begin
!
# ***** NON-DEFAULT CONFIGURATION *****
!
!
!
# SLOT TYPE
# ___ ________________
!
# 1 7H4382-49
!
!
# ip
set ip address 45.200.1.83 mask 255.255.255.0
set ip route default 45.200.1.1
!
# arp
!
# authentication
!
# banner
!
# cdp
!
# cep
!
# ciscodp
!
# cli
!
# console
!
# cos port-config
!
# cos port-resource
!
# cos reference
!
# cos settings
!
# cos state
!
# dot1x
set dot1x enable
set dot1x auth-config authcontrolled-portcontrol forced-auth fe.1.47
set dot1x auth-config authcontrolled-portcontrol forced-auth fe.1.48
set dot1x auth-config authcontrolled-portcontrol forced-auth ge.1.1
set dot1x auth-config authcontrolled-portcontrol forced-auth ge.1.2
set dot1x auth-config authcontrolled-portcontrol forced-auth ge.1.3
set dot1x auth-config authcontrolled-portcontrol forced-auth ge.1.4
set dot1x auth-config authcontrolled-portcontrol forced-auth ge.1.5
set dot1x auth-config authcontrolled-portcontrol forced-auth ge.1.6
!
# flowlimit
!
# forcelinkdown
!
# garp
!
# gvrp
!
# history
!
# igmp
!
# inlinepower
!
# lacp
!
# length
!
# license
!
# line-editor
!
# linkflap
!
# logging
!
# logout
!
# mac
!
# macauthentication
set macauthentication enable
set macauthentication port enable fe.1.1,3-9,11-46
!
# maclock
!
# mgmt-auth-notify
!
# movedaddrtrap
!
# mtu
!
# multiauth
set multiauth mode multi
set multiauth port mode force-auth fe.1.47
set multiauth port mode force-auth fe.1.48
set multiauth port mode force-auth ge.1.1
set multiauth port mode force-auth ge.1.2
set multiauth port mode force-auth ge.1.3
set multiauth port mode force-auth ge.1.4
set multiauth port mode force-auth ge.1.5
set multiauth port mode force-auth ge.1.6
!
# newaddrtrap
!
# nodealias
!
# physical
!
# policy
set policy profile 1 name Quarantine pvid-status enable pvid 21 cos 1
set policy profile 2 name "Enterprise Access" pvid-status enable pvid 20
set policy profile 3 name "Guest Access" pvid-status enable pvid 23 cos 1
set policy rule admin-profile port fe.1.1 mask 16 port-string fe.1.1 admin-pid 3
set policy rule admin-profile port fe.1.2 mask 16 port-string fe.1.2 admin-pid 3
set policy rule admin-profile port fe.1.3 mask 16 port-string fe.1.3 admin-pid 3
set policy rule admin-profile port fe.1.4 mask 16 port-string fe.1.4 admin-pid 3
set policy rule admin-profile port fe.1.5 mask 16 port-string fe.1.5 admin-pid 3
set policy rule admin-profile port fe.1.6 mask 16 port-string fe.1.6 admin-pid 3
set policy rule admin-profile port fe.1.7 mask 16 port-string fe.1.7 admin-pid 3
set policy rule admin-profile port fe.1.8 mask 16 port-string fe.1.8 admin-pid 3
set policy rule admin-profile port fe.1.9 mask 16 port-string fe.1.9 admin-pid 3
set policy rule admin-profile port fe.1.10 mask 16 port-string fe.1.10 admin-pid 3
set policy rule admin-profile port fe.1.11 mask 16 port-string fe.1.11 admin-pid 3
set policy rule admin-profile port fe.1.12 mask 16 port-string fe.1.12 admin-pid 3
set policy rule admin-profile port fe.1.13 mask 16 port-string fe.1.13 admin-pid 3
set policy rule admin-profile port fe.1.14 mask 16 port-string fe.1.14 admin-pid 3
set policy rule admin-profile port fe.1.15 mask 16 port-string fe.1.15 admin-pid 3
set policy rule admin-profile port fe.1.16 mask 16 port-string fe.1.16 admin-pid 3
set policy rule admin-profile port fe.1.17 mask 16 port-string fe.1.17 admin-pid 3
set policy rule admin-profile port fe.1.18 mask 16 port-string fe.1.18 admin-pid 3
set policy rule admin-profile port fe.1.19 mask 16 port-string fe.1.19 admin-pid 3
set policy rule admin-profile port fe.1.20 mask 16 port-string fe.1.20 admin-pid 3
set policy rule admin-profile port fe.1.21 mask 16 port-string fe.1.21 admin-pid 3
set policy rule admin-profile port fe.1.22 mask 16 port-string fe.1.22 admin-pid 3
set policy rule admin-profile port fe.1.23 mask 16 port-string fe.1.23 admin-pid 3
set policy rule admin-profile port fe.1.24 mask 16 port-string fe.1.24 admin-pid 3
set policy rule admin-profile port fe.1.25 mask 16 port-string fe.1.25 admin-pid 3
set policy rule admin-profile port fe.1.26 mask 16 port-string fe.1.26 admin-pid 3
set policy rule admin-profile port fe.1.27 mask 16 port-string fe.1.27 admin-pid 3
