# Huawei Versatile Routing Platform Software # VRP (R) software, Version 5.170 (S5720 V200R011C10SPC600) # Copyright (C) 2000-2018 HUAWEI TECH Co., Ltd. # # DDR Memory Size : 512 M bytes # FLASH Total Memory Size : 512 M bytes # FLASH Available Memory Size : 238 M bytes # Pcb Version : VER.B # BootROM Version : 020b.0a05 # BootLoad Version : 020b.0a06 # CPLD Version : 0106 # Software Version : VRP (R) Software, Version 5.170 (V200R011C10SPC600) # FLASH Version : 0x0 # S5720S-52P-LI-AC's Device status: # Slot Sub Type Online Power Register Status Role # ------------------------------------------------------------------------------- # 0 - S5720S-52P-LI Present PowerOn Registered Normal Master !Software Version V200R011C10SPC600 # sysname HK1-AJ18-TOR-S5720-A-16U # vlan batch 27 to 30 800 # stp disable # authentication-profile name default_authen_profile authentication-profile name dot1x_authen_profile authentication-profile name mac_authen_profile authentication-profile name portal_authen_profile authentication-profile name dot1xmac_authen_profile authentication-profile name multi_authen_profile # clock timezone HK add 08:00:00 # radius-server template default # hwtacacs-server template peg hwtacacs-server authentication 107.148.128.2 hwtacacs-server authorization 107.148.128.2 hwtacacs-server accounting 107.148.128.2 hwtacacs-server shared-key cipher %^%#U[bH4w1pD)$UtK;G&-95K=J@65k0E1l.nI+BgV--%^%# # pki realm default certificate-check none # acl name acl4snmp 2999 rule 5 permit source 10.0.80.0 0.0.3.255 rule 10 permit source 107.148.128.0 0.0.0.15 rule 15 permit source 107.148.128.224 0.0.0.15 rule 20 permit source 137.175.10.64 0.0.0.31 rule 25 permit source 199.180.101.101 0 # acl name acl4outintGigabitEthernet0/0/25 3942 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/25 3943 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 107.149.219.59 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/14 3944 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/14 3945 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 104.233.255.169 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/22 3946 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/22 3947 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 605 permit ip source 107.148.60.64 0.0.0.7 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/24 3948 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/24 3949 rule 1 deny ip source 10.0.0.0 0.255.255.255 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 107.148.48.71 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/32 3950 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/32 3951 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 104.233.255.162 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/35 3952 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/35 3953 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny udp destination-port eq 500 rule 60 deny udp source-port eq 500 rule 70 deny udp destination-port eq 4500 rule 80 deny udp source-port eq 4500 rule 210 deny tcp destination-port eq 3372 rule 220 deny tcp destination-port eq smtp rule 230 deny tcp source-port eq smtp rule 240 deny tcp destination-port eq 465 rule 250 deny tcp source-port eq 465 rule 260 deny tcp destination-port eq 587 rule 270 deny tcp source-port eq 587 rule 280 deny tcp destination-port eq 1723 rule 290 deny tcp source-port eq 1723 rule 295 permit ip source 104.233.252.73 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/29 3954 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/29 3955 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny udp destination-port eq 500 rule 60 deny udp source-port eq 500 rule 70 deny udp destination-port eq 4500 rule 80 deny udp source-port eq 4500 rule 210 deny tcp destination-port eq 3372 rule 220 deny tcp destination-port eq smtp rule 230 deny tcp source-port eq smtp rule 240 deny tcp destination-port eq 465 rule 250 deny tcp source-port eq 465 rule 260 deny tcp destination-port eq 587 rule 270 deny tcp source-port eq 587 rule 280 deny tcp destination-port eq 1723 rule 290 deny tcp source-port eq 1723 rule 295 permit ip source 107.148.48.24 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/33 3958 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/33 3959 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny udp destination-port eq 500 rule 60 deny udp source-port eq 500 rule 70 deny udp destination-port eq 4500 rule 80 deny udp source-port eq 4500 rule 210 deny tcp destination-port eq 3372 rule 220 deny tcp destination-port eq smtp rule 230 deny tcp source-port eq smtp rule 240 deny tcp destination-port eq 465 rule 250 deny tcp source-port eq 465 rule 260 deny tcp destination-port eq 587 rule 270 deny tcp source-port eq 587 rule 280 deny tcp destination-port eq 1723 rule 290 deny tcp source-port eq 1723 rule 295 permit ip source 107.148.60.166 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/36 3962 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/36 3963 rule 1 deny ip source 10.0.0.0 0.255.255.255 