Configuration details for our network devices in production SRX - Firewall Sebastian - Cisco Switch 3750 Steve - Cisco Switch 4989
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

397 lines
9.4 KiB

  1. Current configuration : 9395 bytes
  2. !
  3. version 12.2
  4. no service pad
  5. service timestamps debug datetime msec
  6. service timestamps log datetime msec
  7. service password-encryption
  8. !
  9. hostname Sebastian
  10. !
  11. boot-start-marker
  12. boot-end-marker
  13. !
  14. enable secret 5 $1$lcI8$ItV3X9wikgKd0L5zjhvnK0
  15. !
  16. !
  17. !
  18. no aaa new-model
  19. system mtu routing 1500
  20. vtp mode transparent
  21. ip routing
  22. ip domain-name redbrick.dcu.ie
  23. !
  24. !
  25. !
  26. !
  27. crypto pki trustpoint HTTPS_SS_CERT_KEYPAIR
  28. enrollment selfsigned
  29. serial-number
  30. revocation-check none
  31. rsakeypair HTTPS_SS_CERT_KEYPAIR
  32. !
  33. !
  34. crypto pki certificate chain HTTPS_SS_CERT_KEYPAIR
  35. certificate self-signed 01
  36. 308202AD 30820216 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  37. 5F312230 20060355 04031319 53656261 73746961 6E2E7265 64627269 636B2E64
  38. 63752E69 65313930 0F060355 04051308 42453944 31413830 30260609 2A864886
  39. F70D0109 02161953 65626173 7469616E 2E726564 62726963 6B2E6463 752E6965
  40. 301E170D 39333033 30323038 35343238 5A170D32 30303130 31303030 3030305A
  41. 305F3122 30200603 55040313 19536562 61737469 616E2E72 65646272 69636B2E
  42. 6463752E 69653139 300F0603 55040513 08424539 44314138 30302606 092A8648
  43. 86F70D01 09021619 53656261 73746961 6E2E7265 64627269 636B2E64 63752E69
  44. 6530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100C584
  45. 44C832D0 6C7F8715 50247E3B 19998AD5 C379B29A 42193AA0 761C709F FEE605AC
  46. B58D3BDE 5DAF3A65 FFB43D43 D488E42E 114B4E61 6C2BE86B 09550497 BEF4B828
  47. 4CD47B21 7D60AE93 99D33FA5 A72BA2CC 84FD2DC8 4A5AD863 6BDBAA17 67EFDE90
  48. C58B1E91 0F0E5B0C 239CAEB2 631237A3 B6E02F6B 9F36793B F389A80E C46D0203
  49. 010001A3 79307730 0F060355 1D130101 FF040530 030101FF 30240603 551D1104
  50. 1D301B82 19536562 61737469 616E2E72 65646272 69636B2E 6463752E 6965301F
  51. 0603551D 23041830 16801464 EF0F1559 AE9D3D46 12F797D5 A820A016 CE3B2530
  52. 1D060355 1D0E0416 041464EF 0F1559AE 9D3D4612 F797D5A8 20A016CE 3B25300D
  53. 06092A86 4886F70D 01010405 00038181 003DA0D9 0B05E7B0 CB750158 7FB60D57
  54. 980EFD9B FD7B39DB 3459DB81 4A053B7F D9D38E4F 4B3ADB62 856BC4BD 0B19423C
  55. 7FB55DCF CA3AC615 392F7C8D 87700B3C 8725F91A 4B62D123 FD4D97BB 8C3E3F66
  56. 3347C51B 05E73013 17A64BEF 7A1C3516 8624E689 C7C4EB6F FFB152F5 2B2361E5
  57. 9AC769F5 9559F68E C1343D45 63FDF1E2 8F
  58. quit
  59. !
  60. !
  61. !
  62. port-channel load-balance src-dst-ip
  63. spanning-tree mode pvst
  64. spanning-tree extend system-id
  65. !
  66. vlan internal allocation policy ascending
  67. !
  68. vlan 2-4
  69. !
  70. vlan 16
  71. name DCU 136.206.16.0/24
  72. !
  73. vlan 122
  74. name Redbrick
  75. !
  76. vlan 999,4094
  77. !
  78. ip ssh version 2
  79. !
  80. !
  81. interface Loopback0
  82. ip address 1.1.1.1 255.255.255.0
  83. !
  84. interface Port-channel1
  85. switchport access vlan 4094
  86. switchport mode access
  87. spanning-tree bpdufilter enable
  88. !
  89. interface Port-channel2
  90. description "Link with Steve"
  91. switchport trunk encapsulation dot1q
  92. switchport mode trunk
  93. !
