Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd Logo
Upload

Welcome to Scribd!

  • 62 views

    PACHUCA

    Uploaded by

    guerrerokarina276
    This document describes the configuration of a network stack consisting of 3 switches (SW1, SW2, SW3) connected together. It defines VLANs, IP addresses, interfaces, port configurations, and access control lists. It also contains configuration details for SNMP, SSH access, and local users.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd

    PACHUCA

    Uploaded by

    guerrerokarina276
    62 views10 pages
    This document describes the configuration of a network stack consisting of 3 switches (SW1, SW2, SW3) connected together. It defines VLANs, IP addresses, interfaces, port configurations, and access control lists. It also contains configuration details for SNMP, SSH access, and local users.

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document describes the configuration of a network stack consisting of 3 switches (SW1, SW2, SW3) connected together. It defines VLANs, IP addresses, interfaces, port configurations, and access control lists. It also contains configuration details for SNMP, SSH access, and local users.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    62 views10 pages

    PACHUCA

    Uploaded by

    guerrerokarina276
    This document describes the configuration of a network stack consisting of 3 switches (SW1, SW2, SW3) connected together. It defines VLANs, IP addresses, interfaces, port configurations, and access control lists. It also contains configuration details for SNMP, SSH access, and local users.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    of 10

    admin

    admin@huawei.com

    SOLO USAR REMPLAZAR PARA CAMBIAR EL SEGMENTO DE RED (DOS SEGMENTOS POR HUB),
    NORMALMENTE EL TERCER OCTETO.

    sysname SW_CORE_HUB_PACHUCA
    ============================================
    STACK
    ===================SW1=========================
    interface stack-port 0/1
    port interface 40GE0/0/1 enable
    interface stack-port 0/2
    port interface 40GE0/0/2 enable

    stack slot 0 priority 200


    ===================SW2=========================
    interface stack-port 0/1
    port interface 40GE0/0/1 enable
    interface stack-port 0/2
    port interface 40GE0/0/2 enable

    stack slot 0 priority 190


    stack slot 0 renumber 1

    ===================SW3=========================
    interface stack-port 0/1
    port interface 40GE0/0/1 enable
    interface stack-port 0/2
    port interface 40GE0/0/2 enable

    stack slot 0 priority 180


    stack slot 0 renumber 2
    ============================================
    VLANS
    ============================================
    vlan 101
    name TRANSITO
    description TRANSITO
    vlan 201
    name MANAGEMENT
    description MANAGEMENT
    vlan 202
    name USUARIOS_OFICINAS
    description USUARIOS_OFICINAS
    vlan 203
    name WIRELESS_USUARIOS
    description WIRELESS_USUARIOS
    vlan 204
    name SCANNER_WIRELESS
    description SCANNER_WIRELESS
    vlan 205
    name WIRELESS_RFID
    description WIRELESS_RFID
    vlan 206
    name WIRELESS_ZEUS
    description WIRELESS_ZEUS
    vlan 207
    name IMPRESORA_ZEBRA_CABLEADA
    description IMPRESORA_ZEBRA_CABLEADA
    vlan 208
    name WIRELES_CARRIERS
    description WIRELES_CARRIERS
    vlan 209
    name WIRELES_NETWIFIGENERAL
    description WIRELES_NETWIFIGENERAL
    vlan 210
    name PROMOESPACIO
    description PROMOESPACIO
    vlan 501
    name TELEFONIA
    description TELEFONIA
    vlan 90
    name INT_01_TPE
    description INT_01_TPE
    vlan 95
    name INT_2_METROCARRIER
    description INT_2_METROCARRIER

    interface Vlanif 101


    description TRANSITO
    ip address 10.31.16.6 255.255.255.240
    undo shutdown

    interface Vlanif 201


    description MANAGEMENT
    ip address 10.31.16.65 255.255.255.224
    undo shutdown

    interface Vlanif 202


    description USUARIOS_OFICINAS
    ip address 10.31.16.97 255.255.255.224
    undo shutdown

