Config van 3 switches, 1 router en alle switches op 1 core switch Dit is de configuratie van een netwerk met 3 switches en 2 routers. De instellingen zijn als volgt: Technische informatie Alle apparaten in het netwerk worden gekenmerkt door een hostname . Dit document geeft aan welke IP-adressen gehanteerd zijn, hoe de VLAN’s zijn ingericht, welke IOS‑versies op de devices staan geïnstalleerd en wat de systeemaccounts zijn. Het beheer op alle devices kan door de netwerkbeheerder worden uitgevoerd via SSH. Van de verbinding tussen de devices is geen actuele tekening beschikbaar. IP-adressen De volgende IP-adressen zijn aan de devices toegekend en door de netwerkbeheerder via VLAN 30 bereikbaar. Netwerkdevice IP-adres     Server IP-adres SW1 10.30.0.4/16   NTP/syslog 10.30.0.100/16 SW2 10.30.0.5/16   DHCP 10.30.0.175/16 SW3 10.30.0.6/16   HTTP 10.10.0.100/16 - SW_Core 10.30.0.2/16   Controller N.v.t. Main_L3 10.30.0.1/16   FTP 10.30.0.50/16 FIREWALL   172.16.20.2/16   DNS 10.30.0.200/16 Edge 172.16.0.2/30       SW_Back_01 172.16.20.5/16       Verdeling VLAN's Om het uitvalrisico te beperken, zijn de VLAN’s gelijkmatig over de switches verdeeld. Poort 24 is op alle access-switches vrij gelaten voor de netwerkbeheerder. Switch Accesspoorten VLAN-ID Verbonden met SW1 1 – 5 20 Productie 6 – 10 21 KlantenService 11 – 15 22 HRM 16-20 23 Marketing 21-23 99 Ongebruikt 24 30 IT_Beheer SW2 1 – 5 20 Productie 6 – 10 21 KlantenService 11 – 15 22 HRM 16-20 23 Marketing 21-23 99 Ongebruikt 24 30 IT_Beheer SW3 1 – 5 20 Productie 6 – 10 21 KlantenService 11 – 15 22 HRM 16-20 23 Marketing 21-23 99 Productie 24 30 IT_Beheer Main_L3 1/0/18-24 30 IT_Beheer Systeemaccounts De volgende systeemaccounts zijn aan de devices toegekend. Voor Telnet is geen account aangemaakt, omdat die toegang geblokkeerd dient te zijn volgens de securitypolicies. Service Gebruikersnaam Wachtwoord Privileged mode - WELkom@1 Telnet - - SSH admin WELkom@1 Console admin WELkom@1 IOS-versies Op alle devices hoort de volgende versie van Cisco IOS geïnstalleerd te zijn. Netwerkdevice IOS-versie SW1 12.2(25r) SW2 12.2(25r) SW3 12.2(25r) SW_Core 12.1(22) Main_l3 16.3.2 FIREWALL 12.5 (3)S5 Edge 15.5 (3)S5 SW-back_01 15.1(22)EA4 Device IP-adres Interface Verbonden met Device Interface Trunk/ Access SW_ Core 10.30.0.2 G3/1 Main_L3 G1/0/2 Trunk FIREWALL 172.16.20.2 G0/0/1 SW_Back_01 G0/0/0 Access Edge 172.16.0.2 G0/0/0 Main_L3 G1/0/1 Access Sw1 10.30.0.4 G2/1 SW-Core G0/1 Trunk Sw2 10.30.0.5 G1/1 SW-Core G0/1 Trunk Sw3 10.30.0.6 G0/1 SW-Core G0/1 Trunk SW_back_01 172.16.20.5 FA0/1 FIREWALL G0/0/1 Access             Inhoud Dit is de configuratie van een netwerk met 3 switches en 2 routers. De instellingen zijn als volgt: Technische informatie . 1 IP-adressen . 1 Verdeling VLAN's . 2 Systeemaccounts . 2 IOS-versies . 4 Configuration Switch1: 6 Configuration Switch 2: 16 Configuration Switch 3: 25 Configuration Router: 35 Configuration SW-Core . 48   Configuration Switch1: Current configuration : 6978 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec service password-encryption ! hostname SW1 ! ip ftp username ftp-admin ip ftp password B@ckup-cnfg enable secret 5 $1$mERr$Zpt2pQQKuNvOlLWnoLsoB/ ! ! ! ip ssh version 2 ip domain-name solarplex.nl ! username admin privilege 1 password 7 081669620216083743 username c privilege 1 password 7 0822 ! ! ip dhcp snooping vlan 1-1000 ip dhcp snooping ! lldp run ! spanning-tree mode pvst spanning-tree extend system-id spanning-tree vlan 1-4000 priority 16384 ! interface FastEthernet0/1 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/2 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/3 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/4 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/5 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/6 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/7 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/8 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/9 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/10 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/11 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/12 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/13 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/14 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/15 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/16 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/17 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/18 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/19 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/20 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/21 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable shutdown ! interface FastEthernet0/22 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable shutdown ! interface FastEthernet0/23 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable shutdown ! interface FastEthernet0/24 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface GigabitEthernet0/1 switchport trunk allowed vlan 20-23,30 ip dhcp snooping trust switchport mode trunk ! interface GigabitEthernet0/2 switchport access vlan 99 shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan30 