Scribd
Upload
4 views32 pages

Mega Lab Configs

The document contains configuration details for four network devices: ISP-A, ISP-B, R1, CSW1, and CSW2. Each device is configured with various interfaces, OSPF routing, DHCP pools, and access control lists. Key elements include IP addressing, loopback interfaces, and NTP server settings.

Uploaded by

firiwe6609
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
4 views32 pages

Mega Lab Configs

The document contains configuration details for four network devices: ISP-A, ISP-B, R1, CSW1, and CSW2. Each device is configured with various interfaces, OSPF routing, DHCP pools, and access control lists. Key elements include IP addressing, loopback interfaces, and NTP server settings.

Uploaded by

firiwe6609
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 32

ISP-A:

en
!
conf t
!
hostname ISP-A
!
enable secret cisco
!
ip dhcp pool POOL1
network 203.0.113.0 255.255.255.252
!
ipv6 unicast-routing
!
username admin privilege 15 secret admin
!
interface Loopback0
description google.com
ip address 172.253.62.100 255.255.255.255
ip ospf 1 area 0
!
interface Loopback1
description youtube.com
ip address 152.250.31.93 255.255.255.255
ip ospf 1 area 0
!
interface Loopback2
description jeremysitlab.com
ip address 66.235.200.145 255.255.255.255
ip ospf 1 area 0
!
interface Loopback3
description time1.google.com
ip address 216.239.35.0 255.255.255.255
ip ospf 1 area 0
!
interface GigabitEthernet0/0/0
description ## to ISP-B ##
ip address 192.0.2.1 255.255.255.252
ip ospf 1 area 0
no shutdown
!
interface GigabitEthernet0/0/2
description ## to R1 ##
ip address 203.0.113.1 255.255.255.252
ip ospf 1 area 0
ip access-group 100 in
ipv6 address 2001:DB8:A::1/64
no shutdown
!
router ospf 1
log-adjacency-changes
passive-interface GigabitEthernet0/0/2
default-information originate
!
ip route 0.0.0.0 0.0.0.0 203.0.113.2
!
ipv6 route ::/0 2001:DB8:A::2
!
access-list 100 deny ip 10.0.0.0 0.255.255.255 any
access-list 100 deny ip 172.16.0.0 0.15.255.255 any
access-list 100 deny ip 192.168.0.0 0.0.255.255 any
access-list 100 permit ip any any
!
line con 0
logging synchronous
login local
!
line vty 0 4
login
transport input none
line vty 5 15
login
transport input none
!
ntp server 216.239.35.4
ntp master 1
!
end

#####################################################################

ISP-B:

en
!
conf t
!
hostname ISP-B
!
enable secret cisco
!
ip dhcp pool POOL1
network 203.0.113.4 255.255.255.252
!
username admin privilege 15 secret admin
!
interface Loopback3
description time2.google.com
ip address 216.239.35.4 255.255.255.255
ip ospf 1 area 0
!
interface GigabitEthernet0/0/0
description ## to ISP-A ##
ip address 192.0.2.2 255.255.255.252
ip ospf 1 area 0
no shutdown
!
interface GigabitEthernet0/0/2
description ## to R1 ##
ip address 203.0.113.5 255.255.255.252
ip ospf 1 area 0
ip access-group 100 in
no shutdown
!
router ospf 1
log-adjacency-changes
passive-interface GigabitEthernet0/0/2
default-information originate
!
ip route 0.0.0.0 0.0.0.0 203.0.113.6
!
access-list 100 deny ip 10.0.0.0 0.255.255.255 any
access-list 100 deny ip 172.16.0.0 0.15.255.255 any
access-list 100 deny ip 192.168.0.0 0.0.255.255 any
access-list 100 permit ip any any
!
line con 0
logging synchronous
login local
!
line vty 0 15
login
transport input none
!
ntp server 216.239.35.0
ntp master 1
!
end

