Compare commits
8 Commits
0d83be57f1
...
6b9d87ae40
| Author | SHA1 | Date | |
|---|---|---|---|
| 6b9d87ae40 | |||
| 6711988d13 | |||
| 23c72f2940 | |||
| 2bb152582a | |||
| 3eeae49ae6 | |||
| bdbb815c1a | |||
| efd3a45429 | |||
| a39a170066 |
@ -1,8 +1,8 @@
|
||||
Building configuration...
|
||||
|
||||
Current configuration : 34613 bytes
|
||||
Current configuration : 34631 bytes
|
||||
!
|
||||
! Last configuration change at 14:42:09 EDT Thu Aug 28 2025
|
||||
! Last configuration change at 11:03:21 EDT Wed Sep 10 2025 by bmaccl09.admin
|
||||
!
|
||||
version 15.2
|
||||
no service pad
|
||||
|
||||
@ -500,16 +500,30 @@ interface 1/1/22
|
||||
client track ip update-interval 120
|
||||
power-over-ethernet pre-std-detect
|
||||
interface 1/1/23
|
||||
description Admin Voice
|
||||
description Auto
|
||||
no shutdown
|
||||
no routing
|
||||
vlan access 50
|
||||
vlan access 168
|
||||
spanning-tree bpdu-guard
|
||||
spanning-tree port-type admin-edge
|
||||
spanning-tree root-guard
|
||||
spanning-tree tcn-guard
|
||||
loop-protect
|
||||
port-access onboarding-method concurrent enable
|
||||
aaa authentication port-access allow-cdp-bpdu
|
||||
aaa authentication port-access allow-lldp-bpdu
|
||||
aaa authentication port-access client-limit 3
|
||||
aaa authentication port-access dot1x authenticator
|
||||
cached-reauth
|
||||
cached-reauth-period 86400
|
||||
reauth
|
||||
enable
|
||||
aaa authentication port-access mac-auth
|
||||
cached-reauth
|
||||
cached-reauth-period 86400
|
||||
quiet-period 30
|
||||
reauth
|
||||
enable
|
||||
client track ip enable
|
||||
client track ip update-interval 120
|
||||
power-over-ethernet pre-std-detect
|
||||
@ -1162,16 +1176,30 @@ interface 2/1/24
|
||||
client track ip update-interval 120
|
||||
power-over-ethernet pre-std-detect
|
||||
interface 2/1/25
|
||||
description Access Control
|
||||
description Auto
|
||||
no shutdown
|
||||
no routing
|
||||
vlan access 72
|
||||
vlan access 168
|
||||
spanning-tree bpdu-guard
|
||||
spanning-tree port-type admin-edge
|
||||
spanning-tree root-guard
|
||||
spanning-tree tcn-guard
|
||||
loop-protect
|
||||
port-access onboarding-method concurrent enable
|
||||
aaa authentication port-access allow-cdp-bpdu
|
||||
aaa authentication port-access allow-lldp-bpdu
|
||||
aaa authentication port-access client-limit 3
|
||||
aaa authentication port-access dot1x authenticator
|
||||
cached-reauth
|
||||
cached-reauth-period 86400
|
||||
reauth
|
||||
enable
|
||||
aaa authentication port-access mac-auth
|
||||
cached-reauth
|
||||
cached-reauth-period 86400
|
||||
quiet-period 30
|
||||
reauth
|
||||
enable
|
||||
client track ip enable
|
||||
client track ip update-interval 120
|
||||
power-over-ethernet pre-std-detect
|
||||
|
||||
@ -2203,30 +2203,16 @@ interface 2/1/25
|
||||
client track ip update-interval 120
|
||||
power-over-ethernet pre-std-detect
|
||||
interface 2/1/26
|
||||
description Auto
|
||||
description -TO CAREHAWK-
|
||||
no shutdown
|
||||
no routing
|
||||
vlan access 168
|
||||
vlan access 30
|
||||
spanning-tree bpdu-guard
|
||||
spanning-tree port-type admin-edge
|
||||
spanning-tree root-guard
|
||||
spanning-tree tcn-guard
|
||||
loop-protect
|
||||
port-access onboarding-method concurrent enable
|
||||
aaa authentication port-access allow-cdp-bpdu
|
||||
aaa authentication port-access allow-lldp-bpdu
|
||||
aaa authentication port-access client-limit 3
|
||||
aaa authentication port-access dot1x authenticator
|
||||
cached-reauth
|
||||
cached-reauth-period 86400
|
||||
reauth
|
||||
enable
|
||||
aaa authentication port-access mac-auth
|
||||
cached-reauth
|
||||
cached-reauth-period 86400
|
||||
quiet-period 30
|
||||
reauth
|
||||
enable
|
||||
client track ip enable
|
||||
client track ip update-interval 120
|
||||
power-over-ethernet pre-std-detect
|
||||
|
||||
@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
|
||||
!
