scsd/scsd-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: scsd:af3e51bc4b2ebbc62b7388fe19cacd17de206a8d
Branches Tags
scsd:main
...
compare: scsd:67bf054324d534e02279e009d13c999532f9d96f
Branches Tags
scsd:main

12 Commits
af3e51bc4b ... 67bf054324

Author SHA1 Message Date
John Poland
67bf054324 hughes/hughes-4507-01.cfg Thu Sep 25 05:09:53 PM EDT 2025 2025-09-25 17:09:54 -04:00
John Poland
af27a8d063 bova/bova-mdf-a6300-sw1.cfg Thu Sep 25 05:09:53 PM EDT 2025 2025-09-25 17:09:54 -04:00
John Poland
a09109813c bova/bova-idf2-a6300-sw1.cfg Thu Sep 25 05:09:53 PM EDT 2025 2025-09-25 17:09:54 -04:00
John Poland
66de18f3e4 bova/bova-idf3-a6300-sw1.cfg Thu Sep 25 05:09:53 PM EDT 2025 2025-09-25 17:09:54 -04:00
John Poland
65b1b11e48 bova/bova-idf1-a6300-sw1.cfg Thu Sep 25 05:09:53 PM EDT 2025 2025-09-25 17:09:54 -04:00
John Poland
c0975de08a bova/bova-idf4-a6300-sw1.cfg Thu Sep 25 05:09:53 PM EDT 2025 2025-09-25 17:09:54 -04:00
John Poland
4925665a18 wlc/wlc-c.cfg Thu Sep 25 05:09:53 PM EDT 2025 2025-09-25 17:09:54 -04:00
John Poland
70c149ee50 wlc/wlc-a.cfg Thu Sep 25 05:09:53 PM EDT 2025 2025-09-25 17:09:54 -04:00
John Poland
25b3f4c70e wlc/wlc-b.cfg Thu Sep 25 05:09:53 PM EDT 2025 2025-09-25 17:09:54 -04:00
John Poland
a0a58034d4 wlc/wlc-mm-2.cfg Thu Sep 25 05:09:53 PM EDT 2025 2025-09-25 17:09:54 -04:00
John Poland
c436081578 wlc/wlc-mm.cfg Thu Sep 25 05:09:53 PM EDT 2025 2025-09-25 17:09:54 -04:00
John Poland
b97992f2a6 steam/steam-idf1-a6300-sw1.cfg Thu Sep 25 05:09:53 PM EDT 2025 2025-09-25 17:09:54 -04:00
12 changed files with 99 additions and 21 deletions
Show Stats Expand all files Collapse all files

1
configs/bova/bova-idf1-a6300-sw1.cfg
View File

@ -52,6 +52,7 @@ radius dyn-authorization enable
radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapVQ2vkEjsJe6p2n0WzT4LIC6HMsDr5ibUEz8zWkhAbsyCQAAAIKw7uQQYOCmxg==
radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBapUEsvBmPVj7QRYqNeM30VNxfF8p9B7SgCW670zXSEq5KCQAAANZ3qFiPk1/XRw==
radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapWlcCgIP9yWE2dtj/ZnAVo4UjmEfRIsFEACG0L2YLdWECQAAAD5vmkp6UFPG7A==
logging 10.1.40.78
ssh server vrf default
ssh server vrf mgmt
ssh key-exchange-algorithms curve25519-sha256 curve25519-sha256@libssh.org diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512

1
configs/bova/bova-idf2-a6300-sw1.cfg
View File

@ -54,6 +54,7 @@ radius dyn-authorization enable
radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapVK7sCzSZPpzqGVBeZ7J6sS+vWrv0vkPgTB6dMxBr3AyCQAAADC7sKMxvqtEhQ==
radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBapWmD39yWvsSwmnjDejAjVXtKa9pdAwTiCykZdARxJvMZCQAAAIMhIFs7jaARHQ==
radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapTud3WTe/u+puYlgkwg5ioET5jQvu9V5ETpQlCd5g7JZCQAAABh9MAp4D3gamg==
logging 10.1.40.78
ssh server vrf default
ssh server vrf mgmt
ssh key-exchange-algorithms curve25519-sha256 curve25519-sha256@libssh.org diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512

1
configs/bova/bova-idf3-a6300-sw1.cfg
View File

@ -54,6 +54,7 @@ radius dyn-authorization enable
radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapeRwHpmTCLplGafgVGKQDNlgcZuunxy0tbuPTOcy6y5pCQAAAHSKEOR39HvHvQ==
radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBape6yWefLB/yu2n/B6jF8j+h4i9efBW8DvetExHxHo0UzCQAAAFJN4aMfZIEeMw==
radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapXdG/+ZGfgzQmpTJ4oztEpgYbxkyUmAiJXjggDB3SFkuCQAAAM1EpMSDf3/HFQ==
logging 10.1.40.78
ssh server vrf default
ssh server vrf mgmt
ssh key-exchange-algorithms curve25519-sha256 curve25519-sha256@libssh.org diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512

