Configuration Core Switch (4503) Install Line card Attach the Power cord Planning cable, port name, label Set timeout console 0 0 Check version IOS Password local Configuration hostname
Configuration Vtp
R R R
R R R
R R
R R
R R
R R
Configrutation EIGRP
R R
R R
Configrutation SSH
Configrutation AAA
Configuration TACACS+
Disable services
Disable ip source-route
R R
R R
Configuration Template
Check status
N/A N/A N/A Switch(config)# line console 0 Switch(config-line)# exec-time 0 0 Switch(config)# show version Switch(config)#username navibank privilege 15 pass navibank Switch(config)# hostname xxxxxxxxxxxx Switch(config)# vtp mode server Switch(config)# vtp version 2 Switch(config)# vtp prunning Switch(config)# vtp domain navibank Switch(config)# vtp password navibank Switch(config)# vlan <Vlan-ID> Switch(config-vlan)# name <Vlan-Name> Switch(config)# udld aggressive Switch(config-if)# storm-control broadcast level 10 Switch(config)# interface range Gi1/x-y Switch(config-if)# switchport mode trunk Switch(config-if)# switchport nonegotiate Switch(config-if)# channel-protocol lacp Switch(config-if)# channel-group <group-number A> mode active Switch(config)# interface range Gi2/x-y Switch(config-if)# no switchport Switch(config-if)# channel-protocol lacp Switch(config-if)# channel-group <group-number B> mode active Switch(config)# interface port-channel <group-number B> Switch(config-if)# ip address x.x.x.x y.y.y.y Switch(config-if)# no shutdown Switch(config-if)# no ip proxy-arp Switch(config-if)# no ip unreachables Switch(config-if)# no ip redirects Switch(config-if)# no ip mask-reply Switch(config)# Interface vlan <VLAN-ID> Switch(config-if)# ip address x.x.x.x y.y.y.y Switch(config-if)# standby <HSRP-Group-ID> ip <x1.x1.x1.x1> Switch(config-if)# standby <HSRP-Group-ID> priority <Priority-Number> Switch(config-if)# standby <HSRP-Group-ID> preempt Switch(config-if)# no shutdown Switch(config-if)# no ip proxy-arp Switch(config-if)# no ip unreachables Switch(config-if)# no ip redirects Switch(config-if)# no ip mask-reply Switch(config)# spanning-tree mode rapid-pvst
R R R
R R
Switch(config)#spanning-tree vlan 1-4094 priority <priority number> Switch(config)# ip routing Switch(config)# router eigrp 100 Switch(config-router)#redistribute static metric 100000 10 255 2 1500 Switch(config-router)# passive-interface <Vlan ID> Switch(config-router)# network 10.41.0.0 0.0.7.255 Switch(config-router)# network 172.17.1.16 0.0.0.15 Switch(config-router)# network 172.17.1.32 0.0.0.15 Switch(config-router)# network 172.17.1.48 0.0.0.15 Switch(config-router)# network 172.17.0.0 Switch(config-router)# network 192.168.96.0 0.0.15.255 Switch(config-router)# network 192.168.120.0 Switch(config-router)# neighbor 172.17.1.19 Vlan202 Switch(config-router)# neighbor 172.17.1.35 Vlan203 Switch(config-router)# no auto-summary Switch(config)#ip domain-name navibank.com Switch(config)#ip ssh authentication-retries 4 Switch(config)#ip ssh version 2 Switch(config)#aaa new-model Switch(config)#aaa authentication login ssh group tacacs+ local Switch(config)#aaa authorization config-commands Switch(config)#aaa authorization exec default group tacacs+ local Switch(config)#aaa authorization commands 0 default group tacacs+ local Switch(config)#aaa authorization commands 1 default group tacacs+ local Switch(config)#aaa authorization commands 15 default group tacacs+ none Switch(config)#aaa accounting exec default start-stop group tacacs+ Switch(config)#aaa accounting commands 15 default start-stop group tacacs+ Switch(config)#aaa accounting network default start-stop group tacacs+ Switch(config)#aaa accounting connection default start-stop group tacacs+ Switch(config)#aaa accounting system default start-stop group tacacs+ Switch(config)#tacacs-server host 10.41.5.103 key 7 navibank Switch(config)#tacacs-server host 10.41.5.101 key 7 navibank Switch(config)#tacacs-server directed-request Switch(config)#line vty 0 15 Switch(config-line)#exec-timeout 0 0 Switch(config-line)#privilege level 15 Switch(config-line)#login authentication ssh Switch(config-line)#transport input telnet ssh Switch(config)# no service tcp-small-servers Switch(config)# no service udp-small-servers Switch(config)# no ip bootp server Switch(config)# no ip finger Switch(config)# no service finger Switch(config)# no service config Switch(config)# no boot host Switch(config)# no boot network Switch(config)# no boot system Switch(config)# no service pad Switch(config-if)# no ip proxy-arp Switch(config-if)# no ip unreachables Switch(config-if)# no ip redirects Switch(config-if)# no ip mask-reply Switch(config-if)# no ip directed-broadcast
