wlc/wlc-c.cfg Wed Apr 2 10:08:58 AM EDT 2025

wlc/wlc-a.cfg Wed Apr 2 10:08:58 AM EDT 2025
wlc/wlc-b.cfg Wed Apr 2 10:08:58 AM EDT 2025
2025-04-02 10:08:58 -04:00 · 2025-04-02 10:08:58 -04:00 · 2025-04-02 10:08:58 -04:00 · 2025-04-02 10:08:58 -04:00 · 2025-04-02 10:08:58 -04:00
5 changed files with 60 additions and 44 deletions
--- a/configs/wlc/wlc-a.cfg
+++ b/configs/wlc/wlc-a.cfg
@ -7,9 +7,13 @@ clock timezone America/New_York -04 0
 !
 conductorip 10.1.35.33 ipsec ****** interface vlan 35 
 location "Building1.floor1" 
-controller config 621
+controller config 625
+crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx 
+crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx 
+crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx 
 crypto-local pki ServerCert scsd_wc_2025 StartCert-Expire042025.pfx 
+crypto-local pki ServerCert scsd_wc_2026 StarCert-Expire03202026.pfx 
 crypto-local pki ServerCert scsd_wc_full_2025 Star-Exp042025-fullchain.pfx 
 crypto-local pki PublicCert master-ssh-pub-cert master-ssh-pub-cert 
 ip nat pool localip 0.0.0.0 0.0.0.0 
@ -1845,12 +1849,12 @@ scheduler-profile "default"
 !
 aaa authentication-server radius "NOC-CP-A" 
    host "10.1.40.116" 
-     key *redacted* 
+     key *redacted*
    timeout 10 
 !
 aaa authentication-server radius "NOC-CP-B" 
    host "10.1.40.117" 
-     key *redacted* 
+     key *redacted*
    timeout 10 
 !
 aaa server-group "CaptivePortal_dot1_svg" 
@ -2006,7 +2010,7 @@ aaa authentication via web-auth "default"
 !
 web-server profile 
    cipher-suite ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA 
-    captive-portal-cert "scsd_full_wc_2025" 
+    captive-portal-cert "scsd_full_wc_2026" 
 !
 guest-access-email 
    smtp-server 10.1.40.7 
@ -2072,7 +2076,7 @@ lc-cluster group-profile "Cluster1"
 upgrade-profile 
    serverip 10.1.7.110 
    username "tmarris" 
-    password 3727a5fdc87529eafad551595165f3e3 
+    password 280775677900fa63cc809f986e80fc76 
    protocol ftp 
    filepath "." 
 !
@ -2279,10 +2283,10 @@ ap system-profile "default"
    ipm-power-reduction-step-prio ipm-step disable_alt_eth priority 2 
    ipm-power-reduction-step-prio ipm-step radio_2ghz_power_3dB priority 3 
    ipm-power-reduction-step-prio ipm-step radio_5ghz_power_3dB priority 4 
-     ap-console-password *redacted* 
+     ap-console-password *redacted*
 !
 ap system-profile "NoAuthApSystem" 
-     ap-console-password *redacted* 
+     ap-console-password *redacted*
 !
 ap wired-port-profile "default" 
 !
@ -2514,14 +2518,14 @@ wlan dot11k-profile "default"
 !
 wlan ssid-profile "Aruba100_ssid_prof" 
    essid "Aruba100" 
-    wpa-passphrase 30a87f118b49a9320ad609470d0fe7020aca8ef7847c9770 
+    wpa-passphrase 13a521bb16e236eb952ca7d543ef6e217b074ff02ab38316 
    opmode wpa2-psk-aes 
 !
 wlan ssid-profile "default" 
 !
 wlan ssid-profile "Intune_ssid_prof" 
    essid "Intune" 
-    wpa-passphrase 0599df340f51c2c302daed966eaecf118d5134131d4ca884 
+    wpa-passphrase db2815d028001e0d5c5ed07724d8877c71ff396d5c54bc3a 
    opmode wpa2-psk-aes 
    a-basic-rates 24 
    a-tx-rates 36 48 54 
--- a/configs/wlc/wlc-b.cfg
+++ b/configs/wlc/wlc-b.cfg
@ -7,9 +7,13 @@ clock timezone America/New_York -04 0
 !
