Realisations/2006-2007/Projet/Entreprise2/Switch: config_X450E_2007-01-17.cfg

File config_X450E_2007-01-17.cfg, 19.2 KB (added by alladoum, 18 years ago)
Line 
1#
2# Module devmgr configuration.
3#
4configure snmp sysName "X450e-24p"
5configure snmp sysContact "support@extremenetworks.com, +1 888 257 3000"
6configure slot 1 module X450e-24p
7
8#
9# Module vlan configuration.
10#
11configure vr VR-Default add ports 1-26
12configure vlan Default tag 1
13create vlan "R1"
14create vlan "R1R2"
15create vlan "R2"
16create vlan "RAS3"
17disable port 3
18disable port 4
19disable port 5
20disable port 6
21disable port 7
22disable port 8
23disable port 9
24disable port 10
25disable port 11
26disable port 12
27disable port 15
28disable port 16
29disable port 17
30disable port 18
31disable port 19
32disable port 20
33disable port 22
34disable port 23
35disable port 24
36disable port 25
37configure ports 25 auto off speed 10000 duplex full
38disable port 26
39configure ports 26 auto off speed 10000 duplex full
40configure vlan Default add ports 3-12, 15-20, 22-26 untagged
41configure vlan R1 add ports 1 untagged
42configure vlan R1R2 add ports 2, 14 untagged
43configure vlan R2 add ports 13 untagged
44configure vlan RAS3 add ports 21 untagged
45configure vlan Default ipaddress 192.168.0.254 255.255.255.0
46configure vlan Mgmt ipaddress 192.168.0.254 255.255.255.0
47configure vlan R1 ipaddress 10.40.1.2 255.255.255.252
48configure vlan R2 ipaddress 10.40.2.2 255.255.255.252
49configure vlan RAS3 ipaddress 10.34.252.9 255.255.255.252
50configure vlan R1R2 ipaddress 10.40.5.2 255.255.255.252
51configure qosscheduler strict-priority
52
53#
54# Module fdb configuration.
55#
56configure fdb agingtime 300
57configure iparp vr VR-Control max_entries 4096
58configure iparp vr VR-Control max_pending_entries 256
59configure iparp vr VR-Control max_proxy_entries 256
60configure iparp vr VR-Control timeout 20
61enable iparp vr VR-Control checking
62enable iparp vr VR-Control refresh
63configure iparp vr VR-Default max_entries 4096
64configure iparp vr VR-Default max_pending_entries 256
65configure iparp vr VR-Default max_proxy_entries 256
66configure iparp vr VR-Default timeout 20
67enable iparp vr VR-Default checking
68enable iparp vr VR-Default refresh
69configure iparp vr VR-Mgmt max_entries 4096
70configure iparp vr VR-Mgmt max_pending_entries 256
71configure iparp vr VR-Mgmt max_proxy_entries 256
72configure iparp vr VR-Mgmt timeout 20
73enable iparp vr VR-Mgmt checking
74enable iparp vr VR-Mgmt refresh
75
76#
77# Module rtmgr configuration.
78#
79disable iproute sharing
80configure iproute priority blackhole 50
81configure iproute priority static 1100
82configure iproute priority icmp 1200
83configure iproute priority ebgp 1700
84configure iproute priority ibgp 1900
85configure iproute priority ospf-intra 2200
86configure iproute priority ospf-inter 2300
87configure iproute priority rip 2400
88configure iproute priority ospf-as-external 3100
89configure iproute priority ospf-extern1 3200
90configure iproute priority ospf-extern2 3300
91configure iproute priority bootp 5000
92configure iproute ipv6 priority blackhole 50
93configure iproute ipv6 priority static 1100
94configure iproute ipv6 priority icmp 1200
95configure iproute ipv6 priority ospfv3-intra 2200
96configure iproute ipv6 priority ospfv3-inter 2300
97configure iproute ipv6 priority RIPng 2400
98configure iproute ipv6 priority ospfv3-as-external 3100
99configure iproute ipv6 priority ospfv3-extern1 3200
100configure iproute ipv6 priority ospfv3-extern2 3300
101configure irdp broadcast
102configure irdp 450 600 1800 0
103disable irdp "Default"
104disable irdp "Mgmt"
105disable irdp "R1"
106disable irdp "R1R2"
107disable irdp "R2"
108disable irdp "RAS3"
109disable icmp address-mask vlan "Default"
110enable icmp parameter-problem vlan "Default"
111enable icmp port-unreachables vlan "Default"