    interface Vlanif 203


    description WIRELESS_USUARIOS
    ip address 10.31.16.129 255.255.255.192
    undo shutdown

    interface Vlanif 204


    description SCANNER_WIRELESS
    ip address 10.31.17.1 255.255.255.192
    undo shutdown

    interface Vlanif 205


    description WIRELESS_RFID
    ip address 10.31.16.49 255.255.255.240
    undo shutdown

    interface Vlanif 206


    description WIRELESS_ZEUS
    ip address 10.31.16.193 255.255.255.192
    undo shutdown

    interface Vlanif 207


    description IMPRESORA_ZEBRA_CABLEADA
    ip address 10.31.16.33 255.255.255.240
    undo shutdown

    interface Vlanif 208


    description CARRIERs
    ip address 10.31.17.65 255.255.255.192
    undo shutdown

    interface Vlanif 209


    description WIRELES_NETWIFIGENERAL
    ip address 10.31.17.129 255.255.255.192
    undo shutdown

    interface Vlanif 210


    description PROMOESPACIO
    ip address 192.168.10.1 255.255.255.0
    undo shutdown

    interface Vlanif 501


    description TELEFONIA
    ip address 10.31.16.17 255.255.255.240
    undo shutdown

    ip route-static 0.0.0.0 0.0.0.0 vlan 101 10.31.16.1

    ============================================
    PUERTOS
    ============================================

    interface range MultiGE0/0/1 to MultiGE0/0/2 MultiGE1/0/1 to MultiGE1/0/2


    MultiGE2/0/1 to MultiGE2/0/2
    description TO_INT_01_TPE
    port link-type access
    port default vlan 90
    q

    interface range MultiGE0/0/3 to MultiGE0/0/4 MultiGE1/0/3 to MultiGE1/0/4


    MultiGE2/0/3 to MultiGE2/0/4
    description TO_INT_2_METROCARRIER
    port link-type trunk
    port trunk pvid vlan 95
    port trunk allow-pass vlan 2 to 4094
    q

    interface range MultiGE0/0/5 to MultiGE0/0/6 MultiGE1/0/5 to MultiGE1/0/6


    MultiGE2/0/5 to MultiGE2/0/6
    description TRANSITO
    port link-type hybrid
    port hybrid pvid vlan 101
    port hybrid untagged vlan 101
    q

    interface range MultiGE0/0/9 to MultiGE0/0/14 MultiGE1/0/7 to MultiGE1/0/14


    MultiGE2/0/9 to MultiGE2/0/14
    description MANAGEMENT
    port link-type hybrid
    port hybrid pvid vlan 201
    port hybrid tagged vlan 203 to 206 208 to 209
    port hybrid untagged vlan 201
    q

    interface range MultiGE0/0/15 to MultiGE0/0/16 MultiGE1/0/15 to MultiGE1/0/16


    MultiGE2/0/15 to MultiGE2/0/16
    description IMPRESORA_ZEBRA_CABLEADA
    port link-type access
    port default vlan 207
    q

    interface range MultiGE0/0/17 to MultiGE0/0/24 MultiGE1/0/17 to MultiGE1/0/24


    description USUARIOS_OFICINAS_Y_TELEFONIA
    port link-type hybrid
    voice-vlan 501 enable
    voice-vlan legacy enable
    port hybrid pvid vlan 202
    port hybrid tagged vlan 202 501
    q

    interface range MultiGE2/0/18 to MultiGE2/0/20


    undo shutdown
    description EQUIPOS_DE_SEGURIDAD
    port link-type access
    port default vlan 202
    q

    interface range MultiGE2/0/21 to MultiGE2/0/24


    undo shutdown
    description PROMOESPACIO
    port link-type access
    port default vlan 210
    q

