Scribd
Upload
6 views7 pages

SW ALCOMPRAR NUESTRO ALNUE-R1-SW2

The document is a configuration file for a network switch named ALNUE-R1-SW2, detailing its version, system settings, VLAN configurations, and interface setups. It includes security settings such as user roles, password controls, and SNMP configurations, as well as static IP routing and logging settings. Additionally, it outlines access control lists (ACLs) and user management for network access and administration.

Uploaded by

Eddy Josse Morelo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
6 views7 pages

SW ALCOMPRAR NUESTRO ALNUE-R1-SW2

The document is a configuration file for a network switch named ALNUE-R1-SW2, detailing its version, system settings, VLAN configurations, and interface setups. It includes security settings such as user roles, password controls, and SNMP configurations, as well as static IP routing and logging settings. Additionally, it outlines access control lists (ACLs) and user management for network access and administration.

Uploaded by

Eddy Josse Morelo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 7

[ALNUE-R1-SW2]

[ALNUE-R1-SW2]dis cu
#
version 7.1.070, Release 3507P18
#
sysname ALNUE-R1-SW2
#
clock timezone Bogota minus 05:00:00
clock protocol none
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
ip ttl-expires enable
#
lldp global enable
#
password-recovery enable
#
vlan 1
description DEFAULT
#
vlan 81
name REDEBAN
description REDEBAN
#
vlan 99
name ADMIN_SW_AP
#
stp mode stp
stp global enable
#
interface NULL0
#
interface LoopBack3
description GESTION-SW
ip address 172.25.15.131 255.255.255.255
#
interface Vlan-interface1
ip address 10.49.2.22 255.255.240.0
#
interface Vlan-interface99
description ADMIN_SW
ip address 10.49.19.22 255.255.255.192
#
interface GigabitEthernet1/0/1
description CONEXION ROUTER PPAL IP: 10.49.2.3
port link-type trunk
port trunk permit vlan 1 81 99
stp edged-port
#
interface GigabitEthernet1/0/2
stp edged-port
#
interface GigabitEthernet1/0/3
stp edged-port
#
interface GigabitEthernet1/0/4
stp edged-port
#
interface GigabitEthernet1/0/5
stp edged-port
#
interface GigabitEthernet1/0/6
stp edged-port
#
interface GigabitEthernet1/0/7
description DATAFONO REDEBAN
port access vlan 81
stp edged-port
#
interface GigabitEthernet1/0/8
stp edged-port
#
interface GigabitEthernet1/0/9
stp edged-port
#
interface GigabitEthernet1/0/10
stp edged-port
#
interface GigabitEthernet1/0/11
description DATAFONO REDEBAN
port access vlan 81
stp edged-port
#
interface GigabitEthernet1/0/12
description DATAFONO REDEBAN
port access vlan 81
stp edged-port
#
interface GigabitEthernet1/0/13
stp edged-port
#
interface GigabitEthernet1/0/14
stp edged-port
#
interface GigabitEthernet1/0/15
description DATAFONO REDEBAN
port access vlan 81
stp edged-port
#
interface GigabitEthernet1/0/16
description DATAFONO REDEBAN
port access vlan 81
stp edged-port
#
interface GigabitEthernet1/0/17
stp edged-port
#
interface GigabitEthernet1/0/18
stp edged-port
#
interface GigabitEthernet1/0/19
stp edged-port
#
interface GigabitEthernet1/0/20
stp edged-port
#
interface GigabitEthernet1/0/21
description DATAFONO REDEBAN
port access vlan 81
stp edged-port
#
interface GigabitEthernet1/0/22
description DATAFONO REDEBAN
port access vlan 81
stp edged-port
#
interface GigabitEthernet1/0/23
description DATAFONO REDEBAN
port access vlan 81
stp edged-port
#
interface GigabitEthernet1/0/24
description CONEXION ALNUE-CC1-R1-SW1 IP: 10.49.2.21 PTO: 1/0/24
port link-type trunk
port trunk permit vlan 1 81 99
stp edged-port
#
interface Ten-GigabitEthernet1/0/25
