From 25b3f4c70ed69e1b68af413fa9b9360b0d9ef29b Mon Sep 17 00:00:00 2001
From: John Poland <jdpoland@gmail.com>
Date: Thu, 25 Sep 2025 17:09:54 -0400
Subject: [PATCH] wlc/wlc-b.cfg Thu Sep 25 05:09:53 PM EDT 2025

---
 configs/wlc/wlc-b.cfg | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/configs/wlc/wlc-b.cfg b/configs/wlc/wlc-b.cfg
index 53eb9ae..de0930b 100644
--- a/configs/wlc/wlc-b.cfg
+++ b/configs/wlc/wlc-b.cfg
@@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
 !
 conductorip 10.1.35.33 ipsec ****** interface vlan 35 
 location "Building1.floor1" 
-controller config 679
+controller config 680
 crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx 
@@ -1857,6 +1857,8 @@ aaa rfc-3576-server "10.1.40.117"
 !
 aaa authentication mac "default" 
 !
+aaa authentication mac "IoT" 
+!
 aaa authentication dot1x "Aruba100_dot1_aut" 
 !
 aaa authentication dot1x "default" 
@@ -1865,6 +1867,8 @@ aaa authentication dot1x "default-psk"
 !
 aaa authentication dot1x "Intune_dot1_aut" 
 !
+aaa authentication dot1x "IoT_dot1_aut" 
+!
 aaa authentication dot1x "LemoyneTest_dot1_aut" 
 !
 aaa authentication dot1x "SCSD_IoT_dot1_aut" 
@@ -1899,6 +1903,10 @@ aaa server-group "internal"
     auth-server Internal position 1 
     set role condition Role value-of 
 !
+aaa server-group "IoT_dot1_svg" 
+    auth-server NOC-CP-A position 1 
+    auth-server NOC-CP-B position 2 
+!
 aaa server-group "SCSD_Secure_dot1_svg" 
     auth-server NOC-CP-B position 1 
     auth-server NOC-CP-A position 2 
@@ -1945,6 +1953,12 @@ aaa profile "Intune_aaa_prof"
     initial-role "authenticated" 
     authentication-dot1x "Intune_dot1_aut" 
 !
+aaa profile "IoT_aaa_prof" 
+    authentication-mac "IoT" 
+    authentication-dot1x "IoT_dot1_aut" 
+    dot1x-default-role "guest-logon" 
+    dot1x-server-group "IoT_dot1_svg" 
+!
 aaa profile "LemoyneTest_aaa_prof" 
     initial-role "authenticated" 
     authentication-dot1x "LemoyneTest_dot1_aut" 
@@ -2528,6 +2542,10 @@ wlan ssid-profile "Intune_ssid_prof"
     g-tx-rates 12 18 24 36 48 54 
     hide-ssid 
 !
+wlan ssid-profile "IoT_ssid_prof" 
+    essid "IoT" 
+    opmode mpsk-aes 
+!
 wlan ssid-profile "SCSD_IoT_ssid_prof" 
     essid "SCSD_IoT" 
      wpa-passphrase *redacted*
@@ -3312,6 +3330,11 @@ wlan virtual-ap "Intune"
     forward-mode decrypt-tunnel 
     ssid-profile "Intune_ssid_prof" 
 !
+wlan virtual-ap "IoT" 
+    aaa-profile "IoT_aaa_prof" 
+    vlan 30 
+    ssid-profile "IoT_ssid_prof" 
+!
 wlan virtual-ap "SCSD_IoT" 
     aaa-profile "SCSD_IoT_aaa_prof" 
     vlan 307 
@@ -3711,6 +3734,7 @@ ap-group "default"
     virtual-ap "Aruba100" 
     virtual-ap "Intune" 
     virtual-ap "Vendor" 
+    virtual-ap "IoT" 
     dot11a-radio-profile "default_radio_a_ui" 
     dot11g-radio-profile "default_radio_g_ui" 
     regulatory-domain-profile "default_rdp_ui"