Aruba Branch Core Switch Template
Table of contents
For modification of this template, network-specific parameters are marked as CHANGE_ME.
hostname %_sys_hostname%
banner motd !
**********************************************************
NOTICE TO USER
This is a private computer system and is the property of
Aruba Networks. It is for authorized use only.
users (authorized or unauthorized) have no explicit or
implicit expectation of privacy while connected to this
system.
Any or all uses of this system and all files on this system
may be intercepted, monitored, recorded, copied, audited,
inspected, and disclosed to an authorized site, Aruba networks,
and law enforcement personnel
(foreign and domestic).
By using this system, the user consents to such interception,
monitoring, recording, copying, auditing, inspection, and
disclosure at the discretion of an authorized site or Aruba Networks
personnel.
Unauthorized or improper use of this system may result in
administrative disciplinary action and civil and criminal
penalties. By continuing to use of this system you indicate
your awareness of and consent to these terms and conditions
of use. LOG OFF IMMEDIATELY if you do not agree to the
conditions stated in this warning.
***********************************************************!
user admin group administrators password ciphertext AQBapS/ZPlZE0wOgKQN6f741C+kfgFW2WxhLYEkMV+GGlPu5YgAAADYo+tl79RmR5d2HFOLN1RPNQrSf1t1R2QbHxqFSZSpFg8JDt1DD8q35YbrgqazmltMWBlSWXQLy1L+oXFTckeg63j+E9Hmec6E15ChobUGlfsv6/F4GjshcQnW9JLG70NOP
loop-protect transmit-interval 3
loop-protect re-enable-timer 15
ntp server 10.2.120.98 iburst version 3
ntp server 10.2.120.99 iburst version 3
ntp enable
!
!
!
!
radius-server host 10.2.120.94 key ciphertext AQBapUmeqwuSjUoetq4KWXbTnUyBILPjxzok4qzRZeSXsBIzCQAAACMxHv6lEnY7jA== tracking enable
radius-server host 10.2.120.95 key ciphertext AQBapUmeqwuSjUoetq4KWXbTnUyBILPjxzok4qzRZeSXsBIzCQAAACMxHv6lEnY7jA== tracking enable
!
!
!
radius dyn-authorization enable
ssh server vrf default
ssh server vrf mgmt
vsf secondary-member 2
vsf member 1
type jl666a
link 1 1/1/25
link 2 1/1/26
vsf member 2
type jl666a
link 1 2/1/25
link 2 2/1/26
vlan 1
vlan CHANGE_ME
name CHANGE_ME
dhcpv4-snooping
arp inspection
ip igmp snooping enable
vlan CHANGE_ME
name CHANGE_ME
dhcpv4-snooping
arp inspection
ip igmp snooping enable
vlan CHANGE_ME
name CHANGE_ME
dhcpv4-snooping
arp inspection
ip igmp snooping enable
vlan CHANGE_ME
name CHANGE_ME
dhcpv4-snooping
arp inspection
ip igmp snooping enable
vlan CHANGE_ME
name CHANGE_ME
dhcpv4-snooping
arp inspection
ip igmp snooping enable
vlan CHANGE_ME
name CHANGE_ME
dhcpv4-snooping
arp inspection
ip igmp snooping enable
vlan CHANGE_ME
name CHANGE_ME
dhcpv4-snooping
arp inspection
ip igmp snooping enable
vlan CHANGE_ME
name CHANGE_ME
dhcpv4-snooping
arp inspection
ip igmp snooping enable
spanning-tree mode rpvst
spanning-tree
spanning-tree vlan 100
spanning-tree vlan 100 priority 0
interface mgmt
no shutdown
ip dhcp
port-access lldp-group AP-LLDP-GROUP
seq 10 match vendor-oui 000b86
seq 20 match vendor-oui D8C7C8
seq 30 match vendor-oui 6CF37F
seq 40 match vendor-oui 186472
seq 41 match vendor-oui 00120f
seq 42 match vendor-oui 0012bb
seq 43 match vendor-oui 904C81
seq 50 match sys-desc ArubaOS
port-access role ARUBA-AP
auth-mode device-mode
vlan trunk native 100
vlan trunk allowed 100
port-access role EMPLOYEE
reauth-period 120
vlan access 101
port-access role CAMERA
reauth-period 120
vlan access CHANGE_ME
port-access role IOT
reauth-period 120
vlan access CHANGE_ME
port-access role VISTOR
reauth-period 120
vlan access CHANGE_ME
port-access role REJECT
reauth-period 120
vlan access CHANGE_ME
port-access role CRITICAL
reauth-period 120
vlan access CHANGE_ME
port-access role QUARANTINE
reauth-period 120
vlan access CHANGE_ME
fault-monitor profile PORT_ERRORS
excessive-broadcasts
excessive-link-flaps
excessive-jabbers
excessive-fragments
excessive-crc-errors
excessive-tx-drops
port-access device-profile ARUBA_AP
enable
associate role ARUBA-AP
associate lldp-group AP-LLDP-GROUP
aaa authentication port-access dot1x authenticator
enable
aaa authentication port-access mac-auth
addr-format multi-dash-uppercase
enable
