Advanced straight Layer 3 switch configuration only replace the highlighted Words
no ip routing
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
service password-encryption
service internal
service pt-vty-logging
service sequence-numbers
service counters max age 10
!
hostname EnterSwitchName
!
enable secret EnterPassword
!
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
service password-encryption
service internal
service pt-vty-logging
service sequence-numbers
service counters max age 10
!
hostname EnterSwitchName
!
enable secret EnterPassword
!
username EnetrUserName pri 15 sec EnterPassword
!
!
no service pad
no ip finger
no service finger
no ip source-route
no service tcp-small-servers
no service udp-small-servers
no service config
no file verify auto
no ip source-route
no ip http server
no ip gratuitous-arps
ip subnet-zero
!
!
no service pad
no ip finger
no service finger
no ip source-route
no service tcp-small-servers
no service udp-small-servers
no service config
no file verify auto
no ip source-route
no ip http server
no ip gratuitous-arps
ip subnet-zero
!
clock timezone EnterTimeZoneForExamplecUAE 4
vtp domain EnterDomainName
vtp mode transparent
udld aggressive
vtp domain EnterDomainName
vtp mode transparent
udld aggressive
udld message time 30
ip subnet-zero
no ip source-route
no ip gratuitous-arps
no ip domain-lookup
ip domain-name EnterDomainName
!
!
!
!
!
!
no errdisable detect cause dhcp-rate-limit
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause gbic-invalid
errdisable recovery cause l2ptguard
errdisable recovery cause psecure-violation
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery interval 60
!
!
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree portfast bpduguard default
spanning-tree portfast bpdufilter default
!
no ip source-route
no ip gratuitous-arps
no ip domain-lookup
ip domain-name EnterDomainName
!
!
!
!
!
!
no errdisable detect cause dhcp-rate-limit
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause gbic-invalid
errdisable recovery cause l2ptguard
errdisable recovery cause psecure-violation
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery interval 60
!
!
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree portfast bpduguard default
spanning-tree portfast bpdufilter default
!
!
vlan 10
name EnterVlanNameForExample ENDUSER_VLAN
!
vlan 17
name EnterVlanNameForExample WIRELESS_VLAN
!
vlan 18
name EnterVlanNameForExample ACESSPOINT_VLAN
!
!
!
interface range GigabitEthernet0/1 - 47
description EnterDescriptionForExample CONNECTED TO END USERS
switchport access vlan 10
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable
!
!
interface range GigabitEthernet0/1 - 47
description EnterDescriptionForExample CONNECTED TO END USERS
switchport access vlan 10
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable
!
interface GigabitEthernet0/48
description "ACCESS POINT"
switchport trunk encapsulation dot1q
switchport trunk native vlan 18
switchport trunk allowed vlan 17,18
switchport mode trunk
spanning-tree bpduguard disable
description "ACCESS POINT"
switchport trunk encapsulation dot1q
switchport trunk native vlan 18
switchport trunk allowed vlan 17,18
switchport mode trunk
spanning-tree bpduguard disable
!
interface range GigabitEthernet1/1
description "CONNECTED TO CORE SW"
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
switchport trunk allowed vlan AddAllVlansForExample 17-18,10
logging event trunk-status
storm-control broadcast level 70.00
!
interface GigabitEthernet1/2
description From <NOT IN USE>
shutdown
!
interface GigabitEthernet 1/3
description From <NOT IN USE>
shutdown
!
interface GigabitEthernet 1/4
description From <NOT IN USE>
shutdown
!
interface range GigabitEthernet1/1
description "CONNECTED TO CORE SW"
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
switchport trunk allowed vlan AddAllVlansForExample 17-18,10
logging event trunk-status
storm-control broadcast level 70.00
!
interface GigabitEthernet1/2
description From <NOT IN USE>
shutdown
!
interface GigabitEthernet 1/3
description From <NOT IN USE>
shutdown
!
interface GigabitEthernet 1/4
description From <NOT IN USE>
shutdown
!
!
interface Vlan10
description EnterDescriptionForExample block A switch
ip address 192.168.10.2 255.255.255.0
no shut
!
ip default-gateway 192.168.10.1
!
no ip http server
no ip http secure-server
!
access-list 11 per 192.168.30.30
ntp access-group peer 11
ntp server 192.168.30.30
interface Vlan10
description EnterDescriptionForExample block A switch
ip address 192.168.10.2 255.255.255.0
no shut
!
ip default-gateway 192.168.10.1
!
no ip http server
no ip http secure-server
!
access-list 11 per 192.168.30.30
ntp access-group peer 11
ntp server 192.168.30.30
ip domain name EnterDomainName
crypto key generate
1024
1024
ip ssh ver 2
no ip domain name EnterDomainName
no ip domain name EnterDomainName
!
!
privilege exec level 1 show
privilege exec level 1 show
banner motd ^
*************************************
* Unauthorized access prohibited *
* ONLY ITD NETWORK STAFF *
*************************************
^
*************************************
* Unauthorized access prohibited *
* ONLY ITD NETWORK STAFF *
*************************************
^
!
line con 0
exec-timeout 5 0
password EnterPassword
logging synchronous
line vty 0 4
exec-timeout 5 0
login local
line vty 5 15
exec-timeout 5 0
login local
!
0 comments:
Post a Comment