ct/ct-noc-a8325-b.cfg Wed Aug 27 09:32:10 AM EDT 2025

configs/ct/ct-noc-a8325-b.cfg

@@ -1263,7 +1263,7 @@ interface vlan 304
     ip ospf 1 area 0.0.0.0
 interface vlan 305
     description STEAM HS Secure WLAN
-    ip address 10.5.112.2/20
+    ip address 10.5.112.3/20
     active-gateway ip mac 02:00:00:00:00:01
     active-gateway ip 10.5.112.1
     ip helper-address 10.1.40.20
@@ -1758,7 +1758,7 @@ interface vlan 404
     ip ospf 1 area 0.0.0.0
 interface vlan 405
     description STEAM HS Vendor WLAN
-    ip address 10.5.128.2/20
+    ip address 10.5.128.3/20
     active-gateway ip mac 02:00:00:00:00:01
     active-gateway ip 10.5.128.1
     ip helper-address 10.1.40.20

configs/sh/sh-noc-a8325-a.cfg

@@ -1127,7 +1127,7 @@ interface vlan 304
     ip ospf 1 area 0.0.0.0
 interface vlan 305
     description STEAM HS Secure WLAN
-    ip address 10.5.112.2/20
+    ip address 10.5.112.4/20
     active-gateway ip mac 02:00:00:00:00:01
     active-gateway ip 10.5.112.1
     ip helper-address 10.1.40.20
@@ -1622,7 +1622,7 @@ interface vlan 404
     ip ospf 1 area 0.0.0.0
 interface vlan 405
     description STEAM HS Vendor WLAN
-    ip address 10.5.128.2/20
+    ip address 10.5.128.4/20
     active-gateway ip mac 02:00:00:00:00:01
     active-gateway ip 10.5.128.1
     ip helper-address 10.1.40.20
@@ -2194,17 +2194,17 @@ https-server vrf default
 https-server vrf mgmt
 router msdp
     enable
+    ip msdp peer 10.101.254.254
+        connect-source loopback0
+        sa-limit 2048
+        enable
+        mesh-group core-meshgrp
     ip msdp peer 10.114.254.253
         connect-source loopback0
         sa-limit 2048
         enable
         mesh-group core-meshgrp
     ip msdp peer 10.101.254.253
-        connect-source loopback0
-        sa-limit 2048
-        enable
-        mesh-group core-meshgrp
-    ip msdp peer 10.101.254.254
         connect-source loopback0
         sa-limit 2048
         enable

configs/sh/sh-noc-a8325-b.cfg

@@ -1117,7 +1117,7 @@ interface vlan 304
     ip ospf 1 area 0.0.0.0
 interface vlan 305
     description STEAM HS Secure WLAN
-    ip address 10.5.112.2/20
+    ip address 10.5.112.5/20
     active-gateway ip mac 02:00:00:00:00:01
     active-gateway ip 10.5.112.1
     ip helper-address 10.1.40.20
@@ -1612,7 +1612,7 @@ interface vlan 404
     ip ospf 1 area 0.0.0.0
 interface vlan 405
     description STEAM HS Vendor WLAN
-    ip address 10.5.128.2/20
+    ip address 10.5.128.5/20
     active-gateway ip mac 02:00:00:00:00:01
     active-gateway ip 10.5.128.1
     ip helper-address 10.1.40.20
@@ -2189,12 +2189,12 @@ router msdp
         sa-limit 2048
         enable
         mesh-group core-meshgrp
-    ip msdp peer 10.101.254.253
-        connect-source loopback0
-        sa-limit 2048
-        enable
-        mesh-group core-meshgrp
     ip msdp peer 10.101.254.254
+        connect-source loopback0
+        sa-limit 2048
+        enable
+        mesh-group core-meshgrp
+    ip msdp peer 10.101.254.253
         connect-source loopback0
         sa-limit 2048
         enable

configs/wlc/wlc-a.cfg

@@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
 !
 conductorip 10.1.35.33 ipsec ****** interface vlan 35 
 location "Building1.floor1" 
-controller config 650
+controller config 654
 crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx 
@@ -1564,6 +1564,14 @@ interface vlan 466
     ip address 10.66.128.7 255.255.240.0 
 !
 
