Config van 3 switches, 1 router en alle switches op 1 core switch
Dit is de configuratie van een netwerk met 3 switches en 2 routers. De instellingen zijn als volgt:
Technische informatie
Alle apparaten in het netwerk worden gekenmerkt door een hostname.
Dit document geeft aan welke IP-adressen gehanteerd zijn, hoe de VLAN’s zijn ingericht, welke IOS‑versies op de devices staan geïnstalleerd en wat de systeemaccounts zijn. Het beheer op alle devices kan door de netwerkbeheerder worden uitgevoerd via SSH. Van de verbinding tussen de devices is geen actuele tekening beschikbaar.
IP-adressen
De volgende IP-adressen zijn aan de devices toegekend en door de netwerkbeheerder via VLAN 30 bereikbaar.
|
Netwerkdevice |
IP-adres |
|
Server |
IP-adres |
|
SW1 |
10.30.0.4/16 |
|
NTP/syslog |
10.30.0.100/16 |
|
SW2 |
10.30.0.5/16 |
|
DHCP |
10.30.0.175/16 |
|
SW3 |
10.30.0.6/16 |
|
HTTP |
10.10.0.100/16 - |
|
SW_Core |
10.30.0.2/16 |
|
Controller |
N.v.t. |
|
Main_L3 |
10.30.0.1/16 |
|
FTP |
10.30.0.50/16 |
|
FIREWALL |
172.16.20.2/16 |
|
DNS |
10.30.0.200/16 |
|
Edge |
172.16.0.2/30 |
|
|
|
|
SW_Back_01 |
172.16.20.5/16 |
|
|
|
Verdeling VLAN's
Om het uitvalrisico te beperken, zijn de VLAN’s gelijkmatig over de switches verdeeld. Poort 24 is op alle access-switches vrij gelaten voor de netwerkbeheerder.
|
Switch |
Accesspoorten |
VLAN-ID |
Verbonden met |
|
SW1 |
1 – 5 |
20 |
Productie |
|
6 – 10 |
21 |
KlantenService |
|
|
11 – 15 |
22 |
HRM |
|
|
16-20 |
23 |
Marketing |
|
|
21-23 |
99 |
Ongebruikt |
|
|
24 |
30 |
IT_Beheer |
|
|
SW2 |
1 – 5 |
20 |
Productie |
|
6 – 10 |
21 |
KlantenService |
|
|
11 – 15 |
22 |
HRM |
|
|
16-20 |
23 |
Marketing |
|
|
21-23 |
99 |
Ongebruikt |
|
|
24 |
30 |
IT_Beheer |
|
|
SW3 |
1 – 5 |
20 |
Productie |
|
6 – 10 |
21 |
KlantenService |
|
|
11 – 15 |
22 |
HRM |
|
|
16-20 |
23 |
Marketing |
|
|
21-23 |
99 |
Productie |
|
|
24 |
30 |
IT_Beheer |
|
|
Main_L3 |
1/0/18-24 |
30 |
IT_Beheer |
Systeemaccounts
De volgende systeemaccounts zijn aan de devices toegekend.
Voor Telnet is geen account aangemaakt, omdat die toegang geblokkeerd dient te zijn volgens de securitypolicies.
|
Service |
Gebruikersnaam |
Wachtwoord |
|
Privileged mode |
- |
WELkom@1 |
|
Telnet |
- |
- |
|
SSH |
admin |
WELkom@1 |
|
Console |
admin |
WELkom@1 |
IOS-versies
Op alle devices hoort de volgende versie van Cisco IOS geïnstalleerd te zijn.
|
Netwerkdevice |
IOS-versie |
|
SW1 |
12.2(25r) |
|
SW2 |
12.2(25r) |
|
SW3 |
12.2(25r) |
|
SW_Core |
12.1(22) |
|
Main_l3 |
16.3.2 |
|
FIREWALL |
12.5 (3)S5 |
|
Edge |
15.5 (3)S5 |
|
SW-back_01 |
15.1(22)EA4 |
|
Device |
IP-adres |
Interface |
Verbonden met |
||
|
Device |
Interface |
Trunk/ Access |
|||
|
SW_Core |
10.30.0.2 |
G3/1 |
Main_L3 |
G1/0/2 |
Trunk |
|
FIREWALL |
172.16.20.2 |
G0/0/1 |
SW_Back_01 |
G0/0/0 |
Access |
|
Edge |
172.16.0.2 |
G0/0/0 |
Main_L3 |
G1/0/1 |
Access |
|
Sw1 |
10.30.0.4 |
G2/1 |
SW-Core |
G0/1 |
Trunk |
|
Sw2 |
10.30.0.5 |
G1/1 |
SW-Core |
G0/1 |
Trunk |
|
Sw3 |
10.30.0.6 |
G0/1 |
SW-Core |
G0/1 |
Trunk |
|
SW_back_01 |
172.16.20.5 |
FA0/1 |
FIREWALL |
G0/0/1 |
Access |
|
|
|
|
|
|
|
Inhoud
Configuration Switch1:
Current configuration : 6978 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname SW1
!
