scsd/scsd-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: scsd:3704befde2539b4738cc277ceff6a0466a3b114e
Branches Tags
scsd:main
...
compare: scsd:437e40e712797ad5643bd6307fe12f3bef4bdeb0
Branches Tags
scsd:main

8 Commits
3704befde2 ... 437e40e712

Author SHA1 Message Date
John Poland
437e40e712 sh/sh-noc-a8360-4-a.cfg Tue Dec 9 05:27:18 PM EST 2025 2025-12-09 17:27:19 -05:00
John Poland
e2ee6cdee8 wlc/wlc-c.cfg Tue Dec 9 05:27:18 PM EST 2025 2025-12-09 17:27:18 -05:00
John Poland
919ecd1f12 wlc/wlc-a.cfg Tue Dec 9 05:27:18 PM EST 2025 2025-12-09 17:27:18 -05:00
John Poland
aa43e30e55 wlc/wlc-b.cfg Tue Dec 9 05:27:18 PM EST 2025 2025-12-09 17:27:18 -05:00
John Poland
ebc9789ce6 wlc/wlc-mm-2.cfg Tue Dec 9 05:27:18 PM EST 2025 2025-12-09 17:27:18 -05:00
John Poland
6e2083ac0d wlc/wlc-mm.cfg Tue Dec 9 05:27:18 PM EST 2025 2025-12-09 17:27:18 -05:00
John Poland
02fd88c7e2 fortigate-backup Tue Dec 9 05:27:18 PM EST 2025 2025-12-09 17:27:18 -05:00
John Poland
ad7feac573 fortigate Tue Dec 9 05:27:18 PM EST 2025 2025-12-09 17:27:18 -05:00
8 changed files with 467 additions and 1851 deletions
Show Stats Expand all files Collapse all files