R R
R R
Switch(config)# ip source-route Switch(config)# no banner motd ^ **************************** NOTICE ******************************* This is a private network facility protected by a security system. Access to and use of this facility requires explicit written, current authorisation and is strictly limited to the purposes of this organization's business. Unauthorised or any attempt at unauthorised access, use, copying, alteration, destruction, or damage to its data, program, or equipment may result in criminal or civil liability or both. ******************************************************************* ^ Switch(config)# spanning-tree loopguard default Switch(config)# spanning-tree portfast default Switch(config)# spanning-tree portfast bpduguard default Switch(config)# spanning-tree extend system-id
Note
Vlan ID: 110, 120,130, 140, 150, 160, 170, 180, 190, 200,201,202,203,300,301,302, 303,304,305,400,450
Gi2/1, Gi2/2 (Full-duplex 4Gbps) HOSW_Core_01(config)#int port-channel 2 HOSW_Core_01(config-if)#ip address 10.20.20.1 255.255.255.0 HOSW_Core_02(config)#int port-channel 2 HOSW_Core_02(config-if)#ip address 10.20.20.2 255.255.255.0
Vlan ID: 1,110, 120,130, 140, 150, 160, 170, 180, 190, 200,201,202,203
No Description I. Configuration Router 2851 Install Line card Attach the Power cord Planning cable, port name, label Set timeout console 0 0 Check version IOS Password local Configuration hostname
Checklist HOR2851_Internet R R R R R R R
Configrutation EIGRP
Configrutation SSH
Configrutation AAA
Configuration TACACS+
Config Metronet
Config IPSLA
Config Track
Config NAT
Config Access-List
Config route-map
Configuration Template
N/A N/A N/A HOR2851_Internet(config)# line console 0 HOR2851_Internet(config-line)# exec-time 0 0 HOR2851_Internet(config)# show version HOR2851_Internet(config)# username navibank privilege 15 pass navibank HOR2851_Internet(config)# hostname xxxxxxxxxxxx HOR2851_Internet(config)# router eigrp 100 HOR2851_Internet(config-router)# distribute-list Permit_Route in HOR2851_Internet(config-router)# network 172.17.0.0 HOR2851_Internet(config-router)# redistribute static metric 100000 10 255 2 1500 HOR2851_Internet(config)#ip domain-name navibank.com HOR2851_Internet(config)#ip ssh authentication-retries 4 HOR2851_Internet(config)#ip ssh version 2 HOR2851_Internet(config)#aaa new-model HOR2851_Internet(config)#aaa authentication login ssh group tacacs+ local HOR2851_Internet(config)#aaa authorization config-commands HOR2851_Internet(config)#aaa authorization exec default group tacacs+ local HOR2851_Internet(config)#aaa authorization commands 0 default group tacacs+ local HOR2851_Internet(config)#aaa authorization commands 1 default group tacacs+ local HOR2851_Internet(config)#aaa authorization commands 15 default group tacacs+ none HOR2851_Internet(config)#aaa accounting exec default start-stop group tacacs+ HOR2851_Internet(config)#aaa accounting commands 15 default start-stop group tacacs+ HOR2851_Internet(config)#aaa accounting network default start-stop group tacacs+ HOR2851_Internet(config)#aaa accounting connection default start-stop group tacacs+ HOR2851_Internet(config)#aaa accounting system default start-stop group tacacs+ HOR2851_Internet(config)#tacacs-server host 10.41.5.103 key 7 navibank HOR2851_Internet(config)#tacacs-server host 10.41.5.101 key 7 navibank HOR2851_Internet(config)#tacacs-server directed-request HOR2851_Internet(config)#line vty 0 15 HOR2851_Internet(config-line)#exec-timeout 0 0 HOR2851_Internet(config-line)#privilege level 15 HOR2851_Internet(config-line)#login authentication ssh HOR2851_Internet(config-line)#transport input telnet ssh HOR2851_Internet(config)# banner motd ^ ****************************NOTICE*************************** This is a private network facility protected by a security system.Access to and use of this facility requires explicit written,current authorisation and is strictly limited to the purposes of this organization's business.Unauthorised or any attempt at unauthorised access, use, copying, alteration, destruction, or damage to its data, program, or equipment may result in criminal or civil liability or both. ************************************************************* ^