112enable icmp unreachables vlan "Default"
113enable icmp redirects vlan "Default"
114enable icmp time-exceeded vlan "Default"
115disable icmp timestamp vlan "Default"
116disable icmp address-mask vlan "Mgmt"
117enable icmp parameter-problem vlan "Mgmt"
118enable icmp port-unreachables vlan "Mgmt"
119enable icmp unreachables vlan "Mgmt"
120enable icmp redirects vlan "Mgmt"
121enable icmp time-exceeded vlan "Mgmt"
122disable icmp timestamp vlan "Mgmt"
123disable icmp address-mask vlan "R1"
124enable icmp parameter-problem vlan "R1"
125enable icmp port-unreachables vlan "R1"
126enable icmp unreachables vlan "R1"
127enable icmp redirects vlan "R1"
128enable icmp time-exceeded vlan "R1"
129disable icmp timestamp vlan "R1"
130disable icmp address-mask vlan "R1R2"
131enable icmp parameter-problem vlan "R1R2"
132enable icmp port-unreachables vlan "R1R2"
133enable icmp unreachables vlan "R1R2"
134enable icmp redirects vlan "R1R2"
135enable icmp time-exceeded vlan "R1R2"
136disable icmp timestamp vlan "R1R2"
137disable icmp address-mask vlan "R2"
138enable icmp parameter-problem vlan "R2"
139enable icmp port-unreachables vlan "R2"
140enable icmp unreachables vlan "R2"
141enable icmp redirects vlan "R2"
142enable icmp time-exceeded vlan "R2"
143disable icmp timestamp vlan "R2"
144disable icmp address-mask vlan "RAS3"
145enable icmp parameter-problem vlan "RAS3"
146enable icmp port-unreachables vlan "RAS3"
147enable icmp unreachables vlan "RAS3"
148enable icmp redirects vlan "RAS3"
149enable icmp time-exceeded vlan "RAS3"
150disable icmp timestamp vlan "RAS3"
151enable ip-option loose-source-route
152enable ip-option strict-source-route
153enable ip-option record-timestamp
154enable ip-option router-alert
155enable ip-option record-route
156disable ipforwarding broadcast vlan "Default"
157disable ipforwarding broadcast vlan "Mgmt"
158disable ipforwarding broadcast vlan "R1"
159disable ipforwarding broadcast vlan "R1R2"
160disable ipforwarding broadcast vlan "R2"
161disable ipforwarding broadcast vlan "RAS3"
162disable icmp useredirects
163
164#
165# Module mcmgr configuration.
166#
167configure igmp snooping cache 32 64
168configure igmp snooping timer 260 260 vr VR-Default
169configure igmp snooping leave-timeout 1000 vr VR-Default
170configure MLD snooping timer 260 260 vr VR-Default
171configure MLD snooping leave-timeout 1000 vr VR-Default
172disable igmp snooping forward-mcrouter-only vr VR-Default
173disable MLD snooping forward-mcrouter-only vr VR-Default
174configure igmp 125 10 1 2 vr VR-Default
175configure MLD 125 10 1 2 vr VR-Default
176enable igmp snooping with-proxy vr VR-Default
177enable MLD snooping with-proxy vr VR-Default
178configure igmp snooping flood-list none vr VR-Default
179configure MLD snooping flood-list none vr VR-Default
180disable mvr
181configure mvr vlan Default mvr-address none
182configure mvr vlan Default static group none
183configure mvr vlan R1 mvr-address none
184configure mvr vlan R1 static group none
185configure mvr vlan R1R2 mvr-address none
186configure mvr vlan R1R2 static group none
187configure mvr vlan R2 mvr-address none
188configure mvr vlan R2 static group none
189configure mvr vlan RAS3 mvr-address none
190configure mvr vlan RAS3 static group none
191
192#
193# Module aaa configuration.
194#
195disable radius mgmt-access
196configure radius mgmt-access timeout 3
197disable radius-accounting mgmt-access
198configure radius-accounting mgmt-access timeout 3
199disable radius netlogin
200configure radius netlogin timeout 3
201disable radius-accounting netlogin
202configure radius-accounting netlogin timeout 3
203disable tacacs
204configure tacacs timeout 3
205disable tacacs-accounting
206configure tacacs-accounting timeout 3
207disable tacacs-authorization
208configure account admin encrypted xJLi2a$As89cP1wHfZWnBK4Hc7ct0
209configure account user encrypted sOSi2a$fEKW8rKI0Etk6Cj6QTz3O/
210
211#
212# Module acl configuration.
