# # Module devmgr configuration. # configure snmp sysName "Switch-AS4" configure snmp sysLocation "Paris" configure snmp sysContact "Olivier Fourmaux" configure slot 1 module X450e-24p # # Module vlan configuration. # configure vr VR-Default add ports 1-26 create qosprofile "QP7" configure vlan Default tag 1 create vlan "vlan400" configure vlan vlan400 tag 400 create vlan "vlan420" configure vlan vlan420 tag 420 create vlan "vlan421" configure vlan vlan421 tag 421 create vlan "vlan430" configure vlan vlan430 tag 430 create vlan "vlan431" configure vlan vlan431 tag 431 create vlan "vlan441" configure vlan vlan441 tag 441 create vlan "vlan442" configure vlan vlan442 tag 442 create vlan "vlan443" create vlan "vlan444" configure vlan vlan444 tag 444 create vlan "vlan999" configure vlan vlan999 tag 999 create vlan "voice" configure vlan voice tag 10 enable diffserv examination port 3 enable diffserv examination port 16 disable dot1p examination port 16 configure ports 25 auto off speed 10000 duplex full configure ports 26 auto off speed 10000 duplex full configure vlan vlan400 add ports 7, 19, 21 tagged configure vlan vlan400 add ports 1, 4, 10, 13 untagged configure vlan vlan420 add ports 19 tagged configure vlan vlan420 add ports 11 untagged configure vlan vlan421 add ports 12, 23 untagged configure vlan vlan430 add ports 21 tagged configure vlan vlan430 add ports 14 untagged configure vlan vlan431 add ports 15, 24 untagged configure vlan vlan441 add ports 7, 20, 22 tagged configure vlan vlan442 add ports 20, 22 tagged configure vlan vlan442 add ports 8 untagged configure vlan vlan443 add ports 3, 6, 9 untagged configure vlan vlan444 add ports 3, 20 tagged configure vlan vlan444 add ports 16 untagged configure vlan vlan999 add ports 8, 24 tagged configure vlan vlan999 add ports 2, 5, 17-18 untagged configure vlan vlan400 ipaddress 4.11.100.33 255.255.255.240 configure qosscheduler strict-priority configure qosprofile QP7 maxbuffer 100 weight 1 configure qosprofile QP7 minbw 0 maxbw 100 ports 1 configure qosprofile QP7 minbw 0 maxbw 100 ports 2 configure qosprofile QP7 minbw 0 maxbw 100 ports 3 configure qosprofile QP7 minbw 0 maxbw 100 ports 4 configure qosprofile QP7 minbw 0 maxbw 100 ports 5 configure qosprofile QP7 minbw 0 maxbw 100 ports 6 configure qosprofile QP7 minbw 0 maxbw 100 ports 7 configure qosprofile QP7 minbw 0 maxbw 100 ports 8 configure qosprofile QP7 minbw 0 maxbw 100 ports 9 configure qosprofile QP7 minbw 0 maxbw 100 ports 10 configure qosprofile QP7 minbw 0 maxbw 100 ports 11 configure qosprofile QP7 minbw 0 maxbw 100 ports 12 configure qosprofile QP7 minbw 0 maxbw 100 ports 13 configure qosprofile QP7 minbw 0 maxbw 100 ports 14 configure qosprofile QP7 minbw 0 maxbw 100 ports 15 configure qosprofile QP7 minbw 0 maxbw 100 ports 16 configure qosprofile QP7 minbw 0 maxbw 100 ports 17 configure qosprofile QP7 minbw 0 maxbw 100 ports 18 configure qosprofile QP7 minbw 0 maxbw 100 ports 19 configure qosprofile QP7 minbw 0 maxbw 100 ports 20 configure qosprofile QP7 minbw 0 maxbw 100 ports 21 configure qosprofile QP7 minbw 0 maxbw 100 ports 22 configure qosprofile QP7 minbw 0 maxbw 100 ports 23 configure qosprofile QP7 minbw 0 maxbw 100 ports 24 configure qosprofile QP7 minbw 0 maxbw 100 ports 25 configure qosprofile QP7 minbw 0 maxbw 100 ports 26 configure dot1p type 6 qosprofile QP7 configure diffserv examination code-point 46 qosprofile QP7 # # Module fdb configuration. # configure fdb agingtime 300 configure iparp vr VR-Control max_entries 4096 configure iparp vr VR-Control max_pending_entries 256 configure iparp vr VR-Control max_proxy_entries 256 configure iparp vr VR-Control timeout 20 enable iparp vr VR-Control checking enable iparp vr VR-Control refresh configure iparp vr VR-Default max_entries 4096 configure iparp vr VR-Default max_pending_entries 256 configure iparp vr VR-Default max_proxy_entries 256 configure iparp vr VR-Default timeout 20 enable iparp vr VR-Default checking enable iparp vr VR-Default refresh configure iparp vr VR-Mgmt max_entries 4096 configure iparp vr VR-Mgmt max_pending_entries 256 configure iparp vr VR-Mgmt max_proxy_entries 256 configure iparp vr VR-Mgmt timeout 20 enable iparp