#
interface Ten-GigabitEthernet1/0/26
#
interface Ten-GigabitEthernet1/0/27
#
interface Ten-GigabitEthernet1/0/28
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class vty
user-role network-admin
user-role network-operator
#
line aux 0
authentication-mode scheme
user-role network-admin
set authentication password hash
$h$6$TQSs813yRQVwYdb6$Mh8doB7SEMa2J3JsbEuyISj/9WzC6vKv1tEJBskOzjVfyYQ1kXfiNYxPvK8Eq
mqHrdI8Vigh3PvR6ijD7C2pqA==
#
line vty 0 15
authentication-mode scheme
user-role network-operator
set authentication password hash
$h$6$yRLnpeyXCzK5PQOT$TUV0Od1pMSBovNfmvpOleo5Qsf76Cxon/myUI8FXhNw9Eh2EnvyAFXf0ZH9cz
k4wNFNzlFWg2HHglY6E5B68MA==
#
line vty 16 63
user-role network-operator
#
ip route-static 0.0.0.0 0 10.49.2.3
ip route-static 100.66.24.128 32 10.49.19.60 description ZabbixAPP
ip route-static 100.66.24.129 32 10.49.19.60 description ZabbixDB
ip route-static 172.18.0.0 16 10.49.19.60 description Solar
ip route-static 172.22.0.0 16 10.49.19.60 description Solar
ip route-static 172.22.208.0 24 10.49.19.60 description KOU
ip route-static 172.31.238.0 24 10.49.19.60 description Hendrix
ip route-static 172.31.239.0 24 10.49.19.60 description CMDB-Umbrella
#
info-center syslog min-age 8760
info-center logbuffer size 1024
info-center security-logfile enable
info-center loghost 10.10.13.4
info-center source SYSLOG monitor level debugging
info-center source SYSLOG logbuffer level warning
info-center source default loghost level warning
info-center source SYSLOG logfile level alert
#
snmp-agent
snmp-agent local-engineid 800063A280D8940397087700000001
snmp-agent community write CRpWE3677TeLmEx
snmp-agent community write CpE3677TeLmEx
snmp-agent community write GEOPOS2-ALKOSTO
snmp-agent community write L4NWL4nCL4R0RO
snmp-agent community write l4nWl4Ncl4roRW
snmp-agent sys-info version all
snmp-agent group v3 GEOPOS2-ALKOSTO acl 2024
snmp-agent usm-user v3 GEOPOS2-ALKOSTO GEOPOS2-ALKOSTO cipher authentication-mode
sha $c$3$rZyBEvc9UoB60EmHKUxFv7H259d9PK0CAmHxlLiKRdBh8oSFVDA= privacy-mode aes128
$c$3$/3N7MgAsVJmF1gK/3mqpswLkNbn0htNSDPhUKdqP9N+hqw== acl 2024
snmp-agent trap source LoopBack3
#
ssh server enable
#
ssh2 algorithm key-exchange ecdh-sha2-nistp256 ecdh-sha2-nistp384 dh-group14-sha1
ssh2 algorithm cipher aes128-ctr aes192-ctr aes256-ctr
ssh2 algorithm mac sha2-256 sha2-512 sha1
#
ntp-service peer acl 2001
ntp-service unicast-server 10.181.0.155
#
acl number 2001
description ACL-NTP-CORBETA
rule 0 permit source 10.181.0.155 0
rule 10 deny
#
acl number 2002
description ACL-SNMP-CORBETA
rule 0 permit source 10.181.3.200 0
rule 10 deny
#
acl number 2024
description ACL-SNMPV3
rule 0 permit source 10.181.3.200 0
rule 10 permit source 100.66.24.128 0
rule 20 permit source 100.66.24.129 0
rule 30 deny
#
acl number 2025
description ACL-GESTION
rule 0 permit source 172.31.238.6 0
rule 10 permit source 10.181.0.0 0.0.16.255
rule 20 permit source 10.49.19.0 0.0.0.63
#
header login %
%************************************ATENCION************************************
* Unidad informatica soportada por Colombiana de Comercio SA. *
* Este es un recursos informatico de uso exclusivo de COLOMBIANA DE COMERCIO SA.*
* Si usted no es un usuario autorizado para ingresar a este dispositivo *
* abstengase de hacerlo, ya que todas las actividades pueden ser monitoreadas *
* o grabadas. Y en caso de descubrirse evidencia de accesos no autorizados, *
* modificaciones a la informacion, atentados contra la integridad de la *
* informacion como de la entidad , entre otros, seran denunciadas ante las *
* autoridades competentes. *
