Compare commits
No commits in common. "4c7d13834433f57effc7a3a19b5524bd59ef4b62" and "c8ff41a53fcf6df15d3ec51dbfcb8a536eaa5d15" have entirely different histories.
4c7d138344
...
c8ff41a53f
@ -79,8 +79,6 @@ vlan 30
|
||||
name IoT
|
||||
description IoT
|
||||
ip igmp snooping enable
|
||||
vlan 32
|
||||
name SCSD_Guest
|
||||
vlan 35
|
||||
name Wireless_Controller_Admin
|
||||
description Wireless Controller Admin
|
||||
@ -556,7 +554,7 @@ spanning-tree
|
||||
spanning-tree priority 2
|
||||
spanning-tree trap topology-change instance 0
|
||||
spanning-tree ignore-pvid-inconsistency
|
||||
spanning-tree vlan 3,5,6,10,12,18,20,21,30,32,35,40,45,48,50,70,72,99,101,107,140,150,151,164,168,172,175-179,200,203,230,252,254,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,511-519,525,699,811-813,995,999,1180,1202,1251,1254,1256,1261,1262,1811-1814,3000
|
||||
spanning-tree vlan 3,5,6,10,12,18,20,21,30,35,40,45,48,50,70,72,99,101,107,140,150,151,164,168,172,175-179,200,203,230,252,254,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,511-519,525,699,811-813,995,999,1180,1202,1251,1254,1256,1261,1262,1811-1814,3000
|
||||
spanning-tree vlan 3 priority 4
|
||||
spanning-tree vlan 5 priority 4
|
||||
spanning-tree vlan 6 priority 4
|
||||
@ -566,7 +564,6 @@ spanning-tree vlan 18 priority 4
|
||||
spanning-tree vlan 20 priority 4
|
||||
spanning-tree vlan 21 priority 4
|
||||
spanning-tree vlan 30 priority 4
|
||||
spanning-tree vlan 32 priority 4
|
||||
spanning-tree vlan 35 priority 4
|
||||
spanning-tree vlan 40 priority 4
|
||||
spanning-tree vlan 45 priority 4
|
||||
@ -1090,18 +1087,6 @@ interface vlan 30
|
||||
ip ospf 1 area 0.0.0.0
|
||||
ip igmp enable
|
||||
ip pim-sparse enable
|
||||
interface vlan 32
|
||||
description SCSD_Guest
|
||||
ip address 10.1.32.2/23
|
||||
active-gateway ip mac 02:00:00:00:00:01
|
||||
active-gateway ip 10.1.32.1
|
||||
ip helper-address 10.1.40.20
|
||||
ip helper-address 10.1.40.189
|
||||
ip helper-address 10.1.48.11
|
||||
ip helper-address 10.21.48.20
|
||||
ip ospf 1 area 0.0.0.0
|
||||
ip igmp enable
|
||||
ip pim-sparse enable
|
||||
interface vlan 35
|
||||
description Wireless Controller Admin
|
||||
ip address 10.1.35.2/24
|
||||
|
||||
@ -78,8 +78,6 @@ vlan 30
|
||||
name IoT
|
||||
description IoT
|
||||
ip igmp snooping enable
|
||||
vlan 32
|
||||
name SCSD_Guest
|
||||
vlan 35
|
||||
name Wireless_Controller_Admin
|
||||
description Wireless Controller Admin
|
||||
@ -557,7 +555,7 @@ spanning-tree
|
||||
spanning-tree priority 2
|
||||
spanning-tree trap topology-change instance 0
|
||||
spanning-tree ignore-pvid-inconsistency
|
||||
spanning-tree vlan 3,5,6,10,12,18,20,21,30,32,35,40,45,48,50,70,72,99,101,107,140,150,151,164,168,172,175-179,200,203,230,252,254,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,511-519,525,699,811-814,995,999,1180,1202,1251,1254,1256,1261,1262,1811-1814,3000
|
||||
spanning-tree vlan 3,5,6,10,12,18,20,21,30,35,40,45,48,50,70,72,99,101,107,140,150,151,164,168,172,175-179,200,203,230,252,254,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,511-519,525,699,811-814,995,999,1180,1202,1251,1254,1256,1261,1262,1811-1814,3000
|
||||
spanning-tree vlan 3 priority 4
|
||||
spanning-tree vlan 5 priority 4
|
||||
spanning-tree vlan 6 priority 4
|
||||
@ -567,7 +565,6 @@ spanning-tree vlan 18 priority 4
|
||||
spanning-tree vlan 20 priority 4
|
||||
spanning-tree vlan 21 priority 4
|
||||
spanning-tree vlan 30 priority 4
|
||||
spanning-tree vlan 32 priority 5
|
||||
spanning-tree vlan 35 priority 4
|
||||
spanning-tree vlan 40 priority 4
|
||||
spanning-tree vlan 45 priority 4
|
||||
@ -1069,18 +1066,6 @@ interface vlan 30
|
||||
ip ospf 1 area 0.0.0.0
|
||||
ip igmp enable