########################################################################

R1:

en
!
conf t
!
hostname R1
!
no ip domain-look
!
enable secret jeremysitlab
!
ipv6 unicast-routing
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
int gig 0/0/0
no sh
ip add dhcp
ipv6 addr 2001:db8:a::2/64
desc ## ISP-A ##
!
int gig 0/1/0
no sh
ip add dhcp
ipv6 addr 2001:db8:b::2/64
desc ## ISP-B ##
!
int fa 0/0
no sh
ip add 10.0.0.33 255.255.255.252
ip ospf 1 area 0
ip ospf network point-to-point
ipv6 addr 2001:db8:a1::/64 eui-64
desc INPUT-TO-CSW1
!
int fa 0/1
no sh
ip add 10.0.0.37 255.255.255.252
ip ospf 1 area 0
ip ospf network point-to-point
ipv6 addr 2001:db8:a2::/64 eui-64
desc INPUT-TO-CSW2
!
int loop 0
no sh
ip add 10.0.0.76 255.255.255.255
ip ospf 1 area 0
!
router ospf 1
router-id 10.0.0.76
passive-interface loop 0
default-information originate
!
ip route 0.0.0.0 0.0.0.0 203.0.113.1
ip route 0.0.0.0 0.0.0.0 203.0.113.5 2
!
ip dhcp excluded-address 10.0.0.1 10.0.0.10
ip dhcp excluded-address 10.0.0.17 10.0.0.26
ip dhcp excluded-address 10.1.0.1 10.1.0.10
ip dhcp excluded-address 10.2.0.1 10.2.0.10
ip dhcp excluded-address 10.3.0.1 10.3.0.10
ip dhcp excluded-address 10.4.0.1 10.4.0.10
ip dhcp excluded-address 10.6.0.1 10.6.0.10
!
ip dhcp pool A-Mgmt
network 10.0.0.0 255.255.255.240
default 10.0.0.1
domain jeremysitlab.com
dns 10.5.0.4
option 43 ip 10.0.0.7
!
ip dhcp pool B-Mgmt
network 10.0.0.16 255.255.255.240
default 10.0.0.17
domain jeremysitlab.com
dns 10.5.0.4
option 43 ip 10.0.0.7
!
ip dhcp pool A-PCs
network 10.1.0.0 255.255.255.0
default 10.1.0.1
domain jeremysitlab.com
dns 10.5.0.4
!
ip dhcp pool A-Phones
network 10.2.0.0 255.255.255.0
default 10.2.0.1
domain jeremysitlab.com
dns 10.5.0.4
!
ip dhcp pool B-PCs
network 10.3.0.0 255.255.255.0
default 10.3.0.1
domain jeremysitlab.com
dns 10.5.0.4
!
ip dhcp pool B-Phones
network 10.4.0.0 255.255.255.0
default 10.4.0.1
domain jeremysitlab.com
dns 10.5.0.4
!
ip dhcp pool WiFi
network 10.6.0.0 255.255.255.0
default 10.6.0.1
domain jeremysitlab.com
dns 10.5.0.4
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp master 5
ntp server 216.239.35.0
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
ip nat inside source static 10.5.0.4 203.0.113.113
!
access-list 2 permit 10.1.0.0 0.0.0.255
access-list 2 permit 10.2.0.0 0.0.0.255
access-list 2 permit 10.3.0.0 0.0.0.255
access-list 2 permit 10.4.0.0 0.0.0.255
access-list 2 permit 10.6.0.0 0.0.0.255
access-list 2 deny any
!
ip nat pool POOL1 203.0.113.200 203.0.113.207 netmask 255.255.255.248
!
ip nat inside source list 2 pool POOL1 overload
!
no cdp run
lldp run
!
ipv6 route ::/0 2001:db8:a::1
ipv6 route ::/0 gig 0/1/0 2001:db8:b::1 2
!
int range gig0/2/0,gig0/3/0
sh
!
end
!

########################################################################

CSW1:

en
!
conf t
!
hostname CSW1
!
no ip domain-look
!
span mod ra
!
enable secret jeremysitlab
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
ip routing
!
ipv6 unicast-rout
!
int range gig 1/0/21-22
no sw
sh
channel-group 1 mod desir
desc Po1-Port
!
int port-channel 1
no sh
no sw
ip add 10.0.0.41 255.255.255.252
ipv6 enable
desc L3-PAgP-TO-CSW2
!
int range gig 1/0/21-22
no sh
!
int gig 1/0/1
no sw
no sh
ip add 10.0.0.34 255.255.255.252
ip ospf network point-to-point
ipv6 addr 2001:db8:a1::/64 eui-64
desc INPUT-FROM-R1
!
int gig 1/1/1
no sw
no sh
ip add 10.0.0.45 255.255.255.252
ip ospf network point-to-point
desc INPUT-TO-DSW-A1
!
int gig 1/1/2
no sw
no sh
ip add 10.0.0.49 255.255.255.252
ip ospf network point-to-point
desc INPUT-TO-DSW-A2
!
int gig 1/1/3
no sw
no sh
ip add 10.0.0.53 255.255.255.252
ip ospf network point-to-point
desc INPUT-TO-DSW-B1
!
int gig 1/1/4
no sw
no sh
ip add 10.0.0.57 255.255.255.252
ip ospf network point-to-point
desc INPUT-TO-DSW-B2
!
int loop 0
no sh
ip add 10.0.0.77 255.255.255.255
!
router ospf 1
router-id 10.0.0.77
passive-interface loop 0
network 10.0.0.41 0.0.0.0 area 0
network 10.0.0.34 0.0.0.0 area 0
network 10.0.0.45 0.0.0.0 area 0
network 10.0.0.49 0.0.0.0 area 0
network 10.0.0.53 0.0.0.0 area 0
network 10.0.0.57 0.0.0.0 area 0
network 10.0.0.77 0.0.0.0 area 0
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
ntp server 10.0.0.76 key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
no cdp run
lldp run
!
int range gig1/0/2-20,gig1/0/23-24
shut
!
end
!

#######################################################################

CSW2:

en
!
conf t
!
hostname CSW2
!
no ip domain-look
!
span mod ra
!
enable secret jeremysitlab
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
ip routing
!
ipv6 unicast-rout
!
int range gig 1/0/21-22
no sw
sh
channel-group 1 mod desir
desc Po1-Port
!
int port-channel 1
no sh
no sw
ip add 10.0.0.42 255.255.255.252
ipv6 enable
desc L3-PAgP-TO-CSW1
!
int range gig 1/0/21-22
no sh
!
int gig 1/0/1
no sw
no sh
ip add 10.0.0.38 255.255.255.252
ip ospf network point-to-point
ipv6 addr 2001:db8:a2::/64 eui-64
desc INPUT-FROM-R1
!
int gig 1/1/1
no sw
no sh
ip add 10.0.0.61 255.255.255.252
ip ospf network point-to-point
desc INPUT-TO-DSW-A1
!
int gig 1/1/2
no sw
no sh
ip add 10.0.0.65 255.255.255.252
ip ospf network point-to-point
desc INPUT-TO-DSW-A2
!
int gig 1/1/3
no sw
no sh
ip add 10.0.0.69 255.255.255.252
ip ospf network point-to-point
desc INPUT-TO-DSW-B1
!
int gig 1/1/4
no sw
no sh
ip add 10.0.0.73 255.255.255.252
ip ospf network point-to-point
desc INPUT-TO-DSW-B2
!
int loop 0
no sh
ip add 10.0.0.78 255.255.255.255
!
router ospf 1
router-id 10.0.0.78
passive-interface loop 0
network 10.0.0.42 0.0.0.0 area 0
network 10.0.0.38 0.0.0.0 area 0
network 10.0.0.61 0.0.0.0 area 0
network 10.0.0.65 0.0.0.0 area 0
network 10.0.0.69 0.0.0.0 area 0
network 10.0.0.73 0.0.0.0 area 0
network 10.0.0.78 0.0.0.0 area 0
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
ntp server 10.0.0.76 key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
no cdp run
lldp run
!
int range gig1/0/2-20,gig1/0/23-24
shut
!
end
!