1953
configs/fortigate/fortigate.conf
View File

File diff suppressed because it is too large Load Diff

341
configs/fortigate/vdom_scsd/firewall.cfg
View File

@ -31,26 +31,6 @@ config firewall address
set comment "Barracuda Email Internal" set comment "Barracuda Email Internal"
set subnet 10.1.40.7 255.255.255.255 set subnet 10.1.40.7 255.255.255.255
next next
edit "CK-Australia-203"
set comment "ContentKeeper Australian Support"
set color 19
set subnet 203.22.30.0 255.255.255.0
next
edit "CK-North-America-173"
set comment "Content Keeper North American Support"
set color 19
set subnet 173.60.169.48 255.255.255.240
next
edit "CK-North-America-202"
set comment "ContentKeeper North American Support"
set color 19
set subnet 202.166.186.0 255.255.255.0
next
edit "CK-North-America-8"
set comment "ContentKeeper North American Support"
set color 19
set subnet 8.19.154.0 255.255.255.0
next
edit "Nimble_Inside_1" edit "Nimble_Inside_1"
set subnet 192.168.1.98 255.255.255.255 set subnet 192.168.1.98 255.255.255.255
next next
@ -71,91 +51,6 @@ config firewall address
set comment "IP address for Safe Schools video training. Used to access LDAP authentication." set comment "IP address for Safe Schools video training. Used to access LDAP authentication."
set subnet 52.27.21.77 255.255.255.255 set subnet 52.27.21.77 255.255.255.255
next next
edit "ckf01-ipmi-inside"
set comment "ContentKeeper Filter 01 IPMI Port"
set color 19
set subnet 10.251.1.31 255.255.255.255
next
edit "ckf01-mgmt-inside"
set comment "Content Keeper Filter 01 Management Port"
set color 19
set subnet 10.251.1.21 255.255.255.255
next
edit "ckf02-ipmi-inside"
set comment "ContentKeeper Filter 02 IPMI Port"
set color 19
set subnet 10.251.1.32 255.255.255.255
next
edit "ckf02-mgmt-inside"
set comment "ContentKeeper Filter 02 Management Port"
set color 19
set subnet 10.251.1.22 255.255.255.255
next
edit "cklb01-ipmi-inside"
set comment "ContentKeeper Load Balancer 01 IPMI Port"
set color 19
set subnet 10.251.1.30 255.255.255.255
next
edit "cklb01-mgmt-inside"
set comment "ContentKeeper Load Balancer 01 Management Port"
set color 19
set subnet 10.251.1.20 255.255.255.255
next
edit "ckm01-ipmi-inside"
set comment "ContentKeeper Mobile 01 IPMI Port"
set color 19
set subnet 10.251.1.34 255.255.255.255
next
edit "ckm01-mgmt1-inside"
set comment "ContentKeeper Mobile 01 Management Port 1"
set color 19
set subnet 10.251.1.24 255.255.255.255
next
edit "ckm01-mgmt2-inside"
set comment "ContentKeeper Mobile 01 Management Port 2"
set color 19
set subnet 10.251.1.28 255.255.255.255
next
edit "ckm02-ipmi-inside"
set comment "ContentKeeper Mobile 02 IPMI Port"
set color 19
set subnet 10.251.1.35 255.255.255.255
next
edit "ckm02-mgmt1-inside"
set comment "ContentKeeper Mobile 02 Management Port 1"
set color 19
set subnet 10.251.1.25 255.255.255.255
next
edit "ckm02-mgmt2-inside"
set comment "ContentKeeper Mobile 02 Management Port 2"
set color 19
set subnet 10.251.1.29 255.255.255.255
next
edit "ckm03-ipmi-inside"
set comment "ContentKeeper Mobile 03 IPMI Port"
set color 19
set subnet 10.251.1.36 255.255.255.255
next
edit "ckm03-mgmt1-inside"
set comment "ContentKeeper Mobile 03 Management Port 1"
set color 19
set subnet 10.251.1.26 255.255.255.255
next
edit "ckm03-mgmt2-inside"
set comment "ContentKeeper Mobile 03 Management Port 2"
set color 19
set subnet 10.251.1.27 255.255.255.255
next
edit "ckr01-ipmi-inside"
set comment "ContentKeeper Reporter 01 IPMI Port"
set color 19
set subnet 10.251.1.33 255.255.255.255
next
edit "ckr01-mgmt-inside"
set comment "ContentKeeper Reporter 01 Management Port"
set color 19
set subnet 10.251.1.23 255.255.255.255
next
edit "SPD_20_DrKing" edit "SPD_20_DrKing"