  94. interface GigabitEthernet0/1
  95. description "Router on a stick to SRX"
  96. switchport access vlan 999
  97. switchport trunk encapsulation dot1q
  98. switchport trunk allowed vlan 3,4,16,122,999
  99. switchport mode trunk
  100. !
  101. interface GigabitEthernet0/2
  102. switchport trunk encapsulation dot1q
  103. switchport trunk allowed vlan 122
  104. !
  105. interface GigabitEthernet0/3
  106. switchport access vlan 122
  107. switchport mode access
  108. !
  109. interface GigabitEthernet0/4
  110. switchport access vlan 122
  111. switchport mode access
  112. !
  113. interface GigabitEthernet0/5
  114. switchport access vlan 122
  115. switchport mode access
  116. !
  117. interface GigabitEthernet0/6
  118. switchport access vlan 122
  119. switchport mode access
  120. !
  121. interface GigabitEthernet0/7
  122. description SERVER OUTBOUND ACCESS
  123. switchport access vlan 122
  124. switchport mode access
  125. !
  126. interface GigabitEthernet0/8
  127. description SERVER OUTBOUND ACCESS
  128. switchport access vlan 122
  129. switchport mode access
  130. !
  131. interface GigabitEthernet0/9
  132. description SERVER OUTBOUND ACCESS
  133. switchport access vlan 122
  134. switchport mode access
  135. !
  136. interface GigabitEthernet0/10
  137. description SERVER OUTBOUND ACCESS
  138. switchport access vlan 122
  139. switchport mode access
  140. !
  141. interface GigabitEthernet0/11
  142. description SERVER OUTBOUND ACCESS
  143. switchport access vlan 122
  144. switchport mode access
  145. !
  146. interface GigabitEthernet0/12
  147. description SERVER OUTBOUND ACCESS
  148. switchport access vlan 122
  149. switchport mode access
  150. !
  151. interface GigabitEthernet0/13
  152. description SERVER OUTBOUND ACCESS
  153. switchport access vlan 122
  154. switchport mode access
  155. !
  156. interface GigabitEthernet0/14
  157. description SERVER OUTBOUND ACCESS
  158. switchport access vlan 122
  159. switchport mode access
  160. !
  161. interface GigabitEthernet0/15
  162. description SERVER OUTBOUND ACCESS
  163. switchport access vlan 122
  164. switchport mode access
  165. !
  166. interface GigabitEthernet0/16
  167. description SERVER OUTBOUND ACCESS
  168. switchport access vlan 122
  169. switchport mode access
  170. !
  171. interface GigabitEthernet0/17
  172. switchport access vlan 122
  173. switchport mode access
  174. !
  175. interface GigabitEthernet0/18
  176. switchport access vlan 122
  177. switchport mode access
  178. !
  179. interface GigabitEthernet0/19
  180. switchport access vlan 122
  181. switchport mode access
  182. !
  183. interface GigabitEthernet0/20
  184. switchport access vlan 122
  185. switchport mode access
  186. !
  187. interface GigabitEthernet0/21
  188. !
  189. interface GigabitEthernet0/22
  190. !
  191. interface GigabitEthernet0/23
  192. !
  193. interface GigabitEthernet0/24
  194. !
  195. interface GigabitEthernet0/25
  196. description INTERNAL SERVER ACCESS
  197. switchport access vlan 3
  198. switchport mode access
  199. !
  200. interface GigabitEthernet0/26
  201. description INTERNAL SERVER ACCESS
  202. switchport access vlan 3
  203. switchport mode access
  204. !
  205. interface GigabitEthernet0/27
  206. description INTERNAL SERVER ACCESS
  207. switchport access vlan 3
  208. switchport mode access
  209. !
  210. interface GigabitEthernet0/28
  211. description INTERNAL SERVER ACCESS
  212. switchport access vlan 3
  213. switchport mode access
  214. !
  215. interface GigabitEthernet0/29
  216. description INTERNAL SERVER ACCESS
  217. switchport access vlan 3
  218. switchport mode access
  219. !
  220. interface GigabitEthernet0/30
  221. description INTERNAL SERVER ACCESS
  222. switchport access vlan 3
  223. switchport mode access
  224. !
  225. interface GigabitEthernet0/31
  226. description INTERNAL SERVER ACCESS
  227. switchport access vlan 3
  228. switchport mode access
  229. !
  230. interface GigabitEthernet0/32
  231. description INTERNAL SERVER ACCESS
  232. switchport access vlan 3
  233. switchport mode access
  234. !
  235. interface GigabitEthernet0/33
  236. description INTERNAL SERVER ACCESS
  237. switchport access vlan 3
  238. switchport mode access
  239. !
  240. interface GigabitEthernet0/34
  241. description INTERNAL SERVER ACCESS
  242. switchport access vlan 3
  243. switchport mode access
  244. !