#########################################################################

DSW-A1:

en
!
conf t
!
hostname DSW-A1
!
no ip domain-look
!
span mod ra
span vlan 10,99 priority 0
span vlan 20,40 priority 4096
!
enable secret jeremysitlab
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
int rang gig 1/0/21-22
sh
channel-gr 1 mod desir
desc Po1-Port
!
int port-chan 1
sw mod tr
sw no
sw tr al vl 10,20,40,99
sw tr nat vl 1000
desc L2-PAgP-TO-DSW-A2
!
int range gig 1/0/21-22
no sh
!
int range gig 1/0/1-3
sw mod tr
sw no
sw tr al vl 10,20,40,99
sw tr nat vl 1000
!
vtp ver 2
vtp mod server
vtp domain JeremysITLab
!
vlan 1000
name Trunk-Native-VLAN
!
vlan 10
name PCs
!
vlan 20
name Phones
!
vlan 40
name Wi-Fi
!
vlan 99
name MGMT
!
ip routing
!
int gig 1/1/1
no sw
no sh
ip add 10.0.0.46 255.255.255.252
ip ospf network point-to-point
desc INPUT-FROM-CSW1
!
int gig1/1/2
no sw
no sh
ip add 10.0.0.62 255.255.255.252
ip ospf network point-to-point
desc INPUT-FROM-CSW2
!
int loop 0
no sh
ip add 10.0.0.79 255.255.255.255
!
int vlan 99
no sh
ip add 10.0.0.2 255.255.255.240
standby ver 2
standby 1 preempt
standby 1 ip 10.0.0.1
standby priority 105
ip helper-address 10.0.0.76
!
int vlan 10
no sh
ip add 10.1.0.2 255.255.255.0
standby ver 2
standby 2 preempt
standby 2 ip 10.1.0.1
standby priority 105
ip helper-address 10.0.0.76
ip access-group OfficeA_to_OfficeB in
!
int vlan 20
no sh
ip add 10.2.0.2 255.255.255.0
standby ver 2
standby 3 ip 10.2.0.1
ip helper-address 10.0.0.76
!
int vlan 40
no sh
ip add 10.6.0.2 255.255.255.0
standby ver 2
standby 4 ip 10.6.0.1
ip helper-address 10.0.0.76
!
router ospf 1
router-id 10.0.0.79
passive-interface loop 0
passive-interface vlan 10
passive-interface vlan 20
passive-interface vlan 40
network 10.0.0.46 0.0.0.0 area 0
network 10.0.0.62 0.0.0.0 area 0
network 10.0.0.79 0.0.0.0 area 0
network 10.0.0.2 0.0.0.0 area 0
network 10.1.0.2 0.0.0.0 area 0
network 10.2.0.2 0.0.0.0 area 0
network 10.6.0.2 0.0.0.0 area 0
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
ntp server 10.0.0.76 key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
no cdp run
lldp run
!
ip access-list extended OfficeA_to_OfficeB
permit icmp 10.1.0.0 0.0.0.255 10.3.0.0 0.0.0.255
deny ip 10.1.0.0 0.0.0.255 10.3.0.0 0.0.0.255
permit ip any any
!
int gig1/0/1
desc INPUT-TO-ASW-A1
!
int gig 1/0/2
desc INPUT-TO-ASW-A2
!
int gig 1/0/3
desc INPUT-TO-ASW-A3
!
int range gig 1/0/4-20,gig1/0/23-24,gig1/1/3-4
shut
!
end
!

#########################################################################

DSW-A2:

en
!
conf t
!
hostname DSW-A2
!
no ip domain-look
!
span mod ra
span vlan 20,40 priority 0
span vlan 10,99 priority 4096
!
enable secret jeremysitlab
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
int rang gig 1/0/21-22
sh
channel-gr 1 mod desir
desc Po1-Port
!
int port-chan 1
no sh
sw mod tr
sw no
sw tr al vl 10,20,40,99
sw tr nat vl 1000
desc L2-PAgP-TO-DSW-A1
!
int range gig 1/0/21-22
no sh
!
int range gig 1/0/1-3
sw mod tr
sw no
sw tr al vl 10,20,40,99
sw tr nat vl 1000
!
vtp ver 2
vtp mod server
vtp domain JeremysITLab
!
ip routing
!
int gig 1/1/1
no sw
no sh
ip add 10.0.0.50 255.255.255.252
ip ospf network point-to-point
desc INPUT-FROM-CSW1
!
int gig1/1/2
no sw
no sh
ip add 10.0.0.66 255.255.255.252
ip ospf network point-to-point
desc INPUT-FROM-CSW2
!
int loop 0
no sh
ip add 10.0.0.80 255.255.255.255
!
int vlan 99
no sh
ip add 10.0.0.3 255.255.255.240
standby ver 2
standby 1 ip 10.0.0.1
ip helper-address 10.0.0.76
!
int vlan 10
no sh
ip add 10.1.0.3 255.255.255.0
standby ver 2
standby 2 ip 10.1.0.1
ip helper-address 10.0.0.76
ip access-group OfficeA_to_OfficeB in
!
int vlan 20
no sh
ip add 10.2.0.3 255.255.255.0
standby ver 2
standby 3 preempt
standby 3 ip 10.2.0.1
standby 3 priority 105
ip helper-address 10.0.0.76
!
int vlan 40
no sh
ip add 10.6.0.3 255.255.255.0
standby ver 2
standby 4 preempt
standby 4 ip 10.6.0.1
standby 4 priority 105
ip helper-address 10.0.0.76
!
router ospf 1
router-id 10.0.0.80
passive-interface loop 0
passive-interface vlan 10
passive-interface vlan 20
passive-interface vlan 40
network 10.0.0.50 0.0.0.0 area 0
network 10.0.0.66 0.0.0.0 area 0
network 10.0.0.80 0.0.0.0 area 0
network 10.0.0.3 0.0.0.0 area 0
network 10.1.0.3 0.0.0.0 area 0
network 10.2.0.3 0.0.0.0 area 0
network 10.6.0.3 0.0.0.0 area 0
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
ntp server 10.0.0.76 key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
no cdp run
lldp run
!
ip access-list extended OfficeA_to_OfficeB
permit icmp 10.1.0.0 0.0.0.255 10.3.0.0 0.0.0.255
deny ip 10.1.0.0 0.0.0.255 10.3.0.0 0.0.0.255
permit ip any any
!
int gig1/0/1
desc INPUT-TO-ASW-A1
!
int gig 1/0/2
desc INPUT-TO-ASW-A2
!
int gig 1/0/3
desc INPUT-TO-ASW-A3
!
int range gig 1/0/4-20,gig1/0/23-24,gig1/1/3-4
shut
!
end
!

#########################################################################

ASW-A1:

en
!
conf t
!
hostname ASW-A1
!
no ip domain-look
!
span mod ra
!
enable secret jeremysitlab
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
int range gig 0/1-2
sw mod tr
sw no
sw tr al vl 10,20,40,99
sw tr nat vl 1000
ip dhcp snooping trust
ip arp inspection trust
!
vtp ver 2
vtp mod client
vtp domain JeremysITLab
!
int fa0/1
sw mod access
sw no
sw acc vlan 99
span bpduguard enable
span portfast
no lldp transmit
sw port-sec
sw port-sec violation restrict
sw port-sec mac-add sticky
ip dhcp snooping limit rate 15
desc INPUT-TO-LWAP1
!
int fa0/21
sw mod tr
sw no
sw tr al vl 40,99
sw tr nat vlan 99
span bpduguard enable
span portfast trunk
ip dhcp snooping limit rate 100
desc INPUT-TO-WLC1
!
int vlan 99
no sh
ip add 10.0.0.4 255.255.255.240
!
ip default-gateway 10.0.0.1
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
ntp server 10.0.0.76 key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
no cdp run
lldp run
!
ip dhcp snooping
ip dhcp snooping vlan 10,20,40,99
no ip dhcp snooping information option
!
ip arp inspection vlan 10,20,40,99
ip arp inspection validate src-mac dst-mac ip
!
int gig0/1
desc INPUT-FROM-DSW-A1
!
int gig 0/2
desc INPUT-FROM-DSW-A2
!
int range fa0/3-24
shut
!
end
!

#########################################################################

ASW-A2:

en
!
conf t
!
hostname ASW-A2
!
no ip domain-look
!
span mod ra
!
enable secret jeremysitlab
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
int range gig 0/1-2
sw mod tr
sw no
sw tr al vl 10,20,40,99
sw tr nat vl 1000
ip dhcp snooping trust
ip arp inspection trust
!
vtp ver 2
vtp mod client
vtp domain JeremysITLab
!
int fa0/1
sw mod acc
sw acc vlan 10
sw voice vlan 20
sw no
span bpduguard enable
span portfast
no lldp transmit
sw port-sec
sw port-sec max 2
sw port-sec violation restrict
sw port-sec mac-add sticky
ip dhcp snooping limit rate 15
!
int vlan 99
no sh
ip add 10.0.0.5 255.255.255.240
!
ip default-gateway 10.0.0.1
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
ntp server 10.0.0.76 key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
no cdp run
lldp run
!
ip dhcp snooping
ip dhcp snooping vlan 10,20,40,99
no ip dhcp snooping information option
!
ip arp inspection vlan 10,20,40,99
ip arp inspection validate src-mac dst-mac ip
!
int gig0/1
desc INPUT-FROM-DSW-A1
!
int gig 0/2
desc INPUT-FROM-DSW-A2
!
int range fa0/2-24
shut
!
end
!

