=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2019.12.10 15:25:28 =~=~=~=~=~=~=~=~=~=~=~= login as: NRDYOG      nrdyog Using keyboard-interactive authentication. Password: C *************************************************************************** * * * NOTICE TO USERS * * * * This is an official computer system and is the property of the * * National Research Foundation. It is for authorized users only. * * Unauthorized users are prohibited. Users (authorized or unauthorized) * * have no explicit or implicit expectation of privacy. Any or all uses * * of this system may be subject to one or more of the following actions: * * interception,monitoring, recording, auditing, inspection and disclosing * * to security personnel and law enforcement personnel, as well as * * authorized officials of other agencies, both domestic and foreign. By * * using this system, the user consents to these actions. Unauthorized or * * improper use of this system may result in administrative disciplinary * * action and civil and criminal penalties. By accessing this system you * * indicate your awareness of and consent to these terms and conditions of * * use. Discontinue access immediately if you do not agree to the * * conditions stated in this notice. * * * *************************************************************************** DCR4R11-SW01#ter DCR4R11-SW01#terminal len DCR4R11-SW01#terminal length 0 DCR4R11-SW01#wr DCR4R11-SW01#write mem Building configuration... [OK] DCR4R11-SW01#sh sw DCR4R11-SW01#sh switch % Incomplete command. DCR4R11-SW01#sh run Building configuration... Current configuration : 10258 bytes ! ! Last configuration change at 12:01:21 SGT Thu Feb 14 2019 by vhazjra ! NVRAM config last updated at 15:26:06 SGT Tue Dec 10 2019 by nrdyog ! version 15.0 no service pad service timestamps debug datetime msec service timestamps log datetime msec localtime service password-encryption ! hostname DCR4R11-SW01 ! boot-start-marker boot-end-marker ! ! username nrfadmin privilege 15 secret 5 $1$hHj4$azIHo1Sb7Tm0IIfBuEssN1 aaa new-model ! ! aaa group server radius CiscoACS server 172.25.188.11 server 172.25.188.12 ! aaa group server tacacs+ CiscoACSadm server 172.25.188.11 server 172.25.188.12 ! aaa authentication login default local aaa authentication login CREATEADMIN group CiscoACSadm local aaa authentication enable default group CiscoACSadm enable aaa authentication dot1x default group CiscoACS aaa authorization console aaa authorization exec CREATEADMIN group CiscoACSadm local aaa authorization commands 15 CREATEADMIN group CiscoACSadm local aaa authorization network default group CiscoACS aaa accounting dot1x default start-stop group CiscoACS aaa accounting exec CREATEADMIN start-stop group CiscoACSadm aaa accounting commands 15 CREATEADMIN start-stop group CiscoACSadm aaa accounting connection CREATEADMIN start-stop group CiscoACSadm ! ! ! ! ! ! aaa session-id common clock timezone SGT 8 0 system mtu routing 1500 authentication mac-move permit no ip source-route ! ! no ip domain-lookup ip domain-name create.edu.sg vtp domain null vtp mode transparent ! ! ! ! ! ! ! spanning-tree mode rapid-pvst spanning-tree portfast bpduguard default no spanning-tree optimize bpdu transmission spanning-tree extend system-id spanning-tree pathcost method long ! ! ! ! ! errdisable recovery cause bpduguard errdisable recovery interval 400 ! ! ! ! vlan internal allocation policy ascending ! vlan 40 name SERVER_PUBLIC ! vlan 123 name MGMT ! vlan 282 name SEC-S ! vlan 285 ! ip ssh time-out 60 ip ssh authentication-retries 2 ip ssh version 2 ! ! ! ! ! ! ! ! ! ! interface Port-channel1 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0 no ip address shutdown ! interface GigabitEthernet0/1 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/2 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/3 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/4 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/5 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/6 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/7 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/8 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/9 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/10 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/11 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/12 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/13 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/14 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/15 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/16 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/17 