set policy rule admin-profile port fe.1.28 mask 16 port-string fe.1.28 admin-pid 3
set policy rule admin-profile port fe.1.29 mask 16 port-string fe.1.29 admin-pid 3
set policy rule admin-profile port fe.1.30 mask 16 port-string fe.1.30 admin-pid 3
set policy rule admin-profile port fe.1.31 mask 16 port-string fe.1.31 admin-pid 3
set policy rule admin-profile port fe.1.32 mask 16 port-string fe.1.32 admin-pid 3
set policy rule admin-profile port fe.1.33 mask 16 port-string fe.1.33 admin-pid 3
set policy rule admin-profile port fe.1.34 mask 16 port-string fe.1.34 admin-pid 3
set policy rule admin-profile port fe.1.35 mask 16 port-string fe.1.35 admin-pid 3
set policy rule admin-profile port fe.1.36 mask 16 port-string fe.1.36 admin-pid 3
set policy rule admin-profile port fe.1.38 mask 16 port-string fe.1.38 admin-pid 3
set policy rule admin-profile port fe.1.39 mask 16 port-string fe.1.39 admin-pid 3
set policy rule admin-profile port fe.1.40 mask 16 port-string fe.1.40 admin-pid 3
set policy rule admin-profile port fe.1.41 mask 16 port-string fe.1.41 admin-pid 3
set policy rule admin-profile port fe.1.42 mask 16 port-string fe.1.42 admin-pid 3
set policy rule admin-profile port fe.1.43 mask 16 port-string fe.1.43 admin-pid 3
set policy rule admin-profile port fe.1.44 mask 16 port-string fe.1.44 admin-pid 3
set policy rule admin-profile port fe.1.45 mask 16 port-string fe.1.45 admin-pid 3
set policy rule admin-profile port fe.1.46 mask 16 port-string fe.1.46 admin-pid 3
!
# port
set port ingress-filter fe.1.48 enable
set port vlan host.0.1 1000
set port vlan fe.1.1 22
set port vlan fe.1.2 22
set port vlan fe.1.3 22
set port vlan fe.1.4 22
set port vlan fe.1.5 22
set port vlan fe.1.6 22
set port vlan fe.1.7 22
set port vlan fe.1.8 22
set port vlan fe.1.47 1000
set port vlan fe.1.48 1000
!
# prompt
!
# pwa
set pwa enable
set pwa banner To Repair Your 802.1X Supplicant - Click \"Repair Supplicant\"\nRepair Supplicant\n\nTo Continue With Guest Access, Click \"LoginTo Network\" Below
set pwa enhancedmode enable
set pwa redirecttime 30
set pwa guestname Guest
set pwa gueststatus authnone
set pwa ipaddress 45.200.23.200
set pwa portcontrol enable fe.1.1-46
!
# rad
!
# radius
set radius enable
set radius server 1 45.200.1.74 1812 :9c1c93623d0702ac176566f9c3bc1c79e5b01bca:
set radius realm network-access 1
set radius accounting server 1 45.200.1.74 1813 :4a50ee71d6ed7a26fee2ad63e793bd22b89b5f1f:
!
# rmon alarm
!
# rmon capture
!
# rmon channel
!
# rmon event
!
# rmon filter
!
# rmon history
!
# rmon host
!
# rmon matrix
!
# rmon stats
!
# rmon topN
!
# router
!
# smon
!
# snmp
set snmp access groupRW security-model v1 exact read All write All notify All
set snmp access groupwrite security-model v1 exact read All write All
set snmp community private
set snmp community public
set snmp group groupRW user public security-model v1
set snmp group groupwrite user private security-model v1
set snmp notify notify-enf tag tag-enf
set snmp targetaddr enf 45.200.1.82 param trapsv2 taglist tag-enf
set snmp targetparams trapsv2 user public security-model v1 message-processing v1
set snmp view viewname All subtree 1
set snmp view viewname All subtree 0.0
!
# sntp
!
# spantree
set spantree stpmode none
!
# ssh
set ssh enabled
!
# summertime
!
# system
set system contact "Mark Townsend Cell 603.512.1649"
set system location "Interop iLabs NAC Demonstration"
set system name nap-enterasys-2
set system login admin super-user enable password :ddf7db5d4948dd16b0dc29cdf4353f90c7105c13:
!
# tacacs
!
# telnet
!
# timezone
!
# vlan
set vlan create 20-21,23,1000
set vlan name 20 Success_Net
set vlan name 21 Quarantine_Net
set vlan name 23 CloudPath
set vlan name 1000 1000
clear vlan egress 1 lag.0.1-48;host.0.1;fe.1.1-46,48;ge.1.1-6
set vlan egress 1 fe.1.48 tagged
set vlan egress 1 fe.1.47 untagged
set vlan egress 20 fe.1.47-48 tagged
set vlan egress 21 fe.1.48 tagged
set vlan egress 23 fe.1.48 tagged
set vlan egress 1000 fe.1.48 tagged
set vlan egress 1000 host.0.1;fe.1.47 untagged
set vlan dynamicegress 1,20-21,23 enable
!
# webview
!
# width
!
end