#########################################################################

ASW-A3:

en
!
conf t
!
hostname ASW-A3
!
no ip domain-look
!
span mod ra
!
enable secret jeremysitlab
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
int range gig 0/1-2
sw mod tr
sw no
sw tr al vl 10,20,40,99
sw tr nat vl 1000
ip dhcp snooping trust
ip arp inspection trust
!
vtp ver 2
vtp mod client
vtp domain JeremysITLab
!
int fa0/1
sw mod acc
sw acc vlan 10
sw voice vlan 20
sw no
span bpduguard enable
span portfast
no lldp transmit
sw port-sec
sw port-sec max 2
sw port-sec violation restrict
sw port-sec mac-add sticky
ip dhcp snooping limit rate 15
!
int vlan 99
no sh
ip add 10.0.0.6 255.255.255.240
!
ip default-gateway 10.0.0.1
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
ntp server 10.0.0.76 key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
no cdp run
lldp run
!
ip dhcp snooping
ip dhcp snooping vlan 10,20,40,99
no ip dhcp snooping information option
!
ip arp inspection vlan 10,20,40,99
ip arp inspection validate src-mac dst-mac ip
!
int gig0/1
desc INPUT-FROM-DSW-A1
!
int gig 0/2
desc INPUT-FROM-DSW-A2
!
int range fa0/2-24
shut
!
end
!

#########################################################################

DSW-B1:

en
!
conf t
!
hostname DSW-B1
!
no ip domain-look
!
span mod ra
span vlan 10,99 priority 0
span vlan 20,30 priority 4096
!
enable secret jeremysitlab
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
int rang gig 1/0/21-22
sh
channel-gr 1 mod act
desc Po1-Port
!
int port-channel 1
no sh
sw mod tr
sw no
sw tr al vl 10,20,30,99
sw tr nat vl 1000
desc L2-LACP-TO-DSW-B2
!
int range gig 1/0/21-22
no sh
!
int range gig 1/0/1-3
sw mod tr
sw no
sw tr al vl 10,20,30,99
sw tr nat vl 1000
!
vtp ver 2
vtp mod server
vtp domain JeremysITLab
!
vlan 1000
name Trunk-Native-VLAN
!
vlan 10
name PCs
!
vlan 20
name Phones
!
vlan 30
name Servers
vlan 99
name MGMT
!
ip routing
!
int gig 1/1/1
no sw
no sh
ip add 10.0.0.54 255.255.255.252
ip ospf network point-to-point
desc INPUT-FROM-CSW1
!
int gig1/1/2
no sw
no sh
ip add 10.0.0.70 255.255.255.252
ip ospf network point-to-point
desc INPUT-FROM-CSW2
!
int loop 0
no sh
ip add 10.0.0.81 255.255.255.255
!
int vlan 99
no sh
ip add 10.0.0.18 255.255.255.240
standby ver 2
standby 1 preempt
standby 1 ip 10.0.0.17
standby priority 105
ip helper-address 10.0.0.76
!
int vlan 10
no sh
ip add 10.3.0.2 255.255.255.0
standby ver 2
standby 2 preempt
standby 2 ip 10.3.0.1
standby priority 105
ip helper-address 10.0.0.76
!
int vlan 20
no sh
ip add 10.4.0.2 255.255.255.0
standby ver 2
standby 3 ip 10.4.0.1
ip helper-address 10.0.0.76
!
int vlan 30
no sh
ip add 10.5.0.2 255.255.255.0
standby ver 2
standby 4 ip 10.5.0.1
ip helper-address 10.0.0.76
!
router ospf 1
router-id 10.0.0.81
passive-interface loop 0
passive-interface vlan 10
passive-interface vlan 20
passive-interface vlan 30
network 10.0.0.54 0.0.0.0 area 0
network 10.0.0.70 0.0.0.0 area 0
network 10.0.0.81 0.0.0.0 area 0
network 10.0.0.18 0.0.0.0 area 0
network 10.3.0.2 0.0.0.0 area 0
network 10.4.0.2 0.0.0.0 area 0
network 10.5.0.2 0.0.0.0 area 0
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
ntp server 10.0.0.76 key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
no cdp run
lldp run
!
int gig 1/0/1
desc INPUT-TO-ASW-B1
!
int gig 1/0/2
desc INPUT-TO-ASW-B2
!
int gig 1/0/3
desc INPUT-TO-ASW-B3
!
int range gig 1/0/4-20,gig1/0/23-24,gig1/1/3-4
shut
!
end
!