ip address 10.30.0.4 255.255.0.0 ! ip default-gateway 10.30.0.1 ! no cdp run ! banner motd ^C ############################################################## # # # !! WARNING !! # # # # There is no expectation of privacy when using this system. # # ---------------------------------------------------------- # # UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED # # ---------------------------------------------------------- # # # # You must have explicit, authorized permission to # # access or configure this device. Unauthorized attempts # # and actions to access or use this system may result # # in civil and/or criminal penalties. All activities # # performed on this device are logged and monitored. # # # ############################################################## ^C logging 10.30.0.100 ! ! ! line con 0 login local ! line vty 0 4 login local transport input ssh line vty 5 15 login transport input ssh ! ! ! ntp server 10.30.0.100 ! End Configuration Switch 2: Current configuration : 6999 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec service password-encryption ! hostname SW2 ! ip ftp username ftp-admin ip ftp password B@ckup-cnfg ! ! ! ip ssh version 2 ip domain-name solarplex.nl ! username admin privilege 1 password 7 081669620216083743 username c privilege 1 password 7 0822 ! ! ip dhcp snooping vlan 1-1000 ip dhcp snooping ! lldp run ! spanning-tree mode pvst spanning-tree extend system-id spanning-tree vlan 1-4000 priority 16384 ! interface FastEthernet0/1 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/2 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/3 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/4 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/5 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/6 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/7 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/8 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/9 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/10 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/11 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/12 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/13 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/14 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/15 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/16 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/17 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/18 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/19 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/20 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/21 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable shutdown ! interface FastEthernet0/22 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable shutdown ! interface FastEthernet0/23 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable shutdown ! interface FastEthernet0/24 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface GigabitEthernet0/1 switchport trunk allowed vlan 20-23,30 ip dhcp snooping trust switchport mode trunk switchport nonegotiate ! interface GigabitEthernet0/2 ip dhcp snooping trust switchport mode trunk switchport nonegotiate shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan30 ip address 10.30.0.5 255.255.0.0 ! ip default-gateway 10.30.0.1 ! no cdp run ! banner motd ^C ############################################################## # # # !! WARNING !! # # # # There is no expectation of privacy when using this system. # # ---------------------------------------------------------- # # UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED # # ---------------------------------------------------------- # # # # You must have explicit, authorized permission to # # access or configure this device. Unauthorized attempts # # and actions to access or use this system may result # # in civil and/or criminal penalties. All activities # # performed on this device are logged and monitored. # # # ############################################################## ^C logging 10.30.0.100 ! ! ! line con 0 login local ! line vty 0 4 login local transport input ssh line vty 5 15 login transport input ssh ! ! ! ntp server 10.30.0.100 ! end Configuration Switch 3: Current configuration : 6929 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec service password-encryption ! hostname SW3 ! ip ftp username ftp-admin ip ftp password B@ckup-cnfg ! ! ! ip ssh version 2 ip domain-name solarplex.nl ! username admin privilege 1 password 7 081669620216083743 username c privilege 1 password 7 0822 ! ! ip dhcp snooping vlan 1-1000 ip dhcp snooping ! lldp run ! spanning-tree mode pvst spanning-tree extend system-id spanning-tree vlan 1-4000 priority 16384 ! interface FastEthernet0/1 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/2 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/3 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/4 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/5 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree portfast spanning-tree bpduguard enable ! interface FastEthernet0/6 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/7 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/8 