    =================================================

    ============================================
    PUERTOS TO DHCP_SERVER
    ============================================

    lacp priority 100

    interface Eth-Trunk1
    port link-type access
    port default vlan 201
    mode lacp
    max active-linknumber 2
    q

    interface MultiGE0/0/7
    description TO_SERVER_DHCP_MGMT
    port link-type access
    port default vlan 201
    q

    interface MultiGE0/0/8
    description TO_SERVER_DHCP
    eth-trunk 1
    lacp priority 100
    q
    interface MultiGE2/0/8
    description TO_SERVER_DHCP
    eth-trunk 1
    lacp priority 100
    q

    ============================================
    PUERTOS TO PBX
    ============================================
    interface MultiGE2/0/7
    description MANAGEMENT_PBX
    port link-type hybrid
    port hybrid pvid vlan 201
    port hybrid tagged vlan 203 to 206 208 to 209
    port hybrid untagged vlan 201
    q
    interface MultiGE2/0/17
    description TO_PBX_SERVICIO
    port link-type trunk
    voice-vlan 501 enable
    port trunk pvid vlan 501
    port trunk allow-pass vlan 2 to 4094
    q

    ============================================
    SSH
    ============================================
    aaa
    local-aaa-user password policy administrator
    undo password alert original
    q
    local-user iusanoc password cipher iusanoc123
    local-user iusanoc service-type ssh http terminal
    local-user iusanoc privilege level 15

    ssh user iusanoc


    ssh user iusanoc authentication-type password
    ssh user iusanoc service-type stelnet

    ====
    aaa
    local-user gerr password irreversible-cipher g3RR4dm1n$!
    local-user gerr privilege level 1
    local-user gerr service-type telnet terminal ssh http

    ssh user gerr


    ssh user gerr authentication-type password
    ssh user gerr service-type stelnet

    =======================================

    user-interface maximum-vty 14
    user-interface con 0
    authentication-mode aaa
    idle-timeout 5 0
    user-interface vty 0 13
    acl 2001 inbound
    authentication-mode aaa
    user privilege level 15
    history-command max-size 15
    idle-timeout 5 0
    screen-length 30

    http server-source -i Vlanif 201


    Y
    ssh server-source -i Vlanif 201
    Y
    stelnet server enable
    ssh client first-time enable

    ============================================
    SNMP
    ============================================
    snmp-agent
    snmp-agent sys-info version v3
    snmp-agent group v3 admin privacy read-view ASComRO write-view ASComRW4cc
    snmp-agent group v3 ASComRO privacy read-view ASComRO write-view ASComRW4cc
    snmp-agent target-host trap address udp-domain 10.16.34.161 params securityname
    ASComRO v3 privacy
    snmp-agent target-host trap address udp-domain 10.16.34.161 params securityname
    ASComRW4cc v3 privacy
    snmp-agent usm-user v3 ASComRO
    snmp-agent usm-user v3 ASComRO group admin

    ================APARTIR DE AQUI INGRESAR LINEA POR


    LINEA============================

    snmp-agent usm-user v3 ASComRO authentication-mode sha2-256


    pass: T3l3c0mG$!
    snmp-agent usm-user v3 ASComRO privacy-mode aes128
    pass: T3c3c0mg$!
    snmp-agent protocol source-status all-interface