HOR2851_Internet(config)#interface GigabitEthernet0/1 HOR2851_Internet(config-if)#no ip address HOR2851_Internet(config-if)#duplex auto HOR2851_Internet(config-if)#speed auto HOR2851_Internet(config-if)#pppoe enable group global HOR2851_Internet(config-if)#pppoe-client dial-pool-number 1 HOR2851_Internet(config)#interface Dialer0 HOR2851_Internet(config-if)#description # Connect To Internet # HOR2851_Internet(config-if)#ip address negotiated HOR2851_Internet(config-if)#ip mtu 1492 HOR2851_Internet(config-if)#ip nat outside HOR2851_Internet(config-if)#ip virtual-reassembly HOR2851_Internet(config-if)#encapsulation ppp HOR2851_Internet(config-if)#dialer pool 1 HOR2851_Internet(config-if)#dialer-group 1 HOR2851_Internet(config-if)#ppp authentication pap callin HOR2851_Internet(config-if)#ppp pap sent-username nhtmcp3-5 password 7 megavnn1 HOR2851_Internet(config)# interface Vlan1 HOR2851_Internet(config-if)# no ip address HOR2851_Internet(config-if)# pppoe enable group global HOR2851_Internet(config-if)# pppoe-client dial-pool-number 2 HOR2851_Internet(config)# interface Dialer1 HOR2851_Internet(config-if)# description # Connect To Internet-Viettel # HOR2851_Internet(config-if)# ip address negotiated HOR2851_Internet(config-if)# ip mtu 1492 HOR2851_Internet(config-if)# ip nat outside HOR2851_Internet(config-if)# ip virtual-reassembly in HOR2851_Internet(config-if)# encapsulation ppp HOR2851_Internet(config-if)# ip tcp adjust-mss 1452 HOR2851_Internet(config-if)# dialer pool 2 HOR2851_Internet(config-if)# dialer-group 2 HOR2851_Internet(config-if)# ppp authentication pap callin HOR2851_Internet(config-if)# ppp pap sent-username t008_ftth_vietnhtmcpn password 7 eh5V7a HOR2851_Internet(config)# interface vlan 1 HOR2851_Internet(config-if)# ip add 172.20.1.254 255.255.255.0 HOR2851_Internet(config-if)# no shutdown HOR2851_Internet(config)# ip sla 1 HOR2851_Internet(config-ip-sla)# icmp-echo 123.21.176.1 source-interface Dialer0 HOR2851_Internet(config-ip-sla-echo)# frequency 20 HOR2851_Internet(config)# ip sla schedule 1 life forever start-time now HOR2851_Internet(config)# ip sla 2 HOR2851_Internet(config-ip-sla)# icmp-echo 115.78.64.1 source-interface Dialer1 HOR2851_Internet(config-ip-sla-echo)# frequency 20 HOR2851_Internet(config)# ip sla schedule 2 life forever start-time now HOR2851_Internet(config)# track 1 ip sla 1 reachability HOR2851_Internet(config)# delay down 10 up 20 HOR2851_Internet(config)# track 2 ip sla 2 reachability HOR2851_Internet(config)# delay down 10 up 20
HOR2851_Internet(config)# ip nat inside source route-map Nat_VNPT interface Dialer0 overload HOR2851_Internet(config)# ip nat inside source route-map Nat_Viettel interface Dialer1 overload HOR2851_Internet(config)# ip access-list standard Permit_Internet permit 10.41.0.0 0.0.7.255 permit 192.168.101.0 0.0.0.255 permit 192.168.102.0 0.0.0.255 permit 192.168.103.0 0.0.0.255 permit 192.168.120.0 0.0.0.255 HOR2851_Internet(config)# ip access-list standard Permit_Route permit 10.41.0.0 0.0.7.255 permit 192.168.96.0 0.0.15.255 permit 192.168.120.0 0.0.0.255 HOR2851_Internet(config)# ip access-list standard VNPT permit 10.41.0.0 0.0.7.255 HOR2851_Internet(config)# ip access-list standard Viettel permit 192.168.101.0 0.0.0.255 permit 192.168.102.0 0.0.0.255 permit 192.168.103.0 0.0.0.255 Permit 192.168.120.0 0.0.0.255 route-map Nat_VNPT permit 10 match ip address Permit_Internet match interface Dialer0 route-map ISP_Internet permit 10 match ip address VNPT set default interface Dialer0 route-map ISP_Internet permit 20 match ip address Viettel set default interface Dialer1 route-map ISP_Internet permit 30 set default interface Null0 route-map Nat_Viettel permit 10 match ip address Permit_Internet match interface Dialer1
Check status
Note
R R R
HOR2851_Internet
VLAN ID VLAN110 VLAN120 VLAN130 VLAN140 VLAN150 VLAN160 VLAN170 VLAN180 VLAN190 VLAN200
VLAN NAME TANG M + G TANG 2 TANG 3 TANG 4 TANG 5 TANG 6 TANG 7 TANG 8 IT HDQT-BTGD
