API tools faq
paste
Advertisement
Guest User

OPT A

a guest
Dec 5th, 2016
401
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.33 KB | None | 0 0
raw download clone embed print report
  1. ***BLDG1*** or ***SW-A***
  2.  
  3. ip default-gateway 10.10.25.1
  4.  
  5. vlan 2
  6.  
  7. name sales
  8.  
  9. vlan 4
  10.  
  11. name prod
  12.  
  13. vlan 8
  14.  
  15. name acct
  16.  
  17. vlan 15
  18.  
  19. name admin
  20.  
  21. vlan 25
  22.  
  23. name SVI-NET
  24.  
  25. vlan 99
  26.  
  27. name null
  28.  
  29. interface vlan 25
  30.  
  31. ip address 10.10.25.254 255.255.255.0
  32.  
  33. no shutdown
  34.  
  35. interface fa0/5
  36.  
  37. switchport mode acces
  38.  
  39. switchport acces vlan 2
  40.  
  41. interface fa0/10
  42.  
  43. switchport mode acces
  44.  
  45. switchport acces vlan 4
  46.  
  47. interface fa0/15
  48.  
  49. switchport mode acces
  50.  
  51. switchport acces vlan 8
  52.  
  53. interface fa0/24
  54.  
  55. switchport mode acces
  56.  
  57. switchport acces vlan 15
  58.  
  59. interface range fa0/6-9,fa0/11-14,fa0/16-23
  60.  
  61. switchport mode acces
  62.  
  63. switchport acces vlan 99
  64.  
  65. shutdown
  66.  
  67. interface range gi1/1-2
  68.  
  69. switchport mode acces
  70.  
  71. switchport acces vlan 99
  72.  
  73. shutdown
  74.  
  75. – ETHERCHANNEL
  76.  
  77. interface range fa0/1-2
  78.  
  79. channel-group 1 mode active
  80.  
  81. interface port-channel 1
  82.  
  83. switchport mode trunk
  84.  
  85. interface range fa0/3-4
  86.  
  87. channel-group 2 mode active
  88.  
  89. interface port-channel 2
  90.  
  91. switchport mode trunk
  92.  
  93. –PVST+
  94.  
  95. spanning-tree mode rapid-pvst
  96.  
  97. spanning-tree vlan 2 root primary
  98.  
  99. spanning-tree vlan 4 root primary
  100.  
  101. spanning-tree vlan 8 root secondary
  102.  
  103. spanning-tree vlan 15 root secondary
  104.  
  105. –SECURITY
  106.  
  107. interface fa0/5
  108.  
  109. switchport port-security
  110.  
  111. switchport port-security violation restrict
  112.  
  113. switchport port-security maximum 2
  114.  
  115. switchport port-security mac-address sticky
  116.  
  117. interface fa0/10
  118.  
  119. switchport port-security
  120.  
  121. switchport port-security violation restrict
  122.  
  123. switchport port-security maximum 2
  124.  
  125. switchport port-security mac-address sticky
  126.  
  127. interface fa0/15
  128.  
  129. switchport port-security
  130.  
  131. switchport port-security violation restrict
  132.  
  133. switchport port-security maximum 2
  134.  
  135. switchport port-security mac-address sticky
  136.  
  137. interface fa0/24
  138.  
  139. switchport port-security
  140.  
  141. switchport port-security violation restrict
  142.  
  143. switchport port-security maximum 2
  144.  
  145. switchport port-security mac-address sticky
  146.  
  147. ——————————————————————————
  148.  
  149. ***BLDG2*** or ***SW-B***
  150.  
  151. ip default-gateway 10.10.25.1
  152.  
  153. vlan 2
  154.  
  155. name sales
  156.  
  157. vlan 4
  158.  
  159. name prod
  160.  
  161. vlan 8
  162.  
  163. name acct
  164.  
  165. vlan 15
  166.  
  167. name admin
  168.  
  169. vlan 25
  170.  
  171. name SVI-NET
  172.  
  173. vlan 99
  174.  
  175. name null
  176.  
  177. interface vlan 25
  178.  
  179. ip address 10.10.25.253 255.255.255.0
  180.  
  181. no shutdown
  182.  
  183. interface gi 1/1
  184.  
  185. switchport mode trunk
  186.  
  187. – ETHERCHANNEL
  188.  
  189. interface range fa0/3-4
  190.  
  191. channel-group 2 mode active
  192.  
  193. interface port-channel 2
  194.  
  195. switchport mode trunk
  196.  
  197. interface range fa0/5-6
  198.  
  199. channel-group 3 mode active
  200.  
  201. interface port-channel 3
  202.  
  203. switchport mode trunk
  204.  
  205. –PVST+
  206.  
  207. spanning-tree mode rapid-pvst
  208.  
  209. – SSH
  210.  
  211. hostname SW-B
  212.  
  213. ip ssh version 2
  214.  
  215. ip domain-name ccnaPTSA.com
  216.  
  217. crypto key generate rsa
  218. 1024
  219. username netadmin password SSH_secret9
  220.  
  221. line vty 0 4
  222.  