|
||||
ip pim-sparse enable
|
||||
interface vlan 32
|
||||
description SCSD_Guest
|
||||
ip address 10.1.32.3/23
|
||||
active-gateway ip mac 02:00:00:00:00:01
|
||||
active-gateway ip 10.1.32.1
|
||||
ip helper-address 10.1.40.20
|
||||
ip helper-address 10.1.40.189
|
||||
ip helper-address 10.1.48.11
|
||||
ip helper-address 10.21.48.20
|
||||
ip ospf 1 area 0.0.0.0
|
||||
ip igmp enable
|
||||
ip pim-sparse enable
|
||||
interface vlan 35
|
||||
description Wireless Controller Admin
|
||||
ip address 10.1.35.3/24
|
||||
|
||||
@ -104,8 +104,6 @@ vlan 24
|
||||
vlan 30
|
||||
name IoT
|
||||
description IoT
|
||||
vlan 32
|
||||
name SCSD_Guest
|
||||
vlan 34
|
||||
name Wireless_-_SCSD_Administrator
|
||||
description Wireless - SCSD Administrator
|
||||
@ -570,7 +568,7 @@ spanning-tree
|
||||
spanning-tree priority 2
|
||||
spanning-tree trap topology-change instance 0
|
||||
spanning-tree ignore-pvid-inconsistency
|
||||
spanning-tree vlan 3,5-7,9-12,16,18,19,21,24,30,32,34,35,40,45,48,50,60,70,72,99-101,107,114,140,145,150,151,160,161,164,165,172-179,200,203,230,251,252,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,525,699,811,812,995,999,1180,1202,1251,1254,1256,1811-1813,2999,3000
|
||||
spanning-tree vlan 3,5-7,9-12,16,18,19,21,24,30,34,35,40,45,48,50,60,70,72,99-101,107,114,140,145,150,151,160,161,164,165,172-179,200,203,230,251,252,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,525,699,811,812,995,999,1180,1202,1251,1254,1256,1811-1813,2999,3000
|
||||
spanning-tree vlan 3 priority 12
|
||||
spanning-tree vlan 5 priority 12
|
||||
spanning-tree vlan 6 priority 12
|
||||
@ -585,7 +583,6 @@ spanning-tree vlan 19 priority 12
|
||||
spanning-tree vlan 21 priority 12
|
||||
spanning-tree vlan 24 priority 12
|
||||
spanning-tree vlan 30 priority 12
|
||||
spanning-tree vlan 32 priority 12
|
||||
spanning-tree vlan 34 priority 12
|
||||
spanning-tree vlan 35 priority 12
|
||||
spanning-tree vlan 40 priority 12
|
||||
@ -786,7 +783,7 @@ interface lag 28 multi-chassis
|
||||
no shutdown
|
||||
no routing
|
||||
vlan trunk native 699
|
||||
vlan trunk allowed 10,30,32,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466-468,486
|
||||
vlan trunk allowed 10,30,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466-468,486
|
||||
lacp mode active
|
||||
interface lag 181 multi-chassis
|
||||
description FG-A inside
|
||||
|
||||
@ -83,8 +83,6 @@ vlan 30
|
||||
name IoT
|
||||
description IoT
|
||||
ip igmp snooping enable
|
||||
vlan 32
|
||||
name SCSD_Guest
|
||||
vlan 35
|
||||
name Wireless_Controller_Admin
|
||||
description Wireless Controller Admin
|
||||
@ -555,7 +553,7 @@ spanning-tree
|
||||
spanning-tree priority 2
|
||||
spanning-tree trap topology-change instance 0
|
||||
spanning-tree ignore-pvid-inconsistency
|
||||
spanning-tree vlan 3,5,6,10,12,18,20,21,30,32,35,40,45,48,50,70,72,99,107,114,140,150,151,164,168,172,175-179,200,203,230,252,254,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,521-529,531-539,699,811,812,995,999,1202,1251,1254,1256,1261,1262,1811,1812,2180,2999,3000
|
||||
spanning-tree vlan 3,5,6,10,12,18,20,21,30,35,40,45,48,50,70,72,99,107,114,140,150,151,164,168,172,175-179,200,203,230,252,254,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,521-529,531-539,699,811,812,995,999,1202,1251,1254,1256,1261,1262,1811,1812,2180,2999,3000
|
||||
spanning-tree vlan 3 priority 5
|
||||
spanning-tree vlan 5 priority 5
|
||||
spanning-tree vlan 6 priority 5
|
||||
@ -565,7 +563,6 @@ spanning-tree vlan 18 priority 5
|
||||
spanning-tree vlan 20 priority 5
|
||||
spanning-tree vlan 21 priority 5
|
||||
spanning-tree vlan 30 priority 5
|
||||
spanning-tree vlan 32 priority 5
|
||||
spanning-tree vlan 35 priority 5