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/18 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/19 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/20 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/21 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/22 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/23 switchport access vlan 282 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet0/24 switchport access vlan 285 switchport mode access no cdp enable spanning-tree portfast ! interface GigabitEthernet1/1 ! interface GigabitEthernet1/2 ! interface GigabitEthernet1/3 ! interface GigabitEthernet1/4 ! interface TenGigabitEthernet1/1 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree guard loop channel-protocol lacp channel-group 1 mode active ! interface TenGigabitEthernet1/2 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree guard loop channel-protocol lacp channel-group 1 mode active ! interface Vlan1 no ip address shutdown ! interface Vlan123 ip address 10.20.30.30 255.255.255.0 ! interface Vlan285 no ip address ! ip default-gateway 10.20.30.1 no ip http server no ip http secure-server ! ip tacacs source-interface Vlan123 ! ip access-list extended sshRestriction permit ip 172.25.188.0 0.0.0.255 any ! ip radius source-interface Vlan123 ip sla enable reaction-alerts logging trap notifications logging host 172.25.188.158 ! snmp-server community cr3@teR0 RO snmp-server trap-source Vlan123 snmp-server source-interface informs Vlan123 snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart snmp-server enable traps transceiver all snmp-server enable traps tty snmp-server enable traps eigrp snmp-server enable traps license snmp-server enable traps auth-framework sec-violation snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency snmp-server enable traps cluster snmp-server enable traps config-copy snmp-server enable traps config snmp-server enable traps config-ctid snmp-server enable traps dot1x auth-fail-vlan guest-vlan no-auth-fail-vlan no-guest-vlan snmp-server enable traps energywise snmp-server enable traps fru-ctrl snmp-server enable traps entity snmp-server enable traps event-manager snmp-server enable traps hsrp snmp-server enable traps ipmulticast snmp-server enable traps power-ethernet police snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message snmp-server enable traps cpu threshold snmp-server enable traps rep snmp-server enable traps ipsla snmp-server enable traps bridge newroot topologychange snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency snmp-server enable traps syslog snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps flash insertion removal snmp-server enable traps port-security snmp-server enable traps envmon fan shutdown supply temperature status snmp-server enable traps mac-notification change move threshold snmp-server enable traps errdisable snmp-server enable traps vlan-membership snmp-server host 172.25.188.158 version 2c cr3@teR0 snmp-server host 172.25.188.20 version 2c cr3@teR0 tacacs-server host 172.25.188.11 tacacs-server host 172.25.188.12 tacacs-server directed-request tacacs-server key 7 047839552F15695A081A041401 ! radius-server host 172.25.188.11 auth-port 1812 acct-port 1813 radius-server host 172.25.188.12 auth-port 1812 acct-port 1813 radius-server deadtime 1 radius-server key 7 110A0B5637060E3E250E02111B ! ! banner motd ^CC *************************************************************************** * * * NOTICE TO USERS * * * * This is an official computer system and is the property of the * * National Research Foundation. It is for authorized users only. * * Unauthorized users are prohibited. Users (authorized or unauthorized) * * have no explicit or implicit expectation of privacy. Any or all uses * * of this system may be subject to one or more of the following actions: * * interception,monitoring, recording, auditing, inspection and disclosing * * to security personnel and law enforcement personnel, as well as * * authorized officials of other agencies, both domestic and foreign. By * * using this system, the user consents to these actions. Unauthorized or * * improper use of this system may result in administrative disciplinary * * action and civil and criminal penalties. By accessing this system you * * indicate your awareness of and consent to these terms and conditions of * * use. Discontinue access immediately if you do not agree to the * * conditions stated in this notice. * * * *************************************************************************** ^C ! line con 0 session-timeout 5 exec-timeout 5 0 authorization commands 15 CREATEADMIN authorization exec CREATEADMIN logging synchronous