Konfiguration des OmniSwitch 6860 von der DataTour H1/2014

vcboot.cfg
! Chassis:
system name "OS6860E"
system location "Stuttgart"
bluetooth transmit-power high
 
! Configuration:
configuration error-file-limit 2
 
! Capability Manager:
hash-control extended
 
! Multi-Chassis:
! Virtual Flow Control:
! LFP 
! Interface:
! Link Aggregate:
! VLAN:
vlan 1 admin-state enable
vlan 1 mtu-ip 1492
vlan 10 admin-state enable
vlan 10 name "SDN"
vlan 20 admin-state enable
vlan 227-231 admin-state enable
vlan 10 members port 1/1/13 untagged
vlan 10 members port 1/1/15 untagged
vlan 10 members port 1/1/17 untagged
vlan 10 members port 1/1/19 untagged
vlan 20 members port 1/1/1 untagged
vlan 20 members port 1/1/3 untagged
vlan 20 members port 1/1/5 untagged
vlan 227 members port 1/1/1 tagged
vlan 228 members port 1/1/1 tagged
vlan 229 members port 1/1/1 tagged
vlan 230 members port 1/1/1 tagged
vlan 231 members port 1/1/1 tagged
 
! Spanning Tree:
spantree vlan 1 admin-state enable 
spantree vlan 10 admin-state enable 
spantree vlan 20 admin-state enable 
spantree vlan 227 admin-state enable 
spantree vlan 228 admin-state enable 
spantree vlan 229 admin-state enable 
spantree vlan 230 admin-state enable 
spantree vlan 231 admin-state enable 
 
! Bridging:
! Port Mirroring:
sflow agent ip 192.168.2.150 
sflow receiver 1 name raSpDNp address 192.168.2.107 udp-port 6343 packet-size 1400 version 5 timeout 0
sflow sampler 1 port 1/1/17 receiver 1 rate 1 sample-hdr-size 128
sflow poller 1 port 1/1/17 receiver 1 interval 5
 
! Port Mapping:
! IP:
ip service port 123 admin-state enable
ip interface "vlan-1" address 192.168.10.1 mask 255.255.255.0 vlan 1 ifindex 1
ip interface "vlan-20" address 192.168.20.25 mask 255.255.255.0 vlan 20 ifindex 2
ip interface "vlan-10" address 192.168.2.150 mask 255.255.255.0 vlan 10 ifindex 3
 
! IPv6:
! IPSec:
! IPMS:
! AAA:
aaa radius-server "cppm" host "clearpass.alu4u.local" hash-key *************** retransmit 3 timeout 2 auth-port 1812 acct-port 1813 
aaa radius-server "clearpass" host "clearpass.alu4u.local" hash-key *************** retransmit 3 timeout 2 auth-port 1812 acct-port 1813 
aaa authentication default "local" 
aaa authentication console "local" 
 
aaa accounting session "local" 
aaa device-authentication mac "clearpass" 
aaa device-authentication 802.1x "clearpass" 
aaa accounting mac "clearpass" 
aaa accounting 802.1x "clearpass" 
aaa profile "datatour"
aaa profile "datatour" device-authentication mac "cppm" 
aaa profile "datatour" accounting mac "cppm" 
aaa profile "datatour" device-authentication 802.1x "cppm" 
aaa profile "datatour" accounting 802.1x "cppm" 
 
! NTP:
ntp server 192.168.30.10 prefer 
ntp server 192.168.30.11
ntp client admin-state enable
 
! QOS:
! Policy Manager:
! VLAN Stacking:
! ERP:
! MVRP:
! LLDP:
! UDLD:
! Server Load Balance:
! High Availability Vlan:
! Session Manager:
session cli timeout 999
session prompt default "OS6860E->"
 
! Web:
! Trap Manager:
snmp station 192.168.40.11 162 "omnivista" v3 enable
 
! Health Monitor:
! System Service:
ip name-server 192.168.30.10 192.168.30.11
ip domain-lookup
system timezone CET
usb enable
 
! SNMP:
snmp authentication-trap enable
 
! BFD:
! IP Route Manager:
ip static-route 0.0.0.0/0 gateway 192.168.20.254 metric 1
 
! VRRP:
ip load vrrp
 
! UDP Relay:
! RIP:
! OSPF:
! IP Multicast:
! DVMRP:
! IPMR:
! RIPng:
! OSPF3:
! BGP:
! ISIS:
! Netsec:
! Module:
! LAN Power:
lanpower power-rule powerOff admin-state enable power off at minutes 10 days all months all timezone local-server
lanpower power-rule powerOn admin-state enable power on at minutes 5 days all months all timezone local-server
lanpower port 1/1/11 power-policy powerOnOff5Min
lanpower power-policy powerOnOff5Min power-rule powerOff
lanpower power-policy powerOnOff5Min power-rule powerOn
lanpower slot 1/1 service start
 
! RDP:
! DA-UNP:
unp edge-profile byod
unp edge-profile byod redirect enable
unp edge-profile contractor
unp edge-profile employee
unp edge-profile guest
unp edge-profile guest redirect enable
unp edge-profile restricted
unp edge-profile restricted redirect enable
unp vlan-mapping edge-profile byod vlan 227
unp vlan-mapping edge-profile contractor vlan 230
unp vlan-mapping edge-profile employee vlan 230
unp vlan-mapping edge-profile guest vlan 228
unp vlan-mapping edge-profile restricted vlan 228
unp redirect-server 192.168.40.61
unp edge-template NetworkAccess
unp edge-template NetworkAccess 802.1x-authentication enable
unp edge-template NetworkAccess mac-authentication enable
unp edge-template NetworkAccess aaa-profile datatour
unp port 1/1/7 port-type edge
unp port 1/1/7 mac-authentication enable
unp port 1/1/9 port-type edge
unp port 1/1/9 mac-authentication enable
unp port 1/1/9 aaa-profile datatour
unp port 1/1/10 port-type edge
unp port 1/1/10 edge-template NetworkAccess
 
! DHL:
! Ethernet-OAM:
! SAA:
! SPB-ISIS:
! SVCMGR:
! LDP:
! EVB:
! APP-FINGERPRINT:
! FCOE:
! QMR 
! OPENFLOW:
! Dynamic auto-fabric
! SIP Snooping
! DHCP Server:
! DPI:
dpi port 1/1/7 admin-state enable
dpi port 1/1/9 admin-state enable
dpi app-list add app-name "Twitter"
dpi app-list add app-name "YouTube"
dpi app-list add app-name "LinkedIn"
dpi app-list add app-name "FTP"
dpi apply
dpi admin-state enable
 
! DHCPv6 Relay:
! DHCPv6 Server:
! QIP Message Service:
! QIP Active Lease Service:
! Virtual Chassis Split Protection:
! DHCP Snooping:
! APP-MONITORING:
app-mon admin-state enable
app-mon port 1/1/7 admin-state enable
app-mon port 1/1/9 admin-state enable
app-mon app-list add app-name "FTP"
app-mon app-list add app-name "LinkedIn"
app-mon app-list add app-name "Twitter"
app-mon app-list add app-name "YouTube"
app-mon apply