ip ftp username ftp-admin
ip ftp password B@ckup-cnfg
enable secret 5 $1$mERr$Zpt2pQQKuNvOlLWnoLsoB/
!
!
!
ip ssh version 2
ip domain-name solarplex.nl
!
username admin privilege 1 password 7 081669620216083743
username c privilege 1 password 7 0822
!
!
ip dhcp snooping vlan 1-1000
ip dhcp snooping
!
lldp run
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree vlan 1-4000 priority 16384
!
interface FastEthernet0/1
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/3
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/4
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/5
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/6
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/7
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/8
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/9
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/10
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/11
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/12
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/13
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/14
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/15
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/16
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/17
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/18
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/19
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/20
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/21
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
shutdown
!
interface FastEthernet0/22
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
shutdown
!
interface FastEthernet0/23
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
shutdown
!
interface FastEthernet0/24
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface GigabitEthernet0/1
switchport trunk allowed vlan 20-23,30
ip dhcp snooping trust
switchport mode trunk
!
interface GigabitEthernet0/2
switchport access vlan 99
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan30
ip address 10.30.0.4 255.255.0.0
!
ip default-gateway 10.30.0.1
!
no cdp run
!
##############################################################
# #
# !! WARNING !! #
# #
# There is no expectation of privacy when using this system. #
# ---------------------------------------------------------- #
# ---------------------------------------------------------- #
# #
# You must have explicit, authorized permission to #
# access or configure this device. Unauthorized attempts #
# and actions to access or use this system may result #
# in civil and/or criminal penalties. All activities #
# performed on this device are logged and monitored. #
# #
##############################################################
^C
logging 10.30.0.100
!
!
!
line con 0
login local
!
line vty 0 4
login local
transport input ssh
line vty 5 15
login
transport input ssh
!
!
!
ntp server 10.30.0.100
!
End
Configuration Switch 2:
Current configuration : 6999 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname SW2
!
ip ftp username ftp-admin
ip ftp password B@ckup-cnfg
!
!
!
ip ssh version 2
ip domain-name solarplex.nl
!
username admin privilege 1 password 7 081669620216083743
username c privilege 1 password 7 0822
!
!
ip dhcp snooping vlan 1-1000
ip dhcp snooping
!
lldp run
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree vlan 1-4000 priority 16384
!
interface FastEthernet0/1
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/3
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/4
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/5
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/6
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/7
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/8
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/9
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/10
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/11
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/12
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/13
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/14
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/15
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/16
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/17
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/18
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/19
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/20
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/21
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
shutdown
!
interface FastEthernet0/22
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
shutdown
!
interface FastEthernet0/23
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
shutdown
!
interface FastEthernet0/24
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface GigabitEthernet0/1
switchport trunk allowed vlan 20-23,30
ip dhcp snooping trust
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet0/2
ip dhcp snooping trust
switchport mode trunk
switchport nonegotiate
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan30
ip address 10.30.0.5 255.255.0.0
!
ip default-gateway 10.30.0.1
!
no cdp run
!
##############################################################
# #
# !! WARNING !! #
# #
# There is no expectation of privacy when using this system. #
# ---------------------------------------------------------- #
# ---------------------------------------------------------- #
# #
# You must have explicit, authorized permission to #
# access or configure this device. Unauthorized attempts #
# and actions to access or use this system may result #
# in civil and/or criminal penalties. All activities #
# performed on this device are logged and monitored. #
# #
##############################################################
^C
logging 10.30.0.100
!
!
!
line con 0
login local
!
line vty 0 4
login local
transport input ssh
line vty 5 15
login
transport input ssh
!
!
!
ntp server 10.30.0.100
!
end
Configuration Switch 3:
Current configuration : 6929 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname SW3
!
ip ftp username ftp-admin
ip ftp password B@ckup-cnfg
!