|
||||
spanning-tree vlan 40 priority 5
|
||||
spanning-tree vlan 45 priority 5
|
||||
@ -1003,18 +1000,6 @@ interface vlan 30
|
||||
ip ospf 1 area 0.0.0.0
|
||||
ip igmp enable
|
||||
ip pim-sparse enable
|
||||
interface vlan 32
|
||||
description SCSD_Guest
|
||||
ip address 10.1.32.4/23
|
||||
active-gateway ip mac 02:00:00:00:00:01
|
||||
active-gateway ip 10.1.32.1
|
||||
ip helper-address 10.1.40.20
|
||||
ip helper-address 10.1.40.189
|
||||
ip helper-address 10.1.48.11
|
||||
ip helper-address 10.21.48.20
|
||||
ip ospf 1 area 0.0.0.0
|
||||
ip igmp enable
|
||||
ip pim-sparse enable
|
||||
interface vlan 35
|
||||
description Wireless_Controller_Admin
|
||||
ip address 10.1.35.4/24
|
||||
|
||||
@ -81,8 +81,6 @@ vlan 30
|
||||
name IoT
|
||||
description IoT
|
||||
ip igmp snooping enable
|
||||
vlan 32
|
||||
name SCSD_Guest
|
||||
vlan 35
|
||||
name Wireless_Controller_Admin
|
||||
description Wireless Controller Admin
|
||||
@ -553,7 +551,7 @@ spanning-tree
|
||||
spanning-tree priority 2
|
||||
spanning-tree trap topology-change instance 0
|
||||
spanning-tree ignore-pvid-inconsistency
|
||||
spanning-tree vlan 3,5,6,10,12,18,20,21,30,32,35,40,45,48,50,70,72,99,107,114,140,150,151,164,168,172,175-179,200,203,230,252,254,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,521-529,531-539,699,811,812,995,999,1202,1251,1254,1256,1261,1262,1811,1812,2180,2999,3000
|
||||
spanning-tree vlan 3,5,6,10,12,18,20,21,30,35,40,45,48,50,70,72,99,107,114,140,150,151,164,168,172,175-179,200,203,230,252,254,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,521-529,531-539,699,811,812,995,999,1202,1251,1254,1256,1261,1262,1811,1812,2180,2999,3000
|
||||
spanning-tree vlan 3 priority 5
|
||||
spanning-tree vlan 5 priority 5
|
||||
spanning-tree vlan 6 priority 5
|
||||
@ -563,7 +561,6 @@ spanning-tree vlan 18 priority 5
|
||||
spanning-tree vlan 20 priority 5
|
||||
spanning-tree vlan 21 priority 5
|
||||
spanning-tree vlan 30 priority 5
|
||||
spanning-tree vlan 32 priority 5
|
||||
spanning-tree vlan 35 priority 5
|
||||
spanning-tree vlan 40 priority 5
|
||||
spanning-tree vlan 45 priority 5
|
||||
@ -996,18 +993,6 @@ interface vlan 30
|
||||
ip ospf 1 area 0.0.0.0
|
||||
ip igmp enable
|
||||
ip pim-sparse enable
|
||||
interface vlan 32
|
||||
description SCSD_Guest
|
||||
ip address 10.1.32.5/23
|
||||
active-gateway ip mac 02:00:00:00:00:01
|
||||
active-gateway ip 10.1.32.1
|
||||
ip helper-address 10.1.40.20
|
||||
ip helper-address 10.1.40.189
|
||||
ip helper-address 10.1.48.11
|
||||
ip helper-address 10.21.48.20
|
||||
ip ospf 1 area 0.0.0.0
|
||||
ip igmp enable
|
||||
ip pim-sparse enable
|
||||
interface vlan 35
|
||||
description Wireless Controller Admin
|
||||
ip address 10.1.35.5/24
|
||||
|
||||
@ -90,8 +90,6 @@ vlan 24
|
||||
vlan 30
|
||||
name IoT
|
||||
description IoT
|
||||
vlan 32
|
||||
name SCSD_Guest
|
||||
vlan 34
|
||||
name Wireless_-_SCSD_Administrator
|
||||
description Wireless - SCSD Administrator
|
||||
@ -586,7 +584,7 @@ spanning-tree
|
||||
spanning-tree priority 2
|
||||
spanning-tree trap topology-change instance 0
|
||||
spanning-tree ignore-pvid-inconsistency
|
||||
spanning-tree vlan 3,5-7,9-12,16,18-21,24,30,32,34,35,40,45,48,50,60,70,72,99-101,107,114,140,145,150,151,160,161,164,165,168,172-179,200,203,230,251,252,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,521-529,531-539,637,638,699,811,812,995,999,1202,1251,1254,1256,1811,1812,2180,2999,3000
|
||||
spanning-tree vlan 3,5-7,9-12,16,18-21,24,30,34,35,40,45,48,50,60,70,72,99-101,107,114,140,145,150,151,160,161,164,165,168,172-179,200,203,230,251,252,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,521-529,531-539,637,638,699,811,812,995,999,1202,1251,1254,1256,1811,1812,2180,2999,3000