+interface vlan 305 
+    ip address 10.5.112.4 255.255.240.0 
+!
+
+interface vlan 405 
+    ip address 10.5.128.4 255.255.240.0 
+!
+
 !
 uplink health-check 
 !
@@ -2641,6 +2649,20 @@ wlan virtual-ap "APG04-SCSD_Vendor-Outdoors"
     ssid-profile "SCSD_Vendor_ssid_prof-Outdoors" 
     band-steering 
 !
+wlan virtual-ap "APG05-SCSD_Secure" 
+    aaa-profile "SCSD_Secure_aaa_prof" 
+    vlan 305 
+    forward-mode decrypt-tunnel 
+    ssid-profile "SCSD_Secure_ssid_prof" 
+    band-steering 
+!
+wlan virtual-ap "APG05-SCSD_Vendor" 
+    aaa-profile "SCSD_Vendor_aaa_prof" 
+    vlan 405 
+    forward-mode decrypt-tunnel 
+    ssid-profile "SCSD_Vendor_ssid_prof" 
+    band-steering 
+!
 wlan virtual-ap "APG06-SCSD_Secure" 
     aaa-profile "SCSD_Secure_aaa_prof" 
     vlan 306 

configs/wlc/wlc-b.cfg

@@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
 !
 conductorip 10.1.35.33 ipsec ****** interface vlan 35 
 location "Building1.floor1" 
-controller config 650
+controller config 654
 crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx 
@@ -1566,6 +1566,14 @@ interface vlan 466
     ip address 10.66.128.8 255.255.240.0 
 !
 
+interface vlan 305 
+    ip address 10.5.112.5 255.255.240.0 
+!
+
+interface vlan 405 
+    ip address 10.5.128.5 255.255.240.0 
+!
+
 !
 uplink health-check 
 !
@@ -2605,6 +2613,20 @@ wlan virtual-ap "APG04-SCSD_Vendor-Outdoors"
     ssid-profile "SCSD_Vendor_ssid_prof-Outdoors" 
     band-steering 
 !
+wlan virtual-ap "APG05-SCSD_Secure" 
+    aaa-profile "SCSD_Secure_aaa_prof" 
+    vlan 305 
+    forward-mode decrypt-tunnel 
+    ssid-profile "SCSD_Secure_ssid_prof" 
+    band-steering 
+!
+wlan virtual-ap "APG05-SCSD_Vendor" 
+    aaa-profile "SCSD_Vendor_aaa_prof" 
+    vlan 405 
+    forward-mode decrypt-tunnel 
+    ssid-profile "SCSD_Vendor_ssid_prof" 
+    band-steering 
+!
 wlan virtual-ap "APG06-SCSD_Secure" 
     aaa-profile "SCSD_Secure_aaa_prof" 
     vlan 306 

configs/wlc/wlc-c.cfg

@@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
 !
 conductorip 10.1.35.33 ipsec ****** interface vlan 35 
 location "Building1.floor1" 
-controller config 650
+controller config 654
 crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx 
@@ -1560,6 +1560,14 @@ interface vlan 466
     ip address 10.66.128.9 255.255.240.0 
 !
 
+interface vlan 305 
+    ip address 10.5.112.6 255.255.240.0 
+!
+
+interface vlan 405 
+    ip address 10.5.128.6 255.255.240.0 
+!
+
 !
 uplink health-check 
 !
@@ -2597,6 +2605,20 @@ wlan virtual-ap "APG04-SCSD_Vendor-Outdoors"
     ssid-profile "SCSD_Vendor_ssid_prof-Outdoors" 
     band-steering 
 !
+wlan virtual-ap "APG05-SCSD_Secure" 
+    aaa-profile "SCSD_Secure_aaa_prof" 
+    vlan 305 
+    forward-mode decrypt-tunnel 
+    ssid-profile "SCSD_Secure_ssid_prof" 
+    band-steering 
+!
+wlan virtual-ap "APG05-SCSD_Vendor" 
+    aaa-profile "SCSD_Vendor_aaa_prof" 
+    vlan 405 
+    forward-mode decrypt-tunnel 
+    ssid-profile "SCSD_Vendor_ssid_prof" 
+    band-steering 
+!
 wlan virtual-ap "APG06-SCSD_Secure" 
     aaa-profile "SCSD_Secure_aaa_prof" 
     vlan 306 

configs/wlc/wlc-mm-2.cfg

@@ -6,7 +6,7 @@ hostname "NOC-ARUBA-MM-2"
 clock timezone America/New_York -04 0 
 !
 location "Building1.floor1" 
-controller config 650
+controller config 654
 crypto-local pki ServerCert scsd_wc2_full_2025 Star-Exp042025-fullchain.pfx 
 crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_wildcard_2025 StartCert-Expire042025.pfx 

configs/wlc/wlc-mm.cfg

@@ -6,7 +6,7 @@ hostname "noc-aruba-mm"
 clock timezone America/New_York -04 0 
 !
 location "Building1.floor1" 
-controller config 650
+controller config 654
 crypto-local pki ServerCert scsd_wc2_full_2025 Star-Exp042025-fullchain.pfx 
 crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_wildcard_2025 StartCert-Expire042025.pfx