Altering templates to remove OSPF and add RADIUS server config

2023-11-14 22:18:09 +00:00 · 2023-11-14 22:18:09 +00:00 · 7e38f3d04b
commit 7e38f3d04b
parent 6d87c8be13
2 changed files with 35 additions and 41 deletions
--- a/provisioning/templates/cisco_ios.j2
+++ b/provisioning/templates/cisco_ios.j2
@ -10,7 +10,22 @@ boot-end-marker
 !
 !
 !
-no aaa new-model
+aaa new-model
+!
+!
+aaa group server radius LAB-RADIUS
+ server-private 192.168.0.247 auth-port 1812 acct-port 1813 key Juniper1
+!
+aaa authentication login default group LAB-RADIUS
+aaa authorization exec default group LAB-RADIUS
+aaa accounting exec default start-stop group LAB-RADIUS
+aaa accounting system default start-stop group LAB-RADIUS
+!
+!
+!
+!
+!
+aaa session-id common
 !
 !
 !
@ -47,7 +62,7 @@ cts logging verbose
 license udi pid C897VA-K9 sn FCZ202990B6
 !
 !
-username neteng privilege 15 secret Juniper1
+username dom privilege 15 secret Juniper1
 !
 !
 !
@ -129,21 +144,9 @@ interface Vlan1
 !
 interface Vlan20
 ip address 10.0.0.5 255.255.255.254
- ip ospf authentication message-digest
- ip ospf message-digest-key 1 md5 Juniper1
- ip ospf network point-to-point
- ip ospf 1 area 0
 !
 interface Vlan30
 ip address 10.0.0.7 255.255.255.254
- ip ospf authentication message-digest
- ip ospf message-digest-key 1 md5 Juniper1
- ip ospf network point-to-point
- ip ospf 1 area 0
-!
-router ospf 1
- router-id {{ loopback_ip }}
- passive-interface Loopback0
 !
 ip forward-protocol nd
 no ip http server
@ -170,15 +173,17 @@ mgcp profile default
 !
 !
 line con 0
- login local
+ logging synchronous
 no modem enable
 line aux 0
 line vty 0 4
- login local
- transport input ssh telnet
+ privilege level 15
+ transport input telnet ssh
 line vty 5 15
- login local
- transport input ssh telnet
+ access-class 23 in
+ privilege level 15
+ transport input telnet ssh
+!
 !
 scheduler allocate 20000 1000
 !
--- a/provisioning/templates/junos.j2
+++ b/provisioning/templates/junos.j2
@ -4,13 +4,17 @@ system {
 	    plain-text-password-value "Juniper1";
    }
    login {
-        user neteng {
+        user dom {
            uid 2000;
            class super-user;
            authentication {
-                plain-text-password-value "Juniper1";
+                encrypted-password "$6$vg0s.ptw$tShmBUnm/0xDKeBKQ4C3oAY/GdbyI0XwOlqbqxq9oqFDbQgvzQt1dM.wBcIe./q9Z1gXwleMG4Xdctjxunhmq."; ## SECRET-DATA
            }
        }
+        user remote {
+            uid 2002;
+            class super-user;
+        }
    }
    services {
        ssh {
@ -20,6 +24,10 @@ system {
            ssh;
        }
    }
+    authentication-order radius;
+    radius-server {
+        192.168.0.247 secret "$9$/3mgAuBcyKxNbIENbs2GU/CtuIE"; ## SECRET-DATA
+    }
    syslog {
        archive size 100k files 3;
        user * {
@ -77,31 +85,12 @@ interfaces {
    }
 }
 protocols {
-    ospf {
-        area 0.0.0.0 {
-            interface ge-0/0/1.0 {
-                interface-type p2p;
-                authentication {
-                    md5 1 key "Juniper1"; ## SECRET-DATA
-                }
-            }
-            interface ge-0/0/2.0 {
-                interface-type p2p;
-                authentication {
-                    md5 1 key "Juniper1"; ## SECRET-DATA
-                }
-            }
-            interface lo0.0 {
-                passive;
-            }
-        }
-    }
    lldp {
        interface all;
    }
 }
 routing-options {
    static {
-        route 192.168.1.0/24 next-hop 10.0.0.0;
+        route 192.168.0.0/24 next-hop 10.0.0.0;
    }
 }