IP RANGE
Subnet mask
VLAN500 PHONGHOP Uknown Uknown VLAN201 WAN INTERNET VLAN202 WAN NHNN VLAN203 WAN TTCNTT VLAN 300 WL-MANAGE VLAN 301 WL-Staff VLAN 302 VLAN 303 VLAN 304 VLAN 305 WL-Boss WL-Guest Reversed WL-LAP
10.41.1.0 10.41.1.128 10.41.2.0 10.41.2.128 10.41.3.0 10.41.3.128 10.41.4.0 10.41.4.128 10.41.5.64 10.41.5.128 10.41.5.192 172.17.1.0 172.17.1.16 172.17.1.32 192.168.100.0 192.168.101.0 192.168.102.0 192.168.103.0 192.168.105.0 192.168.110.0 192.168.120.0 192.168.130.0 10.41.5.0 10.41.5.1 10.41.5.2 10.41.5.3 10.41.5.4 10.41.5.5 10.41.5.6 10.41.5.7 10.41.5.8 10.41.5.9 10.41.5.10 10.41.5.11 10.41.5.12 10.41.5.13 10.41.5.14
/25 /25 /25 /25 /25 /25 /25 /25 /26 /26 /26 /28 /28 /28 /24 /24 /24 /24 /24 /24 /24 /24 /26
VLAN 400 CAMERA VLAN 450 NHHH VLAN 460 AMC VLAN 1 VLAN Manage
GATEWAY / IP virtual 10.41.1.126 10.41.1.254 10.41.2.126 10.41.2.254 10.41.3.126 10.41.3.254 10.41.4.126 10.41.4.254 10.41.5.126 10.41.5.190 10.41.5.254
Description Tng trt + Tng Lng Tng 2 Tng 3 Tng 4 Tng 5 Tng 6 Tng 7 Tng 8 VLan IT HI NG QUN TR-BAN TNG PHNG HP WAN INTERNET WAN NHNN - BIDV WAN TTCNTT
Wireless Manage Wireless Staff Wireless Boss Wireless Guest Wireless Lightweight AP Camera Ngn hng nh nc AMC NAME HOSW_Mem_01 HOSW_Mem_02 HOSW_Mem_03 HOSW_Mem_04 HOSW_Mem_05 HOSW_Mem_06 HOSW_Mem_07 HOSW_Mem_08 HOSW_Mem_09 HOSW_Mem_10 HOSW_Mem_11 HOSW_Mem_12 HOSW_Mem_13 HOSW_Mem_14 ;
No 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
Description HOSW_Mem_01 HOSW_Mem_02 HOSW_Mem_03 HOSW_Mem_04 HOSW_Mem_05 HOSW_Mem_06 HOSW_Mem_07 HOSW_Mem_08 HOSW_Mem_09 HOSW_Mem_10 HOSW_Mem_11 HOSW_Mem_12 HOSW_Mem_13 HOSW_Mem_14 HOSW_Mem_15 HOSW_Mem_16 HOSW_Core_01 HOSW_Core_02 Router_TT21 HOSW_Mem_15 HOSW_Mem_16 HOR2821_TTCNTT HOR2851_Internet
IP 10.41.5.1 10.41.5.2 10.41.5.3 10.41.5.4 10.41.5.5 10.41.5.6 10.41.5.7 10.41.5.8 10.41.5.9 10.41.5.10 10.41.5.11 10.41.5.12 10.41.5.13 10.41.5.14 10.41.5.15 10.41.5.16 10.41.5.60 10.41.5.61 172.17.1.19 10.41.5.15 10.41.5.16 172.17.1.35 172.17.1.3
Note
Description Core Switch 1 Core Switch 2 Member Switch 1 Member Switch 2 Member Switch 3 Member Switch 4 Member Switch 5 Member Switch 6 Member Switch 7 Member Switch 8 Member Switch 9 Member Switch 10
Hostname HOSW_Core_01 HOSW_Core_02 HOSW_Mem_01 HOSW_Mem_02 HOSW_Mem_03 HOSW_Mem_04 HOSW_Mem_05 HOSW_Mem_06 HOSW_Mem_07 HOSW_Mem_08 HOSW_Mem_09 HOSW_Mem_10
Series Cisco Catalyst 4503 Cisco Catalyst 4503 Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G
S/N
FOX1206G01F FOX1206G09G FOC1601Z1WT FOC1601Z1WS FOC1601Z1WA FOC1601Z1X3 FOC1601Z1WP FOC1601Z1WQ FOC1601Z1YN FOC1601Z1WW FOC1601Z1WX FOC1601Z1X1
13 14 15 16 17 18
Member Switch 11 Member Switch 12 Member Switch 13 Member Switch 14 Member Switch 15 Member Switch 16
Cisco Catalyst 3560 Cisco Catalyst 3560 Cisco Catalyst 3560 Cisco Catalyst 3560 Cisco Catalyst 3560 Cisco Catalyst 3550
work Installation HO
IP/Netmask Address Note Note IP Mgmt_Local 10.41.5.60
e: 17/02/2012
N/A N/A N/A N/A N/A N/A N/A C2-M16-2 C2-M8-2 C2-M7-2 C2-M6-2 C2-M5-2 C2-M4-2 C2-M3-2 C2-M2-2 C2-M1-2 C2-M9-2 C2-M10-2 C2-M11-2 C2-M12-2 C2-M13-2 C2-M14-2
Legends: No Name 1 C1 2 C2 3 M1 4 M2 5 M3 6 M4 7 M5 8 M6 9 M7 10 M8 11 M9
Description Core Switch 1 Core Switch 2 Member Switch 1 Member Switch 2 Member Switch 3 Member Switch 4 Member Switch 5 Member Switch 6 Member Switch 7 Member Switch 8 Member Switch 9
Hostname HOSW_Core_01 HOSW_Core_02 HOSW_Mem_01 HOSW_Mem_02 HOSW_Mem_03 HOSW_Mem_04 HOSW_Mem_05 HOSW_Mem_06 HOSW_Mem_07 HOSW_Mem_08 HOSW_Mem_09
Series Cisco Catalyst 4503 Cisco Catalyst 4503 Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G Cisco Catalyst 2960G
S/N
FOX1206G01F FOX1206G09G FOC1601Z1WT FOC1601Z1WS FOC1601Z1WA FOC1601Z1X3 FOC1601Z1WP FOC1601Z1WQ FOC1601Z1YN FOC1601Z1WW FOC1601Z1WX
12 13 14 15 16 17 18
Member Switch 10 Member Switch 11 Member Switch 12 Member Switch 13 Member Switch 14 Member Switch 15 Member Switch 16
Cisco Catalyst 2960G Cisco Catalyst 3560 Cisco Catalyst 3560 Cisco Catalyst 3560 Cisco Catalyst 3560 Cisco Catalyst 3560 Cisco Catalyst 3550
FOC1601Z1X1
ation HO
IP/Netmask Address Note IP Mgmt_Local 10.41.5.61