    ============================================
    ACL Y USUARIOS
    ============================================
    acl number 2001
    description Admin
    rule 5 permit source 10.50.17.45 0
    rule 10 permit source 10.64.4.76 0
    rule 15 permit source 10.50.17.46 0
    rule 20 permit source 10.50.17.41 0
    rule 25 permit source 10.50.41.20 0
    rule 30 permit source 10.51.110.95 0
    rule 35 permit source 10.51.110.93 0
    rule 40 permit source 10.51.110.92 0
    rule 45 permit source 10.50.17.56 0
    rule 50 permit source 10.50.166.176 0
    rule 55 permit source 10.50.166.174 0
    rule 60 permit source 10.50.166.172 0
    rule 65 permit source 10.50.166.173 0
    rule 70 permit source 10.50.166.170 0
    rule 75 permit source 10.50.166.171 0
    rule 80 permit source 10.51.111.18 0
    rule 85 permit source 10.51.109.25 0
    rule 90 permit source 10.74.24.59 0
    rule 95 permit source 10.16.112.10 0
    rule 100 permit source 10.50.41.100 0
    rule 105 permit source 10.51.109.33 0
    rule 110 permit source 10.16.111.10 0
    rule 115 permit source 10.204.6.96 0
    rule 120 permit source 10.50.180.46 0
    rule 125 permit source 10.50.180.47 0
    rule 130 permit source 10.67.152.123 0
    rule 135 permit source 10.67.152.19 0
    rule 140 permit source 10.50.180.73 0
    rule 145 permit source 10.50.17.228 0
    rule 150 permit source 10.51.110.135 0
    rule 155 permit source 10.51.110.130 0
    rule 160 permit source 10.51.109.136 0
    rule 165 permit source 10.50.180.108 0
    rule 170 permit source 10.204.6.63 0
    rule 175 permit source 10.51.110.94 0
    rule 200 permit source 10.43.134.251 0
    rule 205 permit source 10.43.134.252 0
    rule 210 permit source 10.43.134.253 0
    rule 215 permit source 10.95.32.210 0
    rule 220 permit source 10.68.160.43 0
    rule 225 permit source 10.0.0.0 0.255.255.255

    ============================================
    USUARIOS
    ============================================
    aaa

    local-user kron password irreversible-cipher $1c$G~pDF[:mF<$IuuLPZ;NR&36aiXD~"W6Mc\


    YEHaV'*i|SCOUB4IE$
    local-user kron privilege level 15
    local-user kron service-type terminal ssh http

    local-user admin password irreversible-cipher $1c$Gxx.44i%mP$E*"5&Z<Vw7B<1xC-


    y*$&=Zh@,>V"GD921bKFLT_V$
    local-user admin privilege level 15
    local-user admin service-type terminal ssh http

    local-user monitor password irreversible-cipher


    $1c$-V[q'1~(sD$'7BqVNp*z8j/u.7LfiN62],tDXL6/QEMYfW1T9YF$
    local-user monitor privilege level 3
    local-user monitor service-type terminal ssh http

    local-user aquirozv password irreversible-cipher $1c$u1ec<Q>c;N$3'(]$9:&^9=AwIRHSX


    %Gz+!D,$'pG@n;}H/noNR<$
    local-user aquirozv privilege level 15
    local-user aquirozv service-type terminal ssh http

    local-user iramirez password irreversible-cipher $1c$XFNB.T#}~G$|;R|(~rtq-@UJ1Nn!


    #="1X"{6%4jy:O6t#I@HF[4$
    local-user iramirez privilege level 15
    local-user iramirez service-type terminal ssh http

    local-user kguitron password irreversible-cipher


    $1c$VfnCWUjllW$v*XwP<pI4<k9i}P3azq6e&^L.6|tD(-nW)D7\a=1$
    local-user kguitron privilege level 15
    local-user kguitron service-type terminal ssh http
    local-user mguzmang password irreversible-cipher $1c$yl7CR>B0}+
    $k_$&TkylW6y_15S3h7kHZpDn=byX8+RBjFF*jy7=$
    local-user mguzmang privilege level 15
    local-user mguzmang service-type terminal ssh http

    local-user mosoriov password irreversible-cipher


    $1c$USlS='^/bD$&QK@QrM]Q;:;Wb<9BCV)jE~RV0s($+4{on&'MWUT$
    local-user mosoriov privilege level 15
    local-user mosoriov service-type terminal ssh http

    local-user gjimenezb password irreversible-cipher


    $1c$"ppaPP"P@L$Av9z8lj/Q,apmn1QwJ3VkbE}I_('!A/A*';G"4I0$
    local-user gjimenezb privilege level 15
    local-user gjimenezb service-type terminal ssh http

    local-user cgonzaleza password irreversible-cipher


    $1c$>Io.&N4~,+$g6{=DRWFmO/qt$BrI.D~ORC,)Un4y4Ty%mYs62O3$
    local-user cgonzaleza privilege level 15
    local-user cgonzaleza service-type terminal ssh http

    local-user jamoralesd password irreversible-cipher $1c$:!