set comment "SPD Firewall STEAM at Dr King" set comment "SPD Firewall STEAM at Dr King"
set color 2 set color 2
@ -694,11 +589,6 @@ config firewall address
set color 6 set color 6
set subnet 201.184.69.50 255.255.255.255 set subnet 201.184.69.50 255.255.255.255
next next
edit "CK-North-America-202_B"
set comment "Content Keeper North American Support"
set color 19
set subnet 202.166.186.64 255.255.255.255
next
edit "z_BlockIP_059" edit "z_BlockIP_059"
set comment "Malicious IP Address" set comment "Malicious IP Address"
set associated-interface "outside" set associated-interface "outside"
@ -1494,11 +1384,6 @@ config firewall address
edit "SchoolTool_External_Range" edit "SchoolTool_External_Range"
set subnet 172.30.44.0 255.255.254.0 set subnet 172.30.44.0 255.255.254.0
next next
edit "ckr01-mgmt-inside-temp"
set comment "ContentKeeper Reporter 01 Management Port"
set color 19
set subnet 10.251.1.43 255.255.255.255
next
edit "z_BlockIP_141" edit "z_BlockIP_141"
set comment "now.gg" set comment "now.gg"
set associated-interface "outside" set associated-interface "outside"
@ -2966,11 +2851,6 @@ config firewall addrgrp
set member "21JumpSt" "DataTools" "Fileserver03" "Nighttime_Inside" "Tableau" "DC01_A" "DC01_B" "DC01_C" "HVDC02" "HVDC03_A" "HVDC03_B" "DocHolliday" "SchoolTool webjs" "Elastic" set member "21JumpSt" "DataTools" "Fileserver03" "Nighttime_Inside" "Tableau" "DC01_A" "DC01_B" "DC01_C" "HVDC02" "HVDC03_A" "HVDC03_B" "DocHolliday" "SchoolTool webjs" "Elastic"
set comment "Access for SchoolTool Cloud" set comment "Access for SchoolTool Cloud"
next next
edit "CONTENTKEEPER-REMOTE-SUPPORT"
set member "CK-North-America-202" "CK-Australia-203" "CK-North-America-173" "CK-North-America-8" "CK-North-America-202_B"
set comment "ContentKeeper Remote Support Networks"
set color 19
next
edit "Nimble_Inside_Grp" edit "Nimble_Inside_Grp"
set member "Nimble_Inside_4" "Nimble_Inside_2" "Nimble_Inside_1" "nimble_Inside_3" set member "Nimble_Inside_4" "Nimble_Inside_2" "Nimble_Inside_1" "nimble_Inside_3"
next next
@ -3028,11 +2908,6 @@ config firewall addrgrp
set comment "City CGRs on our side" set comment "City CGRs on our side"
set color 28 set color 28
next next
edit "CK_Inside_Group"
set member "ckf01-ipmi-inside" "ckf01-mgmt-inside" "ckf02-ipmi-inside" "ckf02-mgmt-inside" "cklb01-ipmi-inside" "cklb01-mgmt-inside" "ckm01-ipmi-inside" "ckm01-mgmt1-inside" "ckm01-mgmt2-inside" "ckm02-ipmi-inside" "ckm02-mgmt1-inside" "ckm02-mgmt2-inside" "ckm03-ipmi-inside" "ckm03-mgmt1-inside" "ckm03-mgmt2-inside" "ckr01-ipmi-inside" "ckr01-mgmt-inside" "ckr01-mgmt-inside-temp"
set comment "Content Keeper Inside Address Group"
set color 19
next
edit "Block_List_Group" edit "Block_List_Group"
set member "z_BlockIP_001" "z_BlockIP_002" "z_BlockIP_003" "z_BlockIP_004" "z_BlockIP_005" "z_BlockIP_006" "z_BlockIP_008" "z_BlockIP_009" "z_BlockIP_010" "z_BlockIP_011" "z_BlockIP_012" "z_BlockIP_013" "z_BlockIP_014" "z_BlockIP_015" "z_BlockIP_016" "z_BlockIP_017" "z_BlockIP_018" "z_BlockIP_019" "z_BlockIP_020" "z_BlockIP_021" "z_BlockIP_022" "z_BlockIP_024" "z_BlockIP_025" "z_BlockIP_026" "z_BlockIP_027" "z_BlockIP_028" "z_BlockIP_030" "z_BlockIP_031" "z_BlockIP_032" "z_BlockIP_033" "z_BlockIP_034" "z_BlockIP_035" "z_BlockIP_036" "z_BlockIP_037" "z_BlockIP_038" "z_BlockIP_039" "z_BlockIP_040" "z_BlockIP_041" "z_BlockIP_042" "z_BlockIP_043" "z_BlockIP_044" "z_BlockIP_045" "z_BlockIP_046" "z_BlockIP_047" "z_BlockIP_048" "z_BlockIP_052" "z_BlockIP_053" "z_BlockIP_054" "z_BlockIP_055" "z_BlockIP_056" "z_BlockIP_057" "z_BlockIP_058" "z_BlockIP_059" "z_BlockIP_060" "z_BlockIP_061" "z_BlockIP_062" "z_BlockIP_063" "z_BlockIP_064" "z_BlockIP_065" "z_BlockIP_066" "z_BlockIP_067" "z_BlockIP_068" "z_BlockIP_069" "z_BlockIP_070" "z_BlockIP_071