ct/ct-noc-a8325-a.cfg Thu Sep 25 10:34:16 PM EDT 2025

ct/ct-noc-a8325-b.cfg Thu Sep 25 10:34:16 PM EDT 2025
sh/sh-noc-a8325-b.cfg Thu Sep 25 10:34:16 PM EDT 2025
2025-09-25 22:34:17 -04:00 · 2025-09-25 22:34:17 -04:00 · 2025-09-25 22:34:17 -04:00 · 2025-09-25 22:34:17 -04:00 · 2025-09-25 22:34:17 -04:00 · 2025-09-25 22:34:17 -04:00
7 changed files with 51 additions and 51 deletions
--- a/configs/ct/ct-noc-a8325-a.cfg
+++ b/configs/ct/ct-noc-a8325-a.cfg
@ -1,6 +1,6 @@
 Current configuration:
 !
-!Version ArubaOS-CX GL.10.13.1010
+!Version ArubaOS-CX GL.10.13.1110
 !export-password: default
 hostname ct-noc-a8325-a
 banner motd #
--- a/configs/ct/ct-noc-a8325-b.cfg
+++ b/configs/ct/ct-noc-a8325-b.cfg
@ -1,6 +1,6 @@
 Current configuration:
 !
-!Version ArubaOS-CX GL.10.13.1010
+!Version ArubaOS-CX GL.10.13.1110
 !export-password: default
 hostname ct-noc-a8325-b
 banner motd #
@ -2351,17 +2351,17 @@ https-server vrf default
 https-server vrf mgmt
 router msdp
    enable
+    ip msdp peer 10.114.254.253
+        connect-source loopback0
+        sa-limit 2048
+        enable
+        mesh-group core-meshgrp
    ip msdp peer 10.114.254.254
        connect-source loopback0
        sa-limit 2048
        enable
        mesh-group core-meshgrp
    ip msdp peer 10.101.254.254
-        connect-source loopback0
-        sa-limit 2048
-        enable
-        mesh-group core-meshgrp
-    ip msdp peer 10.114.254.253
        connect-source loopback0
        sa-limit 2048
        enable
--- a/configs/sh/sh-noc-a8325-a.cfg
+++ b/configs/sh/sh-noc-a8325-a.cfg
@ -1,6 +1,6 @@
 Current configuration:
 !
-!Version ArubaOS-CX GL.10.13.1010
+!Version ArubaOS-CX GL.10.13.1110
 !export-password: default
 hostname sh-noc-a8325-a
 banner motd #
@ -2215,7 +2215,7 @@ https-server vrf default
 https-server vrf mgmt
 router msdp
    enable
-    ip msdp peer 10.101.254.254
+    ip msdp peer 10.101.254.253
        connect-source loopback0
        sa-limit 2048
        enable
@ -2225,7 +2225,7 @@ router msdp
        sa-limit 2048
        enable
        mesh-group core-meshgrp
-    ip msdp peer 10.101.254.253
+    ip msdp peer 10.101.254.254
        connect-source loopback0
        sa-limit 2048
        enable
--- a/configs/sh/sh-noc-a8325-b.cfg
+++ b/configs/sh/sh-noc-a8325-b.cfg
@ -1,6 +1,6 @@
 Current configuration:
 !
-!Version ArubaOS-CX GL.10.13.1010
+!Version ArubaOS-CX GL.10.13.1110
 !export-password: default
 hostname sh-noc-a8325-b
 banner motd #
@ -1030,7 +1030,7 @@ interface vlan 107
 interface vlan 114
    description Shea Noc mgmt
    ip address 192.168.114.254/24
-    active-gateway ip mac 02:00:00:00:22:01
+    active-gateway ip mac 02:00:00:00:00:01
    active-gateway ip 192.168.114.1
    ip helper-address 10.1.40.20
    ip helper-address 10.21.48.20
@ -2205,12 +2205,12 @@ https-server vrf default
 https-server vrf mgmt
 router msdp
    enable
-    ip msdp peer 10.114.254.254
+    ip msdp peer 10.101.254.254
        connect-source loopback0
        sa-limit 2048
        enable
        mesh-group core-meshgrp
-    ip msdp peer 10.101.254.254
+    ip msdp peer 10.114.254.254
        connect-source loopback0
        sa-limit 2048
        enable
--- a/configs/wlc/wlc-a.cfg
+++ b/configs/wlc/wlc-a.cfg
@ -1709,17 +1709,6 @@ crypto dynamic-map default-dynamicmap 10000

 crypto map GLOBAL-IKEV2-MAP 10000 ipsec-isakmp dynamic default-rap-ipsecmap 
 crypto map GLOBAL-MAP 10000 ipsec-isakmp dynamic default-dynamicmap 
-crypto-local ipsec-map default-ha-ipsecmap10.1.35.14 9999
-    version v2
-    set ikev2-policy 10015
-    peer-ip 10.1.35.14
-    src-net 10.1.35.11 255.255.255.255
-    dst-net 10.1.35.14 255.255.255.255
-    set transform-set "default-ha-transform" 
-    factory-cert-auth
-    trusted
-!
-
 crypto-local ipsec-map default-ha-ipsecmap10.1.35.12 9999
    version v2
    set ikev2-policy 10015
@ -1731,6 +1720,17 @@ crypto-local ipsec-map default-ha-ipsecmap10.1.35.12 9999
    trusted
 !

