#arp
 
!
 
 
#banner
 
!
 
 
#cdp
 
!
 
 
#console
 
!
 
 
#eapol
 
set dot1x enable 
 
set eapol enable
 
set eapol auth-mode forced-auth fe.1.48
 
set eapol auth-mode forced-auth ge.1.49
 
set eapol auth-mode forced-auth ge.1.50
 
set eapol auth-mode forced-auth ge.1.51
 
set eapol auth-mode forced-auth ge.1.52
 
!
 
 
#flowcontrol
 
!
 
 
#garp
 
!
 
 
#gvrp
 
!
 
 
#history
 
!
 
 
#igmp
 
!
 
 
#inlinepower
 
!
 
 
#ip
 
set ip address 45.200.1.77 mask 255.255.255.0 gateway 45.200.1.1
 
!
 
 
#lacp
 
!
 
 
#length
 
!
 
 
#logging
 
!
 
 
#logout
 
!
 
 
#mac
 
!
 
 
#macauthentication
 
!
 
 
#maclock
 
!
 
 
#mtu
 
!
 
 
#multiauth
 
set multiauth mode strict
 
set multiauth port mode force-auth fe.1.48
 
set multiauth port mode force-auth ge.1.49
 
set multiauth port mode force-auth ge.1.50
 
set multiauth port mode force-auth ge.1.51
 
set multiauth port mode force-auth ge.1.52
 
!
 
 
#nodealias
 
!
 
 
#cos setting
 
!
 
 
#cos state
 
!
 
 
#policy
 
set policy profile 1 name "Quarantine" pvid-status enable pvid 21 
 
set policy profile 2 name "Enterprise Access" pvid-status enable pvid 20 
 
set policy rule 1 udpdestport 53  mask 16 forward 
 
set policy rule 1 udpdestport 67  mask 16 forward 
 
set policy rule 1 tcpdestport 80  mask 16 forward 
 
set policy rule 1 tcpdestport 443  mask 16 forward 
 
set policy rule 1 tcpdestport 1723  mask 16 forward 
 
set policy rule 1 ipproto 6  mask 8 drop 
 
set policy rule 1 ipproto 17  mask 8 drop 
 
set policy rule 2 udpsourceport 53  mask 16 drop 
 
set policy rule 2 udpsourceport 67  mask 16 drop 
 
set policy rule 2 udpsourceport 69  mask 16 drop 
 
set policy rule 2 udpsourceport 161  mask 16 drop 
 
set policy rule 2 udpsourceport 162  mask 16 drop 
 
set policy rule 2 udpsourceport 520  mask 16 drop 
 
set policy rule 2 udpsourceport 1433  mask 16 drop 
 
set policy rule 2 udpsourceport 1434  mask 16 drop 
 
set policy rule 2 udpsourceport 1812  mask 16 drop 
 
set policy rule 2 udpsourceport 1813  mask 16 drop 
 
set policy rule 2 udpdestport 69  mask 16 drop 
 
set policy rule 2 udpdestport 161  mask 16 drop 
 
set policy rule 2 udpdestport 162  mask 16 drop 
 
set policy rule 2 udpdestport 1434  mask 16 drop 
 
set policy rule 2 udpdestport 1900  mask 16 drop 
 
set policy rule 2 tcpsourceport 0  mask 12 drop 
 
set policy rule 2 tcpsourceport 16  mask 14 drop 
 
set policy rule 2 tcpsourceport 20  mask 16 drop 
 
set policy rule 2 tcpsourceport 21  mask 16 drop 
 
set policy rule 2 tcpsourceport 22  mask 16 drop 
 
set policy rule 2 tcpsourceport 23  mask 16 drop 
 
set policy rule 2 tcpsourceport 25  mask 16 drop 
 
set policy rule 2 tcpsourceport 53  mask 16 drop 
 
set policy rule 2 tcpsourceport 80  mask 16 drop 
 
set policy rule 2 tcpsourceport 135  mask 16 cos 2 
 
set policy rule 2 tcpsourceport 137  mask 16 cos 2 
 
set policy rule 2 tcpsourceport 139  mask 16 drop 
 
set policy rule 2 tcpsourceport 443  mask 16 drop 
 
set policy rule 2 tcpsourceport 1433  mask 16 drop 
 
set policy rule 2 tcpsourceport 1434  mask 16 drop 
 
set policy rule 2 tcpsourceport 5000  mask 16 drop 
 
set policy rule 2 tcpdestport 22  mask 16 drop 
 
set policy rule 2 tcpdestport 23  mask 16 drop 
 
set policy rule 2 tcpdestport 137  mask 16 cos 2 
 
set policy rule 2 tcpdestport 1434  mask 16 drop 
 
set policy rule 2 ipproto 89  mask 8 drop 
 
!
 
 
#port
 
set port vlan fe.1.48 1000 
 
!
 
 
#prompt
 
!
 
 
#radius
 
set radius enable
 
set radius server 1 45.200.1.74 1812 :4a262711dc517c211d30386aeb143f1c381b49cd4e54362e0969d1398930857cec58790e59266c06bb: realm network-access
 
!
 
 
#snmp
 
set snmp access ro security-model v1 exact read All notify All nonvolatile 
 
set snmp access ro security-model v2c exact read All notify All nonvolatile 
 
set snmp access public security-model v1 exact read All write All notify All nonvolatile 
 
set snmp access public security-model v2c exact read All write All notify All nonvolatile 
 
set snmp access public security-model usm exact read All write All notify All nonvolatile 
 
set snmp community public
 
set snmp group ro user ro security-model v1
 
set snmp group public user public security-model v1
 
set snmp group ro user ro security-model v2c
 
set snmp group public user public security-model v2c
 
set snmp group public user public security-model usm
 
set snmp user public authentication md5 :21bb49f774323a9c4d806dc438ffa88c: privacy :21bb49f774323a9c4d806dc438ffa88c:
 
set snmp view viewname All subtree 1
 
!
 
 
#sntp
 
!
 
 
#spantree
 
set spantree disable
 
!
 
 
#ssh
 
!
 
 
#summertime
 
!
 
 
#system
 
set switch member 1 4 
 
set system name "enterasys-nap"
 
set system location "Interop iNAC NAP Interoperability Lab"
 
set system contact "Mark Townsend - Cell 603.512.1649"
 
set system login admin super-user enable password :4a262711dc517c211d30386aeb143f1c381b49cd4e54362e0969d1398930857cec58790e59266c06bb:
 
!
 
 
#telnet
 
!
 
 
#timezone
 
!
 
 
#vlan
 
set vlan create 20
 
set vlan create 21
 
set vlan create 1000
 
set vlan name 20 Success_Net
 
set vlan name 21 Quarantine_Net
 
set vlan egress 20 fe.1.48 tagged
 
set vlan egress 21 fe.1.48 tagged
 
set vlan egress 1000 fe.1.48 tagged
 
set host vlan 1000 
 set vlan dynamicegress 1 enable
 set vlan dynamicegress 20 enable
 set vlan dynamicegress 21 enable
 
!
 
 
#vlanauthorization
 
!
 
 
#webview
 
!
 
 
#width
 
!