vr VR-Mgmt checking enable iparp vr VR-Mgmt refresh # # Module rtmgr configuration. # disable iproute sharing configure iproute priority blackhole 50 configure iproute priority static 1100 configure iproute priority icmp 1200 configure iproute priority ebgp 1700 configure iproute priority ibgp 1900 configure iproute priority ospf-intra 2200 configure iproute priority ospf-inter 2300 configure iproute priority rip 2400 configure iproute priority ospf-as-external 3100 configure iproute priority ospf-extern1 3200 configure iproute priority ospf-extern2 3300 configure iproute priority bootp 5000 configure iproute ipv6 priority blackhole 50 configure iproute ipv6 priority static 1100 configure iproute ipv6 priority icmp 1200 configure iproute ipv6 priority ospfv3-intra 2200 configure iproute ipv6 priority ospfv3-inter 2300 configure iproute ipv6 priority RIPng 2400 configure iproute ipv6 priority ospfv3-as-external 3100 configure iproute ipv6 priority ospfv3-extern1 3200 configure iproute ipv6 priority ospfv3-extern2 3300 configure irdp broadcast configure irdp 450 600 1800 0 disable irdp "vlan400" disable icmp address-mask vlan "vlan400" enable icmp parameter-problem vlan "vlan400" enable icmp port-unreachables vlan "vlan400" enable icmp unreachables vlan "vlan400" enable icmp redirects vlan "vlan400" enable icmp time-exceeded vlan "vlan400" disable icmp timestamp vlan "vlan400" enable ip-option loose-source-route enable ip-option strict-source-route enable ip-option record-timestamp enable ip-option router-alert enable ip-option record-route disable ipforwarding broadcast vlan "vlan400" disable icmp useredirects # # Module mcmgr configuration. # configure igmp snooping cache 32 64 configure igmp snooping timer 260 260 vr VR-Default configure igmp snooping leave-timeout 1000 vr VR-Default configure MLD snooping timer 260 260 vr VR-Default configure MLD snooping leave-timeout 1000 vr VR-Default disable igmp snooping forward-mcrouter-only vr VR-Default disable MLD snooping forward-mcrouter-only vr VR-Default configure igmp 125 10 1 2 vr VR-Default configure MLD 125 10 1 2 vr VR-Default enable igmp snooping with-proxy vr VR-Default enable MLD snooping with-proxy vr VR-Default configure igmp snooping flood-list none vr VR-Default configure MLD snooping flood-list none vr VR-Default disable mvr configure mvr vlan Default mvr-address none configure mvr vlan Default static group none configure mvr vlan vlan400 mvr-address none configure mvr vlan vlan400 static group none configure mvr vlan vlan420 mvr-address none configure mvr vlan vlan420 static group none configure mvr vlan vlan421 mvr-address none configure mvr vlan vlan421 static group none configure mvr vlan vlan430 mvr-address none configure mvr vlan vlan430 static group none configure mvr vlan vlan431 mvr-address none configure mvr vlan vlan431 static group none configure mvr vlan vlan441 mvr-address none configure mvr vlan vlan441 static group none configure mvr vlan vlan442 mvr-address none configure mvr vlan vlan442 static group none configure mvr vlan vlan443 mvr-address none configure mvr vlan vlan443 static group none configure mvr vlan vlan444 mvr-address none configure mvr vlan vlan444 static group none configure mvr vlan vlan999 mvr-address none configure mvr vlan vlan999 static group none configure mvr vlan voice mvr-address none configure mvr vlan voice static group none # # Module aaa configuration. # disable radius mgmt-access configure radius mgmt-access timeout 3 disable radius-accounting mgmt-access configure radius-accounting mgmt-access timeout 3 disable radius netlogin configure radius netlogin timeout 3 disable radius-accounting netlogin configure radius-accounting netlogin timeout 3 disable tacacs configure tacacs timeout 3 disable tacacs-accounting configure tacacs-accounting timeout 3 disable tacacs-authorization configure account admin encrypted xJLkKm$qRospHGgtUkQoIFzLGo/71 configure account user encrypted sOSkKm$XnEo7jntuXnMf49rOiJmA1 # # Module acl configuration. # enable access-list refresh blackhole enable access-list permit to-cpu # # Module cfgmgr configuration. # disable cli-config-logging configure cli max-sessions 8 configure cli max-failed-logins 