!
!
ip ssh version 2
ip domain-name solarplex.nl
!
username admin privilege 1 password 7 081669620216083743
username c privilege 1 password 7 0822
!
!
ip dhcp snooping vlan 1-1000
ip dhcp snooping
!
lldp run
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree vlan 1-4000 priority 16384
!
interface FastEthernet0/1
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/3
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/4
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/5
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/6
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/7
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/8
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/9
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/10
switchport access vlan 21
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/11
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/12
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/13
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/14
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/15
switchport access vlan 22
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/16
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/17
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/18
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/19
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/20
switchport access vlan 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/21
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/22
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/23
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface FastEthernet0/24
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 3
spanning-tree bpduguard enable
!
interface GigabitEthernet0/1
ip dhcp snooping trust
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet0/2
ip dhcp snooping trust
switchport mode trunk
switchport nonegotiate
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan30
ip address 10.30.0.6 255.255.0.0
!
ip default-gateway 10.30.0.1
!
no cdp run
!
##############################################################
# #
# !! WARNING !! #
# #
# There is no expectation of privacy when using this system. #
# ---------------------------------------------------------- #
# ---------------------------------------------------------- #
# #
# You must have explicit, authorized permission to #
# access or configure this device. Unauthorized attempts #
# and actions to access or use this system may result #
# in civil and/or criminal penalties. All activities #
# performed on this device are logged and monitored. #
# #
##############################################################
^C
logging 10.30.0.100
!
!
!
line con 0
login local
!
line vty 0 4
login local
transport input ssh
line vty 5 15
login
transport input ssh
!
!
!
ntp server 10.30.0.100
!
end
Configuration Router:
Current configuration : 7482 bytes
!
version 16.3.2
service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname Main_L3
!
logging userinfo
!
enable secret 5 $1$mERr$Zpt2pQQKuNvOlLWnoLsoB/
!
!
!
!
!
!
no ip cef
ip routing
!
no ipv6 cef
!
!
!
username admin password 7 081669620216083743
username c password 7 0822
!
!
lldp run
!
!
!
!
!
!
!
!
ip dhcp snooping vlan 1
ip dhcp snooping database flash:/dhcp-snooping.db
ip dhcp snooping
!
ip ftp username ftp-admin
ip ftp password B@ckup-cnfg
ip ssh version 2
ip domain-name solarplex.nl
!
!
spanning-tree mode pvst
spanning-tree vlan 1-4000 priority 0
!
class-map match-any Default
match protocol arp
match protocol dhcp
match protocol icmp
!
policy-map PT_CONTROLLER_QUEUING_OUT
class Default
bandwidth remaining percent 1
random-detect dscp-based
!
policy-map PT_CONTROLLER_MARKING_IN
class Default
set ip dscp default
!
!
!
!
!
interface Loopback1
no ip address
!
interface GigabitEthernet1/0/1
no switchport
ip address 172.16.0.1 255.255.255.252
duplex auto
speed auto
!
interface GigabitEthernet1/0/2
ip dhcp snooping trust
switchport trunk allowed vlan 20-23,30
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet1/0/3
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/4
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/5
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/6
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/7
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/8
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/9
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/10
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/11
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/12
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/13
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/14
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/15
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/16
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/17
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/18
ip dhcp snooping trust
switchport access vlan 30
!
interface GigabitEthernet1/0/19
ip dhcp snooping trust
switchport access vlan 30
!
interface GigabitEthernet1/0/20
ip dhcp snooping trust
switchport access vlan 30
!
interface GigabitEthernet1/0/21
ip dhcp snooping trust
switchport access vlan 30
!
interface GigabitEthernet1/0/22
ip dhcp snooping trust
switchport access vlan 30
!
interface GigabitEthernet1/0/23
switchport access vlan 30
!
interface GigabitEthernet1/0/24
switchport access vlan 30
!
interface GigabitEthernet1/1/1
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/1/2
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/1/3
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface GigabitEthernet1/1/4
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
shutdown
spanning-tree bpduguard enable
!
interface Vlan1
no ip address
shutdown
!
interface Vlan20
mac-address 0002.4a40.2901
ip address 10.20.0.1 255.255.0.0
ip helper-address 10.30.0.175
ip access-group 120 in
!
interface Vlan21
mac-address 0002.4a40.2902
ip address 10.21.0.1 255.255.0.0
ip helper-address 10.30.0.175
ip access-group 121 in
!