 conductorip 10.1.35.33 ipsec ****** interface vlan 35 
 location "Building1.floor1" 
-controller config 621
+controller config 625
+crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx 
+crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx 
+crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx 
 crypto-local pki ServerCert scsd_wc_2025 StartCert-Expire042025.pfx 
+crypto-local pki ServerCert scsd_wc_2026 StarCert-Expire03202026.pfx 
 crypto-local pki ServerCert scsd_wc_full_2025 Star-Exp042025-fullchain.pfx 
 crypto-local pki PublicCert master-ssh-pub-cert master-ssh-pub-cert 
 ip nat pool localip 0.0.0.0 0.0.0.0 
@ -1848,12 +1852,12 @@ scheduler-profile "default"
 !
 aaa authentication-server radius "NOC-CP-A" 
    host "10.1.40.116" 
-     key *redacted* 
+     key *redacted*
    timeout 10 
 !
 aaa authentication-server radius "NOC-CP-B" 
    host "10.1.40.117" 
-     key *redacted* 
+     key *redacted*
    timeout 10 
 !
 aaa server-group "CaptivePortal_dot1_svg" 
@ -2075,7 +2079,7 @@ lc-cluster group-profile "Cluster1"
 upgrade-profile 
    serverip 10.1.7.110 
    username "tmarris" 
-    password 238709082f02f5a27a987d37f335f100 
+    password 1b94baecc2d0183541a7e99bf89e0ef4 
    protocol ftp 
    filepath "." 
 !
@ -2258,10 +2262,10 @@ ap system-profile "default"
    ipm-power-reduction-step-prio ipm-step disable_alt_eth priority 2 
    ipm-power-reduction-step-prio ipm-step radio_2ghz_power_3dB priority 3 
    ipm-power-reduction-step-prio ipm-step radio_5ghz_power_3dB priority 4 
-     ap-console-password *redacted* 
+     ap-console-password *redacted*
 !
 ap system-profile "NoAuthApSystem" 
-     ap-console-password *redacted* 
+     ap-console-password *redacted*
 !
 ap wired-port-profile "default" 
 !
@ -2478,14 +2482,14 @@ wlan dot11k-profile "default"
 !
 wlan ssid-profile "Aruba100_ssid_prof" 
    essid "Aruba100" 
-    wpa-passphrase ce61cb5e14cf9c10a7df323f996bd9d443d89df5a55df638 
+    wpa-passphrase a83f1521513df317c12c2c3f2022fe7ad3725bee2666157e 
    opmode wpa2-psk-aes 
 !
 wlan ssid-profile "default" 
 !
 wlan ssid-profile "Intune_ssid_prof" 
    essid "Intune" 
-    wpa-passphrase ec0d9c92a4b70ed1e05258e34518aafc5beca1e9b5dab4b8 
+    wpa-passphrase 8b25da144aec84bc3ec3d2a6485135ece822d820524fe86d 
    opmode wpa2-psk-aes 
    a-basic-rates 24 
    a-tx-rates 36 48 54 
--- a/configs/wlc/wlc-c.cfg
+++ b/configs/wlc/wlc-c.cfg
@ -7,9 +7,13 @@ clock timezone America/New_York -04 0
 !
 conductorip 10.1.35.33 ipsec ****** interface vlan 35 
 location "Building1.floor1" 
-controller config 621
+controller config 625
+crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx 
+crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx 
+crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx 
 crypto-local pki ServerCert scsd_wc_2025 StartCert-Expire042025.pfx 
+crypto-local pki ServerCert scsd_wc_2026 StarCert-Expire03202026.pfx 
 crypto-local pki ServerCert scsd_wc_full_2025 Star-Exp042025-fullchain.pfx 
 crypto-local pki PublicCert master-ssh-pub-cert master-ssh-pub-cert 
 ip nat pool localip 0.0.0.0 0.0.0.0 
@ -1842,12 +1846,12 @@ scheduler-profile "default"
 !
 aaa authentication-server radius "NOC-CP-A" 
    host "10.1.40.116" 
-     key *redacted* 
+     key *redacted*
    timeout 10 
 !
 aaa authentication-server radius "NOC-CP-B" 
    host "10.1.40.117" 
-     key *redacted* 
+     key *redacted*
    timeout 10 
 !
 aaa server-group "CaptivePortal_dot1_svg" 
@ -2067,7 +2071,7 @@ lc-cluster group-profile "Cluster1"
 upgrade-profile 
    serverip 10.1.7.110 
    username "tmarris" 
-    password 1fd869a9934384cac0ff16c1ce9484f3 
+    password b16a7675edfbdf6e7a2b5d968655901f 
    protocol ftp 
    filepath "." 