3 configure banner configure idletimeout 20 enable idletimeout # # Module dosprotect configuration. # disable dos-protect configure dos-protect interval 1 configure dos-protect trusted-ports ports configure dos-protect type l3-protect alert-threshold 4000 configure dos-protect type l3-protect notify-threshold 3500 # # Module eaps configuration. # configure eaps fast-convergence off configure eaps config-warnings on disable eaps # # Module edp configuration. # configure edp advertisement-interval 60 holddown-interval 180 enable edp ports 1 enable edp ports 2 enable edp ports 3 enable edp ports 4 enable edp ports 5 enable edp ports 6 enable edp ports 7 enable edp ports 8 enable edp ports 9 enable edp ports 10 enable edp ports 11 enable edp ports 12 enable edp ports 13 enable edp ports 14 enable edp ports 15 enable edp ports 16 enable edp ports 17 enable edp ports 18 enable edp ports 19 enable edp ports 20 enable edp ports 21 enable edp ports 22 enable edp ports 23 enable edp ports 24 enable edp ports 25 enable edp ports 26 # # Module elrp configuration. # disable elrp-client # # Module ems configuration. # disable log debug-mode create log filter DefaultFilter configure log filter DefaultFilter add event All enable log target memory-buffer configure log target memory-buffer filter DefaultFilter severity Debug-Data configure log target memory-buffer match Any configure log target memory-buffer format timestamp hundredths date mm-dd-yyyy e configure log target memory-buffer number-of-messages 1000 enable log target nvram configure log target nvram filter DefaultFilter severity Warning configure log target nvram match Any configure log target nvram format timestamp hundredths date mm-dd-yyyy event-nam disable log target console configure log target console filter DefaultFilter severity Info configure log target console match Any configure log target console format timestamp hundredths date mm-dd-yyyy event-n # # Module epm configuration. # configure sys-recovery-level All enable watchdog configure firmware install-on-demand enable cpu-monitoring interval 20 threshold 60 # # Module esrp configuration. # configure esrp mode extended # # Module etmon configuration. # configure sflow sample-rate 8192 configure sflow max-cpu-sample-limit 2000 configure sflow poll-interval 20 disable sflow disable rmon # # Module hal configuration. # configure iproute sharing max-gateways 4 # # Module lldp configuration. # configure lldp transmit-interval 30 configure lldp transmit-hold 4 configure lldp reinitialize-delay 2 configure lldp transmit-delay 2 configure lldp snmp-notification-interval 5 configure lldp med fast-start repeat-count 3 # # Module netLogin configuration. # configure netlogin dot1x timers server-timeout 30 quiet-period 60 reauth-period configure netlogin dot1x eapol-transmit-version v1 enable netlogin logout-privilege enable netlogin session-refresh 3 configure netlogin base-url "network-access.com" configure netlogin redirect-page "http://www.extremenetworks.com" configure netlogin banner "" # # Module netTools configuration. # configure sntp-client update-interval 64 disable sntp-client # # Module ospf configuration. # configure ospf routerid automatic configure ospf spf-hold-time 3 configure ospf metric-table 10M 10 100M 5 1G 4 10G 2 configure ospf lsa-batch-interval 30 configure ospf import-policy none configure ospf ase-limit 0 disable ospf originate-default disable ospf use-ip-router-alert disable ospf configure ospf restart none configure ospf restart grace-period 120 disable ospf export direct disable ospf export static disable ospf export rip disable ospf export e-bgp disable ospf export i-bgp configure ospf area 0.0.0.0 external-filter none configure ospf area 0.0.0.0 interarea-filter none configure ospf area 0.0.0.0 normal configure ospf vlan vlan400 area 0.0.0.0 configure ospf vlan vlan400 cost automatic configure ospf vlan vlan400 priority 0 configure ospf vlan vlan400 authentication none configure ospf vlan vlan400 timer 5 1 10 40 configure ospf vlan vlan400 restart-helper none enable ospf vlan vlan400 restart-helper-lsa-check # # Module pim configuration. # disable pim configure pim crp timer 60 configure pim