No Port No Description Name Port Mode Vlan ID Vlan Name I.Switch Member 01 --- HOSW_Mem_01 --- Cisco Catalyst 2960G II.Switch Member 02 --- HOSW_Mem_02 --- Cisco Catalyst 2960G III.Switch Member 03 --- HOSW_Mem_03 --- Cisco Catalyst 2960G IV.Switch Member 04 --- HOSW_Mem_04 --- Cisco Catalyst 2960G V.Switch Member 05 --- HOSW_Mem_05 --- Cisco Catalyst 2960G VI.Switch Member 06 --- HOSW_Mem_06 --- Cisco Catalyst 2960G VII.Switch Member 07 --- HOSW_Mem_07 --- Cisco Catalyst 2960G 289 Gi0/1 7072 Access 170 TANG-8 290 Gi0/2 8008 Access 180 TANG-8 291 Gi0/3 7074 Access 170 TANG-8 292 Gi0/4 8010 Access 180 TANG-8 293 Gi0/5 7076 Access 170 TANG-8 294 Gi0/6 8012 Access 180 TANG-8 295 Gi0/7 7078 Access 170 TANG-8 296 Gi0/8 8014 Access 180 TANG-8 297 Gi0/9 7080 Access 170 TANG-7 298 Gi0/10 8016 Access 180 TANG-8 299 Gi0/11 7082 Access 190 IT 300 Gi0/12 8018 Access 180 TANG-8 301 Gi0/13 7084 Access 190 IT 302 Gi0/14 8020 Access 180 TANG-8 303 Gi0/15 7086 Access 200 HDQT-BTGD 304 Gi0/16 8022 Access 180 TANG-8 305 Gi0/17 7088 Access 190 IT 306 Gi0/18 8024 Access 180 TANG-8 307 Gi0/19 7090 Access 190 IT 308 Gi0/20 8026 Access 180 TANG-8 309 Gi0/21 7092 Access 190 IT 310 Gi0/22 8028 Access 180 TANG-8 311 Gi0/23 7094 Access 190 IT 312 Gi0/24 8030 Access 180 TANG-8 313 Gi0/25 7096 Access 190 IT 314 Gi0/26 8032 Access 180 TANG-8 315 Gi0/27 7098 Access 200 HDQT-BTGD 316 Gi0/28 8034 Access 180 TANG-8 317 Gi0/29 7100 Access 200 HDQT-BTGD 318 Gi0/30 8036 Access 180 TANG-8 319 Gi0/31 7108 Access 170 TANG-7 320 Gi0/32 8038 Access 180 TANG-8 321 Gi0/33 7110 Access 170 TANG-7 322 Gi0/34 8040 Access 180 TANG-8 323 Gi0/35 7112 Access 170 TANG-7 324 Gi0/36 8042 Access 180 TANG-8 325 Gi0/37 7114 Access 170 TANG-7 326 Gi0/38 8044 Access 180 TANG-8 327 Gi0/39 8002 Access 170 TANG-7 328 Gi0/40 8046 Access 180 TANG-8
Note
IP Mgmt_Local
Anh Tr PT Anh Tr PT
PHONGHOP
329 Gi0/41 8004 Access 180 TANG-8 330 Gi0/42 8048 Access 180 TANG-8 331 Gi0/43 8006 Access 180 TANG-8 332 Gi0/44 8050 Access 180 TANG-8 333 Gi0/45 Access 190 IT 334 Gi0/46 Access 305 WL-LAP 335 Gi0/47 M7-C1-1 Trunking 336 Gi0/48 M7-C2-2 Trunking VIII.Switch Member 08 --- HOSW_Mem_08 --- Cisco Catalyst 2960G IX.Switch Member 16 --- HOSW_Mem_16 --- Cisco Catalyst 3550
No Port No Description Name Port Mode Vlan ID Vlan Name I.Switch Member 09 --- HOSW_Mem_09 --- Cisco Catalyst 2960G II.Switch Member 10 --- HOSW_Mem_10 --- Cisco Catalyst 2960G III.Switch Member 11 --- HOSW_Mem_11 --- Cisco Catalyst 3560 97 Fa0/1 Access 120 TANG-2 98 Fa0/2 Access 120 TANG-2 99 Fa0/3 Access 120 TANG-2 100 Fa0/4 Access 120 TANG-2 101 Fa0/5 Access 120 TANG-2 102 Fa0/6 Access 120 TANG-2 103 Fa0/7 Access 120 TANG-2 104 Fa0/8 Access 120 TANG-2 105 Fa0/9 Access 120 TANG-2 106 Fa0/10 Access 120 TANG-2 107 Fa0/11 Access 120 TANG-2 108 Fa0/12 Access 120 TANG-2 109 Fa0/13 Access 120 TANG-2 110 Fa0/14 Access 120 TANG-2 111 Fa0/15 Access 120 TANG-2 112 Fa0/16 Access 120 TANG-2 113 Fa0/17 Access 120 TANG-2 114 Fa0/18 Access 120 TANG-2 115 Fa0/19 Access 120 TANG-2 116 Fa0/20 Access 120 TANG-2 117 Fa0/21 Access 120 TANG-2 118 Fa0/22 Access 120 TANG-2 119 Fa0/23 Access 120 TANG-2 120 Fa0/24 Access 120 TANG-2 121 Fa0/25 Access 120 TANG-2 122 Fa0/26 Access 120 TANG-2 123 Fa0/27 Access 120 TANG-2 124 Fa0/28 Access 120 TANG-2 125 Fa0/29 Access 120 TANG-2 126 Fa0/30 Access 120 TANG-2 127 Fa0/31 Access 120 TANG-2 128 Fa0/32 Access 120 TANG-2 129 Fa0/33 Access 450 NHNN 130 Fa0/34 Access 120 TANG-2 131 Fa0/35 Access 450 NHNN 132 Fa0/36 Access 120 TANG-2 133 Fa0/37 Access 120 TANG-2 134 Fa0/38 Access 120 TANG-2 135 Fa0/39 Access 120 TANG-2 136 Fa0/40 Access 120 TANG-2 137 Fa0/41 Access 120 TANG-2 138 Fa0/42 Access 120 TANG-2 139 Fa0/43 Access 120 TANG-2 140 Fa0/44 Access 120 TANG-2
Note
PHONGHOP PHONGHOP
141 Fa0/45 Access 120 TANG-2 142 Fa0/46 Access 305 WL-LAP 143 Fa0/47 Access 120 TANG-2 144 Fa0/48 Access 120 TANG-2 145 Gi0/1 M11-C1-1 Trunking 146 Gi0/2 M11-C2-2 Trunking 147 Gi0/3 Access 1 default 148 Gi0/4 Access 1 default IV.Switch Member 12 --- HOSW_Mem_12 --- Cisco Catalyst 3560 V.Switch Member 13 --- HOSW_Mem_13 --- Cisco Catalyst 3560 VI.Switch Member 14 --- HOSW_Mem_14 --- Cisco Catalyst 3560 VII.Switch Member 15 --- HOSW_Mem_15 --- Cisco Catalyst 3560
IP Mgmt_Local
10.41.5.11
No Description I. Configuration Members Switch (2960 - 3560) Attach the Power cord Planning cable, port name, label
Set timeout console 0 0 Check version IOS Password local Configuration hostname