|
||||
conductorip 10.1.35.33 ipsec ****** interface vlan 35
|
||||
location "Building1.floor1"
|
||||
controller config 659
|
||||
controller config 669
|
||||
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
|
||||
@ -1855,6 +1855,8 @@ aaa authentication dot1x "Intune_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "LemoyneTest_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSD_IoT_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSD_Secure_dot1_aut"
|
||||
!
|
||||
aaa authentication via global-config
|
||||
@ -1937,6 +1939,10 @@ aaa profile "LemoyneTest_aaa_prof"
|
||||
!
|
||||
aaa profile "NoAuthAAAProfile"
|
||||
!
|
||||
aaa profile "SCSD_IoT_aaa_prof"
|
||||
initial-role "authenticated"
|
||||
authentication-dot1x "SCSD_IoT_dot1_aut"
|
||||
!
|
||||
aaa profile "SCSD_Secure_aaa_prof"
|
||||
authentication-dot1x "SCSD_Secure_dot1_aut"
|
||||
dot1x-default-role "stateful-dot1x"
|
||||
@ -2549,6 +2555,12 @@ wlan ssid-profile "Intune_ssid_prof"
|
||||
g-tx-rates 12 18 24 36 48 54
|
||||
hide-ssid
|
||||
!
|
||||
wlan ssid-profile "SCSD_IoT_ssid_prof"
|
||||
essid "SCSD_IoT"
|
||||
wpa-passphrase *redacted*
|
||||
opmode wpa2-psk-aes
|
||||
hide-ssid
|
||||
!
|
||||
wlan ssid-profile "SCSD_Secure_ssid_prof"
|
||||
essid "SCSD_Secure"
|
||||
opmode wpa2-aes
|
||||
@ -3327,6 +3339,11 @@ wlan virtual-ap "Intune"
|
||||
forward-mode decrypt-tunnel
|
||||
ssid-profile "Intune_ssid_prof"
|
||||
!
|
||||
wlan virtual-ap "SCSD_IoT"
|
||||
aaa-profile "SCSD_IoT_aaa_prof"
|
||||
vlan 307
|
||||
ssid-profile "SCSD_IoT_ssid_prof"
|
||||
!
|
||||
wlan virtual-ap "SCSD_Secure"
|
||||
aaa-profile "SCSD_Secure_aaa_prof"
|
||||
vlan 100
|
||||
@ -3475,6 +3492,10 @@ ap-group "APG07Corcoran"
|
||||
virtual-ap "Intune"
|
||||
virtual-ap "APG07-SCSD_Secure"
|
||||
virtual-ap "APG07-SCSD_Vendor"
|
||||
virtual-ap "SCSD_IoT"
|
||||
!
|
||||
ap-group "APG07Corcoran-IoT"
|
||||
virtual-ap "SCSD_IoT"
|
||||
!
|
||||
ap-group "APG07Corcoran-Outdoors"
|
||||
virtual-ap "APG07-SCSD_Secure-Outdoors"
|
||||
|
||||
@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
|
||||
!
|
||||
conductorip 10.1.35.33 ipsec ****** interface vlan 35
|
||||
location "Building1.floor1"
|
||||
controller config 659
|
||||
controller config 669
|
||||
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
|
||||
@ -1858,6 +1858,8 @@ aaa authentication dot1x "Intune_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "LemoyneTest_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSD_IoT_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSD_Secure_dot1_aut"
|
||||
!
|
||||
aaa authentication via global-config
|
||||
@ -1940,6 +1942,10 @@ aaa profile "LemoyneTest_aaa_prof"
|
||||
!
|
||||
aaa profile "NoAuthAAAProfile"
|
||||
!
|
||||
aaa profile "SCSD_IoT_aaa_prof"
|
||||
initial-role "authenticated"
|
||||
authentication-dot1x "SCSD_IoT_dot1_aut"
|
||||
!
|
||||
aaa profile "SCSD_Secure_aaa_prof"
|
||||
authentication-dot1x "SCSD_Secure_dot1_aut"
|
||||
dot1x-default-role "stateful-dot1x"
|
||||
@ -2513,6 +2519,12 @@ wlan ssid-profile "Intune_ssid_prof"
|
||||
g-tx-rates 12 18 24 36 48 54
|
||||
hide-ssid
|
||||
!
|
||||
wlan ssid-profile "SCSD_IoT_ssid_prof"
|
||||
essid "SCSD_IoT"
|
||||
wpa-passphrase *redacted*
|
||||
opmode wpa2-psk-aes
|
||||
hide-ssid
|
||||
!
|
||||
wlan ssid-profile "SCSD_Secure_ssid_prof"
|
||||
essid "SCSD_Secure"
|
||||
opmode wpa2-aes
|
||||
@ -3291,6 +3303,11 @@ wlan virtual-ap "Intune"
|
||||
forward-mode decrypt-tunnel
|
||||
ssid-profile "Intune_ssid_prof"
|
||||
!