|
||||
spanning-tree vlan 3 priority 12
|
||||
spanning-tree vlan 5 priority 12
|
||||
spanning-tree vlan 6 priority 12
|
||||
@ -602,7 +600,6 @@ spanning-tree vlan 20 priority 12
|
||||
spanning-tree vlan 21 priority 12
|
||||
spanning-tree vlan 24 priority 12
|
||||
spanning-tree vlan 30 priority 12
|
||||
spanning-tree vlan 32 priority 12
|
||||
spanning-tree vlan 34 priority 12
|
||||
spanning-tree vlan 35 priority 12
|
||||
spanning-tree vlan 40 priority 12
|
||||
@ -813,14 +810,14 @@ interface lag 20 multi-chassis
|
||||
no shutdown
|
||||
no routing
|
||||
vlan trunk native 699
|
||||
vlan trunk allowed 10,30,32,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466-468,486
|
||||
vlan trunk allowed 10,30,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466-468,486
|
||||
lacp mode active
|
||||
interface lag 21 multi-chassis
|
||||
description aruba-wlc-b pc-0
|
||||
no shutdown
|
||||
no routing
|
||||
vlan trunk native 699
|
||||
vlan trunk allowed 10,30,32,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466-468,486
|
||||
vlan trunk allowed 10,30,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466-468,486
|
||||
lacp mode active
|
||||
interface lag 106 multi-chassis
|
||||
description to to FG-A Inside
|
||||
|
||||
@ -90,8 +90,6 @@ vlan 24
|
||||
vlan 30
|
||||
name IoT
|
||||
description IoT
|
||||
vlan 32
|
||||
name SCSD_Guest
|
||||
vlan 34
|
||||
name Wireless_-_SCSD_Administrator
|
||||
description Wireless - SCSD Administrator
|
||||
@ -586,7 +584,7 @@ spanning-tree
|
||||
spanning-tree priority 2
|
||||
spanning-tree trap topology-change instance 0
|
||||
spanning-tree ignore-pvid-inconsistency
|
||||
spanning-tree vlan 3,5-7,9-12,16,18-21,24,30,32,34,35,40,45,48,50,60,70,72,99-101,107,114,140,145,150,151,160,161,164,165,168,172-179,200,203,230,251,252,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,521-529,531-539,637,638,699,811,812,995,999,1202,1251,1254,1256,1811,1812,2180,2999,3000
|
||||
spanning-tree vlan 3,5-7,9-12,16,18-21,24,30,34,35,40,45,48,50,60,70,72,99-101,107,114,140,145,150,151,160,161,164,165,168,172-179,200,203,230,251,252,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466-468,486,500-509,521-529,531-539,637,638,699,811,812,995,999,1202,1251,1254,1256,1811,1812,2180,2999,3000
|
||||
spanning-tree vlan 3 priority 12
|
||||
spanning-tree vlan 5 priority 12
|
||||
spanning-tree vlan 6 priority 12
|
||||
@ -602,7 +600,6 @@ spanning-tree vlan 20 priority 12
|
||||
spanning-tree vlan 21 priority 12
|
||||
spanning-tree vlan 24 priority 12
|
||||
spanning-tree vlan 30 priority 12
|
||||
spanning-tree vlan 32 priority 12
|
||||
spanning-tree vlan 34 priority 12
|
||||
spanning-tree vlan 35 priority 12
|
||||
spanning-tree vlan 40 priority 12
|
||||
@ -813,14 +810,14 @@ interface lag 20 multi-chassis
|
||||
no shutdown
|
||||
no routing
|
||||
vlan trunk native 699
|
||||
vlan trunk allowed 10,30,32,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466-468,486
|
||||
vlan trunk allowed 10,30,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466-468,486
|
||||
lacp mode active
|
||||
interface lag 21 multi-chassis
|
||||
description aruba-wlc-b pc-0
|
||||
no shutdown
|
||||
no routing
|
||||
vlan trunk native 699
|
||||
vlan trunk allowed 10,30,32,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466-468,486
|
||||
vlan trunk allowed 10,30,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366-368,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466-468,486
|
||||
lacp mode active
|
||||
interface lag 106 multi-chassis
|
||||
description to to FG-A Inside
|
||||
|
||||
@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
|
||||
!
