Basic Cisco Configs

AAA配置

conf t
!
aaa new-model
!
aaa group server tacacs+ LOGINTAC
server 172.16.30.220
Server 172.16.40.1
!
tacacs-server host 172.16.30.220 key n3w3gg
tacacs-server host 172.16.40.1 key n3w3gg
!
ip tacacs source-interface gi 0/1
!
aaa authentication login default group LOGINTAC local
aaa authentication enable default enable group LOGINTAC
aaa authorization config-commands
aaa authorization exec default group LOGINTAC if-authenticated
aaa authorization commands 1 default if-authenticated
aaa authorization commands 15 default if-authenticated
aaa accounting commands 1 default start-stop group LOGINTAC
aaa accounting commands 15 default start-stop group LOGINTAC
!
!
end
wr

 

Clock  配置

CLIENT:


clock timezone PST -8
clock summer-time PDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00
ntp authentication-key 1 md5 n3w3gg
ntp server 10.1.37.21 key 1


NTP SERVER:

!
ntp clock-period 17177077
ntp source GigabitEthernet4.1
ntp master 4
ntp update-calendar
ntp server 10.1.37.10
ntp server 10.1.37.52

 

默认配置

en
config t
!
hostname **********
!
service timestamps log datetime localtime show-timezone
service timestamps debug datetime localtime show-timezone
service password-encryption
no ip domain-lookup
!
enable secret **********
!
user admin privilege 15 secret **********
!
line con 0
exec-timeout 200 0
logging synchronous
!
line vty 0 4
exec-timeout 200 0
logging synchronous
!
end
wr

 

默认交换机配置

VTP MODE CLIENT
VTP DOMAIN WH7
VTP password

Spanning-tree portfast bpduguard default
!
Errdisable recovery cause bpduguard
Errdisable recovery interval 240

 

Snmp-syslog-netflow

Use for syslog filter (logging facility local0 - Switches)
(logging facility local1 - Routers)


logging trap errors
logging facility local1
logging 10.1.37.22
snmp-server community $reed RO
snmp-server host 10.1.37.22 $reed

ip flow-export source GigabitEthernet0/1
ip flow-export version 5
ip flow-export destination 10.1.37.21 9996

( ip flow-export destination 71.94.141.193 9996 = only on external devices )
( logging 71.94.141.194 = For external devices)

interface Serial1/0
ip route-cache flow

posted @ 2019-05-14 10:53  cs37  阅读(222)  评论(0编辑  收藏  举报