  223. login local
  224.  
  225. transport input ssh
  226.  
  227. line vty 5 15
  228.  
  229. login local
  230.  
  231. transport input ssh
  232.  
  233. ——————————————————————————
  234.  
  235. ***BLDG3*** or ***SW-C***
  236.  
  237. ip default-gateway 10.10.25.1
  238.  
  239. vlan 2
  240.  
  241. name sales
  242.  
  243. vlan 4
  244.  
  245. name prod
  246.  
  247. vlan 8
  248.  
  249. name acct
  250.  
  251. vlan 15
  252.  
  253. name admin
  254.  
  255. vlan 25
  256.  
  257. name SVI-NET
  258.  
  259. vlan 99
  260.  
  261. name null
  262.  
  263. interface vlan 25
  264.  
  265. ip address 10.10.25.252 255.255.255.0
  266.  
  267. no shutdown
  268.  
  269. interface fa0/7
  270.  
  271. switchport mode acces
  272.  
  273. switchport acces vlan 2
  274.  
  275. interface fa0/10
  276.  
  277. switchport mode acces
  278.  
  279. switchport acces vlan 4
  280.  
  281. interface fa0/15
  282.  
  283. switchport mode acces
  284.  
  285. switchport acces vlan 8
  286.  
  287. interface fa0/24
  288.  
  289. switchport mode acces
  290.  
  291. switchport acces vlan 15
  292.  
  293. – ETHERCHANNEL
  294.  
  295. interface range fa0/1-2
  296.  
  297. channel-group 1 mode active
  298.  
  299. no shutdown
  300.  
  301. interface port-channel 1
  302.  
  303. switchport mode trunk
  304.  
  305. interface range fa0/5-6
  306.  
  307. channel-group 3 mode passive
  308.  
  309. no shutdown
  310.  
  311. interface port-channel 3
  312.  
  313. switchport mode trunk
  314.  
  315. –PVST+
  316.  
  317. spanning-tree mode rapid-pvst
  318.  
  319. spanning-tree vlan 2 root secondary
  320.  
  321. spanning-tree vlan 4 root secondary
  322.  
  323. spanning-tree vlan 8 root primary
  324.  
  325. spanning-tree vlan 15 root primary
  326.  
  327. –Port Fast BPDU Guard
  328.  
  329. interface range fa0/7, fa0/10, fa0/15, fa0/24
  330.  
  331. spanning-tree portfast
  332.  
  333. spanning-tree bpduguard enable
  334.  
  335. no shutdown
  336.  
  337. ——————————————————————————
  338.  
  339. ***Central*** or ***HQ***
  340.  
  341. ip route 0.0.0.0 0.0.0.0 s0/1/0
  342.  
  343. interface serial 0/0/0
  344.  
  345. bandwidth 128
  346.  
  347. ip address 192.168.100.22 255.255.255.252
  348.  
  349. description SITE
  350.  
  351. no shutdown
  352.  
  353. interface serial 0/0/1
  354.  
  355. bandwidth 128
  356.  
  357. ip address 192.168.100.37 255.255.255.252
  358.  
  359. description SITE
  360.  
  361. clock rate 128000
  362.  
  363. no shutdown
  364.  
  365. interface serial 0/1/0
  366.  
  367. bandwidth 128
  368.  
  369. ip address 203.0.113.18 255.255.255.248
  370.  
  371. description INTERNET
  372.  
  373. no shutdown
  374.  
  375. — EIGRP
  376.  
  377. router eigrp 100
  378.  
  379. redistribute static
  380.  
  381. network 192.168.100.20 0.0.0.3
  382.  
  383. network 192.168.100.36 0.0.0.3
  384.  
  385. no auto-summary
  386.  
  387. –ACCESS LIST
  388.  
  389. ip access-list standard TELNET-BLOCK
  390.  
  391. permit host 198.51.100.5
  392.  
  393. access-list 101 permit icmp 198.51.100.5 0.0.0.0 any echo
  394.  
  395. access-list 101 deny icmp any any echo
  396.  
  397. access-list 101 permit ip any any
  398.  
  399. line vty 0 4
  400.  
  401. access-class TELNET-BLOCK in
  402.  
  403. interface serial 0/1/0
  404.  
  405. ip access-group 101 in
  406.  
  407. ——————————————————————————
  408.  
  409. ***East*** or ***Site1***
  410.  
  411. hostname Site-1
  412.  
  413. no ip domain-lookup
  414.  
  415. enable secret cisco
  416.  
  417. line console 0
  418.  
  419. logging synchronous
  420.  
  421. password cisco
  422.  
  423. login
  424.  
  425. line vty 0 4
  426.  
  427. password cisco
  428.  
  429. login
  430.  
  431. service password-encryption
  432.  
  433. banner motd * Authorized acces only *
  434.  
  435. interface serial 0/0/0
  436.  
  437. bandwidth 128
  438.  
  439. ip address 192.168.100.21 255.255.255.252
  440.  
  441. description HQ
  442.  
  443. clock rate 128000
  444.  
  445. no shutdown
  446.  
