wlc/wlc-a.cfg Sat Sep 27 10:31:53 PM EDT 2025

2025-09-27 22:31:53 -04:00 · 2025-09-27 22:31:53 -04:00 · 2f0977abd5
commit 2f0977abd5
parent e821abcd69
1 changed files with 14 additions and 14 deletions
--- a/configs/wlc/wlc-a.cfg
+++ b/configs/wlc/wlc-a.cfg
@ -458,9 +458,6 @@ ip access-list session deny_internal_byod
    any network 192.168.0.0 255.255.0.0 any deny 
    any any any permit 
 !
-ip access-list session guest 
-    host 10.48.120.112 any any permit 
-!
 ip access-list session captiveportalbridge 
    user alias localip svc-https dual-nat pool localip 8081 
    user any svc-http dual-nat pool localip 8080 
@ -499,6 +496,9 @@ ip access-list session apprf-student_byod-sacl
 !
 ip access-list session apprf-staff_scsd-sacl 
 !
+ip access-list session guest 
+    host 10.48.120.112 any any permit 
+!
 ip access-list session apprf-scsd_test_role-sacl 
 !
 ip access-list session noe-acl 
@ -1709,17 +1709,6 @@ crypto dynamic-map default-dynamicmap 10000

 crypto map GLOBAL-IKEV2-MAP 10000 ipsec-isakmp dynamic default-rap-ipsecmap 
 crypto map GLOBAL-MAP 10000 ipsec-isakmp dynamic default-dynamicmap 
-crypto-local ipsec-map default-ha-ipsecmap10.1.35.12 9999
-    version v2
-    set ikev2-policy 10015
-    peer-ip 10.1.35.12
-    src-net 10.1.35.11 255.255.255.255
-    dst-net 10.1.35.12 255.255.255.255
-    set transform-set "default-ha-transform" 
-    factory-cert-auth
-    trusted
-!
-
 crypto-local ipsec-map default-ha-ipsecmap10.1.35.14 9999
    version v2
    set ikev2-policy 10015
@ -1731,6 +1720,17 @@ crypto-local ipsec-map default-ha-ipsecmap10.1.35.14 9999
    trusted
 !

+crypto-local ipsec-map default-ha-ipsecmap10.1.35.12 9999
+    version v2
+    set ikev2-policy 10015
+    peer-ip 10.1.35.12
+    src-net 10.1.35.11 255.255.255.255
+    dst-net 10.1.35.12 255.255.255.255
+    set transform-set "default-ha-transform" 
+    factory-cert-auth
+    trusted
+!
+
 crypto isakmp eap-passthrough eap-tls 
 crypto isakmp eap-passthrough eap-peap 
 crypto isakmp eap-passthrough eap-mschapv2