|
||||
conductorip 10.1.35.33 ipsec ****** interface vlan 35
|
||||
location "Building1.floor1"
|
||||
controller config 741
|
||||
controller config 729
|
||||
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
|
||||
@ -292,8 +292,6 @@ ip access-list session SCSD_Deny-Internal
|
||||
!
|
||||
ip access-list session apprf-logon-sacl
|
||||
!
|
||||
ip access-list session apprf-scsd_guest-sacl
|
||||
!
|
||||
ip access-list session staff_scsd
|
||||
any network 192.168.0.0 255.255.0.0 any deny
|
||||
any network 10.0.0.0 255.0.0.0 tcp 22 23 deny
|
||||
@ -434,13 +432,6 @@ ip access-list session logon-control-bridge
|
||||
ip access-list session dhcp-acl
|
||||
any any svc-dhcp permit
|
||||
!
|
||||
ip access-list session SCSD_Guest
|
||||
any any svc-dhcp permit
|
||||
any any svc-dns permit
|
||||
any network 192.168.0.0 255.255.0.0 any deny
|
||||
any network 10.0.0.0 255.0.0.0 any deny
|
||||
any any any permit
|
||||
!
|
||||
ip access-list session facetime-acl
|
||||
any any svc-facetime-tcp permit queue high
|
||||
any any udp 3478 3497 permit
|
||||
@ -705,11 +696,6 @@ user-role SCSD-IoT
|
||||
access-list session SCSD_Deny-Internal
|
||||
access-list session allowall
|
||||
!
|
||||
user-role SCSD_Guest
|
||||
access-list session global-sacl
|
||||
access-list session apprf-scsd_guest-sacl
|
||||
access-list session SCSD_Guest
|
||||
!
|
||||
user-role authenticated
|
||||
access-list session global-sacl
|
||||
access-list session apprf-authenticated-sacl
|
||||
@ -769,8 +755,6 @@ vlan 10
|
||||
!
|
||||
vlan 30
|
||||
!
|
||||
vlan 32
|
||||
!
|
||||
vlan 35
|
||||
!
|
||||
vlan 100
|
||||
@ -976,8 +960,6 @@ vlan-name Intune
|
||||
vlan Intune 164
|
||||
vlan-name IoT
|
||||
vlan IoT 30
|
||||
vlan-name SCSD_Guest
|
||||
vlan SCSD_Guest 32
|
||||
vlan-name Secure-02-ITC
|
||||
vlan Secure-02-ITC 302
|
||||
vlan-name Secure-03-Fowler
|
||||
@ -1962,8 +1944,6 @@ aaa authentication dot1x "IoT_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "LemoyneTest_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSC_Guest_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSD_IoT_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSD_Secure_dot1_aut"
|
||||
@ -2062,10 +2042,6 @@ aaa profile "LemoyneTest_aaa_prof"
|
||||
!
|
||||
aaa profile "NoAuthAAAProfile"
|
||||
!
|
||||
aaa profile "SCSC_Guest_aaa_prof"
|
||||
initial-role "SCSD_Guest"
|
||||
authentication-dot1x "SCSC_Guest_dot1_aut"
|
||||
!
|
||||
aaa profile "SCSD_IoT_aaa_prof"
|
||||
initial-role "SCSD-IoT"
|
||||
authentication-dot1x "SCSD_IoT_dot1_aut"
|
||||
@ -2687,11 +2663,6 @@ wlan ssid-profile "IoT_ssid_prof"
|
||||
opmode mpsk-aes
|
||||
hide-ssid
|
||||
!
