sysname ctr-asw-03-------------------------------> configuracion para CX300A

#
info-center loghost 161.196.109.3
info-center logbuffer channel 2
#
igmp-snooping enable
#
vlan batch 33 to 34 50 to 51 104 to 106 200

qos local-precedence-queue-map 0 0
qos local-precedence-queue-map 3 1
qos local-precedence-queue-map 4 2
qos local-precedence-queue-map 5 2
qos local-precedence-queue-map 6 3
qos local-precedence-queue-map 7 3
#
temperature threshold slot 1 lower-limit 10 upper-limit 65
temperature threshold slot 2 lower-limit 10 upper-limit 65
temperature threshold slot 7 lower-limit 10 upper-limit 65
temperature threshold slot 8 lower-limit 10 upper-limit 65
#
multicast-vlan enable
#
vlan 33
description VLAN_Gestion_DCN_ME
vlan 34
description VLAN_Gestion_DCN_10.125.163.0/24
vlan 50
description VLAN_SERVICIO_NGN_10.120.107.0/26
vlan 51
description VLAN_SERVICIO_NGN_10.119.8.128/29
vlan 104
description VLAN_SERVICIO_ADSL_NA10-016 Puerto Colon pco-amgw-00
vlan 105
description VLAN_SERVICIO_ADSL_NA10-005 SAN JOAQUIN sajo-amgw-00
vlan 106
description Vlan Adsl NA13-002 LA CANDELARIA_lcan-amgw-00
vlan 200
description Proyecto Opsut
#
hwtacacs-server template cantv
hwtacacs-server authentication 10.120.28.4
hwtacacs-server authentication 10.120.156.4 secondary
hwtacacs-server authorization 10.120.28.4
hwtacacs-server authorization 10.120.156.4 secondary
hwtacacs-server accounting 10.120.28.4
hwtacacs-server accounting 10.120.156.4 secondary
hwtacacs-server source-ip 10.125.113.169
hwtacacs-server shared-key pilsenet
undo hwtacacs-server user-name domain-included
#
#
acl number 2010
rule 1 permit source 200.44.46.0 0.0.0.127
rule 2 permit source 161.196.49.0 0.0.0.127
rule 3 permit source 161.196.42.0 0.0.0.255
rule 4 permit source 172.16.0.0 0.0.255.255
rule 5 permit source 10.119.64.0 0.0.0.15
rule 6 permit source 10.128.2.110 0
 rule 7 deny
#
acl number 2050
rule 1 permit source 161.196.89.140 0
rule 2 permit source 161.196.84.128 0.0.0.127
rule 3 permit source 10.120.92.72 0.0.0.7
rule 4 deny
#
acl number 2051
rule 1 permit source 10.129.0.0 0.0.0.255
rule 2 permit source 10.128.0.0 0.0.0.255
rule 3 permit source 200.44.32.0 0.0.0.255
rule 4 permit source 200.109.127.0 0.0.0.255
rule 5 deny
#
acl number 2052
rule 1 permit source 10.119.64.0 0.0.0.15
rule 2 deny
#
acl number 3000
rule 0 permit udp source 10.128.0.50 0 source-port eq ntp destination
10.125.162.143 0
rule 1 permit udp source 10.128.0.61 0 source-port eq ntp destination
10.125.162.143 0
rule 2 permit tcp source 10.128.0.50 0 source-port eq 123 destination
10.125.162.143 0
rule 3 permit tcp source 10.128.0.61 0 source-port eq 123 destination
10.125.162.143 0
rule 4 permit tcp source 10.120.28.4 0 source-port eq tacacs destination
10.125.162.143 0
rule 5 permit tcp source 10.120.156.4 0 source-port eq tacacs destination
10.125.162.143 0
rule 6 permit tcp destination 10.125.162.143 0 destination-port eq 22
rule 7 permit tcp destination 10.125.162.143 0 destination-port eq 161
rule 8 permit tcp destination 10.125.162.143 0 destination-port eq 162
rule 9 permit udp destination 10.125.162.143 0 destination-port eq snmp
rule 10 permit udp destination 10.125.162.143 0 destination-port eq snmptrap
rule 11 deny udp destination 10.125.162.143 0
rule 12 deny tcp destination 10.125.162.143 0
rule 13 permit ip

acl number 3001

rule 0 deny udp destination 10.125.162.143 0
rule 1 deny tcp destination 10.125.162.143 0
#
traffic classifier 3001
if-match acl 3001
traffic classifier 3000
if-match acl 3000
#
traffic behavior permit
traffic behavior deny
deny
#
traffic policy ACL
classifier 3001 behavior deny
classifier 3000 behavior permit
#
interface Aux0/0/1
#
interface Vlanif33
description VLAN_DCN_GESTION
ip address 10.125.162.143 255.255.255.0
#
interface MEth0/0/1
#
interface Eth-Trunk1
description LAG NA10-016 Puerto Colon pco-amgw-00
port link-type trunk
port trunk allow-pass vlan 33 50 104
mode lacp-static
lacp timeout fast
ndp enable
#
interface Eth-Trunk2
description LAG to NA10-005 SAN JOAQUIN sajo-amgw-00
port link-type trunk
port trunk allow-pass vlan 33 51 105
mode lacp-static
lacp timeout fast
ndp enable
#
interface Eth-Trunk3
description LAG to NA13-002 LA CANDELARIA lcan-amgw-00
port link-type trunk
port trunk allow-pass vlan 34 51 106
mode lacp-static
lacp timeout fast
ndp enable
#
interface Ethernet1/0/1
description Reservado Conexion DCN CTR-DSW-OPSUT-00 (CX600)
port default vlan 200
undo negotiation auto
ndp enable
#
interface Ethernet1/0/2
description Reservado Conexion to Rectificacion de Energia CF EATON-
00_vence:21/06/2017
shutdown
ndp enable
#
interface Ethernet1/0/3
description "Reservado conexion DCN Router NE40-X8 CANTAURA_ctr-hwsar-
00,IP:10.125.163.142,Vence:20/08/2020"
shutdown
ndp enable
#
interface Ethernet1/0/4
description "Reservado conexion DCN Router NE40-X8 CANTAURA_ctr-hwsar-
00,IP:10.125.163.142,Vence:20/08/2020"
shutdown
ndp enable
#
interface Ethernet1/0/5
shutdown
stp disable
#
interface Ethernet1/0/6
shutdown
stp disable
#
interface Ethernet1/0/7
shutdown
stp disable
#
interface Ethernet1/0/8
shutdown
stp disable
#
interface Ethernet1/0/9
shutdown
stp disable
#
interface Ethernet1/0/10
shutdown
stp disable
#
interface Ethernet1/0/11
shutdown
stp disable
#
interface Ethernet1/0/12
shutdown
stp disable
#
interface Ethernet1/0/13
shutdown
stp disable
#
interface Ethernet1/0/14
shutdown
stp disable
#
interface Ethernet1/0/15
shutdown
stp disable
#
interface Ethernet1/0/16
shutdown
stp disable
#
interface Ethernet2/0/1
shutdown
stp disable
#
interface Ethernet2/0/2
shutdown
stp disable
#
interface Ethernet2/0/3
shutdown
stp disable
#
interface Ethernet2/0/4
shutdown
stp disable
#
interface Ethernet2/0/5
shutdown
stp disable
#
interface Ethernet2/0/6
shutdown
stp disable
#
interface Ethernet2/0/7
shutdown
stp disable
#
interface Ethernet2/0/8
shutdown
stp disable
#
interface Ethernet2/0/9
shutdown
stp disable
#
interface Ethernet2/0/10
shutdown
stp disable
#
interface Ethernet2/0/11
shutdown
stp disable
#
interface Ethernet2/0/12
shutdown
stp disable
#
interface Ethernet2/0/13
shutdown
stp disable
#
interface Ethernet2/0/14
shutdown
stp disable
#
interface Ethernet2/0/15
shutdown
stp disable
#
interface Ethernet2/0/16
shutdown
stp disable
#
interface GigabitEthernet5/0/1
description Conexion a Metro Ethernet ctr-dsw-00 (1/1/8)
traffic-policy ACL inbound --------------------------------------> antes de
configurar este parametro configura el eth-trunk 0
trust 8021p
qos wrr
qos wrr queue-index 0 weight 3
qos wrr queue-index 1 weight 5
qos wrr queue-index 2 weight 10
qos wrr queue-index 3 weight 2
 eth-trunk 0----------------------------> lo primero a configurar antes de lo demas
aplica para todas las interfaces que lleven eth-trunk
#
interface GigabitEthernet5/0/2
description Conexion to NA10-016 Puerto Colon pco-amgw-00 IPMD 02
trust 8021p
qos wrr
qos wrr queue-index 0 weight 3
qos wrr queue-index 1 weight 5
qos wrr queue-index 2 weight 10
qos wrr queue-index 3 weight 2
eth-trunk 1
#
interface GigabitEthernet5/0/3
description Conexion to NA10-005 SAN JOAQUIN sajo-amgw-00 GISB GE 03
trust 8021p
qos wrr
qos wrr queue-index 0 weight 3
qos wrr queue-index 1 weight 5
qos wrr queue-index 2 weight 10