    HYRUN&,=$Kf=1Ju`wDF[P(.WP8~i9-j%6:7'$VT42""TLXla($
    local-user jamoralesd privilege level 15
    local-user jamoralesd service-type terminal ssh http

    local-user carmartinezc password irreversible-cipher $1c$&OM;$EIZ!J$w.TX>|


    o@P2,XFpTn6]5@y/rt<pL%4X7bUS#`78sC$
    local-user carmartinezc privilege level 15
    local-user carmartinezc service-type terminal ssh http

    local-user dsiseguridad1 password irreversible-cipher $1c$)Y-


    h)_+v5W$oKy5@$))sUmA1B+wQFXL@-IbSBO!r#Jy(F-Gk.$8$
    local-user dsiseguridad1 privilege level 7
    local-user dsiseguridad1 service-type terminal ssh http

    ssh user kron


    ssh user kron authentication-type password
    ssh user kron service-type stelnet

    ssh user admin


    ssh user admin authentication-type password
    ssh user admin service-type stelnet

    ssh user monitor


    ssh user monitor authentication-type password
    ssh user monitor service-type stelnet

    ssh user aquirozv


    ssh user aquirozv authentication-type password
    ssh user aquirozv service-type stelnet

    ssh user iramirez


    ssh user iramirez authentication-type password
    ssh user iramirez service-type stelnet

    ssh user kguitron


    ssh user kguitron authentication-type password
    ssh user kguitron service-type stelnet

    ssh user mguzmang


    ssh user mguzmang authentication-type password
    ssh user mguzmang service-type stelnet

    ssh user mosoriov


    ssh user mosoriov authentication-type password
    ssh user mosoriov service-type stelnet

    ssh user gjimenezb


    ssh user gjimenezb authentication-type password
    ssh user gjimenezb service-type stelnet

    ssh user cgonzaleza


    ssh user cgonzaleza authentication-type password
    ssh user cgonzaleza service-type stelnet

    ssh user jamoralesd


    ssh user jamoralesd authentication-type password
    ssh user jamoralesd service-type stelnet

    ssh user carmartinezc


    ssh user carmartinezc authentication-type password
    ssh user carmartinezc service-type stelnet

    ssh user dsiseguridad1


    ssh user dsiseguridad1 authentication-type password
    ssh user dsiseguridad1 service-type stelnet

    ============================================
    NTP
    ============================================
    undo ntp-service server disable
    ntp-service unicast-server 10.68.160.45

    ============================================
    SYSLOG
    ============================================
    info-center loghost source Vlanif201
    info-center loghost 10.16.80.220
    info-center loghost 10.16.80.220 security-log
    ============================================
    PORT-SECURITY
    ============================================
    port-security enable
    port-security protect-action shutdown
    port-security max-mac-num 2
    port-security mac-address sticky

    ============================================
    ============================================
    tftp 10.31.20.75 get header-file.txt header-file.txt

    header login file flash:/header-file.txt


    ============================================
    ===============EXTRA:=======================
    ============================================
    aaa
    local-user gerr password irreversible-cipher g3RR4dm1n$!
    local-user gerr privilege level 1
    local-user gerr service-type telnet terminal ssh http

    !!!DESPUES DEL PRIMER INICIO PIDE CAMBIO DE CONTRASEÑA:


    user: gerr
    pass: g3RR4dm1n$!

    !!!Con usuario LEVEL 15 --->>


    command-privilege level 1 view system display current-configuration

    ============================================
    dhcp enable

    interface Vlanif 201


    dhcp select interface
    dhcp server excluded-ip-address 10.31.16.68 10.31.16.79
    dhcp server lease day 0 hour 2 minute 0

    ============================================
    ============================================
    ============================================
    ============================================
    ============================================
    ============================================
    ============================================
    ============================================
    ============================================
    ============================================
    ============================================
    ============================================
    ============================================

    You might also like