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/9 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/10 switchport access vlan 21 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/11 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/12 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/13 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/14 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/15 switchport access vlan 22 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/16 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/17 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/18 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/19 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/20 switchport access vlan 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/21 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/22 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/23 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface FastEthernet0/24 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 3 spanning-tree bpduguard enable ! interface GigabitEthernet0/1 ip dhcp snooping trust switchport mode trunk switchport nonegotiate ! interface GigabitEthernet0/2 ip dhcp snooping trust switchport mode trunk switchport nonegotiate shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan30 ip address 10.30.0.6 255.255.0.0 ! ip default-gateway 10.30.0.1 ! no cdp run ! banner motd ^C ############################################################## # # # !! WARNING !! # # # # There is no expectation of privacy when using this system. # # ---------------------------------------------------------- # # UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED # # ---------------------------------------------------------- # # # # You must have explicit, authorized permission to # # access or configure this device. Unauthorized attempts # # and actions to access or use this system may result # # in civil and/or criminal penalties. All activities # # performed on this device are logged and monitored. # # # ############################################################## ^C logging 10.30.0.100 ! ! ! line con 0 login local ! line vty 0 4 login local transport input ssh line vty 5 15 login transport input ssh ! ! ! ntp server 10.30.0.100 ! end Configuration Router: Current configuration : 7482 bytes ! version 16.3.2 service timestamps log datetime msec no service timestamps debug datetime msec service password-encryption ! hostname Main_L3 ! logging userinfo ! enable secret 5 $1$mERr$Zpt2pQQKuNvOlLWnoLsoB/ ! ! ! ! ! ! no ip cef ip routing ! no ipv6 cef ! ! ! username admin password 7 081669620216083743 username c password 7 0822 ! ! lldp run ! ! ! ! ! ! ! ! ip dhcp snooping vlan 1 ip dhcp snooping database flash:/dhcp-snooping.db ip dhcp snooping ! ip ftp username ftp-admin ip ftp password B@ckup-cnfg ip ssh version 2 ip domain-name solarplex.nl ! ! spanning-tree mode pvst spanning-tree vlan 1-4000 priority 0 ! class-map match-any Default match protocol arp match protocol dhcp match protocol icmp ! policy-map PT_CONTROLLER_QUEUING_OUT class Default bandwidth remaining percent 1 random-detect dscp-based ! policy-map PT_CONTROLLER_MARKING_IN class Default set ip dscp default ! ! ! ! ! interface Loopback1 no ip address ! interface GigabitEthernet1/0/1 no switchport ip address 172.16.0.1 255.255.255.252 duplex auto speed auto ! interface GigabitEthernet1/0/2 ip dhcp snooping trust switchport trunk allowed vlan 20-23,30 switchport mode trunk switchport nonegotiate ! interface GigabitEthernet1/0/3 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/4 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/5 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/6 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/7 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/8 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/9 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/10 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/11 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/12 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/13 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/14 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/15 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/16 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/17 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/0/18 ip dhcp snooping trust switchport access vlan 30 ! interface GigabitEthernet1/0/19 ip dhcp snooping trust switchport access vlan 30 ! interface GigabitEthernet1/0/20 ip dhcp snooping trust switchport access vlan 30 ! interface GigabitEthernet1/0/21 ip dhcp snooping trust switchport access vlan 30 ! interface GigabitEthernet1/0/22 ip dhcp snooping trust switchport access vlan 30 ! interface GigabitEthernet1/0/23 switchport access vlan 30 ! interface GigabitEthernet1/0/24 switchport access vlan 30 ! interface GigabitEthernet1/1/1 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/1/2 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/1/3 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface GigabitEthernet1/1/4 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security