#########################################################################

DSW-B2:

en
!
conf t
!
hostname DSW-B2
!
no ip domain-look
!
span mod ra
span vlan 20,30 priority 0
span vlan 10,99 priority 4096
!
enable secret jeremysitlab
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
int rang gig 1/0/21-22
sh
channel-gr 1 mod act
desc Po1-Port
!
int port-channel 1
no sh
sw mod tr
sw no
sw tr al vl 10,20,30,99
sw tr nat vl 1000
desc L2-LACP-TO-DSW-B1
!
int range gig 1/0/21-22
no sh
!
int range gig 1/0/1-3
sw mod tr
sw no
sw tr al vl 10,20,30,99
sw tr nat vl 1000
!
vtp ver 2
vtp mod server
vtp domain JeremysITLab
!
ip routing
!
int gig 1/1/1
no sh
no sw
ip add 10.0.0.58 255.255.255.252
ip ospf network point-to-point
desc INPUT-FROM-CSW1
!
int gig1/1/2
no sh
no sw
ip add 10.0.0.74 255.255.255.252
ip ospf network point-to-point
desc INPUT-FROM-CSW2
!
int loop 0
no sh
ip add 10.0.0.82 255.255.255.255
!
int vlan 99
no sh
ip add 10.0.0.19 255.255.255.240
standby ver 2
standby 1 ip 10.0.0.17
ip helper-address 10.0.0.76
!
int vlan 10
no sh
ip add 10.3.0.3 255.255.255.0
standby ver 2
standby 2 ip 10.3.0.1
ip helper-address 10.0.0.76
!
int vlan 20
no sh
ip add 10.4.0.3 255.255.255.0
standby ver 2
standby 3 preempt
standby 3 ip 10.4.0.1
standby 3 priority 105
ip helper-address 10.0.0.76
!
int vlan 30
no sh
ip add 10.5.0.3 255.255.255.0
standby ver 2
standby 4 preempt
standby 4 ip 10.5.0.1
standby 4 priority 105
ip helper-address 10.0.0.76
!
router ospf 1
router-id 10.0.0.82
passive-interface loop 0
passive-interface vlan 10
passive-interface vlan 20
passive-interface vlan 30
network 10.0.0.58 0.0.0.0 area 0
network 10.0.0.74 0.0.0.0 area 0
network 10.0.0.82 0.0.0.0 area 0
network 10.0.0.19 0.0.0.0 area 0
network 10.3.0.3 0.0.0.0 area 0
network 10.4.0.3 0.0.0.0 area 0
network 10.5.0.3 0.0.0.0 area 0
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
ntp server 10.0.0.76 key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
no cdp run
lldp run
!
int gig 1/0/1
desc INPUT-TO-ASW-B1
!
int gig 1/0/2
desc INPUT-TO-ASW-B2
!
int gig 1/0/3
desc INPUT-TO-ASW-B3
!
int range gig 1/0/4-20,gig1/0/23-24,gig1/1/3-4
shut
!
end
!

