Src-secu-adm
Révision datée du 18 octobre 2016 à 10:07 par Julien.garnier (discussion | contributions) (→Fichier de conf commut)
Vlan 273
10.3.10.0/24
ADV : de .100 à .199
RDM : de .200 à .253
| Adresse | Nom | description |
|---|---|---|
| 10.3.10.100 | sw-secu-ADV | cœur coté ADV |
| 10.3.10.101 | sw-secu-gardiens | |
| 10.3.10.102 | sw-secu-IGH | |
| 10.3.10.103 | sw-secu-IGF-S | |
| 10.3.10.200 | sw-secu-RDM | cœur coté RDM |
| 10.3.10.201 | sw-secu-BAT-A | |
| 10.3.10.202 | sw-secu-BAT-B | |
| 10.3.10.203 | sw-secu-BAT-C | |
| 10.3.10.204 | sw-secu-BAT-D | |
| 10.3.10.205 | sw-secu-CEFE | |
| 10.3.10.206 | sw-secu-SERRES | |
| 10.3.10.207 | sw-secu-SIC | |
| 10.3.10.208 | sw-secu-IGMM | |
| 10.3.10.209 | sw-secu-CPBS | |
| 10.3.10.210 | sw-secu-CANTINE |
Fichier de conf commut
configure set system host-name sw-secu-XXX set system auto-snapshot set system time-zone Europe/Paris set system root-authentication encrypted-password bJQVTp3zyWF86 set system login user jgarnier uid 2000 set system login user jgarnier class super-user set system login user jgarnier authentication encrypted-password "$1$z9wk9221$gMXk7VpYHc4XkMX7lECdL/" set system login user jgarnier authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfL2NFG8wbnQ8A0xYE4ScMHbldwNLAIIUNKrd3saKWvnfeYgR37QRBW35G3Hi99S+k6Vr2Z+ekpyxgFGFg/9mbmlz411S3WaV0S/0BGW9fEYUReSl6gXR7IuCPLYVusYpqIHC1ej4UFdgwOdNA6s3urPZX99SHXLlxoUD9OlZJ458bu0UiKaYBA3YON2TsjWcZo7Y63Iekzq2Jrjgk+PFaRXzNpzL8Wv1sGuqX/3r35L8qckIZjFCZSStLI7QEc7yEiPijXUO4KseAD7cxdGgi6obXhmnWvaKpXXOIzACyvwaHR1ZVgQE96HzUtJUzhZsX1EO7pPLYOAMwOVdAPxO5 jgarnier@ssi13JG" set system login user olivier-durant uid 2001 set system login user olivier-durant class super-user set system login user olivier-durant authentication encrypted-password "$1$iprLCzhi$ZX68P/i1PWwRnN1dgt0jt." set system services ssh protocol-version v2 set system services ssh max-sessions-per-connection 32 set system services netconf ssh set system services web-management https port 443 set system services web-management https system-generated-certificate set system syslog user * any emergency set system syslog host 10.1.7.23 any any set system syslog file messages any notice set system syslog file messages authorization info set system syslog file interactive-commands interactive-commands any set system syslog file default-log-messages any any set system syslog file default-log-messages match "(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|cm_device|(Master Unchanged, Members Changed)|(Master Changed, Members Changed)|(Master Detected, Members Changed)|(vc add)|(vc delete)|(Master detected)|(Master changed)|(Backup detected)|(Backup changed)|(interface vcp-)" set system syslog file default-log-messages structured-data set system ntp server 10.3.10.1 set chassis aggregated-devices ethernet device-count 1 set chassis alarm management-ethernet link-down ignore set chassis auto-image-upgrade set interfaces me0 disable set interfaces vlan unit 273 description scr-secu-adm set interfaces vlan unit 273 family inet address 10.3.10.XXX/24 set interfaces ge-0/0/0 disable set interfaces ge-0/0/1 disable set interfaces ge-0/0/2 disable set interfaces ge-0/0/3 disable set interfaces ge-0/0/4 disable set interfaces ge-0/0/5 disable set interfaces ge-0/0/6 disable set interfaces ge-0/0/7 disable set interfaces ge-0/0/8 disable set interfaces ge-0/0/9 disable set interfaces ge-0/0/10 disable set interfaces ge-0/0/11 disable set interfaces ge-0/0/12 disable set interfaces ge-0/0/13 disable set interfaces ge-0/0/14 disable set interfaces ge-0/0/15 disable set interfaces ge-0/0/16 disable set interfaces ge-0/0/17 disable set interfaces ge-0/0/18 disable set interfaces ge-0/0/19 disable set interfaces ge-0/0/20 disable set interfaces ge-0/0/21 disable set interfaces ge-0/0/22 disable set interfaces ge-0/0/23 disable
set interfaces ge-0/1/0 disable set interfaces ge-0/1/1 disable set interfaces ge-0/1/2 disable set interfaces ge-0/1/3 description "uplink" set interfaces ge-0/1/3 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/1/3 unit 0 family ethernet-switching vlan members src-secu-adm set interfaces ge-0/1/3 unit 0 family ethernet-switching vlan members src-video set interfaces ge-0/1/3 unit 0 family ethernet-switching vlan members src-cab set snmp community cnrsmgmt authorization read-only set snmp trap-group space targets 10.1.7.25 set routing-options static route 0.0.0.0/0 next-hop 10.3.10.1 set protocols igmp-snooping vlan all set protocols rstp traceoptions file rstp set protocols rstp traceoptions file size 100000 set protocols rstp traceoptions file files 10 set protocols rstp traceoptions flag topology-change-state-machine set protocols rstp traceoptions flag ppmd set protocols lldp interface all set protocols lldp-med interface all set ethernet-switching-options traceoptions file ethernet set ethernet-switching-options traceoptions file size 100000 set ethernet-switching-options traceoptions file files 10 set ethernet-switching-options traceoptions flag interface set ethernet-switching-options traceoptions flag stp set ethernet-switching-options traceoptions flag unknown-unicast-forwarding set ethernet-switching-options traceoptions flag vlan set ethernet-switching-options storm-control interface all set vlans src-secu-adm vlan-id 273 set vlans src-secu-adm l3-interface vlan.273 set vlans src-video description "videosurveillance 10.3.7.0/24" set vlans src-video vlan-id 271 set vlans src-cab description "controle d'acces batiments 10.3.9.0/24" set vlans src-cab vlan-id 272 set poe interface all delete interfaces me0 delete interfaces vlan unit 0 delete vlans default l3-interface commit