  245. interface GigabitEthernet0/35
  246. description INTERNAL SERVER ACCESS
  247. switchport access vlan 3
  248. switchport mode access
  249. !
  250. interface GigabitEthernet0/36
  251. description INTERNAL SERVER ACCESS
  252. switchport access vlan 3
  253. switchport mode access
  254. !
  255. interface GigabitEthernet0/37
  256. description INTERNAL SERVER ACCESS
  257. switchport access vlan 3
  258. switchport mode access
  259. !
  260. interface GigabitEthernet0/38
  261. description INTERNAL SERVER ACCESS
  262. switchport access vlan 3
  263. switchport mode access
  264. !
  265. interface GigabitEthernet0/39
  266. description INTERNAL SERVER ACCESS
  267. switchport access vlan 3
  268. switchport mode access
  269. !
  270. interface GigabitEthernet0/40
  271. description INTERNAL SERVER ACCESS
  272. switchport access vlan 3
  273. switchport mode access
  274. !
  275. interface GigabitEthernet0/41
  276. !
  277. interface GigabitEthernet0/42
  278. description "Etherchannel to Steve"
  279. switchport trunk encapsulation dot1q
  280. switchport mode trunk
  281. channel-protocol lacp
  282. channel-group 2 mode active
  283. !
  284. interface GigabitEthernet0/43
  285. description "Etherchannel to Steve"
  286. switchport trunk encapsulation dot1q
  287. switchport mode trunk
  288. channel-protocol lacp
  289. channel-group 2 mode active
  290. !
  291. interface GigabitEthernet0/44
  292. description "Etherchannel to Steve"
  293. switchport trunk encapsulation dot1q
  294. switchport mode trunk
  295. channel-protocol lacp
  296. channel-group 2 mode active
  297. !
  298. interface GigabitEthernet0/45
  299. description "Etherchannel to Steve"
  300. switchport access vlan 3
  301. switchport trunk encapsulation dot1q
  302. switchport trunk allowed vlan 3,4,16,122,999
  303. switchport mode trunk
  304. !
  305. interface GigabitEthernet0/46
  306. description "SRX - 192.168.0.0/24"
  307. switchport access vlan 3
  308. switchport mode access
  309. !
  310. interface GigabitEthernet0/47
  311. description "REDBRICK-SRX-GE-0/0/0"
  312. switchport access vlan 4094
  313. switchport mode access
  314. !
  315. interface GigabitEthernet0/48
  316. description "SRX - 192.168.1.0/24"
  317. switchport access vlan 4
  318. switchport mode access
  319. !
  320. interface GigabitEthernet0/49
  321. !
  322. interface GigabitEthernet0/50
  323. !
  324. interface GigabitEthernet0/51
  325. switchport access vlan 4094
  326. switchport mode access
  327. channel-protocol lacp
  328. channel-group 1 mode active
  329. !
  330. interface GigabitEthernet0/52
  331. switchport access vlan 4094
  332. switchport mode access
  333. channel-protocol lacp
  334. channel-group 1 mode active
  335. !
  336. interface Vlan1
  337. no ip address
  338. shutdown
  339. !
  340. interface Vlan3
  341. description internal
  342. ip address 192.168.0.252 255.255.255.0
  343. no ip route-cache cef
  344. no ip route-cache
  345. no ip mroute-cache
  346. standby version 2
  347. standby 0 ip 192.168.0.253
  348. standby 0 preempt
  349. !
  350. interface Vlan4
  351. description management
  352. ip address 192.168.1.252 255.255.255.0
  353. no ip route-cache cef
  354. no ip route-cache
  355. no ip mroute-cache
  356. !
  357. interface Vlan16
  358. ip address 136.206.16.250 255.255.255.0
  359. !
  360. interface Vlan122
  361. ip address 136.206.15.252 255.255.255.0
  362. no ip route-cache cef
  363. no ip route-cache
  364. no ip mroute-cache
  365. !
  366. interface Vlan999
  367. ip address 172.168.1.2 255.255.255.0
  368. !
  369. ip classless
  370. ip http server
  371. ip http secure-server
  372. !
  373. !
  374. vstack
  375. banner login ^C
  376. Unauthorized access to this device is prohibited!
  377. ^C
  378. banner motd ^C
  379. Unauthorized access to this device is prohibited!
  380. ^C
  381. !
  382. line con 0
  383. password 7 04035C505A751F1C58
  384. logging synchronous
  385. login
  386. line vty 0 4
  387. password 7 050F0C1C2A4A5D292A233230483E350E69
  388. login local
  389. transport input all
  390. line vty 5 15
  391. password 7 050F0C1C2A4A5D292A233230483E350E69
  392. login local
  393. transport input all
  394. !
  395. end