+crypto-local ipsec-map default-ha-ipsecmap10.1.35.14 9999
+    version v2
+    set ikev2-policy 10015
+    peer-ip 10.1.35.14
+    src-net 10.1.35.11 255.255.255.255
+    dst-net 10.1.35.14 255.255.255.255
+    set transform-set "default-ha-transform" 
+    factory-cert-auth
+    trusted
+!
+
 crypto isakmp eap-passthrough eap-tls 
 crypto isakmp eap-passthrough eap-peap 
 crypto isakmp eap-passthrough eap-mschapv2 
--- a/configs/wlc/wlc-b.cfg
+++ b/configs/wlc/wlc-b.cfg
@ -461,9 +461,6 @@ ip access-list session deny_internal_byod
    any network 192.168.0.0 255.255.0.0 any deny 
    any any any permit 
 !
-ip access-list session guest 
-    host 10.48.120.112 any any permit 
-!
 ip access-list session captiveportalbridge 
    user alias localip svc-https dual-nat pool localip 8081 
    user any svc-http dual-nat pool localip 8080 
@ -502,6 +499,9 @@ ip access-list session apprf-student_byod-sacl
 !
 ip access-list session apprf-staff_scsd-sacl 
 !
+ip access-list session guest 
+    host 10.48.120.112 any any permit 
+!
 ip access-list session apprf-scsd_test_role-sacl 
 !
 ip access-list session noe-acl 
@ -1712,6 +1712,17 @@ crypto dynamic-map default-dynamicmap 10000

 crypto map GLOBAL-IKEV2-MAP 10000 ipsec-isakmp dynamic default-rap-ipsecmap 
 crypto map GLOBAL-MAP 10000 ipsec-isakmp dynamic default-dynamicmap 
+crypto-local ipsec-map default-ha-ipsecmap10.1.35.14 9999
+    version v2
+    set ikev2-policy 10015
+    peer-ip 10.1.35.14
+    src-net 10.1.35.12 255.255.255.255
+    dst-net 10.1.35.14 255.255.255.255
+    set transform-set "default-ha-transform" 
+    factory-cert-auth
+    trusted
+!
+
 crypto-local ipsec-map default-ha-ipsecmap10.1.35.11 9999
    version v2
    set ikev2-policy 10015
@ -1724,17 +1735,6 @@ crypto-local ipsec-map default-ha-ipsecmap10.1.35.11 9999
    trusted
 !

-crypto-local ipsec-map default-ha-ipsecmap10.1.35.14 9999
-    version v2
-    set ikev2-policy 10015
-    peer-ip 10.1.35.14
-    src-net 10.1.35.12 255.255.255.255
-    dst-net 10.1.35.14 255.255.255.255
-    set transform-set "default-ha-transform" 
-    factory-cert-auth
-    trusted
-!
-
 crypto isakmp eap-passthrough eap-tls 
 crypto isakmp eap-passthrough eap-peap 
 crypto isakmp eap-passthrough eap-mschapv2 
--- a/configs/wlc/wlc-c.cfg
+++ b/configs/wlc/wlc-c.cfg
@ -1706,18 +1706,6 @@ crypto dynamic-map default-dynamicmap 10000

 crypto map GLOBAL-IKEV2-MAP 10000 ipsec-isakmp dynamic default-rap-ipsecmap 
 crypto map GLOBAL-MAP 10000 ipsec-isakmp dynamic default-dynamicmap 
-crypto-local ipsec-map default-ha-ipsecmap10.1.35.11 9999
-    version v2
-    set ikev2-policy 10015
-    peer-ip 10.1.35.11
-    src-net 10.1.35.14 255.255.255.255
-    dst-net 10.1.35.11 255.255.255.255
-    set transform-set "default-ha-transform" 
-    pre-connect
-    factory-cert-auth
-    trusted
-!
-
 crypto-local ipsec-map default-ha-ipsecmap10.1.35.12 9999
    version v2
    set ikev2-policy 10015
@ -1730,6 +1718,18 @@ crypto-local ipsec-map default-ha-ipsecmap10.1.35.12 9999
    trusted
 !

+crypto-local ipsec-map default-ha-ipsecmap10.1.35.11 9999
+    version v2
+    set ikev2-policy 10015
+    peer-ip 10.1.35.11
+    src-net 10.1.35.14 255.255.255.255
+    dst-net 10.1.35.11 255.255.255.255
+    set transform-set "default-ha-transform" 
+    pre-connect
+    factory-cert-auth
+    trusted
+!
+
 crypto isakmp eap-passthrough eap-tls 
 crypto isakmp eap-passthrough eap-peap 
 crypto isakmp eap-passthrough eap-mschapv2
Author	SHA1	Message	Date
John Poland	ff81c5069f	ct/ct-noc-a8325-a.cfg Thu Sep 25 10:34:16 PM EDT 2025	2025-09-25 22:34:17 -04:00
John Poland	5902e41788	ct/ct-noc-a8325-b.cfg Thu Sep 25 10:34:16 PM EDT 2025	2025-09-25 22:34:17 -04:00
John Poland	b0993a4632	sh/sh-noc-a8325-b.cfg Thu Sep 25 10:34:16 PM EDT 2025	2025-09-25 22:34:17 -04:00
John Poland	87f8325e00	sh/sh-noc-a8325-a.cfg Thu Sep 25 10:34:16 PM EDT 2025	2025-09-25 22:34:17 -04:00
John Poland	431a3770b4	wlc/wlc-c.cfg Thu Sep 25 10:34:16 PM EDT 2025	2025-09-25 22:34:17 -04:00
John Poland	49c0724020	wlc/wlc-a.cfg Thu Sep 25 10:34:16 PM EDT 2025	2025-09-25 22:34:17 -04:00
John Poland	1646b917b2	wlc/wlc-b.cfg Thu Sep 25 10:34:16 PM EDT 2025	2025-09-25 22:34:17 -04:00