" "z_BlockIP_072" "z_BlockIP_073" "z_BlockIP_074" "z_BlockIP_075" "z_BlockIP_076" "z_BlockIP_077" "z_BlockIP_078" "z_BlockIP_079" "z_BlockIP_080" "z_BlockIP_081" "z_BlockIP_082" "z_BlockIP_083" "z_BlockIP_084" "z_BlockIP_085" "z_BlockIP_086" "z_BlockIP_087" "z_BlockIP_088" "z_BlockIP_089" "z_BlockIP_090" "z_BlockIP_091" "z_BlockIP_092" "z_BlockIP_093" "z_BlockIP_094" "z_BlockIP_095" "z_BlockIP_096" "z_BlockIP_097" "z_BlockIP_098" "z_BlockIP_099" "z_BlockIP_100" "z_BlockIP_101" "z_BlockIP_007" "z_BlockIP_049" "z_BlockIP_050" "z_BlockIP_051" "z_BlockIP_103" "z_BlockIP_104" "z_BlockIP_105" "z_BlockIP_106" "z_BlockIP_107" "z_BlockIP_108" "z_BlockIP_109" "z_BlockIP_111" "z_BlockIP_112" "z_BlockIP_113" "z_BlockIP_114" "z_BlockIP_115" "z_BlockIP_116" "z_BlockIP_117" "z_BlockIP_118" "z_BlockIP_119" "z_BlockIP_120" "z_BlockIP_122" "z_BlockIP_125" "z_BlockIP_126" "z_BlockIP_127" "z_BlockIP_128" "z_BlockIP_129" "z_BlockIP_130" "z_BlockIP_131" "z_BlockIP_132" "z_BlockIP_133" "z_BlockSub_001" "z_BlockSub_002" "z_BlockSub_003" "z_BlockSub_004" "z_BlockSub_005" "z_BlockSub_006" "z_BlockSub_007" "z_BlockSub_008" "z_BlockSub_009" "z_BlockSub_010" "z_BlockSub_011" "z_BlockSub_012" "z_BlockSub_013" "z_BlockSub_014" "z_BlockSub_015" "z_BlockSub_016" "z_BlockSub_017" "z_BlockSub_019" "z_BlockSub_020" "z_BlockSub_021" "z_BlockSub_022" "z_BlockSub_024" "z_BlockSub_025" "z_BlockSub_026" "z_BlockSub_027" "z_BlockSub_028" "z_BlockSub_030" "z_BlockSub_031" "z_BlockSub_032" "z_BlockSub_033" "z_BlockSub_034" "z_BlockSub_035" "z_BlockSub_037" "z_BlockSub_038" "z_BlockSub_039" "z_Ryuk_01" "z_Ryuk_02" "z_BlockIP_023" "z_BlockIP_029" "z_BlockIP_134" "z_BlockIP_135" "z_BlockIP_000" "z_BlockIP_138" "z_BlockIP_139" "z_BlockIP_140" "z_BlockIP_141" "z_BlockIP_142" "z_BlockIP_143" "z_BlockIP_144" "z_BlockIP_145" "z_BlockIP_146" "z_BlockIP_147" "z_BlockIP_148" "z_BlockIP_149" "z_BlockIP_150" "z_BlockRange_01" "z_BlockRange_02" "z_BlockRange_03" "z_BlockSub_040" "z_BlockSub_041" "z_BlockSub_042" "z_BlockIP_152" set member "z_BlockIP_001" "z_BlockIP_002" "z_BlockIP_003" "z_BlockIP_004" "z_BlockIP_005" "z_BlockIP_006" "z_BlockIP_008" "z_BlockIP_009" "z_BlockIP_010" "z_BlockIP_011" "z_BlockIP_012" "z_BlockIP_013" "z_BlockIP_014" "z_BlockIP_015" "z_BlockIP_016" "z_BlockIP_017" "z_BlockIP_018" "z_BlockIP_019" "z_BlockIP_020" "z_BlockIP_021" "z_BlockIP_022" "z_BlockIP_024" "z_BlockIP_025" "z_BlockIP_026" "z_BlockIP_027" "z_BlockIP_028" "z_BlockIP_030" "z_BlockIP_031" "z_BlockIP_032" "z_BlockIP_033" "z_BlockIP_034" "z_BlockIP_035" "z_BlockIP_036" "z_BlockIP_037" "z_BlockIP_038" "z_BlockIP_039" "z_BlockIP_040" "z_BlockIP_041" "z_BlockIP_042" "z_BlockIP_043" "z_BlockIP_044" "z_BlockIP_045" "z_BlockIP_046" "z_BlockIP_047" "z_BlockIP_048" "z_BlockIP_052" "z_BlockIP_053" "z_BlockIP_054" "z_BlockIP_055" "z_BlockIP_056" "z_BlockIP_057" "z_BlockIP_058" "z_BlockIP_059" "z_BlockIP_060" "z_BlockIP_061" "z_BlockIP_062" "z_BlockIP_063" "z_BlockIP_064" "z_BlockIP_065" "z_BlockIP_066" "z_BlockIP_067" "z_BlockIP_068" "z_BlockIP_069" "z_BlockIP_070" "z_BlockIP_071" "z_BlockIP_072" "z_BlockIP_073" "z_BlockIP_074" "z_BlockIP_075" "z_BlockIP_076" "z_BlockIP_077" "z_BlockIP_078" "z_BlockIP_079" "z_BlockIP_080" "z_BlockIP_081" "z_BlockIP_082" "z_BlockIP_083" "z_BlockIP_084" "z_BlockIP_085" "z_BlockIP_086" "z_BlockIP_087" "z_BlockIP_088" "z_BlockIP_089" "z_BlockIP_090" "z_BlockIP_091" "z_BlockIP_092" "z_BlockIP_093" "z_BlockIP_094" "z_BlockIP_095" "z_BlockIP_096" "z_BlockIP_097" "z_BlockIP_098" "z_BlockIP_099" "z_BlockIP_100" "z_BlockIP_101" "z_BlockIP_007" "z_BlockIP_049" "z_BlockIP_050" "z_BlockIP_051" "z_BlockIP_103" "z_BlockIP_104" "z_BlockIP_105" "z_BlockIP_106" "z_BlockIP_107" "z_BlockIP_108" "z_BlockIP_109" "z_BlockIP_111" "z_BlockIP_112" "z_BlockIP_113" "z_BlockIP_114" "z_BlockIP_115" "z_BlockIP_116" "z_BlockIP_117" "z_BlockIP_118" "z_BlockIP_119" "z_BlockIP_120" "z_BlockIP_122" "z_BlockIP_125" "z_BlockIP_126" "z_BlockIP_127" "z_BlockIP_128" "z_BlockIP_129" "z_BlockIP_130" "z_BlockIP_131" "z_BlockIP_132" "z_BlockIP_133" "z_BlockSub_001" "z_BlockSub_002" "z_BlockSub_003" "z_BlockSub_004" "z_BlockSub_005" "z_BlockSub_006" "z_BlockSub_007" "z_BlockSub_008" "z_BlockSub_009" "z_BlockSub_010" "z_BlockSub_011" "z_BlockSub_012" "z_BlockSub_013" "z_BlockSub_014" "z_BlockSub_015" "z_BlockSub_016" "z_BlockSub_017" "z_BlockSub_019" "z_BlockSub_020" "z_BlockSub_021" "z_BlockSub_022" "z_BlockSub_024" "z_BlockSub_025" "z_BlockSub_026" "z_BlockSub_027" "z_BlockSub_028" "z_BlockSub_030" "z_BlockSub_031" "z_BlockSub_032" "z_BlockSub_033" "z_BlockSub_034" "z_BlockSub_035" "z_BlockSub_037" "z_BlockSub_038" "z_BlockSub_039" "z_Ryuk_01" "z_Ryuk_02" "z_BlockIP_023" "z_BlockIP_029" "z_BlockIP_134" "z_BlockIP_135" "z_BlockIP_000" "z_BlockIP_138" "z_BlockIP_139" "z_BlockIP_140" "z_BlockIP_141" "z_BlockIP_142" "z_BlockIP_143" "z_BlockIP_144" "z_BlockIP_145" "z_BlockIP_146" "z_BlockIP_147" "z_BlockIP_148" "z_BlockIP_149" "z_BlockIP_150" "z_BlockRange_01" "z_BlockRange_02" "z_BlockRange_03" "z_BlockSub_040" "z_BlockSub_041" "z_BlockSub_042" "z_BlockIP_152"
set comment "IPs and Subnets to be blocked as Malicious" set comment "IPs and Subnets to be blocked as Malicious"
@ -4024,143 +3899,6 @@ description Eastern Suffolk BOCES access to NTSS.scsd.ad"
set nat-source-vip enable set nat-source-vip enable
set srcintf-filter "outside lag" set srcintf-filter "outside lag"
next next
edit "vip-ckf01-ipmi"
set comment "ContentKeeper"
set extip 198.36.26.31
set mappedip "10.251.1.31"
set extintf "outside lag"
set nat-source-vip enable
set srcintf-filter "outside lag"
set color 19
next
edit "vip-ckf01-mgmt"
set comment "ContentKeeper"
set extip 198.36.26.21
set mappedip "10.251.1.21"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckf02-ipmi"
set comment "ContentKeeper"
set extip 198.36.26.32
set mappedip "10.251.1.32"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckf02-mgmt"
set comment "ContentKeeper"
set extip 198.36.26.22
set mappedip "10.251.1.22"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-cklb01-ipmi"
set comment "ContentKeeper"
set extip 198.36.26.30
set mappedip "10.251.1.30"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-cklb01-mgmt"
set comment "ContentKeeper"
set extip 198.36.26.20
set mappedip "10.251.1.20"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckm01-mgmt2"
set comment "ContentKeeper"
set extip 198.36.26.28
set mappedip "10.251.1.28"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckr01-mgmt"
set comment "ContentKeeper"
set extip 198.36.26.23
set mappedip "10.251.1.23"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckr01-ipmi"
set comment "ContentKeeper"
set extip 198.36.26.33
set mappedip "10.251.1.33"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckm01-ipmi"
set comment "ContentKeeper"
set extip 198.36.26.34
set mappedip "10.251.1.34"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckm01-mgmt"
set comment "ContentKeeper"
set extip 198.36.26.24
set mappedip "10.251.1.24"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckm02-ipmi"
set comment "ContentKeeper"
set extip 198.36.26.35
set mappedip "10.251.1.35"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckm02-mgmt"
set comment "ContentKeeper"
set extip 198.36.26.25
set mappedip "10.251.1.25"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckm02-mgmt2"
set comment "ContentKeeper"
set extip 198.36.26.29
set mappedip "10.251.1.29"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckm03-ipmi"
