!NOTE THIS CONFIG SHOULD BE READ AND CHANAGED BEFORE IT IS APPLIED TO A SWICH hostname ACCESS-SWITCH ip domain-name mydomain.com cry key generate rsa general-keys modulus 1024 vtp mode client vtp version 2 vtp domain mydomain vtp password VTPpassword1 switch 1 priority 15 switch 2 provision ws-c3750-48ts switch 3 provision ws-c3750-48ts switch 4 provision ws-c3750-48ts switch 4 priority 10 interface Vlan101 ip address 10.10.11.111 255.255.255.0 ip routing ip route 0.0.0.0 0.0.0.0 10.10.11.254 interface ra f1/0/1-48 switchport access vlan 10 switchport mode access switchport port-security switchport port-security violation restrict no cdp enable spanning-tree portfast spanning-tree bpdufilter enable spanning-tree bpduguard enable ! interface ra f2/0/1-48 switchport access vlan 10 switchport mode access switchport port-security switchport port-security violation restrict no cdp enable spanning-tree portfast spanning-tree bpdufilter enable spanning-tree bpduguard enable ! interface ra f3/0/1-48 switchport access vlan 20 switchport mode access switchport port-security switchport port-security violation restrict no cdp enable spanning-tree portfast spanning-tree bpdufilter enable spanning-tree bpduguard enable ! interface ra f4/0/1-48 switchport access vlan 20 switchport mode access switchport port-security switchport port-security violation restrict no cdp enable spanning-tree portfast spanning-tree bpdufilter enable spanning-tree bpduguard enable ! interface GigabitEthernet1/0/1 description ** Link to Core1 G2/1 ** switchport trunk encapsulation dot1q switchport mode trunk switchport trunk allowed vlan 1,10,20 spanning-tree portfast trunk spanning-tree link-type point-to-point ! interface ra GigabitEthernet1/0/2-4 shutdown ! interface ra GigabitEthernet2/0/1-4 shutdown ! interface ra GigabitEthernet3/0/1-4 shutdown ! interface ra GigabitEthernet4/0/2-4 shutdown ! interface GigabitEthernet4/0/1 description ** Link to Core2 G2/1 ** switchport trunk encapsulation dot1q switchport mode trunk switchport trunk allowed vlan 1,10,20 spanning-tree portfast trunk spanning-tree link-type point-to-point ! service nagle no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime service timestamps log datetime msec localtime service password-encryption service sequence-numbers no service dhcp no logging console enable secret mysecret username not-admin password secretpassword aaa new-model aaa authentication login default local-case ! aaa session-id common clock timezone BST 0 clock summer-time BST recurring last Sun Mar 0:00 last Sun Oct 0:00 ip subnet-zero no ip domain-lookup ip ssh version 2 errdisable recovery cause bpduguard errdisable recovery interval 30 spanning-tree mode rapid-pvst spanning-tree extend system-id interface Vlan1 no ip address shutdown ip classless no ip http server no ip http secure-server logging trap errors logging facility local7 logging source-interface Vlan101 logging 10.10.1.72 access-list 1 permit 10.10.1.0 0.0.0.255 snmp-server community not-public RO 1 access-list 1 permit 10.10.1.0 0.0.0.255 line con 0 line vty 0 4 transport input ssh access-class 1 in line vty 5 15 transport input ssh access-class 1 in ntp source Vlan101 ntp server 10.10.11.101 ntp server 10.10.11.100