interface lag 1
no shutdown
no routing
vlan trunk native 100
vlan trunk allowed 100-107
lacp mode active
lacp fallback-static
arp inspection trust
dhcpv4-snooping trust
interface lag 2
no shutdown
no routing
vlan trunk native 100
vlan trunk allowed 100-107
lacp mode active
lacp fallback-static
arp inspection trust
dhcpv4-snooping trust
interface lag 3
no shutdown
no routing
vlan trunk native 100
vlan trunk allowed 100-107
lacp mode active
lacp fallback-static
interface lag 4
no shutdown
no routing
vlan trunk native 100
vlan trunk allowed 100-107
lacp mode active
lacp fallback-static
arp inspection trust
dhcpv4-snooping trust
interface 1/1/1
no shutdown
lag 3
interface 1/1/2
no shutdown
lag 4
interface 1/1/3
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/4
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/5
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/6
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/7
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/8
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/9
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/10
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/11
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/12
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/13
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/14
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/15
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/16
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/17
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/18
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/19
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/20
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/21
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/22
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 1/1/23
description SFOBR-ECB1-1
no shutdown
lag 1
interface 1/1/24
description SFOBR-ECB1-2
no shutdown
lag 2
interface 1/1/25
no shutdown
interface 1/1/26
no shutdown
interface 1/1/27
no shutdown
no routing
vlan access 1
interface 1/1/28
no shutdown
no routing
vlan access 1
interface 2/1/1
no shutdown
lag 3
interface 2/1/2
no shutdown
lag 4
interface 2/1/3
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/4
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/5
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/6
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/7
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/8
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/9
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/10
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/11
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/12
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/13
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/14
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/15
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/16
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/17
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/18
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/19
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/20
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/21
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/22
description ACCESS_PORT
no shutdown
no routing
vlan access 1
spanning-tree bpdu-guard
spanning-tree port-type admin-edge
spanning-tree root-guard
spanning-tree tcn-guard
loop-protect
aaa authentication port-access auth-precedence mac-auth dot1x
port-access onboarding-method precedence device-profile aaa
aaa authentication port-access client-limit 5
aaa authentication port-access critical-role CRITICAL
aaa authentication port-access reject-role REJECT
aaa authentication port-access dot1x authenticator
eapol-timeout 30
max-eapol-requests 1
max-retries 1
enable
aaa authentication port-access mac-auth
enable
interface 2/1/23
no shutdown
lag 1
interface 2/1/24
no shutdown
lag 2
interface 2/1/25
no shutdown
interface 2/1/26
no shutdown
interface 2/1/27
no shutdown
no routing
vlan access 1
interface 2/1/28
no shutdown
no routing
vlan access 1
interface vlan 1
no ip dhcp
interface vlan 100
description MGMT
ip mtu 9198
ip dhcp