qos wrr queue-index 3 weight 2
eth-trunk 2
#
interface GigabitEthernet5/0/4
description Conexion to NA13-002 LA CANDELARIA lcan-amgw-00 IPMD 02
trust 8021p
qos wrr
qos wrr queue-index 0 weight 3
qos wrr queue-index 1 weight 5
qos wrr queue-index 2 weight 10
qos wrr queue-index 3 weight 2
eth-trunk 3
#
interface GigabitEthernet6/0/1
description Conexion a Metro Ethernet ctr-dsw-00 (2/1/8)
traffic-policy ACL inbound
trust 8021p
qos wrr
qos wrr queue-index 0 weight 3
qos wrr queue-index 1 weight 5
qos wrr queue-index 2 weight 10
qos wrr queue-index 3 weight 2
eth-trunk 0
#
interface GigabitEthernet6/0/2
description Conexion to NA10-016 Puerto Colon pco-amgw-00 IPMD 03
trust 8021p
qos wrr
qos wrr queue-index 0 weight 3
qos wrr queue-index 1 weight 5
qos wrr queue-index 2 weight 10
qos wrr queue-index 3 weight 2
eth-trunk 1
#
interface GigabitEthernet6/0/3
description Conexion to NA10-005 SAN JOAQUIN sajo-amgw-00 GISB GE 04
trust 8021p
qos wrr
qos wrr queue-index 0 weight 3
qos wrr queue-index 1 weight 5
qos wrr queue-index 2 weight 10
qos wrr queue-index 3 weight 2
eth-trunk 2
#
interface GigabitEthernet6/0/4
description Conexion to NA13-002 LA CANDELARIA lcan-amgw-00 IPMD 03
trust 8021p
qos wrr
qos wrr queue-index 0 weight 3
qos wrr queue-index 1 weight 5
qos wrr queue-index 2 weight 10
qos wrr queue-index 3 weight 2
eth-trunk 3
#
interface NULL0
#
aaa
local-user admin password cipher $]M,;1#TH5BU*)<Y6CD;Z!!!
local-user admin service-type ssh
local-user admin level 3
local-user lops-atm password cipher G&GU1KSF3L_Q=^Q`MAF4<1!!
local-user lops-atm service-type ftp telnet ssh
local-user lops-atm level 3
authentication-scheme default
authentication-mode none
authentication-scheme cantv
authentication-mode local hwtacacs
#
authorization-scheme default
authorization-mode none
authorization-scheme cantv
authorization-mode local hwtacacs
#
accounting-scheme default
accounting-scheme cantv
accounting-mode hwtacacs
accounting-scheme start-fail
accounting-mode hwtacacs
#
domain default
authentication-scheme cantv
authorization-scheme cantv
accounting-scheme cantv
hwtacacs-server cantv
#
recording-scheme cantv
recording-mode hwtacacs cantv
#
cmd recording-scheme cantv
#
#
ip route-static 0.0.0.0 0.0.0.0 10.125.162.1
#
snmp-agent
snmp-agent local-engineid 000007DB7F00000100000C3D
snmp-agent community write AswU2Kwr1
snmp-agent community read Switch@5W
snmp-agent sys-info contact Datos Anzoategui
 snmp-agent sys-info location Cantaura
snmp-agent sys-info version all
snmp-agent target-host trap address udp-domain 10.119.64.4 params securityname
u2000
snmp-agent target-host trap address udp-domain 10.119.64.8 params securityname
u2000
snmp-agent mib-view included iso-view iso
snmp-agent trap enable configuration
snmp-agent trap enable system
snmp-agent trap enable standard
snmp-agent packet max-size 9212
#
ntp-service unicast-peer 10.128.0.50 preference
ntp-service unicast-peer 10.128.0.61
#
undo ssh server compatible-ssh1x enable
sftp server enable
stelnet server enable
ssh authentication-type default password
ssh user admin
ssh user admin authentication-type password
ssh user admin service-type stelnet
#
header shell file header.txt
header login file header.txt
#
user-interface con 0
authentication-mode password
set authentication password cipher >!N-F(IZY9[Q=^Q`MAF4<1!!
user-interface aux 0
user-interface vty 0
acl 2010 inbound
authentication-mode none
user privilege level 3
idle-timeout 15 0
screen-length 0
protocol inbound all
user-interface vty 1 4
acl 2010 inbound
authentication-mode none
user privilege level 3
idle-timeout 15 0
protocol inbound all
#