R R R R
R R R R
R R R R
R R R R
R R R R
R R R R
Configuration Vtp
Create Vlan
Enable UDLD
R R
R R
R R
R R
R R
R R
Configrutation SSH
R R
R R
R R
R R
R R
R R
R R
R R
R R
R R
R R
R R
Configuration Template Mem_15 R N/A R N/A Switch(config)# line console 0 Switch(config-line)# exec-time 0 0 Switch(config)# show version Switch(config)#username navibank privilege 15 pass navibank Switch(config)# hostname xxxxxxxxxxxx Switch(config)# vtp mode client Switch(config)# vtp version 2 Switch(config)# vtp domain navibank Switch(config)# vtp password navibank Switch(config)# vlan <Vlan-ID> Switch(config-vlan)# name <Vlan-Name>
Check status
R R R R
R R R
Switch(config-if)# storm-control broadcast level 10 Switch(config)# spanning-tree mode rapid-pvst Switch(config)#spanning-tree portfast bpduguard default Switch(config)#spanning-tree extend system-id Switch(config)#spanning-tree uplinkfast max-update-rate 200 Switch(config)#spanning-tree uplinkfast Switch(config)#spanning-tree backbonefast Switch(config)#ip domain-name navibank.com Switch(config)#ip ssh authentication-retries 4 Switch(config)#ip ssh version 2
R R
Switch(config)#aaa new-model Switch(config)#aaa authentication login ssh group tacacs+ local Switch(config)#aaa authorization exec default group tacacs+ local Switch(config)#aaa authorization commands 15 default group tacacs+ none Switch(config)#aaa accounting exec default start-stop group tacacs+ Switch(config)#aaa accounting commands 15 default start-stop group tacacs+ Switch(config)#aaa accounting network default start-stop group tacacs+ Switch(config)#aaa accounting connection default start-stop group tacacs+ Switch(config)#aaa accounting system default start-stop group tacacs+ Switch(config)#aaa session-id common Switch(config)#tacacs-server host 10.41.5.101 key 7 navibank Switch(config)#tacacs-server directed-request Switch(config)# no service tcp-small-servers Switch(config)# no service udp-small-servers Switch(config)# no ip bootp server Switch(config)# no ip finger Switch(config)# no service finger Switch(config)# no service config Switch(config)# no boot host Switch(config)# no boot network Switch(config)# no boot system Switch(config)# no service pad Switch(config-if)# no ip proxy-arp Switch(config-if)# no ip unreachables Switch(config-if)# no ip redirects Switch(config-if)# no ip mask-reply Switch(config-if)# no ip directed-broadcast Switch(config)# no ip domain-lookup Switch(config)# no ip source-route Switch(config)#line vty 0 15 Switch(config-line)#exec-timeout 0 0 Switch(config-line)#privilege level 15 Switch(config-line)#login authentication ssh Switch(config-line)#transport input telnet ssh
R R
Switch(config)# banner motd ^ **************************** NOTICE ******************************* This is a private network facility protected by a security system. Access to and use of this facility requires explicit written, current authorisation and is strictly limited to the purposes of this organization's business. Unauthorised or any attempt at unauthorised access, use, copying, alteration, destruction, or damage to its data, program, or equipment may result in criminal or civil liability or both. ************************************************** ******************* ^
Note
c2960-lanbasek9-mz.122-50.SE5/c2960-lanbasek9-mz.122-50.SE5.bin HOSW_Mem_9,10,11,12,13,14,15
No Description I. Configuration Members Switch (2960 - 3560) Attach the Power cord Planning cable, port name, label
Set timeout console 0 0 Check version IOS Password local Configuration hostname
R R R R
R R R R
R R R R
R R R R
R R R R
R R R R
Configuration Vtp
Create Vlan
Enable UDLD
R R
R R
R R
R R
R R
R R
Configrutation SSH
R R
R R
R R
R R
R R
R R
R R
R R
R R
R R
R R
R R
Configuration Template Mem_07 Mem_08 R R N/A R R N/A Switch(config)# line console 0 Switch(config-line)# exec-time 0 0 Switch(config)# show version Switch(config)#username navibank privilege 15 pass navibank Switch(config)# hostname xxxxxxxxxxxx Switch(config)# vtp mode client Switch(config)# vtp version 2 Switch(config)# vtp domain navibank Switch(config)# vtp password navibank Switch(config)# vlan <Vlan-ID> Switch(config-vlan)# name <Vlan-Name>
Check status
R R R R
R R R R
R R
R R