|
||||
wlan ssid-profile "SCSC_Guest_ssid_prof"
|
||||
essid "SCSD_Guest"
|
||||
wpa-passphrase *redacted*
|
||||
opmode wpa2-psk-aes
|
||||
!
|
||||
wlan ssid-profile "SCSD_IoT_ssid_prof"
|
||||
essid "SCSD_IoT"
|
||||
wpa-passphrase *redacted*
|
||||
@ -3509,11 +3480,6 @@ wlan virtual-ap "IoT"
|
||||
vlan 30
|
||||
ssid-profile "IoT_ssid_prof"
|
||||
!
|
||||
wlan virtual-ap "SCSC_Guest"
|
||||
aaa-profile "SCSC_Guest_aaa_prof"
|
||||
vlan 32
|
||||
ssid-profile "SCSC_Guest_ssid_prof"
|
||||
!
|
||||
wlan virtual-ap "SCSD_IoT"
|
||||
aaa-profile "SCSD_IoT_aaa_prof"
|
||||
vlan 30
|
||||
@ -3659,7 +3625,6 @@ ap-group "APG06Henninger"
|
||||
virtual-ap "APG06-SCSD_Secure"
|
||||
virtual-ap "APG06-SCSD_Vendor"
|
||||
virtual-ap "IoT"
|
||||
virtual-ap "SCSC_Guest"
|
||||
!
|
||||
ap-group "APG06Henninger-Outdoors"
|
||||
dot11a-radio-profile "rp-377-a"
|
||||
@ -3708,7 +3673,6 @@ ap-group "APG14Shea"
|
||||
virtual-ap "APG14-SCSD_Vendor"
|
||||
virtual-ap "SCSD_IoT"
|
||||
virtual-ap "IoT"
|
||||
virtual-ap "SCSC_Guest"
|
||||
!
|
||||
ap-group "APG15HWSmith"
|
||||
virtual-ap "Intune"
|
||||
|
||||
@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
|
||||
!
|
||||
conductorip 10.1.35.33 ipsec ****** interface vlan 35
|
||||
location "Building1.floor1"
|
||||
controller config 741
|
||||
controller config 729
|
||||
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
|
||||
@ -292,8 +292,6 @@ ip access-list session SCSD_Deny-Internal
|
||||
!
|
||||
ip access-list session apprf-logon-sacl
|
||||
!
|
||||
ip access-list session apprf-scsd_guest-sacl
|
||||
!
|
||||
ip access-list session staff_scsd
|
||||
any network 192.168.0.0 255.255.0.0 any deny
|
||||
any network 10.0.0.0 255.0.0.0 tcp 22 23 deny
|
||||
@ -434,13 +432,6 @@ ip access-list session logon-control-bridge
|
||||
ip access-list session dhcp-acl
|
||||
any any svc-dhcp permit
|
||||
!
|
||||
ip access-list session SCSD_Guest
|
||||
any any svc-dhcp permit
|
||||
any any svc-dns permit
|
||||
any network 192.168.0.0 255.255.0.0 any deny
|
||||
any network 10.0.0.0 255.0.0.0 any deny
|
||||
any any any permit
|
||||
!
|
||||
ip access-list session facetime-acl
|
||||
any any svc-facetime-tcp permit queue high
|
||||
any any udp 3478 3497 permit
|
||||
@ -705,11 +696,6 @@ user-role SCSD-IoT
|
||||
access-list session SCSD_Deny-Internal
|
||||
access-list session allowall
|
||||
!
|
||||
user-role SCSD_Guest
|
||||
access-list session global-sacl
|
||||
access-list session apprf-scsd_guest-sacl
|
||||
access-list session SCSD_Guest
|
||||
!
|
||||
user-role authenticated
|
||||
access-list session global-sacl
|
||||
access-list session apprf-authenticated-sacl
|
||||
@ -769,8 +755,6 @@ vlan 10
|
||||
!
|
||||
vlan 30
|
||||
!
|
||||
vlan 32
|
||||
!
|
||||
vlan 35
|
||||
!
|
||||
vlan 100
|
||||
@ -976,8 +960,6 @@ vlan-name Intune
|
||||
vlan Intune 164
|
||||
vlan-name IoT
|
||||
vlan IoT 30
|
||||
vlan-name SCSD_Guest
|
||||
vlan SCSD_Guest 32
|
||||
vlan-name Secure-02-ITC
|
||||
vlan Secure-02-ITC 302
|
||||
vlan-name Secure-03-Fowler
|
||||
@ -1963,8 +1945,6 @@ aaa authentication dot1x "IoT_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "LemoyneTest_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSC_Guest_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSD_IoT_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSD_Secure_dot1_aut"
|
||||
@ -2063,10 +2043,6 @@ aaa profile "LemoyneTest_aaa_prof"
|
||||
!
