-
Notifications
You must be signed in to change notification settings - Fork 0
/
Cisco-Layer2-Switch-General-Configuration-v2.config
123 lines (123 loc) · 3.12 KB
/
Cisco-Layer2-Switch-General-Configuration-v2.config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
! 4PEG Configuration Template
! http://4peg.com/WQJS62Q59kvk
!-------------------------------------------------------
! Cisco Layer2 Switch General Configuration v2
!-------------------------------------------------------
!
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname [[DEVICE-HOSTNAME]]
!
logging buffered 1024000 debugging
enable secret [[ENABLE-PASSWORD]]
!
username [[DEVICE-USERNAME]] privilege 15 password [[DEVICE-PASSWORD]]
aaa new-model
aaa authentication login default local
aaa authorization exec default local
!
aaa session-id common
clock timezone GMT 0
clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00
vtp mode transparent
ip subnet-zero
no ip source-route
ip routing
no ip domain-lookup
ip domain-name [[DOMAIN-NAME]]
!
crypto key generate rsa modulus [[KEY-SIZE-1024/2048/4096]]
ip ssh version 2
!
!
!
errdisable recovery cause bpduguard
errdisable recovery cause link-flap
errdisable recovery cause storm-control
port-channel load-balance src-dst-ip
!
!
spanning-tree mode rapid-pvst
spanning-tree portfast default
spanning-tree extend system-id
spanning-tree vlan 1-4094 priority [[SPANNING-TREE-PRIORITY]]
!
vlan internal allocation policy ascending
!
vlan [[MANAGEMENT-VLAN-ID]]
name [[MANAGEMENT-VLAN-NAME]]
!
vlan [[ACCESS-VLAN-ID]]
name [[ACCESS-VLAN-NAME]]
!
vlan [[VOICE-VLAN-ID]]
name [[VOICE-VLAN-NAME]]
!
interface range FastEthernet1/0/[[FE-FIRST-PORT]]-[[FE-LAST-PORT]]
description *** [[FE-PORT-DESCRIPTION]] ***
switchport access vlan [[ACCESS-VLAN-ID]]
switchport mode access
switchport voice vlan [[VOICE-VLAN-ID]]
no mdix auto
storm-control broadcast level 5.00
storm-control multicast level 20.00
storm-control action shutdown
spanning-tree portfast
spanning-tree bpduguard enable
no shutdown
!
interface range GigabitEthernet1/0/[[GE-FIRST-PORT]]-[[GE-LAST-PORT]]
description *** [[GE-PORT-DESCRIPTION]] ***
switchport access vlan [[ACCESS-VLAN-ID]]
switchport mode access
switchport voice vlan [[VOICE-VLAN-ID]]
no mdix auto
storm-control broadcast level 5.00
storm-control multicast level 20.00
storm-control action shutdown
spanning-tree portfast
spanning-tree bpduguard enable
no shutdown
!
interface Vlan[[MANAGEMENT-VLAN-ID]]
description *** [[MANAGEMENT-VLAN-NAME]] ***
ip address [[MANAGEMENT-VLAN-IP-ADDRESS]] [[MANAGEMENT-VLAN-SUBNET-MASK]]
no ip redirects
no ip unreachables
no ip proxy-arp
no shutdown
!
!
ip classless
ip route 0.0.0.0 0.0.0.0 [[DEFAULT-GATEWAY-IP-ADDRESS]]
no ip http server
no ip https server
!
!
control-plane
!
!
line con 0
exec-timeout 15 0
logging synchronous
line vty 0 4
exec-timeout 15 0
logging synchronous
transport input ssh
line vty 5 15
exec-timeout 15 0
logging synchronous
transport input ssh
!
!---Time settings
clock timezone [[TIME-ZONE]]] [[UTC-HOURS-OFFSET]] [[UTC-MINUTES-OFFSET]]
!---Example below is a Day-Light Saving Time adjust configuration for UK/EU
clock summer-time [[DST-TIME-ZONE]]] recurring last Sun Mar 2:00 last Sun Oct 2:00
ntp server [[NTP-SERVER-1]]
ntp server [[NTP-SERVER-2]]
!
end
!