#########################################################################

ASW-B1:

en
!
conf t
!
hostname ASW-B1
!
no ip domain-look
!
span mod ra
!
enable secret jeremysitlab
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
int range gig 0/1-2
sw mod tr
sw no
sw tr al vl 10,20,30,99
sw tr nat vl 1000
ip dhcp snooping trust
ip arp inspection trust
!
vtp ver 2
vtp mod client
vtp domain JeremysITLab
!
int fa0/1
sw mod acc
sw no
sw acc vlan 99
span bpduguard enable
span portfast
no lldp transmit
sw port-sec
sw port-sec violation restrict
sw port-sec mac-add sticky
ip dhcp snooping limit rate 15
desc INPUT-TO-LWAP2
!
int vlan 99
no sh
ip add 10.0.0.20 255.255.255.240
!
ip default-gateway 10.0.0.17
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
ntp server 10.0.0.76 key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
no cdp run
lldp run
!
ip dhcp snooping
ip dhcp snooping vlan 10,20,30,99
no ip dhcp snooping information option
!
ip arp inspection vlan 10,20,30,99
ip arp inspection validate src-mac dst-mac ip
!
int gig 0/1
desc INPUT-FROM-DSW-B1
!
int gig 0/2
desc INPUT-FROM-DSW-B2
!
int range fa0/2-24
shut
!
end
!

#######################################################################

ASW-B2:

en
!
conf t
!
hostname ASW-B2
!
no ip domain-look
!
span mod ra
!
enable secret jeremysitlab
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
int range gig 0/1-2
sw mod tr
sw no
sw tr al vl 10,20,30,99
sw tr nat vl 1000
ip dhcp snooping trust
ip arp inspection trust
!
vtp ver 2
vtp mod client
vtp domain JeremysITLab
!
int fa0/1
sw mod acc
sw acc vlan 10
sw voice vlan 20
sw no
span bpduguard enable
span portfast
no lldp transmit
sw port-sec
sw port-sec max 2
sw port-sec violation restrict
sw port-sec mac-add sticky
ip dhcp snooping limit rate 15
!
int vlan 99
no sh
ip add 10.0.0.21 255.255.255.240
!
ip default-gateway 10.0.0.17
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
ntp server 10.0.0.76 key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
no cdp run
lldp run
!
ip dhcp snooping
ip dhcp snooping vlan 10,20,30,99
no ip dhcp snooping information option
!
ip arp inspection vlan 10,20,30,99
ip arp inspection validate src-mac dst-mac ip
!
int gig 0/1
desc INPUT-FROM-DSW-B1
!
int gig 0/2
desc INPUT-FROM-DSW-B2
!
int range fa0/2-24
shut
!
end
!

###########################################################################

ASW-B3:

en
!
conf t
!
hostname ASW-B3
!
no ip domain-look
!
span mod ra
!
enable secret jeremysitlab
!
username cisco priv 15 secret ccna
!
line con 0
logging synchronous
exec-timeout 30
login local
!
int range gig 0/1-2
sw mod tr
sw no
sw tr al vl 10,20,30,99
sw tr nat vl 1000
ip dhcp snooping trust
ip arp inspection trust
!
vtp ver 2
vtp mod client
vtp domain JeremysITLab
!
int fa0/1
sw mod acc
sw acc vlan 30
sw no
span bpduguard enable
span portfast
no lldp transmit
sw port-sec
sw port-sec max 2
sw port-sec violation restrict
sw port-sec mac-add sticky
ip dhcp snooping limit rate 15
desc INPUT-TO-SRV1
!
int vlan 99
no sh
ip add 10.0.0.22 255.255.255.240
!
ip default-gateway 10.0.0.17
!
ip domain name jeremysitlab.com
ip name-server 10.5.0.4
!
ntp authentication-key 1 md5 ccna
ntp trusted-key 1
ntp server 10.0.0.76 key 1
!
snmp-server community SNMPSTRING ro
!
logging host 10.5.0.4
logging trap debugging
logging buffered 8192
!
crypto key generate rsa
4096
ip ssh version 2
access-list 1 permit 10.1.0.0 0.0.0.255
line vty 0 15
access-class 1 in
transport input ssh
login local
logging synchronous
!
no cdp run
lldp run
!
ip dhcp snooping
ip dhcp snooping vlan 10,20,40,99
no ip dhcp snooping information option
!
ip arp inspection vlan 10,20,40,99
ip arp inspection validate src-mac dst-mac ip
!
int gig 0/1
desc INPUT-FROM-DSW-B1
!
int gig 0/2
desc INPUT-FROM-DSW-B2
!
int range fa0/2-24
shut
!
end
!

You might also like