TL-SG2428P

Config

Config

download
configure
#
vlan 2
       name "mgmt"
#
vlan 2000
        name "VLAN2000"
#
#
hostname 10.90.7.181
location "BACKUP"
serial_port baud_rate 38400
contact-info helpdesk@link-region.ru
#
#
system-time ntp UTC+03:00 10.90.7.1 10.90.7.1 12
no system-time dst
#
sdm prefer pca-default
#
jumbo-size 2022
#
#
dot1q-tunnel
#
#
user name link privilege admin password 7 qwerty1234
no user name admin
no service reset-disable
#
#
#
#
pppoe id-insertion
#
#
#
snmp-server
snmp-server community "lpublic" read-only "viewDefault"
#
#
lldp
#
#
#
access-list packet-content profile chunk-offset0 3 chunk-offset1 4 chunk-offset2 5 chunk-offset3 6
access-list create 2001
  access-list packet-content config 2001 rule 1  deny logging enable chunk0 00070000 mask0 00FF0000
  access-list packet-content config 2001 rule 6  permit logging disable
access-list create 1001
 access-list combined 1001 rule 1 deny logging disable sip 192.168.0.0 sip-mask 255.255.0.0
 access-list combined 1001 rule 6 deny logging disable sip 169.254.0.0 sip-mask 255.255.0.0
 access-list combined 1001 rule 11 deny logging disable smac ff:ff:ff:ff:ff:ff smask ff:ff:ff:ff:ff:ff
 access-list combined 1001 rule 16 deny logging disable smac 00:00:00:00:00:00 smask ff:ff:ff:ff:ff:ff
 access-list combined 1001 rule 21 deny logging disable smac 00:00:00:00:00:00 smask ff:ff:ff:ff:ff:00
access-list create 1501
  access-list ipv6 1501 rule 1  deny logging disable
#
access-list bind 2001 interface gigabitEthernet 1/0/1-23
access-list bind 1501 interface gigabitEthernet 1/0/1-23
access-list bind 1001 interface gigabitEthernet 1/0/1-23
#
loopback-detection
loopback-detection recovery-time 300
#
#
#
#
no controller cloud-based
interface vlan 1
  no ip address
  ipv6 enable
  shutdown
#
interface vlan 2
  ip address 10.90.7.181 255.255.255.0
  no ipv6 enable
#
#
#
#
interface range gigabitEthernet 1/0/1-23
  switchport general allowed vlan 2000 untagged
  no switchport general allowed vlan 1
  switchport pvid 2000
  storm-control broadcast 64
  storm-control exceed shutdown recover-time 300
  ip dhcp filter

  no ip igmp snooping
  no lldp receive
  no lldp transmit
  loopback-detection config process-mode port-based recovery-mode auto
  loopback-detection
#
#
#
interface gigabitEthernet 1/0/24
  switchport general allowed vlan 2,2000 tagged
  switchport acceptable frame tagged
  no switchport general allowed vlan 1
  vlan_trunk

  no ip igmp snooping
  lldp snmp-trap
  lldp management-address 10.90.7.181
#
#
#
interface range ten-gigabitEthernet 1/0/25-26
  switchport general allowed vlan 2,2000 tagged
  switchport acceptable frame tagged
  no switchport general allowed vlan 1
  vlan_trunk
  speed 1000

  no ip igmp snooping
  lldp snmp-trap
  lldp management-address 10.90.7.181
#
#
interface range ten-gigabitEthernet 1/0/27-28
  switchport general allowed vlan 2,2000 tagged
  switchport acceptable frame tagged
  no switchport general allowed vlan 1
  vlan_trunk

  no ip igmp snooping
  lldp snmp-trap
  lldp management-address 10.90.7.181