conf t
!
no ip domain lookup
no system ignore startupconfig switch all
!
hostname <deviceName>
ip domain name <urDomain.network>
username <localUSER> priv <15> secret <superSECUREpassL!ke12345>
line vty 0 4
login local
logg sync
line con 0
login local
logg sync
!
! --- crypto key zeroize rsa
! --- yes
crypto key generate rsa general-key modulus 2024 label SSH
!
! --- for REACHABILITY choose between L2 or L3---
! L2 configuration
no ip routing
ip default-gateway <ip.ad.dr.ess>
! or
! L3 configuration
ip routing
ip route 0.0.0.0 0.0.0.0 <enc.ip.ad.dr>
int XX/XX
no swithport
ip address <ip.ad.dr.ess> <sub.net.ma.sk>
no shut
!
! --- defining VLANs
vlan <MGMT#>
name MANAGEMENT
interface vlan <MGMT#>
ip address <ip.ad.dr.ess> <sub.net.ma.sk>
no shut
! -=-=- !
vlan <USER#>
name USER-ACCESS
interface vlan USER#>
ip address <ip.ad.dr.ess> <sub.net.ma.sk>
no shut
!
vlan <VoIP#>
name VoIP-ACCESS
interface vlan <VoIP#>
ip address <ip.ad.dr.ess> <sub.net.ma.sk>
no shut
! -=-=- !
vlan <PRNTER#>
name PRINTER-ACCESS
interface vlan <PRINTER#>
ip address <ip.ad.dr.ess> <sub.net.ma.sk>
no shut
!
!
! --- defining TRUNKs
interface XX/XX
switchport mode trunk
duplex full
!
!
! --- defining ACCESS/VOICE PORTs
interface range <xx/begPort> - <endPort>
switchport mode access
switchport access vlan <usr/prn>
switchport voice vlan <VoIP#>
! sw port-security max ##
! sw port-security mac-address sticky
! sw port-security
! spanning-tree portfast
!