wlc/wlc-b.cfg Thu Oct 16 05:07:29 PM EDT 2025
This commit is contained in:
parent
e1d3321f40
commit
71e7fdb1e6
@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
|
||||
!
|
||||
conductorip 10.1.35.33 ipsec ****** interface vlan 35
|
||||
location "Building1.floor1"
|
||||
controller config 688
|
||||
controller config 693
|
||||
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
|
||||
@ -113,6 +113,8 @@ time-range periodic night-hours
|
||||
Weekday 18:01 to 23:59
|
||||
Weekday 00:00 to 07:59
|
||||
!
|
||||
ip access-list session apprf-scsd_vr-sacl
|
||||
!
|
||||
ip access-list session apprf-switch-logon-sacl
|
||||
!
|
||||
ip access-list session svp-acl
|
||||
@ -264,12 +266,17 @@ ip access-list session stateful-dot1x
|
||||
any any svc-dns permit
|
||||
any any svc-dhcp permit
|
||||
!
|
||||
ip access-list session SCSD_VR
|
||||
!
|
||||
ip access-list session cplogout
|
||||
user alias controller svc-https dst-nat 8081
|
||||
!
|
||||
ip access-list session scsd-dns-10
|
||||
any network 10.0.0.0 255.0.0.0 udp 53 permit
|
||||
!
|
||||
ip access-list session SCSD_VR_Headset
|
||||
Description: "Virtual Reality Headsets"
|
||||
!
|
||||
ip access-list session apprf-visitor_byod-sacl
|
||||
!
|
||||
ip access-list session wificalling-acl
|
||||
@ -467,6 +474,11 @@ ip access-list session deny_internal_byod
|
||||
any network 192.168.0.0 255.255.0.0 any deny
|
||||
any any any permit
|
||||
!
|
||||
ip access-list session SCAD_Deny_Internal
|
||||
any network 192.168.0.0 255.255.0.0 any deny
|
||||
any network 10.0.0.0 255.0.0.0 any deny
|
||||
any network 172.16.0.0 255.240.0.0 any deny
|
||||
!
|
||||
ip access-list session captiveportalbridge
|
||||
user alias localip svc-https dual-nat pool localip 8081
|
||||
user any svc-http dual-nat pool localip 8080
|
||||
@ -591,6 +603,15 @@ user-role guest-logon
|
||||
access-list session v6-logon-control
|
||||
access-list session captiveportal6
|
||||
!
|
||||
user-role SCSD_VR
|
||||
access-list session global-sacl
|
||||
access-list session apprf-scsd_vr-sacl
|
||||
access-list session SCSD_VR
|
||||
access-list session dhcp-acl
|
||||
access-list session dns-acl
|
||||
access-list session SCAD_Deny_Internal
|
||||
access-list session allowall
|
||||
!
|
||||
user-role SCSD_Vendor-guest-logon
|
||||
captive-portal "SCSD_Vendor_cppm_prof"
|
||||
access-list session global-sacl
|
||||
@ -1970,9 +1991,13 @@ aaa profile "Intune_aaa_prof"
|
||||
!
|
||||
aaa profile "IoT_aaa_prof"
|
||||
authentication-mac "IoT"
|
||||
mac-server-group "IoT_dot1_svg"
|
||||
authentication-dot1x "IoT_dot1_aut"
|
||||
dot1x-default-role "guest-logon"
|
||||
dot1x-server-group "IoT_dot1_svg"
|
||||
radius-accounting "IoT_dot1_svg"
|
||||
radius-interim-accounting
|
||||
rfc-3576-server "10.1.40.116"
|
||||
!
|
||||
aaa profile "LemoyneTest_aaa_prof"
|
||||
initial-role "authenticated"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user