 !
@ -2250,10 +2254,10 @@ ap system-profile "default"
    ipm-power-reduction-step-prio ipm-step disable_alt_eth priority 2 
    ipm-power-reduction-step-prio ipm-step radio_2ghz_power_3dB priority 3 
    ipm-power-reduction-step-prio ipm-step radio_5ghz_power_3dB priority 4 
-     ap-console-password *redacted* 
+     ap-console-password *redacted*
 !
 ap system-profile "NoAuthApSystem" 
-     ap-console-password *redacted* 
+     ap-console-password *redacted*
 !
 ap wired-port-profile "default" 
 !
@ -2470,14 +2474,14 @@ wlan dot11k-profile "default"
 !
 wlan ssid-profile "Aruba100_ssid_prof" 
    essid "Aruba100" 
-    wpa-passphrase 1741aa56370c86151d5dfaa834516d5505909343097e76d9 
+    wpa-passphrase 11a2bd14a973df3a72588423a7b40b42b2b1e1fe2819ba68 
    opmode wpa2-psk-aes 
 !
 wlan ssid-profile "default" 
 !
 wlan ssid-profile "Intune_ssid_prof" 
    essid "Intune" 
-    wpa-passphrase 55148bf3d8374d28b92ee341bd391e595faef3ca6916d0b2 
+    wpa-passphrase 0c4971385d0573c7e69e480d3df34f983a2d75ecccd68438 
    opmode wpa2-psk-aes 
    a-basic-rates 24 
    a-tx-rates 36 48 54 
--- a/configs/wlc/wlc-mm-2.cfg
+++ b/configs/wlc/wlc-mm-2.cfg
@ -6,9 +6,11 @@ hostname "NOC-ARUBA-MM-2"
 clock timezone America/New_York -04 0 
 !
 location "Building1.floor1" 
-controller config 621
+controller config 625
 crypto-local pki ServerCert scsd_wc2_full_2025 Star-Exp042025-fullchain.pfx 
+crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_wildcard_2025 StartCert-Expire042025.pfx 
+crypto-local pki ServerCert scsd_wildcard_2026 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki PublicCert master-ssh-pub-cert master-ssh-pub-cert 
 ip nat pool dynamic-srcnat 0.0.0.0 0.0.0.0 
 ip nat pool localip 0.0.0.0 0.0.0.0 
@ -720,9 +722,9 @@ crypto dynamic-map default-dynamicmap 10000

 crypto map GLOBAL-IKEV2-MAP 10000 ipsec-isakmp dynamic default-rap-ipsecmap 
 crypto map GLOBAL-MAP 10000 ipsec-isakmp dynamic default-dynamicmap 
-localip 10.1.35.14  ipsec *redacted* 
-localip 10.1.35.11  ipsec *redacted* 
-localip 10.1.35.12  ipsec *redacted* 
+localip 10.1.35.14  ipsec *redacted*
+localip 10.1.35.11  ipsec *redacted*
+localip 10.1.35.12  ipsec *redacted*
 crypto isakmp eap-passthrough eap-tls 
 crypto isakmp eap-passthrough eap-peap 
 crypto isakmp eap-passthrough eap-mschapv2 
@ -827,12 +829,12 @@ aaa authentication dot1x "default-psk"
 !
 aaa authentication-server tacacs "ClearPass A" 
    host "10.1.40.116" 
-     key *redacted* 
+     key *redacted*
    session-authorization 
 !
 aaa authentication-server tacacs "ClearPass B" 
    host "10.1.40.117" 
-     key *redacted* 
+     key *redacted*
    session-authorization 
 !
 aaa authentication via global-config 
@ -1049,10 +1051,10 @@ ap mesh-radio-profile "default"
 ap usb-profile "default" 
 !
 ap system-profile "default" 
-     ap-console-password *redacted* 
+     ap-console-password *redacted*
 !
 ap system-profile "NoAuthApSystem" 
-     ap-console-password *redacted* 
+     ap-console-password *redacted*
 !
 ap wired-port-profile "default" 
 !