register-suppress-interval 60 register-probe-interval 5 configure pim register-checksum-to include-data # # Module poe configuration. # enable inline-power configure inline-power usage-threshold 70 configure inline-power disconnect-precedence deny-port disable inline-power legacy slot 1 enable inline-power ports 1 configure inline-power operator-limit 15400 ports 1 configure inline-power label "" ports 1 configure inline-power priority low ports 1 enable inline-power ports 2 configure inline-power operator-limit 15400 ports 2 configure inline-power label "" ports 2 configure inline-power priority low ports 2 enable inline-power ports 3 configure inline-power operator-limit 15400 ports 3 configure inline-power label "" ports 3 configure inline-power priority low ports 3 enable inline-power ports 4 configure inline-power operator-limit 15400 ports 4 configure inline-power label "" ports 4 configure inline-power priority low ports 4 enable inline-power ports 5 configure inline-power operator-limit 15400 ports 5 configure inline-power label "" ports 5 configure inline-power priority low ports 5 enable inline-power ports 6 configure inline-power operator-limit 15400 ports 6 configure inline-power label "" ports 6 configure inline-power priority low ports 6 enable inline-power ports 7 configure inline-power operator-limit 15400 ports 7 configure inline-power label "" ports 7 configure inline-power priority low ports 7 enable inline-power ports 8 configure inline-power operator-limit 15400 ports 8 configure inline-power label "" ports 8 configure inline-power priority low ports 8 enable inline-power ports 9 configure inline-power operator-limit 15400 ports 9 configure inline-power label "" ports 9 configure inline-power priority low ports 9 enable inline-power ports 10 configure inline-power operator-limit 15400 ports 10 configure inline-power label "" ports 10 configure inline-power priority low ports 10 enable inline-power ports 11 configure inline-power operator-limit 15400 ports 11 configure inline-power label "" ports 11 configure inline-power priority low ports 11 enable inline-power ports 12 configure inline-power operator-limit 15400 ports 12 configure inline-power label "" ports 12 configure inline-power priority low ports 12 enable inline-power ports 13 configure inline-power operator-limit 15400 ports 13 configure inline-power label "" ports 13 configure inline-power priority low ports 13 enable inline-power ports 14 configure inline-power operator-limit 15400 ports 14 configure inline-power label "" ports 14 configure inline-power priority low ports 14 enable inline-power ports 15 configure inline-power operator-limit 15400 ports 15 configure inline-power label "" ports 15 configure inline-power priority low ports 15 enable inline-power ports 16 configure inline-power operator-limit 15400 ports 16 configure inline-power label "" ports 16 configure inline-power priority low ports 16 enable inline-power ports 17 configure inline-power operator-limit 15400 ports 17 configure inline-power label "" ports 17 configure inline-power priority low ports 17 enable inline-power ports 18 configure inline-power operator-limit 15400 ports 18 configure inline-power label "" ports 18 configure inline-power priority low ports 18 enable inline-power ports 19 configure inline-power operator-limit 15400 ports 19 configure inline-power label "" ports 19 configure inline-power priority low ports 19 enable inline-power ports 20 configure inline-power operator-limit 15400 ports 20 configure inline-power label "" ports 20 configure inline-power priority low ports 20 enable inline-power ports 21 configure inline-power operator-limit 15400 ports 21 configure inline-power label "" ports 21 configure inline-power priority low ports 21 enable inline-power ports 22 configure inline-power operator-limit 15400 ports 22 configure inline-power label "" ports 22 configure inline-power priority low ports 22 enable inline-power ports 23 configure inline-power operator-limit 15400 ports 23 configure inline-power label "" ports 23 configure inline-power priority low ports 23 enable inline-power ports 24 configure inline-power operator-limit 15400 ports 24 