213#
214enable access-list refresh blackhole
215enable access-list permit to-cpu
216
217#
218# Module cfgmgr configuration.
219#
220disable cli-config-logging
221configure cli max-sessions 8
222configure cli max-failed-logins 3
223configure banner
224
225
226configure idletimeout 20
227enable idletimeout
228
229#
230# Module dosprotect configuration.
231#
232disable dos-protect
233configure dos-protect interval 1
234configure dos-protect trusted-ports ports
235configure dos-protect type l3-protect alert-threshold 4000
236configure dos-protect type l3-protect notify-threshold 3500
237
238#
239# Module eaps configuration.
240#
241configure eaps fast-convergence off
242configure eaps config-warnings on
243disable eaps
244
245#
246# Module edp configuration.
247#
248configure edp advertisement-interval 60 holddown-interval 180
249enable edp ports 1
250enable edp ports 2
251enable edp ports 3
252enable edp ports 4
253enable edp ports 5
254enable edp ports 6
255enable edp ports 7
256enable edp ports 8
257enable edp ports 9
258enable edp ports 10
259enable edp ports 11
260enable edp ports 12
261enable edp ports 13
262enable edp ports 14
263enable edp ports 15
264enable edp ports 16
265enable edp ports 17
266enable edp ports 18
267enable edp ports 19
268enable edp ports 20
269enable edp ports 21
270enable edp ports 22
271enable edp ports 23
272enable edp ports 24
273enable edp ports 25
274enable edp ports 26
275
276#
277# Module elrp configuration.
278#
279disable elrp-client
280
281#
282# Module ems configuration.
283#
284disable log debug-mode
285create log filter DefaultFilter
286configure log filter DefaultFilter add event All
287enable log target memory-buffer
288configure log target memory-buffer filter DefaultFilter severity Debug-Data
289configure log target memory-buffer match Any
290configure log target memory-buffer format timestamp hundredths date mm-dd-yyyy event-name condition severity
291configure log target memory-buffer number-of-messages 1000
292enable log target nvram
293configure log target nvram filter DefaultFilter severity Warning
294configure log target nvram match Any
295configure log target nvram format timestamp hundredths date mm-dd-yyyy event-name condition severity
296disable log target console
297configure log target console filter DefaultFilter severity Info
298configure log target console match Any
299configure log target console format timestamp hundredths date mm-dd-yyyy event-name condition severity
300
301#
302# Module epm configuration.
303#
304configure sys-recovery-level All
305enable watchdog
306configure firmware install-on-demand
307enable cpu-monitoring interval 20 threshold 60
308
309#
310# Module esrp configuration.
311#
312configure esrp mode extended
313
314#
315# Module etmon configuration.
316#
317configure sflow sample-rate 8192
318configure sflow max-cpu-sample-limit 2000
319configure sflow poll-interval 20
320disable sflow
321disable rmon
322
323#
324# Module hal configuration.
325#
326configure iproute sharing max-gateways 4
327
328#
329# Module lldp configuration.
330#
331configure lldp transmit-interval 30
332configure lldp transmit-hold 4
333configure lldp reinitialize-delay 2
334configure lldp transmit-delay 2
335configure lldp snmp-notification-interval 5
336configure lldp med fast-start repeat-count 3
337
338#
339# Module netLogin configuration.
340#
341configure netlogin dot1x timers server-timeout 30 quiet-period 60 reauth-period 3600 supp-resp-timeout 30
342configure netlogin dot1x eapol-transmit-version v1
343enable netlogin logout-privilege
344enable netlogin session-refresh 3
345configure netlogin base-url "network-access.com"
346configure netlogin redirect-page "http://www.extremenetworks.com"
347configure netlogin banner ""
348
349#
350# Module netTools configuration.
351#
352configure sntp-client update-interval 64
353disable sntp-client
354
355#
356# Module poe configuration.