|
||||
aaa profile "NoAuthAAAProfile"
|
||||
!
|
||||
aaa profile "SCSC_Guest_aaa_prof"
|
||||
initial-role "SCSD_Guest"
|
||||
authentication-dot1x "SCSC_Guest_dot1_aut"
|
||||
!
|
||||
aaa profile "SCSD_IoT_aaa_prof"
|
||||
initial-role "SCSD-IoT"
|
||||
authentication-dot1x "SCSD_IoT_dot1_aut"
|
||||
@ -2649,11 +2625,6 @@ wlan ssid-profile "IoT_ssid_prof"
|
||||
opmode mpsk-aes
|
||||
hide-ssid
|
||||
!
|
||||
wlan ssid-profile "SCSC_Guest_ssid_prof"
|
||||
essid "SCSD_Guest"
|
||||
wpa-passphrase *redacted*
|
||||
opmode wpa2-psk-aes
|
||||
!
|
||||
wlan ssid-profile "SCSD_IoT_ssid_prof"
|
||||
essid "SCSD_IoT"
|
||||
wpa-passphrase *redacted*
|
||||
@ -3471,11 +3442,6 @@ wlan virtual-ap "IoT"
|
||||
vlan 30
|
||||
ssid-profile "IoT_ssid_prof"
|
||||
!
|
||||
wlan virtual-ap "SCSC_Guest"
|
||||
aaa-profile "SCSC_Guest_aaa_prof"
|
||||
vlan 32
|
||||
ssid-profile "SCSC_Guest_ssid_prof"
|
||||
!
|
||||
wlan virtual-ap "SCSD_IoT"
|
||||
aaa-profile "SCSD_IoT_aaa_prof"
|
||||
vlan 30
|
||||
@ -3621,7 +3587,6 @@ ap-group "APG06Henninger"
|
||||
virtual-ap "APG06-SCSD_Secure"
|
||||
virtual-ap "APG06-SCSD_Vendor"
|
||||
virtual-ap "IoT"
|
||||
virtual-ap "SCSC_Guest"
|
||||
!
|
||||
ap-group "APG06Henninger-Outdoors"
|
||||
dot11a-radio-profile "rp-377-a"
|
||||
@ -3670,7 +3635,6 @@ ap-group "APG14Shea"
|
||||
virtual-ap "APG14-SCSD_Vendor"
|
||||
virtual-ap "SCSD_IoT"
|
||||
virtual-ap "IoT"
|
||||
virtual-ap "SCSC_Guest"
|
||||
!
|
||||
ap-group "APG15HWSmith"
|
||||
virtual-ap "Intune"
|
||||
|
||||
@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
|
||||
!
|
||||
conductorip 10.1.35.33 ipsec ****** interface vlan 35
|
||||
location "Building1.floor1"
|
||||
controller config 741
|
||||
controller config 729
|
||||
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
|
||||
@ -292,8 +292,6 @@ ip access-list session SCSD_Deny-Internal
|
||||
!
|
||||
ip access-list session apprf-logon-sacl
|
||||
!
|
||||
ip access-list session apprf-scsd_guest-sacl
|
||||
!
|
||||
ip access-list session staff_scsd
|
||||
any network 192.168.0.0 255.255.0.0 any deny
|
||||
any network 10.0.0.0 255.0.0.0 tcp 22 23 deny
|
||||
@ -434,13 +432,6 @@ ip access-list session logon-control-bridge
|
||||
ip access-list session dhcp-acl
|
||||
any any svc-dhcp permit
|
||||
!
|
||||
ip access-list session SCSD_Guest
|
||||
any any svc-dhcp permit
|
||||
any any svc-dns permit
|
||||
any network 192.168.0.0 255.255.0.0 any deny
|
||||
any network 10.0.0.0 255.0.0.0 any deny
|
||||
any any any permit
|
||||
!
|
||||
ip access-list session facetime-acl
|
||||
any any svc-facetime-tcp permit queue high
|
||||
any any udp 3478 3497 permit
|
||||
@ -705,11 +696,6 @@ user-role SCSD-IoT
|
||||
access-list session SCSD_Deny-Internal
|
||||
access-list session allowall
|
||||
!
