! Cisco IOS Software, IOS-XE Software, Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9-M), Version 03.03.00SE RELEASE SOFTWARE (fc1) ! ! Image: Software: CAT3K_CAA-UNIVERSALK9-M, 03.03.00SE RELEASE SOFTWARE (fc1) ! Image: Compiled: Wed 02-Oct-13 21:51 by prod_rel_team ! Image: flash:packages.conf ! Chassis type: WS-C3650-24TS ! Memory: main 4194304K ! Processor ID: FDO1744Q0A2 ! CPU: MIPS ! Memory: nvram 2048K ! ! VTP: VTP Version capable : 1 to 3 ! VTP: VTP version running : 2 ! VTP: VTP Domain Name : ciscosw ! VTP: VTP Pruning Mode : Enabled ! VTP: VTP Traps Generation : Disabled ! VTP: Device ID : 78da.6eb1.0e00 ! VTP: Feature VLAN: ! VTP: -------------- ! VTP: VTP Operating Mode : Transparent ! VTP: Maximum VLANs supported locally : 1005 ! VTP: Number of existing VLANs : 73 ! VTP: Configuration Revision : 0 ! VTP: MD5 digest : 0xBA 0xD9 0x95 0x4A 0xA9 0x63 0x1F 0xD8 ! VTP: 0x00 0x8B 0x06 0x9F 0x35 0x6A 0x05 0x62 ! ! NAME: "c3xxx Stack", DESCR: "c3xxx Stack" ! PID: WS-C3650-24TS , VID: A0 , SN: FDO1744Q0A2 ! ! NAME: "Switch 1", DESCR: "WS-C3650-24TS" ! PID: WS-C3650-24TS , VID: A0 , SN: FDO1744Q0A2 ! ! NAME: "Switch 1 - Power Supply A", DESCR: "Switch 1 - Power Supply A" ! PID: PWR-C2-250WAC , VID: V01 , SN: DCB1737D1CS ! ! ! ! Last configuration change at 10:45:00 TW Mon May 22 2023 by wellpower ! NVRAM config last updated at 12:44:26 TW Mon May 22 2023 by wellpower ! version 15.0 no service pad service timestamps debug datetime msec service timestamps log datetime localtime service password-encryption service compress-config ! hostname E11_3650 ! boot-start-marker boot-end-marker ! ! vrf definition Mgmt-vrf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family ! logging buffered 1000000 enable password 7 135044260E2B0008287D7D1362 ! username wellpower password 7 097F5B19093B2E3A2559102D29 no aaa new-model clock timezone TW 8 0 switch 1 provision ws-c3650-24ts ! ip domain-name cisco.com ip device tracking ! ! login block-for 60 attempts 5 within 30 login quiet-mode access-class 99 login on-failure log vtp domain ciscosw vtp mode transparent ! crypto pki trustpoint TP-self-signed-3225243938 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3225243938 revocation-check none rsakeypair TP-self-signed-3225243938 ! ! crypto pki certificate chain TP-self-signed-3225243938 certificate self-signed 01 3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 33323235 32343339 3338301E 170D3138 30343134 31303036 34315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32323532 34333933 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100BD47 E0703D06 7C5A61C5 ADBDEE1F E43CFF97 2ADEEC36 5AE9B0E7 BA856C32 157BA5CB 2722C526 15E85A0A 095299AF A1FACE95 1A6ED9A3 7D7C3997 F458A8C9 011C2685 496BAE54 21C7794A BF6BE0C2 1DF97B3F 49FB15E1 B103EDE7 36206289 4370AA66 7FD13DEA 606ED36F 23D260B9 449B83A0 11007F20 458B3E63 1C69E51E D89D0203 010001A3 72307030 0F060355 1D130101 FF040530 030101FF 301D0603 551D1104 16301482 12453131 5F333635 302E6369 73636F2E 636F6D30 1F060355 1D230418 30168014 765366F6 8BFD8E25 E11DB019 863ADE9C 572DDB2F 301D0603 551D0E04 16041476 5366F68B FD8E25E1 1DB01986 3ADE9C57 2DDB2F30 0D06092A 864886F7 0D010104 05000381 81000810 D26473F1 30E71FF1 18373816 09678214 2E4CBC0A B79F350B 224BF0DE B0472C07 8C2F198C 98D69E7A 5A7B6A2B 312184A4 1BEF9CC4 FB6AADDA 51C6A16A 45E48C5D D876E97F 00876229 5593866A 50564AF9 CF716DD7 0F94AB14 459DD0AE 8057D58D A3C63D46 C550567F 8C4507FF ADF63AF0 D409BC82 69266744 2B87B80A DACE quit ! ! ! ! ! diagnostic bootup level minimal spanning-tree mode pvst spanning-tree extend system-id ! redundancy mode sso ! ! vlan 2-4,9-10,13,17-20,26 ! vlan 28 name CA510028 ! vlan 29 name CA510029 ! vlan 30,33 ! vlan 40 name IDC_CA210027 ! vlan 47-48,50-52,59-64 ! vlan 65 name incp ! vlan 66,70,78,100-101 ! vlan 102 name CHT-20M/20M#1 ! vlan 103-105,111-112,131-133,147-148,151,160-162 ! vlan 176 name CA209015 ! vlan 190 ! vlan 199 name test ! vlan 200-202 ! vlan 203 name E10 210.211.31.0/27 ! vlan 204,250,301-302 ! vlan 304 name speedtest_cuwtt ! vlan 305 name vlan305 ! vlan 306 name 306 ! vlan 307 name 307 ! vlan 401 name MGT_ChiefRack_EQP ! vlan 500,600,666,1000,2749 ! ip ssh port 3001 rotary 1 ip ssh version 2 ! class-map match-any vlan50 match vlan 50 class-map match-any vlan40 match vlan 40 class-map match-any vlan10 match vlan 10 class-map match-any vlan30 match vlan 30 class-map match-any non-client-nrt-class match non-client-nrt class-map match-any 500M_to_test match vlan 30 ! policy-map port_child_policy class non-client-nrt-class bandwidth remaining ratio 10 policy-map police-40mbit class class-default police 50000000 1000000 1000000 conform-action transmit exceed-action drop policy-map VLAN_500M class 500M_to_test bandwidth percent 50 policy-map vlan10-30-40 class vlan10 police cir 600000000 conform-action transmit exceed-action drop class vlan30 police cir 300000000 conform-action transmit exceed-action drop class vlan40 police cir 300000000 conform-action transmit exceed-action drop class vlan50 police cir 50000000 conform-action transmit exceed-action drop ! ! ! ! ! ! interface Tunnel1 no ip address no ip route-cache ! interface Tunnel2 no ip address ! interface GigabitEthernet0/0 vrf forwarding Mgmt-vrf no ip address no ip route-cache negotiation auto ! interface GigabitEthernet1/0/1 description Fortigate Port 25 ! interface GigabitEthernet1/0/2 description to E11 4351 G0/1/2 load-interval 30 no cdp enable ! interface GigabitEthernet1/0/3 description E11 C3850 Gi1/0/16 switchport mode access load-interval 30 ! interface GigabitEthernet1/0/4 description E11_C3850_G4/0/4 switchport trunk allowed vlan 2,4,19,30,50,100-102,160,161,202,2749 switchport mode trunk ! interface GigabitEthernet1/0/5 description Arbor MGT port switchport trunk allowed vlan 1,30,60 switchport mode trunk ! interface GigabitEthernet1/0/6 description E11 C3850 G1/0/7 switchport trunk allowed vlan 10,19,30,40,50-52,61,63,133,2749 switchport mode trunk ! interface GigabitEthernet1/0/7 description to G13 2911 F0/2/0 switchport trunk allowed vlan 52,133 switchport mode trunk spanning-tree portfast ! interface GigabitEthernet1/0/8 switchport access vlan 50 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/0/9 description E11 C3850 Gi1/0/19 switchport access vlan 51 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/0/10 description Nat_Fortigate_WAN1 switchport access vlan 30 switchport mode access shutdown spanning-tree portfast ! interface GigabitEthernet1/0/11 description Forti port 31 switchport access vlan 30 switchport mode access ! interface GigabitEthernet1/0/12 description to 3750_G1/0/12 switchport trunk allowed vlan 3,10,19,30,50,61,63,101,102,160,161,2749 switchport mode trunk spanning-tree portfast ! interface GigabitEthernet1/0/13 description E11 R730 P4 switchport trunk allowed vlan 1,4,30,50,101,102,160,161,202 switchport mode trunk load-interval 30 shutdown ! interface GigabitEthernet1/0/14 description to Fortigate_port23 switchport access vlan 78 switchport mode access ! interface GigabitEthernet1/0/15 description Fortigate Port 26 ! interface GigabitEthernet1/0/16 description G13_IBM x3550_192.168.1.100 load-interval 30 ! interface GigabitEthernet1/0/17 switchport access vlan 10 switchport mode access load-interval 30 ! interface GigabitEthernet1/0/18 description G13_Dell 2950_192.168.1.110 load-interval 30 spanning-tree portfast ! interface GigabitEthernet1/0/19 switchport access vlan 40 switchport mode access ! interface GigabitEthernet1/0/20 description F02_3560_F02 switchport trunk allowed vlan 1,10,26,30,61,78,160,161 switchport mode trunk spanning-tree portfast ! interface GigabitEthernet1/0/21 description E10 Vigor Wan1 switchport access vlan 30 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/0/22 description to E11_4351_G0/2/1 switchport trunk allowed vlan 4,19,30,100-102,202 switchport mode trunk load-interval 