@ -1531,7 +1533,7 @@ ale-configuration
 !
 conductor-redundancy 
    conductor-vrrp 35 
-    peer-ip-address 10.1.35.13  ipsec *redacted* 
+    peer-ip-address 10.1.35.13  ipsec *redacted*
 !
 vrrp 35 
    authentication ******** 
--- a/configs/wlc/wlc-mm.cfg
+++ b/configs/wlc/wlc-mm.cfg
@ -6,9 +6,11 @@ hostname "noc-aruba-mm"
 clock timezone America/New_York -04 0 
 !
 location "Building1.floor1" 
-controller config 621
+controller config 625
 crypto-local pki ServerCert scsd_wc2_full_2025 Star-Exp042025-fullchain.pfx 
+crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_wildcard_2025 StartCert-Expire042025.pfx 
+crypto-local pki ServerCert scsd_wildcard_2026 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki PublicCert master-ssh-pub-cert master-ssh-pub-cert 
 ip nat pool dynamic-srcnat 0.0.0.0 0.0.0.0 
 ip nat pool localip 0.0.0.0 0.0.0.0 
@ -731,9 +733,9 @@ crypto dynamic-map default-dynamicmap 10000

 crypto map GLOBAL-IKEV2-MAP 10000 ipsec-isakmp dynamic default-rap-ipsecmap 
 crypto map GLOBAL-MAP 10000 ipsec-isakmp dynamic default-dynamicmap 
-localip 10.1.35.14  ipsec *redacted* 
-localip 10.1.35.11  ipsec *redacted* 
-localip 10.1.35.12  ipsec *redacted* 
+localip 10.1.35.14  ipsec *redacted*
+localip 10.1.35.11  ipsec *redacted*
+localip 10.1.35.12  ipsec *redacted*
 crypto isakmp eap-passthrough eap-tls 
 crypto isakmp eap-passthrough eap-peap 
 crypto isakmp eap-passthrough eap-mschapv2 
@ -839,12 +841,12 @@ aaa authentication dot1x "default-psk"
 !
 aaa authentication-server tacacs "ClearPass A" 
    host "10.1.40.116" 
-     key *redacted* 
+     key *redacted*
    session-authorization 
 !
 aaa authentication-server tacacs "ClearPass B" 
    host "10.1.40.117" 
-     key *redacted* 
+     key *redacted*
    session-authorization 
 !
 aaa authentication via global-config 
@ -925,7 +927,7 @@ aaa authentication via web-auth "default"
 !
 web-server profile 
    cipher-suite ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA 
-    switch-cert "scsd_wc2_full_2025" 
+    switch-cert "scsd_wc2_full_2026" 
 !
 guest-access-email 
 !
@ -1063,10 +1065,10 @@ ap mesh-radio-profile "default"
 ap usb-profile "default" 
 !
 ap system-profile "default" 
-     ap-console-password *redacted* 
+     ap-console-password *redacted*
 !
 ap system-profile "NoAuthApSystem" 
-     ap-console-password *redacted* 
+     ap-console-password *redacted*
 !
 ap wired-port-profile "default" 
 !
@ -1552,7 +1554,7 @@ ale-configuration
 !
 conductor-redundancy 
    conductor-vrrp 35 
-    peer-ip-address 10.1.35.23  ipsec *redacted* 
+    peer-ip-address 10.1.35.23  ipsec *redacted*
 !
 vrrp 35 
    priority 200
Author	SHA1	Message	Date
John Poland	e7f0d2ce42	wlc/wlc-c.cfg Wed Apr 2 10:08:58 AM EDT 2025	2025-04-02 10:08:58 -04:00
John Poland	f7c1ab83dd	wlc/wlc-a.cfg Wed Apr 2 10:08:58 AM EDT 2025	2025-04-02 10:08:58 -04:00
John Poland	4bdd510dae	wlc/wlc-b.cfg Wed Apr 2 10:08:58 AM EDT 2025	2025-04-02 10:08:58 -04:00
John Poland	f6ace80524	wlc/wlc-mm-2.cfg Wed Apr 2 10:08:58 AM EDT 2025	2025-04-02 10:08:58 -04:00
John Poland	b0483a49e5	wlc/wlc-mm.cfg Wed Apr 2 10:08:58 AM EDT 2025	2025-04-02 10:08:58 -04:00