shutdown spanning-tree bpduguard enable ! interface Vlan1 no ip address shutdown ! interface Vlan20 mac-address 0002.4a40.2901 ip address 10.20.0.1 255.255.0.0 ip helper-address 10.30.0.175 ip access-group 120 in ! interface Vlan21 mac-address 0002.4a40.2902 ip address 10.21.0.1 255.255.0.0 ip helper-address 10.30.0.175 ip access-group 121 in ! interface Vlan22 mac-address 0002.4a40.2903 ip address 10.22.0.1 255.255.0.0 ip helper-address 10.30.0.175 ip access-group 122 in ! interface Vlan23 mac-address 0002.4a40.2904 ip address 10.23.0.1 255.255.0.0 ip helper-address 10.30.0.175 ip access-group 123 in ! interface Vlan30 mac-address 0002.4a40.2905 ip address 10.30.0.1 255.255.0.0 ! interface Vlan100 mac-address 0002.4a40.2906 ip address 100.0.0.1 255.0.0.0 ! router ospf 1 log-adjacency-changes passive-interface default no passive-interface GigabitEthernet1/0/1 network 10.20.0.0 0.0.255.255 area 0 network 10.21.0.0 0.0.255.255 area 0 network 10.22.0.0 0.0.255.255 area 0 network 10.23.0.0 0.0.255.255 area 0 network 10.30.0.0 0.0.255.255 area 0 network 10.10.0.0 0.0.255.255 area 0 network 172.16.0.0 0.0.0.3 area 0 ! ip classless ! ip flow-export version 9 ! ! ! no cdp run ! banner motd ^C ############################################################## # # # !! WARNING !! # # # # There is no expectation of privacy when using this system. # # ---------------------------------------------------------- # # UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED # # ---------------------------------------------------------- # # # # You must have explicit, authorized permission to # # access or configure this device. Unauthorized attempts # # and actions to access or use this system may result # # in civil and/or criminal penalties. All activities # # performed on this device are logged and monitored. # # # ############################################################## ^C ! ! ! ! logging 10.30.0.100 line con 0 login local ! line aux 0 ! line vty 0 4 login local transport input ssh ! ! ! ntp server 10.30.0.100 ntp update-calendar ! End Configuration SW-Core Current configuration : 3403 bytes ! version 12.1 service timestamps log datetime msec no service timestamps debug datetime msec service password-encryption ! hostname SW_Core ! ip ftp username ftp-admin ip ftp password B@ckup-cnfg enable secret 5 $1$mERr$Zpt2pQQKuNvOlLWnoLsoB/ ! ! ! ip ssh version 2 ip domain-name solarplex.nl ! username admin privilege 1 password 7 081669620216083743 username c privilege 1 password 7 0822 ! ! ip dhcp snooping ! lldp run ! spanning-tree mode pvst spanning-tree extend system-id spanning-tree vlan 1-4000 priority 4096 ! interface GigabitEthernet0/1 switchport trunk allowed vlan 20-23,30 ip dhcp snooping trust switchport mode trunk switchport nonegotiate ! interface GigabitEthernet1/1 switchport trunk allowed vlan 20-23,30 ip dhcp snooping trust switchport mode trunk switchport nonegotiate ! interface GigabitEthernet2/1 switchport trunk allowed vlan 20-23,30 ip dhcp snooping trust switchport mode trunk switchport nonegotiate ! interface GigabitEthernet3/1 switchport trunk allowed vlan 20-23,30 ip dhcp snooping trust switchport mode trunk switchport nonegotiate ! interface GigabitEthernet4/1 switchport access vlan 99 switchport mode access switchport nonegotiate spanning-tree bpduguard enable shutdown ! interface GigabitEthernet5/1 switchport access vlan 99 switchport mode access switchport port-security spanning-tree bpduguard enable shutdown ! interface GigabitEthernet6/1 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security spanning-tree bpduguard enable ! interface GigabitEthernet7/1 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security spanning-tree bpduguard enable shutdown ! interface GigabitEthernet8/1 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security spanning-tree bpduguard enable shutdown ! interface GigabitEthernet9/1 switchport access vlan 99 switchport mode access switchport nonegotiate switchport port-security spanning-tree bpduguard enable shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan30 ip address 10.30.0.2 255.255.0.0 ! ip default-gateway 10.30.0.1 ! no cdp run ! banner motd ^C ############################################################## # # # !! WARNING !! # # # # There is no expectation of privacy when using this system. # # ---------------------------------------------------------- # # UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED # # ---------------------------------------------------------- # # # # You must have explicit, authorized permission to # # access or configure this device. Unauthorized attempts # # and actions to access or use this system may result # # in civil and/or criminal penalties. All activities # # performed on this device are logged and monitored. # # # ############################################################## ^C logging 10.30.0.100 ! ! ! line con 0 login local ! line vty 0 4 login local transport input ssh line vty 5 15 login ! ! ! ntp server 192.168.0.125 ! End Als je bij de sw core meer fastethernet poorten nodig hebt, dan kan je een pt switch pakken en die uitbreiden bij modules (cfe in de spots slepen als het stroom eraf is bij physical)