! ! Last configuration change at 08:00:17 MDT Fri Mar 22 2019 by abernard ! NVRAM config last updated at 17:18:44 MNT Thu Jan 17 2019 by pingpongguy ! version 12.2 no service pad service tcp-keepalives-in service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption ! hostname krar-1125-term-swa1 ! boot-start-marker boot-end-marker ! logging buffered 16384 no logging console no logging monitor ! aaa new-model ! ! aaa authentication login default group tacacs+ enable aaa authentication enable default group tacacs+ enable aaa authorization console aaa authorization config-commands aaa authorization exec default group tacacs+ none aaa authorization commands 1 default group tacacs+ none aaa authorization commands 15 default group tacacs+ none aaa authorization network default group tacacs+ none aaa accounting exec default start-stop group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ aaa accounting network default start-stop group tacacs+ aaa accounting connection default start-stop group tacacs+ aaa accounting system default start-stop group tacacs+ ! ! ! ! ! aaa session-id common clock timezone MNT -7 0 clock summer-time MDT recurring switch 1 provision ws-c2960s-24ps-l no ip source-route ! ! no ip domain-lookup ip domain-name net.dvn ! mls qos ! ! ! spanning-tree mode rapid-pvst spanning-tree portfast bpduguard default spanning-tree extend system-id ! ! ! errdisable recovery cause bpduguard ! vlan internal allocation policy ascending ! ! class-map match-all CLASS_Wifi_Upload match access-group name Wifi_Upload ! policy-map POLICY_Wifi_Upload class CLASS_Wifi_Upload police 1024000 192000 exceed-action drop ! ! ! ! ! ! interface Port-channel1 description KBAMSSIPH001P switchport access vlan 3 switchport mode access ! interface FastEthernet0 no ip address shutdown ! interface GigabitEthernet1/0/1 description radio room(V09) switchport access vlan 3 switchport mode access switchport voice vlan 4 spanning-tree portfast ! interface GigabitEthernet1/0/2 description WIFI-AP switchport access vlan 5 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/0/3 description Admin PC_2 switchport access vlan 3 switchport mode access switchport voice vlan 4 spanning-tree portfast ! interface GigabitEthernet1/0/4 description Admin PC switchport access vlan 3 switchport mode access switchport voice vlan 4 spanning-tree portfast ! interface GigabitEthernet1/0/5 description Admin PC switchport access vlan 3 switchport mode access switchport voice vlan 4 spanning-tree portfast ! interface GigabitEthernet1/0/6 description Admin PC switchport access vlan 5 switchport mode access switchport voice vlan 4 spanning-tree portfast ! interface GigabitEthernet1/0/7 description check-in (V14) switchport access vlan 3 switchport mode access switchport voice vlan 4 spanning-tree portfast ! interface GigabitEthernet1/0/8 description check-in (V15) switchport access vlan 3 switchport mode access switchport voice vlan 4 spanning-tree portfast ! interface GigabitEthernet1/0/9 description Genetec SV-32 switchport access vlan 973 switchport mode access switchport voice vlan 4 spanning-tree portfast ! interface GigabitEthernet1/0/10 description Printer switchport access vlan 3 switchport mode access switchport voice vlan 4 spanning-tree portfast ! interface GigabitEthernet1/0/11 description Admin office(V04) switchport access vlan 3 switchport mode access switchport voice vlan 4 spanning-tree portfast ! interface GigabitEthernet1/0/12 description radio room(D09) switchport access vlan 3 switchport mode access switchport voice vlan 4 spanning-tree portfast ! interface GigabitEthernet1/0/13 description Tarmac Cam switchport access vlan 6 switchport mode access switchport voice vlan 4 switchport port-security switchport port-security mac-address sticky switchport port-security mac-address sticky 0040.8cda.4ea9 spanning-tree portfast ! interface GigabitEthernet1/0/14 description WaitingArea1 Cam switchport access vlan 6 switchport mode access switchport port-security switchport port-security mac-address sticky switchport port-security mac-address sticky 0040.8cda.65f9 spanning-tree portfast ! interface GigabitEthernet1/0/15 description WaitingArea2 Cam switchport access vlan 6 switchport mode access switchport port-security switchport port-security mac-address sticky switchport port-security mac-address sticky 0040.8cc7.4cd1 spanning-tree portfast ! interface GigabitEthernet1/0/16 description AMAG Controller switchport access vlan 6 switchport mode access switchport port-security switchport port-security mac-address sticky switchport port-security mac-address sticky 0020.4aae.4fea spanning-tree portfast ! interface GigabitEthernet1/0/17 description SecurityCamera switchport access vlan 6 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/0/18 description SecurityCamera switchport access vlan 6 switchport mode access switchport port-security switchport port-security mac-address sticky switchport port-security mac-address sticky 0040.8cda.65f8 spanning-tree portfast ! interface GigabitEthernet1/0/19 description check-in printer (V12) switchport access vlan 3 switchport mode access switchport voice vlan 4 spanning-tree portfast ! interface GigabitEthernet1/0/20 description KBAMSSIPH001P-NIC2 switchport access vlan 11 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/0/21 description KBAMSSIPH001P-NIC1 switchport access vlan 11 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/0/22 description KBAMSSIPH001P-ILO switchport access vlan 11 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/0/23 description UPS switchport access vlan 3 switchport mode access switchport port-security switchport port-security mac-address sticky switchport port-security mac-address sticky 00c0.b758.e84d spanning-tree portfast ! interface GigabitEthernet1/0/24 description krar-1125-term-rte1 G0/1 switchport mode trunk switchport nonegotiate ! interface GigabitEthernet1/0/25 description krar-1125-bunk-swa1 G1/0/25 switchport mode trunk ! interface GigabitEthernet1/0/26 description krar-1125-whse-swa1 G0/9 switchport mode trunk ! interface GigabitEthernet1/0/27 ! interface GigabitEthernet1/0/28 ! interface Vlan1 no ip address shutdown ! interface Vlan3 description ## Admin Vlan ip address 10.75.45.3 255.255.255.128 no ip redirects no ip unreachables no ip proxy-arp ! ip default-gateway 10.75.45.1 no ip http server no ip http secure-server ! ! ip access-list extended AccessControl permit ip host 10.52.5.69 any permit ip host 10.64.132.69 any permit ip 172.16.5.0 0.0.0.255 any permit ip 172.20.5.0 0.0.0.255 any permit ip 172.24.225.0 0.0.0.255 any permit ip 172.25.225.0 0.0.0.255 any permit tcp host 63.99.29.18 any eq 22 permit tcp host 63.99.29.40 any eq 22 permit tcp host 206.47.24.18 any eq 22 permit tcp host 206.47.24.169 any eq 22 ip access-list extended Wifi_Upload permit ip any any ip access-list extended scada_in deny ip any any log logging esm config logging trap debugging logging facility local5 logging 10.64.135.35 logging 172.25.20.61 access-list 96 permit 172.18.2.37 access-list 96 permit 172.18.18.21 access-list 97 permit 10.66.37.101 access-list 97 permit 10.52.12.12 access-list 97 permit 172.16.32.30 access-list 97 permit 172.16.32.31 access-list 97 permit 172.20.32.30 access-list 97 permit 172.20.32.31 access-list 97 permit 172.16.12.104 access-list 97 permit 172.16.32.116 access-list 97 permit 10.64.146.32 access-list 97 permit 172.16.5.0 0.0.0.255 access-list 97 permit 172.20.5.0 0.0.0.255 access-list 97 permit 172.24.225.0 0.0.0.255 access-list 97 permit 172.25.225.0 0.0.0.255 access-list 98 permit 172.25.36.129 access-list 98 permit 172.25.17.190 access-list 98 permit 172.22.136.17 access-list 98 permit 172.18.200.80 access-list 98 permit 172.18.136.27 access-list 98 permit 172.18.2.121 access-list 98 permit 172.18.66.57 access-list 98 permit 172.18.2.122 access-list 98 permit 172.25.40.78 snmp-server view mib-exclude iso included snmp-server view mib-exclude lldpMIB excluded snmp-server view HPmib-exclude iso included snmp-server view HPmib-exclude lldpMIB excluded snmp-server view HPmib-exclude at excluded snmp-server view HPmib-exclude snmpUsmMIB excluded snmp-server view HPmib-exclude snmpVacmMIB excluded snmp-server view HPmib-exclude snmpCommunityMIB excluded snmp-server view HPmib-exclude ip.21 excluded snmp-server view HPmib-exclude ip.22 excluded snmp-server location Kirby Lake, AB snmp-server contact Infrastructure snmp-server enable traps transceiver all snmp-server enable traps auth-framework sec-violation snmp-server enable traps cluster snmp-server enable traps dot1x auth-fail-vlan guest-vlan no-auth-fail-vlan no-guest-vlan snmp-server enable traps energywise snmp-server enable traps rep snmp-server enable traps vstack snmp-server enable traps bridge newroot topologychange snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps stackwise snmp-server enable traps errdisable snmp-server enable traps mac-notification change move threshold snmp-server enable traps vlan-membership tacacs-server host 172.25.243.22 tacacs-server host 172.24.243.22 tacacs-server timeout 6 tacacs-server directed-request ! ! no vstack banner exec ^C ***********************SYSTEM DESCRIPTION************************ * * * NAME: krar-1125-term-swa1 * * LOCATION: Kirby Lake Aerodrome Terminal * * CORPORATION: Devon Canada Corporation * * CONTACT: Enterprise Network Services * * DESCRIPTION: Cisco WS-C2960S-24PS-L * * ASSET#: * ***************************************************************** ^C banner motd ^CC *****************************SECURITY NOTICE************************ * * ACCESS TO THIS SYSTEM IS RESTRICTED TO AUTHORIZED PERSONNEL ONLY * USAGE OF THIS SYSTEM MAY BE LOGGED AND/OR MONITORED WITHOUT NOTICE. * DISCONNECT IMMEDIATELY IF YOU ARE NOT AN AUTHORIZED USER! * ******************************************************************** ^C ! line con 0 exec-timeout 15 0 line vty 0 4 access-class AccessControl in exec-timeout 15 0 privilege level 15 transport input ssh line vty 5 15 access-class AccessControl in exec-timeout 15 0 privilege level 15 transport input ssh ! ntp source Vlan3 ntp server 172.20.2.33 prefer ntp server 172.20.2.34 end