set comment "ContentKeeper"
set extip 198.36.26.36
set mappedip "10.251.1.36"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckm03-mgmt1"
set comment "ContentKeeper"
set extip 198.36.26.26
set mappedip "10.251.1.26"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-ckm03-mgmt2"
set comment "ContentKeeper"
set extip 198.36.26.27
set mappedip "10.251.1.27"
set extintf "outside lag"
set nat-source-vip enable
set color 19
next
edit "vip-scsdess" edit "vip-scsdess"
set comment "ESS" set comment "ESS"
set extip 198.36.24.100 set extip 198.36.24.100
@ -4288,21 +4026,6 @@ description Eastern Suffolk BOCES access to NTSS.scsd.ad"
next next
end end
config firewall vipgrp config firewall vipgrp
edit "vip-grp-ck-mgmt-filters"
set interface "outside lag"
set color 19
set member "vip-ckf01-mgmt" "vip-ckf02-mgmt"
next
edit "vip-grp-ck-all"
set interface "outside lag"
set color 19
set member "vip-ckf01-ipmi" "vip-ckf01-mgmt" "vip-ckf02-ipmi" "vip-ckf02-mgmt" "vip-cklb01-ipmi" "vip-cklb01-mgmt" "vip-ckm01-ipmi" "vip-ckm01-mgmt" "vip-ckm01-mgmt2" "vip-ckm02-ipmi" "vip-ckm02-mgmt" "vip-ckm02-mgmt2" "vip-ckm03-ipmi" "vip-ckm03-mgmt1" "vip-ckm03-mgmt2" "vip-ckr01-ipmi" "vip-ckr01-mgmt"
next
edit "vip-grp-ckm-mgmt"
set interface "outside lag"
set color 19
set member "vip-ckm01-mgmt" "vip-ckm01-mgmt2" "vip-ckm02-mgmt" "vip-ckm02-mgmt2" "vip-ckm03-mgmt1" "vip-ckm03-mgmt2"
next
edit "vip-grp-barracuda_Archivers" edit "vip-grp-barracuda_Archivers"
set interface "outside lag" set interface "outside lag"
set member "vip-Barracuda-Archive-1" "vip-Barracuda-Archive-2" set member "vip-Barracuda-Archive-1" "vip-Barracuda-Archive-2"
@ -5336,22 +5059,6 @@ config firewall policy
set logtraffic all set logtraffic all
set comments "Nimble Support" set comments "Nimble Support"
next next
edit 107
set status disable
set name "Content_Keeper_In -> Out"
set srcintf "inside"
set dstintf "outside"
set action accept
set srcaddr "CK_Inside_Group"
set dstaddr "all"
set schedule "always"
set service "ALL"
set logtraffic all
set nat enable
set ippool enable
set poolname "ippool-198.36.23.251" "ippool-198.36.23.253" "ippool-198.36.23.254" "ippool-198.36.23.252"
set comments "ContentKeeper"
next
edit 10026 edit 10026
set name "Barracuda In->Out" set name "Barracuda In->Out"
set srcintf "inside" set srcintf "inside"
@ -5948,54 +5655,6 @@ config firewall policy
set logtraffic all set logtraffic all
set comments "City Allowed Networks From Us to Them" set comments "City Allowed Networks From Us to Them"
next next
edit 10012
set status disable
set name "CK_Mgmt_Filters"
set srcintf "outside"
set dstintf "inside"
set action accept
set srcaddr "all"
set dstaddr "vip-grp-ck-mgmt-filters"
set schedule "always"
set service "HTTPS" "TCP-8080"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set ips-sensor "Incoming_IPS"
set logtraffic all
set comments "ContentKeeper"
next
edit 10014
set status disable
set name "CK_Support"
set srcintf "outside"
set dstintf "inside"
set action accept
set srcaddr "CONTENTKEEPER-REMOTE-SUPPORT"
set dstaddr "vip-grp-ck-all"
set schedule "always"
set service "CK_Support_Services_Group"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set ips-sensor "Incoming_IPS"
set logtraffic all
set comments "ContentKeeper"
next
edit 10018
set status disable
set name "CKMobile"
set srcintf "outside"
set dstintf "inside"
set action accept
set srcaddr "all"
set dstaddr "vip-grp-ckm-mgmt"
set schedule "always"
set service "CK_Mobile_Services_Group"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set ips-sensor "Incoming_IPS"
set logtraffic all
set comments "ContentKeeper"
next
edit 10024 edit 10024
set name "Email_Hybrid_Allow" set name "Email_Hybrid_Allow"
set srcintf "outside" set srcintf "outside"

