!
! Last configuration change at 10:31:26 EST Wed Dec 9 2020 by cisco
! NVRAM config last updated at 10:31:03 EST Wed Dec 9 2020 by cisco
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service compress-config
!
hostname ALS1
!
boot-start-marker
boot-end-marker
!
!
logging buffered 16384
no logging console
enable secret 5 $1$oRs9$UDeTGbe25sN2khyCfKQ7o0
!
username cisco secret 5 $1$a7nh$nDAad/5Hjq16ZVuI7PJKU0
aaa new-model
!
!
aaa authentication login default local
aaa authentication login CONSOLE none
aaa authorization exec default local 
!
!
!
!
!
!
aaa session-id common
clock timezone EST -5 0
clock summer-time EDT recurring
!
!
!
!
!
vtp mode transparent
!
!
!
no ip domain-lookup
ip domain-name tshoot.net
crypto key generate rsa modulus 1024
ip cef
ipv6 unicast-routing
ipv6 cef
!
!
errdisable recovery cause psecure-violation
errdisable recovery interval 120
!
spanning-tree mode mst
spanning-tree portfast edge default
spanning-tree portfast edge bpduguard default
spanning-tree extend system-id
!
spanning-tree mst configuration
 name TSHOOT
 revision 25
 instance 1 vlan 99, 110, 120
 instance 2 vlan 100, 200, 300
!
!
!
vlan 99
 name MANAGEMENT
!
vlan 100
 name SERVERS
!
vlan 110
 name GUEST
!
vlan 120
 name OFFICE
!
vlan 200
 name VOICE
!
vlan 300
 name O-PEER
!
vlan 666
 name NATIVE
!
vlan 999
 name PARKING_LOT
lldp run
!
! 
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel1
 description Channel to DLS1
 switchport trunk allowed vlan 99,100,110,120,200,300
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 666
 switchport mode trunk
 switchport nonegotiate
!
interface Port-channel2
 description Channel to DLS2
 switchport trunk allowed vlan 99,100,110,120,200,300
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 666
 switchport mode trunk
 switchport nonegotiate
!
interface GigabitEthernet0/0
 description Channel to DLS1
 switchport trunk allowed vlan 99,100,110,120,200,300
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 666
 switchport mode trunk
 switchport nonegotiate
 negotiation auto
 channel-group 1 mode on
!
interface GigabitEthernet0/1
 description Channel to DLS1
 switchport trunk allowed vlan 99,100,110,120,200,300
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 666
 switchport mode trunk
 switchport nonegotiate
 negotiation auto
 channel-group 1 mode on
 no shutdown
!
interface GigabitEthernet0/2
 description Channel to DLS2
 switchport trunk allowed vlan 99,100,110,120,200,300
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 666
 switchport mode trunk
 switchport nonegotiate
 negotiation auto
 channel-group 2 mode on
 no shutdown
!
interface GigabitEthernet0/3
 description Channel to DLS2
 switchport trunk allowed vlan 99,100,110,120,200,300
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 666
 switchport mode trunk
 switchport nonegotiate
 negotiation auto
 channel-group 2 mode on
 no shutdown
!
interface GigabitEthernet1/0
 description To PC-B
 switchport access vlan 120
 switchport mode access
 switchport voice vlan 200
 switchport port-security maximum 10
 switchport port-security
 negotiation auto
 spanning-tree portfast edge
 no shutdown
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan99
 ip address 10.1.99.251 255.255.255.0
 no ip proxy-arp
 ipv6 address FE80::A1 link-local
 ipv6 address 2001:DB8:CAFE:99::A1/64
 no shutdown
!
interface Vlan100
 ip address 10.1.100.251 255.255.255.0
 no ip proxy-arp
 ipv6 address FE80::A1 link-local
 ipv6 address 2001:DB8:CAFE:100::A1/64
 no shutdown
!
interface Vlan110
 ip address 10.1.110.251 255.255.255.0
 no ip proxy-arp
 ipv6 address FE80::A1 link-local
 ipv6 address 2001:DB8:CAFE:110::A1/64
 ipv6 nd prefix 2001:DB8:CAFE:110::/64 2592000 604800 no-autoconfig
 ipv6 nd managed-config-flag
 no shutdown
!
interface Vlan120
 ip address 10.1.120.251 255.255.255.0
 no ip proxy-arp
 ipv6 address FE80::A1 link-local
 ipv6 address 2001:DB8:CAFE:120::A1/64
 ipv6 nd prefix 2001:DB8:CAFE:120::/64
 ipv6 nd other-config-flag
 no shutdown
!
interface Vlan200
 ip address 10.1.200.251 255.255.255.0
 no ip proxy-arp
 ipv6 address FE80::A1 link-local
 ipv6 address 2001:DB8:CAFE:200::A1/64
 ipv6 nd prefix 2001:DB8:CAFE:200::/64 2592000 604800 no-autoconfig
 ipv6 nd managed-config-flag
 no shutdown
!
interface Vlan300
 ip address 10.1.30.251 255.255.255.0
 no ip proxy-arp
 ipv6 address FE80::A1 link-local
 ipv6 address 2001:DB8:CAFE:300::A1/64
 no shutdown
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.1.99.254
ip ssh source-interface Vlan99
ip ssh dh min size 2048
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
!
logging source-interface Vlan99
logging host 10.1.100.1
ipv6 route ::/0 2001:DB8:CAFE:99::D2 5
ipv6 route ::/0 2001:DB8:CAFE:99::D1
!
!
!
snmp-server community cisco RO
snmp-server community san-fran RW
snmp-server trap-source Vlan99
snmp-server location TSHOOT Lab Facility
snmp-server contact support@tshoot.net
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server host 10.1.100.1 version 2c cisco 
!
!
!
ipv6 access-list REMOTEv6
 deny ipv6 any any
!
control-plane
!
banner exec ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS  *
* education. IOSv is provided as-is and is not supported by Cisco's      *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any       *
* purposes is expressly prohibited except as otherwise authorized by     *
* Cisco in writing.                                                      *
**************************************************************************^C
banner incoming ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS  *
* education. IOSv is provided as-is and is not supported by Cisco's      *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any       *
* purposes is expressly prohibited except as otherwise authorized by     *
* Cisco in writing.                                                      *
**************************************************************************^C
banner login ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS  *
* education. IOSv is provided as-is and is not supported by Cisco's      *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any       *
* purposes is expressly prohibited except as otherwise authorized by     *
* Cisco in writing.                                                      *
**************************************************************************^C
banner motd ^C*** Switch ALS1 Skills Assessment BASE Config ***^C
!
line con 0
 exec-timeout 0 0
 logging synchronous
 login authentication local
line aux 0
line vty 0 4
 exec-timeout 0 0
 ipv6 access-class REMOTEv6 in
 logging synchronous
 length 0
 transport input ssh
!
ntp source Vlan99
ntp server 2.2.2.2
!
end