From 7e38f3d04bf6a99b7285b7d8e379c9f07ad80184 Mon Sep 17 00:00:00 2001 From: Dom Date: Tue, 14 Nov 2023 22:18:09 +0000 Subject: [PATCH] Altering templates to remove OSPF and add RADIUS server config --- provisioning/templates/cisco_ios.j2 | 43 ++++++++++++++++------------- provisioning/templates/junos.j2 | 33 ++++++++-------------- 2 files changed, 35 insertions(+), 41 deletions(-) diff --git a/provisioning/templates/cisco_ios.j2 b/provisioning/templates/cisco_ios.j2 index 85e5ea7..78e02c8 100644 --- a/provisioning/templates/cisco_ios.j2 +++ b/provisioning/templates/cisco_ios.j2 @@ -10,7 +10,22 @@ boot-end-marker ! ! ! -no aaa new-model +aaa new-model +! +! +aaa group server radius LAB-RADIUS + server-private 192.168.0.247 auth-port 1812 acct-port 1813 key Juniper1 +! +aaa authentication login default group LAB-RADIUS +aaa authorization exec default group LAB-RADIUS +aaa accounting exec default start-stop group LAB-RADIUS +aaa accounting system default start-stop group LAB-RADIUS +! +! +! +! +! +aaa session-id common ! ! ! @@ -47,7 +62,7 @@ cts logging verbose license udi pid C897VA-K9 sn FCZ202990B6 ! ! -username neteng privilege 15 secret Juniper1 +username dom privilege 15 secret Juniper1 ! ! ! @@ -129,21 +144,9 @@ interface Vlan1 ! interface Vlan20 ip address 10.0.0.5 255.255.255.254 - ip ospf authentication message-digest - ip ospf message-digest-key 1 md5 Juniper1 - ip ospf network point-to-point - ip ospf 1 area 0 ! interface Vlan30 ip address 10.0.0.7 255.255.255.254 - ip ospf authentication message-digest - ip ospf message-digest-key 1 md5 Juniper1 - ip ospf network point-to-point - ip ospf 1 area 0 -! -router ospf 1 - router-id {{ loopback_ip }} - passive-interface Loopback0 ! ip forward-protocol nd no ip http server @@ -170,15 +173,17 @@ mgcp profile default ! ! line con 0 - login local + logging synchronous no modem enable line aux 0 line vty 0 4 - login local - transport input ssh telnet + privilege level 15 + transport input telnet ssh line vty 5 15 - login local - transport input ssh telnet + access-class 23 in + privilege level 15 + transport input telnet ssh +! ! scheduler allocate 20000 1000 ! diff --git a/provisioning/templates/junos.j2 b/provisioning/templates/junos.j2 index 5db16d8..59f0dcd 100644 --- a/provisioning/templates/junos.j2 +++ b/provisioning/templates/junos.j2 @@ -4,13 +4,17 @@ system { plain-text-password-value "Juniper1"; } login { - user neteng { + user dom { uid 2000; class super-user; authentication { - plain-text-password-value "Juniper1"; + encrypted-password "$6$vg0s.ptw$tShmBUnm/0xDKeBKQ4C3oAY/GdbyI0XwOlqbqxq9oqFDbQgvzQt1dM.wBcIe./q9Z1gXwleMG4Xdctjxunhmq."; ## SECRET-DATA } } + user remote { + uid 2002; + class super-user; + } } services { ssh { @@ -20,6 +24,10 @@ system { ssh; } } + authentication-order radius; + radius-server { + 192.168.0.247 secret "$9$/3mgAuBcyKxNbIENbs2GU/CtuIE"; ## SECRET-DATA + } syslog { archive size 100k files 3; user * { @@ -77,31 +85,12 @@ interfaces { } } protocols { - ospf { - area 0.0.0.0 { - interface ge-0/0/1.0 { - interface-type p2p; - authentication { - md5 1 key "Juniper1"; ## SECRET-DATA - } - } - interface ge-0/0/2.0 { - interface-type p2p; - authentication { - md5 1 key "Juniper1"; ## SECRET-DATA - } - } - interface lo0.0 { - passive; - } - } - } lldp { interface all; } } routing-options { static { - route 192.168.1.0/24 next-hop 10.0.0.0; + route 192.168.0.0/24 next-hop 10.0.0.0; } } \ No newline at end of file