********************************************************************************%
header shell %
%************************************ATENCION************************************
* Unidad informatica soportada por Colombiana de Comercio SA. *
* Este es un recursos informatico de uso exclusivo de COLOMBIANA DE COMERCIO SA.*
* Si usted no es un usuario autorizado para ingresar a este dispositivo *
* abstengase de hacerlo, ya que todas las actividades pueden ser monitoreadas *
* o grabadas. Y en caso de descubrirse evidencia de accesos no autorizados, *
* modificaciones a la informacion, atentados contra la integridad de la *
* informacion como de la entidad , entre otros, seran denunciadas ante las *
* autoridades competentes. *
********************************************************************************%
#
password-control enable
undo password-control aging enable
undo password-control length enable
undo password-control composition enable
undo password-control history enable
password-control login-attempt 3 exceed lock-time 30
password-control complexity same-character check
undo password-control change-password first-login enable
#
radius scheme colombiana
primary authentication 10.0.31.245
primary accounting 10.0.31.245
accounting-on enable
key authentication cipher $c$3$HUtm3Igjn6EsKvoCTsfOJ7Vx3KMdotlcUpNxPmtf
key accounting cipher $c$3$HiQ0i4xLFrEKWfaFt3oTTR/hcCe5sn2krq/j1+/B
user-name-format without-domain
#
radius scheme system
user-name-format without-domain
#
domain colcomercio
authentication login radius-scheme colombiana local
authorization login radius-scheme colombiana local
accounting login radius-scheme colombiana local
authentication super radius-scheme colombiana
authentication lan-access radius-scheme colombiana local
authorization lan-access radius-scheme colombiana local
accounting lan-access radius-scheme colombiana local
#
domain system
#
domain default enable colcomercio
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user 80016096 class manage
access-limit 1
service-type ssh terminal
authorization-attribute acl 2025
authorization-attribute idle-cut 10
authorization-attribute user-role level-15
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
local-user 80245650 class manage
access-limit 1
service-type http https ssh terminal
authorization-attribute acl 2025
authorization-attribute idle-cut 10
authorization-attribute user-role level-15
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
local-user 1019053203 class manage
access-limit 1
service-type ssh terminal
authorization-attribute acl 2025
authorization-attribute idle-cut 10
authorization-attribute user-role level-15
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
local-user CLARO class manage
access-limit 2
service-type http https ssh terminal
authorization-attribute acl 2025
authorization-attribute idle-cut 10
authorization-attribute user-role level-15
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
local-user cconc class manage
access-limit 3
service-type http https ssh terminal
authorization-attribute acl 2025
authorization-attribute idle-cut 10
authorization-attribute user-role level-15
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
local-user corbescan1 class manage
access-limit 2
service-type ssh terminal
authorization-attribute acl 2025
authorization-attribute idle-cut 10
authorization-attribute user-role level-1
authorization-attribute user-role network-operator
#
security-enhanced level 1
#
undo ssl renegotiation disable
ssl version ssl3.0 disable
ssl version tls1.0 disable
ssl version tls1.1 disable
#
ip http enable
ip https enable
#
return

You might also like