! ! Last configuration change at 17:27:04 PST Mon Aug 7 2006 by admin ! NVRAM config last updated at 17:47:54 PST Mon Aug 7 2006 by admin ! version 12.2 no service pad service timestamps debug datetime localtime service timestamps log datetime localtime service password-encryption ! hostname nap-lockdown-sw ! enable secret 5 $1$He/E$0Hfay7ggY6cWfHd8O5EUW. enable password 7 09424F0A170414425D ! username nac privilege 15 password 7 06080E22424F0A4953 username jms privilege 15 password 7 011D0F100F5F080E22 username administrator privilege 15 password 7 121704141C0A0F547C username root privilege 15 password 7 0505070C2F4D4D594F username cisco privilege 15 password 7 1040081A0B16115B5A username admin privilege 15 password 7 0701204F40081A5541 aaa new-model aaa group server radius lockdown server 45.200.1.82 auth-port 1812 acct-port 1813 ! aaa authentication login default local aaa authentication dot1x default group lockdown aaa authorization exec default local if-authenticated ! aaa session-id common clock timezone PST -8 clock summer-time PST recurring ip subnet-zero ip domain-name nac.ilabs.interop.net ip name-server 45.200.1.2 ! vtp mode transparent ! ! crypto pki trustpoint TP-self-signed-3189352064 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3189352064 revocation-check none rsakeypair TP-self-signed-3189352064 ! ! crypto ca certificate chain TP-self-signed-3189352064 certificate self-signed 01 308202CB 30820234 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 67312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 33313839 33353230 36343134 30320609 2A864886 F70D0109 0216256E 61702D6C 6F636B64 6F776E2D 73772E6E 61632E69 6C616273 2E696E74 65726F70 2E6E6574 301E170D 39333033 30313030 30363038 5A170D32 30303130 31303030 3030305A 3067312F 302D0603 55040313 26494F53 2D53656C 662D5369 676E6564 2D436572 74696669 63617465 2D333138 39333532 30363431 34303206 092A8648 86F70D01 09021625 6E61702D 6C6F636B 646F776E 2D73772E 6E61632E 696C6162 732E696E 7465726F 702E6E65 7430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100D7A0 4F895BBE 057E42CF 49AE9924 8C2327CC 78A013D1 4CC5D6D5 5AF80348 4F681E97 A9656A4D A0844493 1C45ED91 9EB495D5 660D3B61 BD64EAC0 29636A7A CC229E55 886B31AB E5A1AA04 26BD331F FF8F49B5 C8B58531 AFA8775B 20833321 8639A611 AA81E4A9 45C21BD6 AAE861D8 5589FA3F 019377E9 A22DEEEA 612600B3 5F3B0203 010001A3 81863081 83300F06 03551D13 0101FF04 05300301 01FF3030 0603551D 11042930 2782256E 61702D6C 6F636B64 6F776E2D 73772E6E 61632E69 6C616273 2E696E74 65726F70 2E6E6574 301F0603 551D2304 18301680 142BF646 60C53A4C 3036E2B7 82E5D691 2B8CD2FD 13301D06 03551D0E 04160414 2BF64660 C53A4C30 36E2B782 E5D6912B 8CD2FD13 300D0609 2A864886 F70D0101 04050003 81810006 C9A96824 30E01EC3 F079A550 395437FA 838AFEED 5A7B1139 F71C90BE 837BB530 D373384B 45E0BF45 ECBE52C9 6F1EC85F BF5F3ACD 840E2983 D9EF3E4F 93A2DEE3 4BC008AD F405CD9E 7CA185CC AAFD83F6 380E2E61 EF5C8F39 59706093 7BBDC37A 2AD4508C 5FAB1ACB 31F8E478 3E9FFB00 78255922 3EA27F01 82893252 13E67C quit ! ! dot1x system-auth-control no file verify auto ! spanning-tree mode pvst spanning-tree extend system-id no spanning-tree vlan 1-1000 ! vlan internal allocation policy ascending vlan dot1q tag native ! vlan 20 name Microsoft20 ! vlan 22 name Lockdown-Q-22 ! vlan 24 name Lockdown-Q-24 ! vlan 500 name Management ! vlan 516 name Servers ! vlan 564 name Wired ! vlan 628 name Wireless ! vlan 1000 name Backbone ! ! interface FastEthernet0/1 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/2 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/3 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/4 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/5 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/6 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/7 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/8 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/9 description Lockdown Ports for Access switchport access vlan 20 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed dot1x pae authenticator spanning-tree portfast ! interface FastEthernet0/10 description Lockdown Ports for Access switchport access vlan 20 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed dot1x pae authenticator spanning-tree portfast ! interface FastEthernet0/11 description Lockdown Ports for Access switchport access vlan 20 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed dot1x pae authenticator spanning-tree portfast ! interface FastEthernet0/12 description Lockdown Ports for Access switchport access vlan 20 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed dot1x pae authenticator spanning-tree portfast ! interface FastEthernet0/13 description Lockdown Ports for Access switchport access vlan 20 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed dot1x pae authenticator spanning-tree portfast ! interface FastEthernet0/14 description Lockdown Ports for Access switchport access vlan 20 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed dot1x pae authenticator spanning-tree portfast ! interface FastEthernet0/15 description Lockdown Ports for Access switchport access vlan 20 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed dot1x pae authenticator spanning-tree portfast ! interface FastEthernet0/16 description Lockdown Ports for Access switchport access vlan 20 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed dot1x pae authenticator spanning-tree portfast ! interface FastEthernet0/17 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/18 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/19 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/20 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/21 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/22 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/23 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/24 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/25 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/26 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/27 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/28 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/29 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/30 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/31 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/32 description Lockdown Ports for Access switchport access vlan 22 switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/33 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/34 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/35 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/36 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/37 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/38 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/39 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/40 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/41 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/42 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/43 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/44 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/45 description Lockdown Ports for Access switchport mode access snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/46 description "Link to Enterasys" switchport trunk encapsulation dot1q switchport mode trunk snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/47 description Extreme Link switchport access vlan 1000 switchport trunk encapsulation dot1q switchport mode trunk snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast ! interface FastEthernet0/48 description Uplink to Core switchport trunk encapsulation dot1q switchport mode trunk snmp trap mac-notification added snmp trap mac-notification removed spanning-tree portfast trunk ! interface GigabitEthernet0/1 switchport mode dynamic desirable shutdown snmp trap mac-notification added snmp trap mac-notification removed ! interface GigabitEthernet0/2 switchport mode dynamic desirable shutdown snmp trap mac-notification added snmp trap mac-notification removed ! interface Vlan1 no ip address shutdown ! interface Vlan1000 description Backbone/Management VLAN ip address 45.200.1.81 255.255.255.0 ! ip default-gateway 45.200.1.1 ip classless ip http server ip http secure-server ! ! logging 45.200.1.2 snmp-server community public RO snmp-server community nacnac06 RW snmp-server location Interop iLabs NAP Lockdown snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart snmp-server enable traps mac-notification snmp-server host 45.200.1.82 version 2c public mac-notification snmp radius-server host 45.200.1.82 auth-port 1812 acct-port 1813 key 7 130B1611050D077A7D radius-server source-ports 1645-1646 ! control-plane ! ! line con 0 line vty 0 4 transport input telnet ssh escape-character 3 line vty 5 15 ! mac-address-table notification ntp clock-period 17180252 ntp server 45.200.1.2 prefer end