30 ! interface GigabitEthernet1/0/23 description TP 3650 G1/0/22 switchport mode trunk load-interval 30 ! interface GigabitEthernet1/0/24 description to E11 3850 G1/0/10 switchport trunk allowed vlan 3,10,30,50,61,63,101,102,160,161 switchport mode trunk ! interface GigabitEthernet1/1/1 ! interface GigabitEthernet1/1/2 ! interface GigabitEthernet1/1/3 ! interface GigabitEthernet1/1/4 ! interface Vlan1 ip address 10.122.0.1 255.255.255.252 secondary ip address 210.64.214.60 255.255.255.224 no ip route-cache ! interface Vlan3 description 210.66.177.144/28 no ip address ! interface Vlan4 description John_Lan no ip address ! interface Vlan10 description 210.244.18.x no ip address no ip route-cache ! interface Vlan19 description twmsolution_#LY_175.98.164.240/28 no ip address ! interface Vlan20 no ip address no ip route-cache shutdown ! interface Vlan26 description TP_ipv6 no ip address ! interface Vlan28 no ip address ! interface Vlan30 description 210.244.19.x no ip address no ip route-cache ! interface Vlan40 description 210.244.25.32_add_4_proxy_seg no ip address no ip route-cache ! interface Vlan50 description Video_and_CK_VPN no ip address no ip route-cache ! interface Vlan51 description 210.66.176.0/27 no ip address ! interface Vlan52 description 172.26.0.0/16 no ip address ! interface Vlan60 description 103.252.244.0/240 no ip address no ip route-cache ! interface Vlan61 description 103.252.244.16/28 no ip address ! interface Vlan63 description 103.252.244.240/28 no ip address ! interface Vlan70 no ip address no ip route-cache shutdown ! interface Vlan78 description 192.168.78.0/24_best8 no ip address ! interface Vlan91 no ip address ! interface Vlan100 description CHT-1G/600M #1 no ip address ! interface Vlan101 description CHT-1G/600M #2 no ip address ! interface Vlan102 description CHT-20M/20M #1 no ip address ! interface Vlan133 no ip address ! interface Vlan160 description 103.38.147.0/28 no ip address ! interface Vlan161 description 103.38.147.16/28 no ip address ! interface Vlan202 description 103.49.246.96/28 no ip address ! interface Vlan2749 ip address 10.27.49.5 255.255.255.0 ! no ip http server no ip http secure-server ip route 0.0.0.0 0.0.0.0 210.64.214.62 ! ip access-list extended ssh-permit permit tcp 61.59.16.0 0.0.0.255 any eq 22 permit tcp 61.59.16.0 0.0.0.255 any eq telnet permit tcp 210.64.214.32 0.0.0.31 any eq telnet permit tcp host 210.244.19.250 any eq telnet permit tcp host 61.216.103.162 any eq 22 permit tcp host 211.20.122.55 any eq 22 permit tcp 211.72.32.0 0.0.0.255 any eq 22 permit tcp 211.72.32.0 0.0.0.255 any eq telnet permit ip 10.27.49.0 0.0.0.255 any permit tcp 202.39.8.0 0.0.0.255 any eq 22 permit ip host 202.39.8.178 any permit tcp host 210.244.19.175 any eq 22 ! logging trap debugging logging facility local0 logging source-interface Vlan1 logging host 202.3.183.98 logging host 210.244.19.250 access-list 1 permit 103.48.30.0 0.0.0.127 access-list 99 permit 61.59.16.0 0.0.0.255 access-list 100 permit ip 103.252.244.224 0.0.0.15 any no cdp advertise-v2 ! route-map PLX permit 224 match ip address 100 set ip next-hop 210.64.214.62 ! snmp-server community CIMS RO snmp-server enable traps snmp linkdown linkup snmp-server enable traps syslog snmp-server host 202.3.183.98 ikeeper snmp-server host 210.244.19.250 ikeeper tftp-server nvram:startup-config ! no vstack ! line con 0 login stopbits 1 line aux 0 stopbits 1 line vty 0 4 access-class ssh-permit in login local rotary 1 transport input telnet ssh line vty 5 15 login transport input none ! ntp server 220.130.158.52 wsma agent exec profile httplistener profile httpslistener wsma agent config profile httplistener profile httpslistener wsma agent filesys profile httplistener profile httpslistener wsma agent notify profile httplistener profile httpslistener ! wsma profile listener httplistener transport http ! wsma profile listener httpslistener transport https ap group default-group end