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 107.148.128.65 0 rule 605 permit ip source 107.148.128.69 0 rule 610 permit ip source 107.148.128.89 0 rule 615 permit ip source 107.148.128.90 0 rule 620 permit ip source 107.148.128.96 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/21 3964 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/21 3965 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny udp destination-port eq 500 rule 60 deny udp source-port eq 500 rule 70 deny udp destination-port eq 4500 rule 80 deny udp source-port eq 4500 rule 210 deny tcp destination-port eq 3372 rule 220 deny tcp destination-port eq smtp rule 230 deny tcp source-port eq smtp rule 240 deny tcp destination-port eq 465 rule 250 deny tcp source-port eq 465 rule 260 deny tcp destination-port eq 587 rule 270 deny tcp source-port eq 587 rule 280 deny tcp destination-port eq 1723 rule 290 deny tcp source-port eq 1723 rule 295 permit ip source 107.148.60.168 0 rule 300 permit ip source 107.148.60.169 0 rule 305 permit ip source 107.148.60.170 0 rule 310 permit ip source 107.148.60.171 0 rule 315 permit ip source 107.148.60.182 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/17 3966 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/17 3969 rule 1 deny ip source 10.0.0.0 0.255.255.255 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 107.148.48.134 0 rule 605 permit ip source 107.148.55.172 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/34 3970 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4outintGigabitEthernet0/0/13 3971 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/13 3972 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 107.148.128.98 0 rule 900 deny ip acl name acl4intGigabitEthernet0/0/34 3973 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 107.148.48.69 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/2 3974 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4outintGigabitEthernet0/0/8 3975 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/8 3976 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 107.148.48.241 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/23 3977 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/23 3978 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 104.233.255.161 0 rule 900 deny ip acl name acl4intGigabitEthernet0/0/2 3979 rule 1 deny ip source 10.0.0.0 0.255.255.255 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 107.148.128.115 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/16 3982 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/16 3983 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 107.148.55.178 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/31 3984 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/31 3985 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 605 permit ip source 107.148.55.165 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/12 3986 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/12 3987 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 605 permit ip source 107.149.217.24 0.0.0.7 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/9 3990 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/9 3991 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 107.148.73.118 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/18 3992 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/18 3993 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 107.148.55.247 0 rule 605 permit ip source 107.148.48.131 0 rule 610 permit ip source 107.148.48.132 0 rule 615 permit ip source 107.148.48.153 0 rule 620 permit ip source 107.148.48.155 0 rule 625 permit ip source 116.204.236.0 0.0.0.255 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/5 3994 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/5 3995 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 600 permit ip source 107.148.73.101 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/4 3996 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/4 3997 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny udp destination-port eq 500 rule 60 deny udp source-port eq 500 rule 70 deny udp destination-port eq 4500 rule 80 deny udp source-port eq 4500 rule 210 deny tcp destination-port eq 3372 rule 220 deny tcp destination-port eq smtp rule 230 deny tcp source-port eq smtp rule 240 deny tcp destination-port eq 465 rule 250 deny tcp source-port eq 465 rule 260 deny tcp destination-port eq 587 rule 270 deny tcp source-port eq 587 rule 280 deny tcp destination-port eq 1723 rule 290 deny tcp source-port eq 1723 rule 295 permit ip source 104.233.252.65 0 rule 900 deny ip acl name acl4outintGigabitEthernet0/0/1 3998 rule 10 deny tcp destination-port eq 135 rule 20 deny tcp destination-port eq 137 rule 30 deny tcp destination-port eq 138 rule 40 deny tcp destination-port eq 139 rule 50 deny ip source 192.168.30.1 0 rule 810 permit ip acl name acl4intGigabitEthernet0/0/1 3999 rule 10 permit udp destination-port eq bootps rule 20 permit udp destination-port eq bootpc rule 30 deny udp destination-port