|
||||
user-role SCSD_Guest
|
||||
access-list session global-sacl
|
||||
access-list session apprf-scsd_guest-sacl
|
||||
access-list session SCSD_Guest
|
||||
!
|
||||
user-role authenticated
|
||||
access-list session global-sacl
|
||||
access-list session apprf-authenticated-sacl
|
||||
@ -769,8 +755,6 @@ vlan 10
|
||||
!
|
||||
vlan 30
|
||||
!
|
||||
vlan 32
|
||||
!
|
||||
vlan 35
|
||||
!
|
||||
vlan 100
|
||||
@ -976,8 +960,6 @@ vlan-name Intune
|
||||
vlan Intune 164
|
||||
vlan-name IoT
|
||||
vlan IoT 30
|
||||
vlan-name SCSD_Guest
|
||||
vlan SCSD_Guest 32
|
||||
vlan-name Secure-02-ITC
|
||||
vlan Secure-02-ITC 302
|
||||
vlan-name Secure-03-Fowler
|
||||
@ -1957,8 +1939,6 @@ aaa authentication dot1x "IoT_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "LemoyneTest_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSC_Guest_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSD_IoT_dot1_aut"
|
||||
!
|
||||
aaa authentication dot1x "SCSD_Secure_dot1_aut"
|
||||
@ -2057,10 +2037,6 @@ aaa profile "LemoyneTest_aaa_prof"
|
||||
!
|
||||
aaa profile "NoAuthAAAProfile"
|
||||
!
|
||||
aaa profile "SCSC_Guest_aaa_prof"
|
||||
initial-role "SCSD_Guest"
|
||||
authentication-dot1x "SCSC_Guest_dot1_aut"
|
||||
!
|
||||
aaa profile "SCSD_IoT_aaa_prof"
|
||||
initial-role "SCSD-IoT"
|
||||
authentication-dot1x "SCSD_IoT_dot1_aut"
|
||||
@ -2641,11 +2617,6 @@ wlan ssid-profile "IoT_ssid_prof"
|
||||
opmode mpsk-aes
|
||||
hide-ssid
|
||||
!
|
||||
wlan ssid-profile "SCSC_Guest_ssid_prof"
|
||||
essid "SCSD_Guest"
|
||||
wpa-passphrase *redacted*
|
||||
opmode wpa2-psk-aes
|
||||
!
|
||||
wlan ssid-profile "SCSD_IoT_ssid_prof"
|
||||
essid "SCSD_IoT"
|
||||
wpa-passphrase *redacted*
|
||||
@ -3463,11 +3434,6 @@ wlan virtual-ap "IoT"
|
||||
vlan 30
|
||||
ssid-profile "IoT_ssid_prof"
|
||||
!
|
||||
wlan virtual-ap "SCSC_Guest"
|
||||
aaa-profile "SCSC_Guest_aaa_prof"
|
||||
vlan 32
|
||||
ssid-profile "SCSC_Guest_ssid_prof"
|
||||
!
|
||||
wlan virtual-ap "SCSD_IoT"
|
||||
aaa-profile "SCSD_IoT_aaa_prof"
|
||||
vlan 30
|
||||
@ -3613,7 +3579,6 @@ ap-group "APG06Henninger"
|
||||
virtual-ap "APG06-SCSD_Secure"
|
||||
virtual-ap "APG06-SCSD_Vendor"
|
||||
virtual-ap "IoT"
|
||||
virtual-ap "SCSC_Guest"
|
||||
!
|
||||
ap-group "APG06Henninger-Outdoors"
|
||||
dot11a-radio-profile "rp-377-a"
|
||||
@ -3662,7 +3627,6 @@ ap-group "APG14Shea"
|
||||
virtual-ap "APG14-SCSD_Vendor"
|
||||
virtual-ap "SCSD_IoT"
|
||||
virtual-ap "IoT"
|
||||
virtual-ap "SCSC_Guest"
|
||||
!
|
||||
ap-group "APG15HWSmith"
|
||||
virtual-ap "Intune"
|
||||
|
||||
@ -6,7 +6,7 @@ hostname "NOC-ARUBA-MM-2"
|
||||
clock timezone America/New_York -04 0
|
||||
!
|
||||
location "Building1.floor1"
|
||||
controller config 741
|
||||
controller config 729
|
||||
crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_wildcard_2026 StarCert-Ex03_26_fullchain.pfx
|
||||
crypto-local pki ServerCert scsd_wildcard_sept_2026 StarCert-Ex_09_26_fullchain.pfx
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user