login authentication CREATEADMIN transport preferred none line vty 0 4 session-timeout 5 access-class sshRestriction in exec-timeout 5 0 authorization commands 15 CREATEADMIN authorization exec CREATEADMIN login authentication CREATEADMIN length 0 transport input ssh line vty 5 15 transport input none ! ntp source Vlan123 ntp server 10.20.30.9 prefer source Vlan123 ntp server 10.20.30.10 source Vlan123 end DCR4R11-SW01#sh inv DCR4R11-SW01#sh inventory NAME: "1", DESCR: "WS-C3560X-24" PID: WS-C3560X-24T-S , VID: V05 , SN: FDO1725H2NV NAME: "Power Supply 0", DESCR: "FRU Power Supply" PID: C3KX-PWR-350WAC , VID: V03A , SN: AZS171902X7 NAME: "Power Supply 1", DESCR: "FRU Power Supply" PID: C3KX-PWR-350WAC , VID: V03A , SN: AZS171902X9 NAME: "FRULink Slot 1 - FRULink Module", DESCR: "FRULink 10G ST Module" PID: C3KX-NM-10G , VID: V01 , SN: FDO1530024C NAME: "TenGigabitEthernet1/1", DESCR: "SFP-10GBase-SR" PID: SFP-10G-SR , VID: V03 , SN: SPC153000P7 NAME: "TenGigabitEthernet1/2", DESCR: "SFP-10GBase-SR" PID: SFP-10G-SR , VID: V03 , SN: SPC153000P3 DCR4R11-SW01#sh ver DCR4R11-SW01#sh version Cisco IOS Software, C3560E Software (C3560E-UNIVERSALK9-M), Version 15.0(2)SE4, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2013 by Cisco Systems, Inc. Compiled Wed 26-Jun-13 02:04 by prod_rel_team ROM: Bootstrap program is C3560E boot loader BOOTLDR: C3560E Boot Loader (C3560X-HBOOT-M) Version 12.2(58r)SE1, RELEASE SOFTWARE (fc1) DCR4R11-SW01 uptime is 1 year, 15 weeks, 8 hours, 27 minutes System returned to ROM by power-on System restarted at 07:36:18 SGT Mon Aug 27 2018 System image file is "flash:/c3560e-universalk9-mz.150-2.SE4/c3560e-universalk9-mz.150-2.SE4.bin" This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to export@cisco.com. License Level: ipbase License Type: Permanent Next reload license Level: ipbase cisco WS-C3560X-24 (PowerPC405) processor (revision A0) with 262144K bytes of memory. Processor board ID FDO1725H2NV Last reset from power-on 3 Virtual Ethernet interfaces 1 FastEthernet interface 28 Gigabit Ethernet interfaces 2 Ten Gigabit Ethernet interfaces The password-recovery mechanism is enabled. 512K bytes of flash-simulated non-volatile configuration memory. Base ethernet MAC Address : 7C:69:F6:4D:A9:80 Motherboard assembly number : 73-12554-10 Motherboard serial number : FDO172520F9 Model revision number : A0 Motherboard revision number : B0 Model number : WS-C3560X-24T-S Daughterboard assembly number : 800-32786-02 Daughterboard serial number : FDO17251UT0 System serial number : FDO1725H2NV Top Assembly Part Number : 800-31331-08 Top Assembly Revision Number : C0 Version ID : V05 CLEI Code Number : COMJU00ARE Hardware Board Revision Number : 0x05 Switch Ports Model SW Version SW Image ------ ----- ----- ---------- ---------- * 1 30 WS-C3560X-24 15.0(2)SE4 C3560E-UNIVERSALK9-M Configuration register is 0xF DCR4R11-SW01#sh ip int br DCR4R11-SW01#sh ip int brief Interface IP-Address OK? Method Status Protocol Vlan1 unassigned YES NVRAM administratively down down Vlan123 10.20.30.30 YES NVRAM up up Vlan285 unassigned YES unset up up FastEthernet0 unassigned YES NVRAM administratively down down GigabitEthernet0/1 unassigned YES unset up up GigabitEthernet0/2 unassigned YES unset up up GigabitEthernet0/3 unassigned YES unset up up GigabitEthernet0/4 unassigned YES unset up up GigabitEthernet0/5 unassigned YES unset down down GigabitEthernet0/6 unassigned YES unset down down GigabitEthernet0/7 unassigned YES unset up up GigabitEthernet0/8 unassigned YES unset up up GigabitEthernet0/9 unassigned YES unset up up GigabitEthernet0/10 unassigned YES unset up up GigabitEthernet0/11 unassigned YES unset down down GigabitEthernet0/12 unassigned YES unset down down GigabitEthernet0/13 unassigned YES unset up up GigabitEthernet0/14 unassigned YES unset up up GigabitEthernet0/15 unassigned YES unset up up GigabitEthernet0/16 unassigned YES unset down down GigabitEthernet0/17 unassigned YES unset up up GigabitEthernet0/18 unassigned YES unset up up GigabitEthernet0/19 unassigned YES unset up up GigabitEthernet0/20 unassigned YES unset up up GigabitEthernet0/21 unassigned YES unset down down GigabitEthernet0/22 unassigned YES unset up up GigabitEthernet0/23 unassigned YES unset up up GigabitEthernet0/24 unassigned YES unset up up GigabitEthernet1/1 unassigned YES unset down down GigabitEthernet1/2 unassigned YES unset down down GigabitEthernet1/3 unassigned YES unset down down GigabitEthernet1/4 unassigned YES unset down down TenGigabitEthernet1/1 unassigned YES unset up up TenGigabitEthernet1/2 unassigned YES unset up up Port-channel1 unassigned YES unset up up DCR4R11-SW01#exi