Switch(config-if)# storm-control broadcast level 10 Switch(config)# spanning-tree mode rapid-pvst Switch(config)#spanning-tree portfast bpduguard default Switch(config)#spanning-tree extend system-id Switch(config)#spanning-tree uplinkfast max-update-rate 200 Switch(config)#spanning-tree uplinkfast Switch(config)#spanning-tree backbonefast Switch(config)#ip domain-name navibank.com Switch(config)#ip ssh authentication-retries 4 Switch(config)#ip ssh version 2
R R
R R
Switch(config)#aaa new-model Switch(config)#aaa authentication login ssh group tacacs+ local Switch(config)#aaa authorization exec default group tacacs+ local Switch(config)#aaa authorization commands 15 default group tacacs+ none Switch(config)#aaa accounting exec default start-stop group tacacs+ Switch(config)#aaa accounting commands 15 default start-stop group tacacs+ Switch(config)#aaa accounting network default start-stop group tacacs+ Switch(config)#aaa accounting connection default start-stop group tacacs+ Switch(config)#aaa accounting system default start-stop group tacacs+ Switch(config)#aaa session-id common Switch(config)#tacacs-server host 10.41.5.101 key 7 navibank Switch(config)#tacacs-server directed-request Switch(config)#line vty 0 15 Switch(config-line)#exec-timeout 0 0 Switch(config-line)#privilege level 15 Switch(config-line)#login authentication ssh Switch(config-line)#transport input telnet ssh Switch(config)# no service tcp-small-servers Switch(config)# no service udp-small-servers Switch(config)# no ip bootp server Switch(config)# no ip finger Switch(config)# no service finger Switch(config)# no service config Switch(config)# no boot host Switch(config)# no boot network Switch(config)# no boot system Switch(config)# no service pad Switch(config-if)# no ip proxy-arp Switch(config-if)# no ip unreachables Switch(config-if)# no ip redirects Switch(config-if)# no ip mask-reply Switch(config-if)# no ip directed-broadcast Switch(config)# no ip domain-lookup Switch(config)# no ip source-route
R R
R R
Switch(config)# banner motd ^ **************************** NOTICE ******************************* This is a private network facility protected by a security system. Access to and use of this facility requires explicit written, current authorisation and is strictly limited to the purposes of this organization's business. Unauthorised or any attempt at unauthorised access, use, copying, alteration, destruction, or damage to its data, program, or equipment may result in criminal or civil liability or both. ************************************************** ******************* ^
Note
c2960-lanbasek9-mz.122-50.SE5/c2960-lanbasek9-mz.122-50.SE5.bin HOSW_Mem_01,2,3,4,5,6,7,8,16
Floor G 1 2
Deparment DVKH QHKH KDTT CK TTQT KT DaoTao XLN TDG PTTD P. Hp KSNB QLRR PTD QLRR TD PLTT KHTT TGD NhanSu HanhChanh VPHDQT KTNB C ng
Range IP 10.41.1.61->120 10.41.1.1->60 10.41.1.129 -> 162 10.41.1.158->160 10.41.1.163->195 10.41.2.1 -> 32 10.41.2.33-> 45 10.41.2.129 -> 161 10.41.2.162 -> 194 10.41.2.195 -> 235 10.41.2.236 -> 251 10.41.3.1 -> 49 10.41.3.50 -> 74 10.41.3.75 -> 99 10.41.3.100 -> 123 10.41.3.133 -> 165 10.41.3.166 -> 170 10.41.4.1 -> 32 10.41.4.33-> 75 10.41.4.129 -> 145 10.41.4.146 -> 158 10.41.4.159 ->171
Subnet Mask /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25 /25
Default Gateway 10.41.1.126 10.41.1.126 10.41.1.254 10.41.1.254 10.41.1.254 10.41.2.126 10.41.2.126 10.41.2.254 10.41.2.254 10.41.2.254 10.41.2.254 10.41.2.254 10.41.3.126 10.41.3.126 10.41.3.126 10.41.3.126 10.41.3.254 10.41.3.254 10.41.4.126 10.41.4.126 10.41.4.254 10.41.4.254 10.41.4.254
DNS 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8 8.8.8.8
6 7 8 9
Tng G 1 2 3 4 6 7 8 9
Tn Ch Trang Anh Bnh Ch Minh Anh Cng Anh Nam Anh Sn Anh Cng Anh Tr Anh Tr Anh Th Chi Mai
Chc v Ph GD SGD Ph GD SGD Ph GD SGD Ph GD SGD Ph Tng GD Ph Tng GD Ph Tng GD Tng GD Ph Tng GD Ch Tch HDQT Ph Tng GD
IP 10.41.5.160->163 10.41.5.152->155 10.41.5.156->159 10.41.5.164->167 10.41.5.129->132 10.41.5.133-135 10.41.5.136->139 10.41.5.140->143 10.41.5.144->147 10.41.5.148->151 10.41.5.164->167
DNS Default Gateway 10.41.5.190 8.8.8.8 10.41.5.190 8.8.8.8 10.41.5.190 8.8.8.8 10.41.5.190 8.8.8.8 10.41.5.190 8.8.8.8 10.41.5.190 8.8.8.8 10.41.5.190 8.8.8.8 10.41.5.190 8.8.8.8 10.41.5.190 8.8.8.8 10.41.5.190 8.8.8.8 10.41.5.190 8.8.88.