eq 0 rule 40 deny udp destination-port eq 80 rule 50 deny tcp destination-port eq 3372 rule 570 deny tcp destination-port eq smtp rule 575 deny tcp source-port eq smtp rule 580 deny tcp destination-port eq 465 rule 585 deny tcp source-port eq 465 rule 590 deny tcp destination-port eq 587 rule 595 deny tcp source-port eq 587 rule 605 permit ip source 107.148.75.104 0.0.0.7 rule 900 deny ip # free-rule-template name default_free_rule # portal-access-profile name portal_access_profile # aaa authentication-scheme default authentication-scheme radius authentication-mode radius authentication-scheme peg authentication-mode hwtacacs local authorization-scheme default authorization-scheme peg authorization-mode hwtacacs local accounting-scheme default accounting-scheme peg accounting-mode hwtacacs recording-scheme peg recording-mode hwtacacs peg cmd recording-scheme peg local-aaa-user password policy administrator password history record number 0 password expire 0 domain default authentication-scheme radius radius-server default domain default_admin authentication-scheme peg accounting-scheme peg authorization-scheme peg hwtacacs-server peg local-user admin password irreversible-cipher $1a$wxaRR|,;&6$u77"It"1%KE7,^TstnS#:uO,F0.30P"Mk7Iw,[u-$ local-user admin privilege level 15 local-user admin service-type terminal http # interface Vlanif1 # interface Vlanif27 ip address 107.148.44.109 255.255.255.240 # interface Vlanif800 ip address 10.0.80.250 255.255.255.0 # interface Eth-Trunk2 description HK1-AJ15-BAS-CE6851-A-25U@lag12 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 27 to 30 mode lacp # interface GigabitEthernet0/0/1 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/1 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/1 port-isolate enable group 1 qos lr outbound cir 50000 cbs 6250000 qos lr inbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/2 auto speed 100 port link-type access port default vlan 29 traffic-filter inbound acl name acl4intGigabitEthernet0/0/2 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/2 port-isolate enable group 1 qos lr outbound cir 20000 cbs 2500000 qos lr inbound cir 20000 cbs 2500000 # interface GigabitEthernet0/0/3 shutdown port link-type access port default vlan 30 port-isolate enable group 1 # interface GigabitEthernet0/0/4 auto speed 100 port link-type access port default vlan 29 traffic-filter inbound acl name acl4intGigabitEthernet0/0/4 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/4 qos lr outbound cir 20000 cbs 2500000 qos lr inbound cir 20000 cbs 2500000 # interface GigabitEthernet0/0/5 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/5 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/5 port-isolate enable group 1 qos lr outbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/6 shutdown port link-type access port default vlan 30 port-isolate enable group 1 # interface GigabitEthernet0/0/7 shutdown port link-type access port default vlan 30 port-isolate enable group 1 # interface GigabitEthernet0/0/8 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/8 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/8 port-isolate enable group 1 qos lr outbound cir 50000 cbs 6250000 qos lr inbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/9 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/9 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/9 port-isolate enable group 1 qos lr outbound cir 50000 cbs 6250000 qos lr inbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/10 auto speed 10 port link-type access port default vlan 29 # interface GigabitEthernet0/0/11 auto speed 100 shutdown port link-type access port default vlan 30 qos lr outbound cir 20000 cbs 2500000 # interface GigabitEthernet0/0/12 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/12 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/12 port-isolate enable group 1 qos lr outbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/13 auto speed 100 port link-type access port default vlan 29 traffic-filter inbound acl name acl4intGigabitEthernet0/0/13 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/13 port-isolate enable group 1 qos lr outbound cir 20000 cbs 2500000 qos lr inbound cir 20000 cbs 2500000 # interface GigabitEthernet0/0/14 auto speed 100 port link-type access port default vlan 29 traffic-filter inbound acl name acl4intGigabitEthernet0/0/14 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/14 port-isolate enable group 1 qos lr outbound cir 20000 cbs 2500000 qos lr inbound cir 20000 cbs 2500000 # interface GigabitEthernet0/0/15 auto speed 100 port link-type access port default vlan 29 qos lr outbound cir 100000 cbs 12500000 qos lr inbound cir 100000 cbs 12500000 # interface GigabitEthernet0/0/16 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/16 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/16 port-isolate enable group 1 qos lr inbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/17 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/17 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/17 port-isolate