  447. interface serial 0/0/1
  448.  
  449. bandwidth 128
  450.  
  451. ip address 192.168.100.29 255.255.255.252
  452.  
  453. description HQ
  454.  
  455. no shutdown
  456.  
  457. interface gi 0/0
  458.  
  459. ip address 192.168.8.1 255.255.255.0
  460.  
  461. description SITE
  462.  
  463. no shutdown
  464.  
  465. interface gi 0/1
  466.  
  467. ip address 192.168.9.1 255.255.255.0
  468.  
  469. no shutdown
  470.  
  471. — EIGRP
  472.  
  473. router eigrp 100
  474.  
  475. passive-interface GigabitEthernet0/0
  476.  
  477. passive-interface GigabitEthernet0/1
  478.  
  479. network 192.168.100.20 0.0.0.3
  480.  
  481. network 192.168.100.28 0.0.0.3
  482.  
  483. network 192.168.8.0 0.0.0.255
  484.  
  485. network 192.168.9.0 0.0.0.255
  486.  
  487. no auto-summary
  488.  
  489. ——————————————————————————
  490.  
  491. ***West*** or ***Site2***
  492.  
  493. interface serial 0/0/0
  494.  
  495. bandwidth 128
  496.  
  497. ip address 192.168.100.30 255.255.255.252
  498.  
  499. description SITE
  500.  
  501. no shutdown
  502.  
  503. interface serial 0/0/1
  504.  
  505. bandwidth 128
  506.  
  507. ip address 192.168.100.38 255.255.255.252
  508.  
  509. description SITE
  510.  
  511. no shutdown
  512.  
  513. interface gig 0/1
  514.  
  515. description SITE
  516.  
  517. no shutdown
  518.  
  519. interface gi 0/1.2
  520.  
  521. encapsulation dot1q 2
  522.  
  523. ip address 10.10.2.1 255.255.255.0
  524.  
  525. interface gi 0/1.4
  526.  
  527. encapsulation dot1q 4
  528.  
  529. ip address 10.10.4.1 255.255.255.0
  530.  
  531. interface gi 0/1.8
  532.  
  533. encapsulation dot1q 8
  534.  
  535. ip address 10.10.8.1 255.255.255.0
  536.  
  537. interface gi 0/1.15
  538.  
  539. encapsulation dot1q 15
  540.  
  541. ip address 10.10.15.1 255.255.255.0
  542.  
  543. interface gi 0/1.25
  544.  
  545. encapsulation dot1q 25
  546.  
  547. ip address 10.10.25.1 255.255.255.0
  548.  
  549. — EIGRP
  550.  
  551. router eigrp 100
  552.  
  553. passive-interface GigabitEthernet0/1
  554.  
  555. network 192.168.100.28 0.0.0.3
  556.  
  557. network 192.168.100.36 0.0.0.3
  558.  
  559. network 10.10.2.0 0.0.0.255
  560.  
  561. network 10.10.4.0 0.0.0.255
  562.  
  563. network 10.10.8.0 0.0.0.255
  564.  
  565. network 10.10.15.0 0.0.0.255
  566.  
  567. no auto-summary
  568.  
  569. passive-interface g0/1.2
  570.  
  571. passive-interface g0/1.4
  572.  
  573. passive-interface g0/1.8
  574.  
  575. passive-interface g0/1.15
  576.  
  577. – ROUTE SUMMARIZATION
  578.  
  579. interface serial 0/0/0
  580.  
  581. ip summary-address eigrp 100 10.10.0.0 255.255.240.0
  582.  
  583. interface serial 0/0/1
  584.  
  585. ip summary-address eigrp 100 10.10.0.0 255.255.240.0
  586.  
  587. – DHCP
  588.  
  589. ip dhcp excluded-address 10.10.2.1 10.10.2.5
  590.  
  591. ip dhcp excluded-address 10.10.4.1 10.10.4.5
  592.  
  593. ip dhcp excluded-address 10.10.8.1 10.10.8.5
  594.  
  595. ip dhcp pool vlan2pool
  596.  
  597. network 10.10.2.0 255.255.255.0
  598.  
  599. default-router 10.10.2.1
  600.  
  601. dns-server 192.168.200.225
  602.  
  603. ip dhcp pool vlan4pool
  604.  
  605. network 10.10.4.0 255.255.255.0
  606.  
  607. default-router 10.10.4.1
  608.  
  609. dns-server 192.168.200.225
  610.  
  611. ip dhcp pool vlan8pool
  612.  
  613. network 10.10.8.0 255.255.255.0
  614.  
  615. default-router 10.10.8.1
  616.  
  617. dns-server 192.168.200.225
  618.  
  619. –ACCESS LIST
  620.  
  621. access-list 1 permit 10.10.15.0 0.0.0.255
  622.  
  623. interface gi0/1.25
  624.  
  625. ip access-group 1 out
  626.  
  627. ——————————————————————————
  628.  
  629. ***HOSTS***
  630.  
  631. Assighn Ip addersses and Defauld gateways Accordingly.
  632. For the hosts which do not have an IP address set them as dhcp.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!