(ngay 28-6-2013)
Subnet Mask /26 /26 /26 /26 /26 /26 /26 /26 /26 /26 /26
Vlan 200 200 200 200 200 200 200 200 200 200 200
Switch HOSW_Mem_07 HOSW_Mem_03 HOSW_Mem_02 HOSW_Mem_01 HOSW_Mem_08 HOSW_Mem_09 HOSW_Mem_10 HOSW_Mem_10 HOSW_Mem_09 HOSW_Mem_08 HOSW_Mem_14 HOSW_Mem_14
Port G0/46 G0/46 G0/46 G0/46 G0/46 G0/45 G0/45 G0/46 G0/46 G0/45 G0/47 G0/48
Vlan 305 305 305 305 305 305 305 305 305 305 305 305
Label
Floor 7 5 6 4 8 2 1 T 3 9 B2 B1
Name AP2894.0f74.76e8 AP2894.0f74.75ec AP2894.0f74.776e APc464.1360.5e50 APc464.1360.5a80 AP2894.0f74.771c AP2894.0f74.7550 AP2894.0f74.75dc AP2894.0f74.7678 AP2894.0f74.7554 AP2894.0f74.77cc AP2894.0f74.7570
Unit 42 41 40 39 38 37 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1
Devices Name
ODF ODF CM HOSW_Mem_01 CM 1 HOSW_Mem_02 CM 2 HOSW_Mem_03 CM 3 HOSW_Mem_04 CM 4 HOSW_Mem_05 CM 5 HOSW_Mem_06 CM 6 HOSW_Mem_07 CM 7 HOSW_Mem_08 CM 8 Not Use
HOSW_Core_01
HOSW_Core_02
Unit 42 41 40 39 38 37 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1
Devices Name
Note
Tng i Siemen
Tng i Siemen
Unit 42 41 40 39 38 37 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1
Devices Name
Port Camera
Fa0/13, Fa0/14, Fa0/15, Fa0/16, Fa0/17, Fa0/18, Fa0/19, Fa0/20, Fa0/21, Fa0/22, Fa0/23, Fa0/24 Fa0/29, Fa0/30, Fa0/31, Fa0/32, Fa0/33, Fa0/34, Fa0/35, Fa0/36, F Fa0/45, Fa0/46, Fa0/47, Fa0/48 Switch 14 Gi0/12, Gi0/14, Gi0/18, Gi0/20, Gi0/22, Gi0/24, Gi0/26, Gi0/28, Gi0/30, Gi0/32 Gi0/34, Gi0/36, Gi0/38, Gi0/40, Gi0/42, Gi0/44 Switch 8
Port Camera
Switch 14
18, Fa0/19, Fa0/20, Fa0/21, Fa0/22, Fa0/23, Fa0/24, Fa0/25, Fa0/26, Fa0/27, Fa0/28 Fa0/31, Fa0/32, Fa0/33, Fa0/34, Fa0/35, Fa0/36, Fa0/37, Fa0/38, Fa0/39, Fa0/40, Fa0/41, Fa0/42, Fa0/43, Fa0/44 Switch 14
Tng 7 7 7 7 7 7 7 3 3 7
Tn Server Server DHCP Server DHCP Backup Server Squid Proxy Server Squid Proxy Backup Server Tacacs Server Tacacs Backup Server BTS My gi TT21 My gi Cn i My Photo IP
Server X3550 SmartPC X3550 SmartPC X3550 SmartPC IBM SmartPC SmartPC
T Rack 1 1 1
U 29 29 29
H iu Hnh Linux Linux Linux Linux Win2k3 Win2k3 Win2k3 WinXP WinXP
IP 10.41.5.100 10.41.5.102 10.41.5.100 10.41.5.102 10.41.5.103 10.41.5.101 10.41.5.99 10.41.2.32 10.41.2.6 10.41.4.75
Subnet 255.255.255.192 255.255.255.192 255.255.255.192 255.255.255.192 255.255.255.192 255.255.255.192 255.255.255.192 255.255.255.128 255.255.255.128 255.255.255.128
Default Gateway 10.41.5.126 10.41.5.126 10.41.5.126 10.41.5.126 10.41.5.126 10.41.5.126 10.41.5.126 10.41.2.126 10.41.2.126 10.41.2.126
Port
Switch
Ch