interface Vlan22
mac-address 0002.4a40.2903
ip address 10.22.0.1 255.255.0.0
ip helper-address 10.30.0.175
ip access-group 122 in
!
interface Vlan23
mac-address 0002.4a40.2904
ip address 10.23.0.1 255.255.0.0
ip helper-address 10.30.0.175
ip access-group 123 in
!
interface Vlan30
mac-address 0002.4a40.2905
ip address 10.30.0.1 255.255.0.0
!
interface Vlan100
mac-address 0002.4a40.2906
ip address 100.0.0.1 255.0.0.0
!
router ospf 1
log-adjacency-changes
passive-interface default
no passive-interface GigabitEthernet1/0/1
network 10.20.0.0 0.0.255.255 area 0
network 10.21.0.0 0.0.255.255 area 0
network 10.22.0.0 0.0.255.255 area 0
network 10.23.0.0 0.0.255.255 area 0
network 10.30.0.0 0.0.255.255 area 0
network 10.10.0.0 0.0.255.255 area 0
network 172.16.0.0 0.0.0.3 area 0
!
ip classless
!
ip flow-export version 9
!
!
!
no cdp run
!
##############################################################
# #
# !! WARNING !! #
# #
# There is no expectation of privacy when using this system. #
# ---------------------------------------------------------- #
# ---------------------------------------------------------- #
# #
# You must have explicit, authorized permission to #
# access or configure this device. Unauthorized attempts #
# and actions to access or use this system may result #
# in civil and/or criminal penalties. All activities #
# performed on this device are logged and monitored. #
# #
##############################################################
^C
!
!
!
!
logging 10.30.0.100
line con 0
login local
!
line aux 0
!
line vty 0 4
login local
transport input ssh
!
!
!
ntp server 10.30.0.100
ntp update-calendar
!
End
Configuration SW-Core
Current configuration : 3403 bytes
!
version 12.1
service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname SW_Core
!
ip ftp username ftp-admin
ip ftp password B@ckup-cnfg
enable secret 5 $1$mERr$Zpt2pQQKuNvOlLWnoLsoB/
!
!
!
ip ssh version 2
ip domain-name solarplex.nl
!
username admin privilege 1 password 7 081669620216083743
username c privilege 1 password 7 0822
!
!
ip dhcp snooping
!
lldp run
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree vlan 1-4000 priority 4096
!
interface GigabitEthernet0/1
switchport trunk allowed vlan 20-23,30
ip dhcp snooping trust
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet1/1
switchport trunk allowed vlan 20-23,30
ip dhcp snooping trust
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet2/1
switchport trunk allowed vlan 20-23,30
ip dhcp snooping trust
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet3/1
switchport trunk allowed vlan 20-23,30
ip dhcp snooping trust
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet4/1
switchport access vlan 99
switchport mode access
switchport nonegotiate
spanning-tree bpduguard enable
shutdown
!
interface GigabitEthernet5/1
switchport access vlan 99
switchport mode access
switchport port-security
spanning-tree bpduguard enable
shutdown
!
interface GigabitEthernet6/1
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
spanning-tree bpduguard enable
!
interface GigabitEthernet7/1
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
spanning-tree bpduguard enable
shutdown
!
interface GigabitEthernet8/1
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
spanning-tree bpduguard enable
shutdown
!
interface GigabitEthernet9/1
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security
spanning-tree bpduguard enable
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan30
ip address 10.30.0.2 255.255.0.0
!
ip default-gateway 10.30.0.1
!
no cdp run
!
##############################################################
# #
# !! WARNING !! #
# #
# There is no expectation of privacy when using this system. #
# ---------------------------------------------------------- #
# ---------------------------------------------------------- #
# #
# You must have explicit, authorized permission to #
# access or configure this device. Unauthorized attempts #
# and actions to access or use this system may result #
# in civil and/or criminal penalties. All activities #
# performed on this device are logged and monitored. #
# #
##############################################################
^C
logging 10.30.0.100
!
!
!
line con 0
login local
!
line vty 0 4
login local
transport input ssh
line vty 5 15
login
!
!
!
ntp server 192.168.0.125
!
End
Als je bij de sw core meer fastethernet poorten nodig hebt, dan kan je een pt switch pakken en die uitbreiden bij modules (cfe in de spots slepen als het stroom eraf is bij physical)
No comments to display
No comments to display