diff --git a/configs/wlc/wlc-c.cfg b/configs/wlc/wlc-c.cfg
index ab8dc63..d8b1e6b 100644
--- a/configs/wlc/wlc-c.cfg
+++ b/configs/wlc/wlc-c.cfg
@@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
 !
 conductorip 10.1.35.33 ipsec ****** interface vlan 35 
 location "Building1.floor1" 
-controller config 672
+controller config 679
 crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx 
@@ -458,8 +458,11 @@ ip access-list session deny_internal_byod
     any network 10.1.40.0 255.255.255.0 tcp 80 permit 
     any network 10.251.1.0 255.255.255.224 any permit 
     any network 10.0.0.0 255.0.0.0 any deny 
-    any any any permit 
     any network 192.168.0.0 255.255.0.0 any deny 
+    any any any permit 
+!
+ip access-list session guest 
+    host 10.48.120.112 any any permit 
 !
 ip access-list session captiveportalbridge 
     user alias localip svc-https dual-nat pool localip 8081 
@@ -687,6 +690,8 @@ user-role guest
     access-list session v6-dhcp-acl 
     access-list session v6-icmp-acl 
     access-list session v6-dns-acl 
+    access-list session allowall 
+    access-list session deny_internal_byod 
 !
 user-role default-iap-user-role 
     access-list session allowall 
@@ -3625,6 +3630,7 @@ ap-group "APG48Beard"
     virtual-ap "Intune" 
     virtual-ap "APG48-SCSD_Secure" 
     virtual-ap "APG48-SCSD_Vendor" 
+    virtual-ap "SCSD_IoT" 
 !
 ap-group "APG49VanDuyn" 
     virtual-ap "Intune"