dscp ef cos voice # vlan 1 igmp-snooping enable # vlan 2 description Guest_Wireless # vlan 20 description Internet # vlan 28 description Catering # vlan 36 description Management # vlan 40 description Student # vlan 50 description Staff # vlan 55 description CCTV # vlan 60 description voip # vlan 70 description ATC guest # interface Vlan-interface36 ip address 10.36.0.204 255.255.255.0 #LOCCFG. MUST NOT DELETE # interface Aux8/0/0 # interface GigabitEthernet8/0/1 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/2 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/3 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/4 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/5 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/6 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/7 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/8 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/9 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/10 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/11 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/12 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/13 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/14 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/15 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/16 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/17 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/18 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/19 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/20 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/21 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/22 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/23 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/24 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/25 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/26 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/27 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/28 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/29 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/30 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/31 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/32 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/33 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/34 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/35 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/36 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/37 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/38 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/39 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/40 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/41 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/42 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/43 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/44 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/45 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/46 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/47 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/48 stp edged-port enable broadcast-suppression pps 3000 port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/49 stp edged-port enable broadcast-suppression pps 3000 shutdown port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/50 stp edged-port enable broadcast-suppression pps 3000 shutdown port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/51 stp edged-port enable broadcast-suppression pps 3000 shutdown port access vlan 70 undo jumboframe enable apply qos-profile default # interface GigabitEthernet8/0/52 stp edged-port enable broadcast-suppression pps 3000 shutdown port access vlan 70 undo jumboframe enable apply qos-profile default # interface Cascade8/2/1 # interface Cascade8/2/2 #TOPOLOGYCFG. MUST NOT DELETE #GLBCFG. MUST NOT DELETE # interface NULL0 # voice vlan mac-address 0001-e300-0000 mask ffff-ff00-0000 description Siemens AG phone voice vlan mac-address 0060-b900-0000 mask ffff-ff00-0000 description Philips and NEC AG phone voice vlan 60 enable # ip route-static 0.0.0.0 0.0.0.0 10.36.0.1 preference 60 ip route-static 172.1.2.0 255.255.255.0 10.28.3.254 preference 60 # snmp-agent snmp-agent local-engineid 8000002B001EC1E4B6806877 snmp-agent community read public snmp-agent community write private snmp-agent sys-info version all # user-interface aux 0 7 authentication-mode scheme user-interface vty 0 4 authentication-mode scheme # return