enable group 1 # interface GigabitEthernet0/0/18 port link-type access port default vlan 30 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/18 port-isolate enable group 1 # interface GigabitEthernet0/0/19 auto speed 100 shutdown port link-type access port default vlan 30 port-isolate enable group 1 qos lr outbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/20 shutdown port link-type access port default vlan 30 port-isolate enable group 1 # interface GigabitEthernet0/0/21 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/21 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/21 qos lr outbound cir 50000 cbs 6250000 qos lr inbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/22 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/22 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/22 port-isolate enable group 1 qos lr outbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/23 auto speed 100 port link-type access port default vlan 29 traffic-filter inbound acl name acl4intGigabitEthernet0/0/23 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/23 port-isolate enable group 1 qos lr outbound cir 20000 cbs 2500000 qos lr inbound cir 20000 cbs 2500000 # interface GigabitEthernet0/0/24 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/24 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/24 port-isolate enable group 1 qos lr outbound cir 50000 cbs 6250000 qos lr inbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/25 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/25 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/25 port-isolate enable group 1 qos lr outbound cir 50000 cbs 6250000 qos lr inbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/26 auto speed 100 port link-type access port default vlan 29 qos lr outbound cir 20000 cbs 2500000 qos lr inbound cir 20000 cbs 2500000 # interface GigabitEthernet0/0/27 auto speed 100 shutdown port link-type access port default vlan 30 port-isolate enable group 1 qos lr outbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/28 auto speed 10 shutdown port link-type access port default vlan 27 port-isolate enable group 1 qos lr outbound cir 10000 cbs 1250000 # interface GigabitEthernet0/0/29 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/29 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/29 qos lr outbound cir 50000 cbs 6250000 qos lr inbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/30 auto speed 100 port link-type access port default vlan 30 qos lr outbound cir 30000 cbs 3750000 qos lr inbound cir 30000 cbs 3750000 # interface GigabitEthernet0/0/31 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/31 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/31 port-isolate enable group 1 # interface GigabitEthernet0/0/32 auto speed 100 port link-type access port default vlan 29 traffic-filter inbound acl name acl4intGigabitEthernet0/0/32 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/32 port-isolate enable group 1 qos lr outbound cir 20000 cbs 2500000 qos lr inbound cir 20000 cbs 2500000 # interface GigabitEthernet0/0/33 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/33 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/33 qos lr outbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/34 auto speed 100 port link-type access port default vlan 30 traffic-filter inbound acl name acl4intGigabitEthernet0/0/34 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/34 port-isolate enable group 1 qos lr outbound cir 50000 cbs 6250000 # interface GigabitEthernet0/0/35 auto speed 100 port link-type access port default vlan 29 traffic-filter inbound acl name acl4intGigabitEthernet0/0/35 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/35 qos lr outbound cir 20000 cbs 2500000 # interface GigabitEthernet0/0/36 auto speed 100 port link-type access port default vlan 29 traffic-filter inbound acl name acl4intGigabitEthernet0/0/36 traffic-filter outbound acl name acl4outintGigabitEthernet0/0/36 port-isolate enable group 1 qos lr outbound cir 20000 cbs 2500000 qos lr inbound cir 20000 cbs 2500000 # interface GigabitEthernet0/0/37 shutdown # interface GigabitEthernet0/0/38 shutdown # interface GigabitEthernet0/0/39 shutdown # interface GigabitEthernet0/0/40 shutdown # interface GigabitEthernet0/0/41 shutdown # interface GigabitEthernet0/0/42 shutdown # interface GigabitEthernet0/0/43 shutdown # interface GigabitEthernet0/0/44 shutdown # interface GigabitEthernet0/0/45 shutdown # interface GigabitEthernet0/0/46 shutdown # interface GigabitEthernet0/0/47 shutdown # interface GigabitEthernet0/0/48 description hk1-aj18-ipmi port link-type access port default vlan 800 # interface GigabitEthernet0/0/49 description lag2 eth-trunk 2 # interface GigabitEthernet0/0/50 description lag2 eth-trunk 2 # interface GigabitEthernet0/0/51 # interface GigabitEthernet0/0/52 # interface NULL0 # ip route-static 0.0.0.0 0.0.0.0 10.0.80.254 # snmp-agent snmp-agent local-engineid 800007DB03D4B11035BDC0 snmp-agent community read cipher %^%#h/Th2X&/PBv+3G05TyUTSBqH>ZujcQ\>Gw+O!g&3BI&@2;Nw+XLHT9&:e%jRL/_g'Q