scsd/scsd-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wlc/wlc-b.cfg Mon Sep 29 05:07:20 PM EDT 2025

Browse Source
This commit is contained in:
John Poland 2025-09-29 17:07:21 -04:00
parent 54b8eb4bfc
commit 4a3117c1a2
1 changed files with 21 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
configs/wlc/wlc-b.cfg
View File

@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
! !
conductorip 10.1.35.33 ipsec ****** interface vlan 35 conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1" location "Building1.floor1"
controller config 680 controller config 685
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
@ -277,6 +277,11 @@ ip access-list session wificalling-acl
! !
ip access-list session apprf-authenticated-sacl ip access-list session apprf-authenticated-sacl
! !
ip access-list session SCSD_Deny-Internal
any network 172.16.0.0 255.240.0.0 any deny
any network 10.0.0.0 255.0.0.0 any deny
any network 192.168.0.0 255.255.0.0 any deny
!
ip access-list session apprf-logon-sacl ip access-list session apprf-logon-sacl
! !
ip access-list session staff_scsd ip access-list session staff_scsd
@ -352,6 +357,8 @@ ip access-list session v6-ap-acl
ip access-list session wificalling-block ip access-list session wificalling-block
any alias wificalling-block any deny any alias wificalling-block any deny
! !
ip access-list session SCSD-IoT
!
ip access-list session apprf-default-via-role-sacl ip access-list session apprf-default-via-role-sacl
! !
ip access-list session v6-allowall ip access-list session v6-allowall
@ -446,6 +453,8 @@ ip access-list session ap-acl
user any svc-ftp permit user any svc-ftp permit
user any svc-telnet deny user any svc-telnet deny
! !
ip access-list session apprf-scsd-iot-sacl
!
ip access-list session apprf-ap-role-sacl ip access-list session apprf-ap-role-sacl
! !
ip access-list session deny_internal_byod ip access-list session deny_internal_byod
@ -651,6 +660,15 @@ user-role Visitor_BYOD
access-list session apprf-visitor_byod-sacl access-list session apprf-visitor_byod-sacl
access-list session visitor_byod access-list session visitor_byod
! !
user-role SCSD-IoT
access-list session global-sacl
access-list session apprf-scsd-iot-sacl
access-list session dhcp-acl
access-list session SCSD-IoT
access-list session dns-acl
access-list session SCSD_Deny-Internal
access-list session allowall
!
user-role authenticated user-role authenticated
access-list session global-sacl access-list session global-sacl
access-list session apprf-authenticated-sacl access-list session apprf-authenticated-sacl
@ -1963,7 +1981,7 @@ aaa profile "LemoyneTest_aaa_prof"
aaa profile "NoAuthAAAProfile" aaa profile "NoAuthAAAProfile"
! !
aaa profile "SCSD_IoT_aaa_prof" aaa profile "SCSD_IoT_aaa_prof"
initial-role "authenticated" initial-role "SCSD-IoT"
authentication-dot1x "SCSD_IoT_dot1_aut" authentication-dot1x "SCSD_IoT_dot1_aut"
! !
aaa profile "SCSD_Secure_aaa_prof" aaa profile "SCSD_Secure_aaa_prof"
@ -3334,7 +3352,7 @@ wlan virtual-ap "IoT"
! !
wlan virtual-ap "SCSD_IoT" wlan virtual-ap "SCSD_IoT"
aaa-profile "SCSD_IoT_aaa_prof" aaa-profile "SCSD_IoT_aaa_prof"
vlan 307 vlan 30
ssid-profile "SCSD_IoT_ssid_prof" ssid-profile "SCSD_IoT_ssid_prof"
! !
wlan virtual-ap "SCSD_Secure" wlan virtual-ap "SCSD_Secure"