357#
358enable inline-power
359configure inline-power usage-threshold 70
360configure inline-power disconnect-precedence deny-port
361disable inline-power legacy slot 1
362enable inline-power ports 1
363configure inline-power operator-limit 15400 ports 1
364configure inline-power label "" ports 1
365configure inline-power priority low ports 1
366enable inline-power ports 2
367configure inline-power operator-limit 15400 ports 2
368configure inline-power label "" ports 2
369configure inline-power priority low ports 2
370enable inline-power ports 3
371configure inline-power operator-limit 15400 ports 3
372configure inline-power label "" ports 3
373configure inline-power priority low ports 3
374enable inline-power ports 4
375configure inline-power operator-limit 15400 ports 4
376configure inline-power label "" ports 4
377configure inline-power priority low ports 4
378enable inline-power ports 5
379configure inline-power operator-limit 15400 ports 5
380configure inline-power label "" ports 5
381configure inline-power priority low ports 5
382enable inline-power ports 6
383configure inline-power operator-limit 15400 ports 6
384configure inline-power label "" ports 6
385configure inline-power priority low ports 6
386enable inline-power ports 7
387configure inline-power operator-limit 15400 ports 7
388configure inline-power label "" ports 7
389configure inline-power priority low ports 7
390enable inline-power ports 8
391configure inline-power operator-limit 15400 ports 8
392configure inline-power label "" ports 8
393configure inline-power priority low ports 8
394enable inline-power ports 9
395configure inline-power operator-limit 15400 ports 9
396configure inline-power label "" ports 9
397configure inline-power priority low ports 9
398enable inline-power ports 10
399configure inline-power operator-limit 15400 ports 10
400configure inline-power label "" ports 10
401configure inline-power priority low ports 10
402enable inline-power ports 11
403configure inline-power operator-limit 15400 ports 11
404configure inline-power label "" ports 11
405configure inline-power priority low ports 11
406enable inline-power ports 12
407configure inline-power operator-limit 15400 ports 12
408configure inline-power label "" ports 12
409configure inline-power priority low ports 12
410enable inline-power ports 13
411configure inline-power operator-limit 15400 ports 13
412configure inline-power label "" ports 13
413configure inline-power priority low ports 13
414enable inline-power ports 14
415configure inline-power operator-limit 15400 ports 14
416configure inline-power label "" ports 14
417configure inline-power priority low ports 14
418enable inline-power ports 15
419configure inline-power operator-limit 15400 ports 15
420configure inline-power label "" ports 15
421configure inline-power priority low ports 15
422enable inline-power ports 16
423configure inline-power operator-limit 15400 ports 16
424configure inline-power label "" ports 16
425configure inline-power priority low ports 16
426enable inline-power ports 17
427configure inline-power operator-limit 15400 ports 17
428configure inline-power label "" ports 17
429configure inline-power priority low ports 17
430enable inline-power ports 18
431configure inline-power operator-limit 15400 ports 18
432configure inline-power label "" ports 18
433configure inline-power priority low ports 18
434enable inline-power ports 19
435configure inline-power operator-limit 15400 ports 19
436configure inline-power label "" ports 19
437configure inline-power priority low ports 19
438enable inline-power ports 20
439configure inline-power operator-limit 15400 ports 20
440configure inline-power label "" ports 20
441configure inline-power priority low ports 20
442enable inline-power ports 21
443configure inline-power operator-limit 15400 ports 21
444configure inline-power label "" ports 21
445configure inline-power priority low ports 21
446enable inline-power ports 22
447configure inline-power operator-limit 15400 ports 22
448configure inline-power label "" ports 22
449configure inline-power priority low ports 22
450enable inline-power ports 23
451configure inline-power operator-limit 15400 ports 23
452configure inline-power label "" ports 23
453configure inline-power priority low ports 23
454enable inline-power ports 24
455configure inline-power operator-limit 15400 ports 24
456configure inline-power label "" ports 24
457configure inline-power priority low ports 24
458
459#
460# Module rip configuration.
461#
462configure rip garbagetime 120
463configure rip import-policy none
464configure rip routetimeout 180
465configure rip updatetime 30
466disable rip originate-default
467enable rip use-ip-router-alert
468disable rip aggregation
469enable rip poisonreverse
470enable rip splithorizon
471enable rip triggerupdates
472disable rip
473disable rip export direct
474disable rip export static
475disable rip export ospf-intra
476disable rip export ospf-inter
477 disable rip export ospf-extern1
478disable rip export ospf-extern2
479disable rip export e-bgp
480disable rip export i-bgp
481
482#
483# Module ripng configuration.
484#
485disable ripng
486configure ripng garbagetime 120
487configure ripng updatetime 30
488configure ripng routetimeout 180
489
490#
491# Module snmpMaster configuration.
