!
enable password (パスワード：必須)
!
username (ユーザー名：必須) privilege on password (パスワード：必須)
!
qos enable
!
dns-client enable
port-channel load-balance src-dst-ip
lldp run
lldp auto-setting enable
!
access-list 1 10 deny any any 172.21.0.0 0.0.0.255
access-list 1 20 deny any any 172.22.0.0 0.0.1.255
access-list 1 30 deny any any 172.25.0.0 0.0.3.255
access-list 2 10 deny any any 172.16.0.0 0.0.0.255
access-list 2 20 deny any any 172.22.0.0 0.0.1.255
access-list 2 30 deny any any 172.23.0.0 0.0.0.255
access-list 2 40 deny any any 172.24.0.0 0.0.0.255
access-list 2 50 deny any any 172.25.0.0 0.0.3.255
access-list 3 10 deny any any 172.16.0.0 0.0.0.255
access-list 3 20 deny any any 172.21.0.0 0.0.0.255
access-list 3 30 deny any any 172.23.0.0 0.0.0.255
access-list 3 40 deny any any 172.24.0.0 0.0.0.255
access-list 3 50 deny any any 172.25.0.0 0.0.3.255
access-list 4 10 deny any any 172.21.0.0 0.0.0.255
access-list 4 20 deny any any 172.22.0.0 0.0.1.255
access-list 4 30 deny any any 172.24.0.0 0.0.0.255
access-list 4 40 deny any any 172.25.0.0 0.0.3.255
access-list 5 10 deny any any 172.21.0.0 0.0.0.255
access-list 5 20 deny any any 172.22.0.0 0.0.1.255
access-list 5 30 deny any any 172.23.0.0 0.0.0.255
access-list 5 40 deny any any 172.25.0.0 0.0.3.255
access-list 6 10 deny any any 172.16.0.0 0.0.0.255
access-list 6 20 deny any any 172.21.0.0 0.0.0.255
access-list 6 30 deny any any 172.22.0.0 0.0.1.255
access-list 6 40 deny any any 172.23.0.0 0.0.0.255
access-list 6 50 deny any any 172.24.0.0 0.0.0.255
!
dhcp-server enable
!
vlan database
 vlan 10 name VLAN0010
 vlan 20 name VLAN0020
 vlan 30 name VLAN0030
 vlan 40 name VLAN0040
 vlan 50 name VLAN0050
!
interface port1.1
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20,30,40,50
 channel-group 10 mode active
 qos trust dscp
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.2
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20,30,40,50
 channel-group 10 mode active
 qos trust dscp
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.3
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20
 channel-group 11 mode active
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.4
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20
 channel-group 11 mode active
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.5
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20,30,50
 channel-group 20 mode active
 qos trust dscp
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.6
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20,30,50
 channel-group 20 mode active
 qos trust dscp
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.7
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20,30,50
 channel-group 30 mode active
 qos trust dscp
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.8
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20,30,50
 channel-group 30 mode active
 qos trust dscp
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.9
 switchport
 switchport mode access
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.10
 switchport
 switchport mode access
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.11
 switchport
 switchport mode access
 switchport access vlan 30
 qos trust dscp
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.12
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20,50
 qos trust dscp
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.13
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20,30,40,50
 qos trust dscp
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.14
 switchport
 switchport mode access
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.15
 switchport
 switchport mode access
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface port1.16
 switchport
 switchport mode access
 no shutdown
 lldp-agent
  set lldp enable txrx 
  exit 
!
interface vlan1
 no switchport
 auto-ip enable
 ip address 172.16.0.240/24
 no shutdown
!
interface vlan10
 no switchport
 ip address 172.21.0.240/24
 no shutdown
 dhcp-server enable
!
interface vlan20
 no switchport
 ip address 172.22.1.240/23
 no shutdown
 dhcp-server enable
!
interface vlan30
 no switchport
 ip address 172.23.0.240/24
 no shutdown
!
interface vlan40
 no switchport
 ip address 172.24.0.240/24
 no shutdown
!
interface vlan50
 no switchport
 ip address 172.25.3.240/22
 no shutdown
 dhcp-server enable
!
interface po10
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20,30,40,50
 qos trust dscp
 no shutdown
!
interface po11
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20
 no shutdown
!
interface po20
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20,30,50
 qos trust dscp
 no shutdown
!
interface po30
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 10,20,30,50
 qos trust dscp
 no shutdown
!
vlan access-map VAM-001
 match access-list 1
!
vlan access-map VAM-010
 match access-list 2
!
vlan access-map VAM-020
 match access-list 3
!
vlan access-map VAM-030
 match access-list 4
!
vlan access-map VAM-040
 match access-list 5
!
vlan access-map VAM-050
 match access-list 6
!
vlan filter VAM-001 1 in
!
vlan filter VAM-010 10 in
!
vlan filter VAM-020 20 in
!
vlan filter VAM-030 30 in
!
vlan filter VAM-040 40 in
!
vlan filter VAM-050 50 in
!
ip route 0.0.0.0/0 172.16.0.1
!
crypto pki generate ca (認証局名)
!
radius-server local interface vlan1
radius-server local enable
!
!
clock timezone JST
!
ntpdate server ipv4 172.16.0.1
ntpdate interval 24
!
snmp-server community (コミュニティー名) ro
snmp-server enable trap coldstart warmstart linkdown linkup authentication temperature fan l2ms errdisable rmon termmonitor bridge loopdetect vrrp
snmp-server host (SNMPマネージャーのIPアドレス) traps version 2c (コミュニティー名)
snmp-server access permit (SNMPマネージャーのIPアドレス) community (コミュニティー名)
!
http-server enable
http-proxy enable
!
telnet-server enable
!
dhcp pool pool_vlan10
 network 172.21.0.0/24
 range 172.21.0.2 172.21.0.191
 default-router 172.21.0.240
 dns-server 172.21.0.1
!
dhcp pool pool_vlan20
 network 172.22.0.0/23
 range 172.22.0.2 172.22.1.191
 default-router 172.22.1.240
 dns-server 172.22.0.1
!
dhcp pool pool_vlan50
 network 172.25.0.0/22
 range 172.25.0.2 172.25.3.191
 default-router 172.25.3.240
 dns-server 172.25.0.1
!
line con 0
line vty 0 7
!
l2ms configuration
 l2ms role manager
!
snapshot enable
!
end