5
configs/sh/sh-noc-a8360-4-a.cfg
View File

@ -717,6 +717,11 @@ interface 1/1/2
interface 1/1/3 interface 1/1/3
description iLo_New_DC description iLo_New_DC
no shutdown no shutdown
interface 1/1/44
description Ribbon-SBC
no shutdown
no routing
vlan access 150
interface 1/1/45 interface 1/1/45
description VuWall description VuWall
no shutdown no shutdown

5
configs/wlc/wlc-a.cfg
View File

@ -7,7 +7,7 @@ clock timezone America/New_York -05 0
! !
conductorip 10.1.35.33 ipsec ****** interface vlan 35 conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1" location "Building1.floor1"
controller config 709 controller config 712
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
@ -1629,10 +1629,11 @@ interface vlan 1024
! !
interface vlan 367 interface vlan 367
ip address 10.67.112.7 255.255.240.0
! !
interface vlan 467 interface vlan 467
ip address 10.67.128.4 255.255.240.0 ip address 10.67.128.7 255.255.240.0
! !
! !

5
configs/wlc/wlc-b.cfg
View File

@ -7,7 +7,7 @@ clock timezone America/New_York -05 0
! !
conductorip 10.1.35.33 ipsec ****** interface vlan 35 conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1" location "Building1.floor1"
controller config 709 controller config 712
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
@ -1629,10 +1629,11 @@ interface vlan 1024
! !
interface vlan 367 interface vlan 367
ip address 10.67.112.8 255.255.240.0
! !
interface vlan 467 interface vlan 467
ip address 10.67.128.5 255.255.240.0 ip address 10.67.128.8 255.255.240.0
! !
! !

5
configs/wlc/wlc-c.cfg
View File

@ -7,7 +7,7 @@ clock timezone America/New_York -05 0
! !
conductorip 10.1.35.33 ipsec ****** interface vlan 35 conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1" location "Building1.floor1"
controller config 709 controller config 712
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
@ -1623,10 +1623,11 @@ interface vlan 1024
! !
interface vlan 367 interface vlan 367
ip address 10.67.112.9 255.255.240.0
! !
interface vlan 467 interface vlan 467
ip address 10.67.128.6 255.255.240.0 ip address 10.67.128.9 255.255.240.0
! !
! !

2
configs/wlc/wlc-mm-2.cfg
View File

@ -6,7 +6,7 @@ hostname "NOC-ARUBA-MM-2"
clock timezone America/New_York -05 0 clock timezone America/New_York -05 0
! !
location "Building1.floor1" location "Building1.floor1"
controller config 709 controller config 712
crypto-local pki ServerCert scsd_wc2_full_2025 Star-Exp042025-fullchain.pfx crypto-local pki ServerCert scsd_wc2_full_2025 Star-Exp042025-fullchain.pfx
crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wildcard_2025 StartCert-Expire042025.pfx crypto-local pki ServerCert scsd_wildcard_2025 StartCert-Expire042025.pfx

2
configs/wlc/wlc-mm.cfg
View File

@ -6,7 +6,7 @@ hostname "noc-aruba-mm"
clock timezone America/New_York -05 0 clock timezone America/New_York -05 0
! !
location "Building1.floor1" location "Building1.floor1"
controller config 709 controller config 712
crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wildcard_2026 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_wildcard_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki PublicCert master-ssh-pub-cert master-ssh-pub-cert crypto-local pki PublicCert master-ssh-pub-cert master-ssh-pub-cert