configure inline-power label "" ports 24 configure inline-power priority low ports 24 # # Module rip configuration. # configure rip garbagetime 120 configure rip import-policy none Press to continue or to quit: configure rip routetimeout 180 configure rip updatetime 30 disable rip originate-default enable rip use-ip-router-alert disable rip aggregation enable rip poisonreverse enable rip splithorizon enable rip triggerupdates disable rip disable rip export direct disable rip export static disable rip export ospf-intra disable rip export ospf-inter disable rip export ospf-extern1 disable rip export ospf-extern2 disable rip export e-bgp disable rip export i-bgp # # Module ripng configuration. # disable ripng configure ripng garbagetime 120 configure ripng updatetime 30 configure ripng routetimeout 180 # # Module snmpMaster configuration. # configure snmpv3 engine-id 03:00:04:96:27:c8:3a configure snmpv3 add user admin authentication md5 hex 93:0a:71:2b:6a:a8:0b:0f:e configure snmpv3 add user initial configure snmpv3 add user initialmd5 authentication md5 hex 4f:3b:90:c0:25:86:be configure snmpv3 add user initialsha authentication sha hex b4:ab:24:92:9d:d8:31 configure snmpv3 add user initialmd5Priv authentication md5 hex 33:0b:ff:c2:51:0 configure snmpv3 add user initialshaPriv authentication sha hex 80:61:f8:6d:d8:0 configure snmpv3 add group v1v2c_ro user v1v2c_ro sec-model snmpv1 configure snmpv3 add group v1v2c_rw user v1v2c_rw sec-model snmpv1 configure snmpv3 add group v1v2c_ro user v1v2c_ro sec-model snmpv2c configure snmpv3 add group v1v2c_rw user v1v2c_rw sec-model snmpv2c configure snmpv3 add group admin user admin sec-model usm configure snmpv3 add group initial user initial sec-model usm configure snmpv3 add group initial user initialmd5 sec-model usm configure snmpv3 add group initial user initialsha sec-model usm configure snmpv3 add group initial user initialmd5Priv sec-model usm configure snmpv3 add group initial user initialshaPriv sec-model usm configure snmpv3 add access admin sec-model usm sec-level priv read-view defauli configure snmpv3 add access initial sec-model usm sec-level noauth read-view dee configure snmpv3 add access initial sec-model usm sec-level authnopriv read-view configure snmpv3 add access v1v2c_ro sec-model snmpv1 sec-level noauth read-view configure snmpv3 add access v1v2c_ro sec-model snmpv2c sec-level noauth read-vie configure snmpv3 add access v1v2c_rw sec-model snmpv1 sec-level noauth read-view configure snmpv3 add access v1v2c_rw sec-model snmpv2c sec-level noauth read-vie configure snmpv3 add access v1v2cNotifyGroup sec-model snmpv1 sec-level noauth n configure snmpv3 add access v1v2cNotifyGroup sec-model snmpv2c sec-level noauth configure snmpv3 add mib-view defaultUserView subtree 1 type included configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.16 type exclud configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.18 type exclud configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.15.1.2.2.1.4 t configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.15.1.2.2.1.6 t configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.15.1.2.2.1.9 t configure snmpv3 add mib-view defaultAdminView subtree 1 type included configure snmpv3 add mib-view defaultNotifyView subtree 1 type included configure snmpv3 add community as4 name as4 user v1v2c_ro configure snmpv3 add community private name private user v1v2c_rw configure snmpv3 add community public name public user v1v2c_ro configure snmpv3 add notify defaultNotify tag defaultNotify enable snmp access enable snmp traps # # Module stp configuration. # configure mstp region 00049627c83a configure mstp revision 3 configure mstp format 0 create stpd s0 configure stpd s0 tag 0 configure stpd s0 mode dot1d configure stpd s0 forwarddelay 15 configure stpd s0 hellotime 2 configure stpd s0 maxage 20 configure stpd s0 priority 32768 disable stpd s0 rapid-root-failover configure stpd s0 default-encapsulation dot1d enable stpd s0 auto-bind vlan Default disable stpd s0 # # Module telnetd configuration. # configure telnet vr all # # Module tftpd configuration. # # # Module thttpd configuration. # # # Module vrrp configuration. #