wlc/wlc-a.cfg Tue Apr 14 08:33:59 PM EDT 2026

2026-04-14 20:34:03 -04:00 · 2026-04-14 20:34:03 -04:00 · 6a9ccdfc2b
commit 6a9ccdfc2b
parent d0d94704cc
1 changed files with 37 additions and 1 deletions
--- a/configs/wlc/wlc-a.cfg
+++ b/configs/wlc/wlc-a.cfg
@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
 !
 conductorip 10.1.35.33 ipsec ****** interface vlan 35 
 location "Building1.floor1" 
-controller config 729
+controller config 741
 crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx 
@ -292,6 +292,8 @@ ip access-list session SCSD_Deny-Internal
 !
 ip access-list session apprf-logon-sacl 
 !
 ip access-list session apprf-scsd_guest-sacl 
 !
 ip access-list session staff_scsd 
    any network 192.168.0.0 255.255.0.0 any deny 
    any network 10.0.0.0 255.0.0.0 tcp 22 23 deny 
@ -432,6 +434,13 @@ ip access-list session logon-control-bridge
 ip access-list session dhcp-acl 
    any any svc-dhcp permit 
 !
 ip access-list session SCSD_Guest 
    any any svc-dhcp permit 
    any any svc-dns permit 
    any network 192.168.0.0 255.255.0.0 any deny 
    any network 10.0.0.0 255.0.0.0 any deny 
    any any any permit 
 !
 ip access-list session facetime-acl 
    any any svc-facetime-tcp permit queue high 
    any any udp 3478 3497 permit 
@ -696,6 +705,11 @@ user-role SCSD-IoT
    access-list session SCSD_Deny-Internal 
    access-list session allowall 
 !
 user-role SCSD_Guest 
    access-list session global-sacl 
    access-list session apprf-scsd_guest-sacl 
    access-list session SCSD_Guest 
 !
 user-role authenticated 
    access-list session global-sacl 
    access-list session apprf-authenticated-sacl 
@ -755,6 +769,8 @@ vlan 10
 !
 vlan 30 
 !
 vlan 32 
 !
 vlan 35 
 !
 vlan 100 
@ -960,6 +976,8 @@ vlan-name Intune
 vlan Intune 164 
 vlan-name IoT 
 vlan IoT 30 
 vlan-name SCSD_Guest 
 vlan SCSD_Guest 32 
 vlan-name Secure-02-ITC 
 vlan Secure-02-ITC 302 
 vlan-name Secure-03-Fowler 
@ -1944,6 +1962,8 @@ aaa authentication dot1x "IoT_dot1_aut"
 !
 aaa authentication dot1x "LemoyneTest_dot1_aut" 
 !
 aaa authentication dot1x "SCSC_Guest_dot1_aut" 
 !
 aaa authentication dot1x "SCSD_IoT_dot1_aut" 
 !
 aaa authentication dot1x "SCSD_Secure_dot1_aut" 
@ -2042,6 +2062,10 @@ aaa profile "LemoyneTest_aaa_prof"
 !
 aaa profile "NoAuthAAAProfile" 
 !
 aaa profile "SCSC_Guest_aaa_prof" 
    initial-role "SCSD_Guest" 
    authentication-dot1x "SCSC_Guest_dot1_aut" 
 !
 aaa profile "SCSD_IoT_aaa_prof" 
    initial-role "SCSD-IoT" 
    authentication-dot1x "SCSD_IoT_dot1_aut" 
@ -2663,6 +2687,11 @@ wlan ssid-profile "IoT_ssid_prof"
    opmode mpsk-aes 
    hide-ssid 
 !
 wlan ssid-profile "SCSC_Guest_ssid_prof" 
    essid "SCSD_Guest" 
     wpa-passphrase *redacted*
    opmode wpa2-psk-aes 
 !
 wlan ssid-profile "SCSD_IoT_ssid_prof" 
    essid "SCSD_IoT" 
     wpa-passphrase *redacted*
@ -3480,6 +3509,11 @@ wlan virtual-ap "IoT"
    vlan 30 
    ssid-profile "IoT_ssid_prof" 
 !
 wlan virtual-ap "SCSC_Guest" 
    aaa-profile "SCSC_Guest_aaa_prof" 
    vlan 32 
    ssid-profile "SCSC_Guest_ssid_prof" 
 !
 wlan virtual-ap "SCSD_IoT" 
    aaa-profile "SCSD_IoT_aaa_prof" 
    vlan 30 
@ -3625,6 +3659,7 @@ ap-group "APG06Henninger"
    virtual-ap "APG06-SCSD_Secure" 
    virtual-ap "APG06-SCSD_Vendor" 
    virtual-ap "IoT" 
    virtual-ap "SCSC_Guest" 
 !
 ap-group "APG06Henninger-Outdoors" 
    dot11a-radio-profile "rp-377-a" 
@ -3673,6 +3708,7 @@ ap-group "APG14Shea"
    virtual-ap "APG14-SCSD_Vendor" 
    virtual-ap "SCSD_IoT" 
    virtual-ap "IoT" 
    virtual-ap "SCSC_Guest" 
 !
 ap-group "APG15HWSmith" 
    virtual-ap "Intune"