492#
493configure snmpv3 engine-id 03:00:04:96:27:c8:3a
494configure snmpv3 add user admin authentication md5 hex 93:0a:71:2b:6a:a8:0b:0f:eb:20:e8:a0:d8:29:9d:5d privacy hex 93:0a:71:2b:6a:a8:0b:0f:eb:20:e8:a0:d8:29:9d:5d
495configure snmpv3 add user initial
496configure snmpv3 add user initialmd5 authentication md5 hex 4f:3b:90:c0:25:86:be:60:c6:97:14:83:5c:2d:44:c5
497 configure snmpv3 add user initialsha authentication sha hex b4:ab:24:92:9d:d8:31:ba:b1:e2:6e:f3:46:17:02:55:8b:fe:d1:98
498configure snmpv3 add user initialmd5Priv authentication md5 hex 33:0b:ff:c2:51:07:ee:32:9f:ca:2e:b2:55:82:64:cd privacy hex 33:0b:ff:c2:51:07:ee:32:9f:ca:2e:b2:55:82:64:cd
499configure snmpv3 add user initialshaPriv authentication sha hex 80:61:f8:6d:d8:0f:1b:f7:2d:b6:cf:a0:95:4c:f8:75:f3:ee:c8:f1 privacy hex 80:61:f8:6d:d8:0f:1b:f7:2d:b6:cf:a0:95:4c:f8:75:f3:ee:c8:f1
500 configure snmpv3 add group v1v2c_ro user v1v2c_ro sec-model snmpv1
501configure snmpv3 add group v1v2c_rw user v1v2c_rw sec-model snmpv1
502configure snmpv3 add group v1v2c_ro user v1v2c_ro sec-model snmpv2c
503configure snmpv3 add group v1v2c_rw user v1v2c_rw sec-model snmpv2c
504configure snmpv3 add group admin user admin sec-model usm
505configure snmpv3 add group initial user initial sec-model usm
506  configure snmpv3 add group initial user initialmd5 sec-model usm
507configure snmpv3 add group initial user initialsha sec-model usm
508configure snmpv3 add group initial user initialmd5Priv sec-model usm
509  configure snmpv3 add group initial user initialshaPriv sec-model usm
510configure snmpv3 add access admin sec-model usm sec-level priv read-view defaultAdminView write-view defaultAdminView notify-view defaultNotifyView
511configure snmpv3 add access initial sec-model usm sec-level noauth read-view defaultUserView notify-view defaultNotifyView
512configure snmpv3 add access initial sec-model usm sec-level authnopriv read-view defaultUserView write-view defaultUserView notify-view defaultNotifyView
513configure snmpv3 add access v1v2c_ro sec-model snmpv1 sec-level noauth read-view defaultUserView notify-view defaultNotifyView
514configure snmpv3 add access v1v2c_ro sec-model snmpv2c sec-level noauth read-view defaultUserView notify-view defaultNotifyView
515configure snmpv3 add access v1v2c_rw sec-model snmpv1 sec-level noauth read-view defaultUserView write-view defaultUserView notify-view defaultNotifyView
516configure snmpv3 add access v1v2c_rw sec-model snmpv2c sec-level noauth read-view defaultUserView write-view defaultUserView notify-view defaultNotifyView
517configure snmpv3 add access v1v2cNotifyGroup sec-model snmpv1 sec-level noauth notify-view defaultNotifyView
518configure snmpv3 add access v1v2cNotifyGroup sec-model snmpv2c sec-level noauth notify-view defaultNotifyView
519configure snmpv3 add mib-view defaultUserView subtree 1 type included
520configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.16 type excluded
521configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.18 type excluded
522configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.15.1.2.2.1.4 type excluded
523configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.15.1.2.2.1.6 type excluded
524configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.15.1.2.2.1.9 type excluded
525configure snmpv3 add mib-view defaultAdminView subtree 1 type included
526configure snmpv3 add mib-view defaultNotifyView subtree 1 type included
527configure snmpv3 add community private name private user v1v2c_rw
528configure snmpv3 add community public name public user v1v2c_ro
529configure snmpv3 add notify defaultNotify tag defaultNotify
530enable snmp access
531enable snmp traps
532
533#
534# Module stp configuration.
535#
536configure mstp region 00049627c83a
537configure mstp revision 3
538configure mstp format 0
539create stpd s0
540configure stpd s0 tag 0
541configure stpd s0 mode dot1d
542configure stpd s0 forwarddelay 15
543configure stpd s0 hellotime 2
544configure stpd s0 maxage 20
545configure stpd s0 priority 32768
546disable stpd s0 rapid-root-failover
547configure stpd s0 default-encapsulation dot1d
548enable stpd s0 auto-bind vlan Default
549disable stpd s0
550
551#
552# Module telnetd configuration.
553#
554configure telnet vr all
555
556#
557# Module tftpd configuration.
558#
559
560#
561# Module thttpd configuration.
562#