|
||||
wlan virtual-ap "SCSD_IoT"
|
||||
aaa-profile "SCSD_IoT_aaa_prof"
|
||||
vlan 307
|
||||
ssid-profile "SCSD_IoT_ssid_prof"
|
||||
!
|
||||
wlan virtual-ap "SCSD_Secure"
|
||||
aaa-profile "SCSD_Secure_aaa_prof"
|
||||
vlan 100
|
||||
@ -3439,6 +3456,10 @@ ap-group "APG07Corcoran"
|
||||
virtual-ap "Intune"
|
||||
virtual-ap "APG07-SCSD_Secure"
|
||||
virtual-ap "APG07-SCSD_Vendor"
|
||||
virtual-ap "SCSD_IoT"
|
||||
!
|
||||
ap-group "APG07Corcoran-IoT"
|
||||
virtual-ap "SCSD_IoT"
|
||||
!
|
||||
ap-group "APG07Corcoran-Outdoors"
|
||||
virtual-ap "APG07-SCSD_Secure-Outdoors"
|
||||
|
||||
@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
|
||||
!
|
||||
conductorip 10.1.35.33 ipsec ****** interface vlan 35
|
||||
location "Building1.floor1"
|
||||
controller config 659
|
||||
controller config 669
|
||||
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
|
||||
@ -1852,6 +1852,8 @@ aaa authentication dot1x "Intune_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "LemoyneTest_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSD_IoT_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSD_Secure_dot1_aut"
|
||||
!
|
||||
aaa authentication via global-config
|
||||
@ -1934,6 +1936,10 @@ aaa profile "LemoyneTest_aaa_prof"
|
||||
!
|
||||
aaa profile "NoAuthAAAProfile"
|
||||
!
|
||||
aaa profile "SCSD_IoT_aaa_prof"
|
||||
initial-role "authenticated"
|
||||
authentication-dot1x "SCSD_IoT_dot1_aut"
|
||||
!
|
||||
aaa profile "SCSD_Secure_aaa_prof"
|
||||
authentication-dot1x "SCSD_Secure_dot1_aut"
|
||||
dot1x-default-role "stateful-dot1x"
|
||||
@ -2505,6 +2511,12 @@ wlan ssid-profile "Intune_ssid_prof"
|
||||
g-tx-rates 12 18 24 36 48 54
|
||||
hide-ssid
|
||||
!
|
||||
wlan ssid-profile "SCSD_IoT_ssid_prof"
|
||||
essid "SCSD_IoT"
|
||||
wpa-passphrase *redacted*
|
||||
opmode wpa2-psk-aes
|
||||
hide-ssid
|
||||
!
|
||||
wlan ssid-profile "SCSD_Secure_ssid_prof"
|
||||
essid "SCSD_Secure"
|
||||
opmode wpa2-aes
|
||||
@ -3283,6 +3295,11 @@ wlan virtual-ap "Intune"
|
||||
forward-mode decrypt-tunnel
|
||||
ssid-profile "Intune_ssid_prof"
|
||||
!
|
||||
wlan virtual-ap "SCSD_IoT"
|
||||
aaa-profile "SCSD_IoT_aaa_prof"
|
||||
vlan 307
|
||||
ssid-profile "SCSD_IoT_ssid_prof"
|
||||
!
|
||||
wlan virtual-ap "SCSD_Secure"
|
||||
aaa-profile "SCSD_Secure_aaa_prof"
|
||||
vlan 100
|
||||
@ -3431,6 +3448,10 @@ ap-group "APG07Corcoran"
|
||||
virtual-ap "Intune"
|
||||
virtual-ap "APG07-SCSD_Secure"
|
||||
virtual-ap "APG07-SCSD_Vendor"
|
||||
virtual-ap "SCSD_IoT"
|
||||
!
|
||||
ap-group "APG07Corcoran-IoT"
|
||||
virtual-ap "SCSD_IoT"
|
||||
!
|
||||
ap-group "APG07Corcoran-Outdoors"
|
||||
virtual-ap "APG07-SCSD_Secure-Outdoors"
|
||||
|
||||
@ -6,7 +6,7 @@ hostname "NOC-ARUBA-MM-2"
|
||||
clock timezone America/New_York -04 0
|
||||
!
|
||||
location "Building1.floor1"
|
||||
controller config 659
|
||||
controller config 669
|
||||
crypto-local pki ServerCert scsd_wc2_full_2025 Star-Exp042025-fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_wildcard_2025 StartCert-Expire042025.pfx
|
||||
|
||||
@ -6,7 +6,7 @@ hostname "noc-aruba-mm"
|
||||
clock timezone America/New_York -04 0
|
||||
!
|
||||
location "Building1.floor1"
|
||||
controller config 659
|
||||
controller config 669
|
||||
crypto-local pki ServerCert scsd_wc2_full_2025 Star-Exp042025-fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_wildcard_2025 StartCert-Expire042025.pfx
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user