1
configs/bova/bova-idf4-a6300-sw1.cfg
View File

@ -54,6 +54,7 @@ radius dyn-authorization enable
radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapVqiz5pqXYClo94YNGCdLiFh4+6hH2dxs8aqE7wWO8aHCQAAAAntsSyR41j1eA==
radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBapeAIAlHI+TDna9xAVln0iYeOlelUSFpHgye1zptHI2E2CQAAANvdoPPOcvN8BQ==
radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapcjO1fmwXu60RRKO+QFd6JjFGnpP+DnXczZwJ+BBvjsbCQAAAES/yqJfiwz6FA==
logging 10.1.40.78
ssh server vrf default
ssh server vrf mgmt
ssh key-exchange-algorithms curve25519-sha256 curve25519-sha256@libssh.org diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512

1
configs/bova/bova-mdf-a6300-sw1.cfg
View File

@ -54,6 +54,7 @@ radius dyn-authorization enable
radius dyn-authorization client 10.1.40.115 replay-protection enable secret-key ciphertext AQBapbnr1YDw1a4gr3+u8Kc43BzAzmJNUwAGfkGFeDBF1DS3CQAAANXwqqO2wpefvw==
radius dyn-authorization client 10.1.40.116 replay-protection enable secret-key ciphertext AQBapU/iL5CgKDEEHdSjwU6iHb5T269gKm+f9if64KoP9VpiCQAAAFE+r9jn0t0Lrg==
radius dyn-authorization client 10.1.40.117 replay-protection enable secret-key ciphertext AQBapXyNYe2kgdcmbEz9ihR8gl9/MYAXr/ryt4SorggSOjAACQAAAGzV6Agum0cP7g==
logging 10.1.40.78
ssh server vrf default
ssh server vrf mgmt
ssh key-exchange-algorithms curve25519-sha256 curve25519-sha256@libssh.org diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512

32
configs/hughes/hughes-4507-01.cfg
View File

@ -1,9 +1,9 @@
Building configuration...
Current configuration : 39831 bytes
Current configuration : 39870 bytes
!
! Last configuration change at 19:40:38 EDT Thu Sep 18 2025 by jkafta72.admin
! NVRAM config last updated at 19:40:38 EDT Thu Sep 18 2025 by jkafta72.admin
! Last configuration change at 09:24:35 EDT Thu Sep 25 2025 by mloper19.admin
! NVRAM config last updated at 09:24:38 EDT Thu Sep 25 2025 by mloper19.admin
!
version 15.2
no service pad
@ -137,7 +137,7 @@ spanning-tree portfast edge bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
spanning-tree vlan 10,20,30,35,40,50-60,64,70 priority 8192
spanning-tree vlan 10,20,30,35,40,50-60,64,70,72 priority 8192
!
redundancy
mode sso
@ -387,25 +387,25 @@ interface Loopback0
!
interface Port-channel11
switchport
switchport trunk allowed vlan 10,20,30,35,40,51,59,60,70,251
switchport trunk allowed vlan 10,20,30,35,40,51,59,60,70,72,251
switchport trunk native vlan 251
switchport mode trunk
!
interface Port-channel21
switchport
switchport trunk allowed vlan 10,20,30,35,40,52,59,60,70
switchport trunk allowed vlan 10,20,30,35,40,52,59,60,70,72
switchport trunk native vlan 251
switchport mode trunk
!
interface Port-channel31
switchport
switchport trunk allowed vlan 10,20,30,35,40,53,59,60,70,251
switchport trunk allowed vlan 10,20,30,35,40,53,59,60,70,72,251
switchport trunk native vlan 251
switchport mode trunk
!
interface Port-channel41
switchport
switchport trunk allowed vlan 10,20,30,35,40,54,59,60,70,251
switchport trunk allowed vlan 10,20,30,35,40,54,59,60,70,72,251
switchport trunk native vlan 251
switchport mode trunk
!
@ -425,28 +425,28 @@ interface TenGigabitEthernet1/1
!
interface TenGigabitEthernet1/2
description *** To hughes-idf104a-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,51,59,60,70,251
switchport trunk allowed vlan 10,20,30,35,40,51,59,60,70,72,251
switchport trunk native vlan 251
switchport mode trunk
channel-group 11 mode active
!
interface TenGigabitEthernet1/3
description *** To hughes-idf138a-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,52,59,60,70
switchport trunk allowed vlan 10,20,30,35,40,52,59,60,70,72
switchport trunk native vlan 251
switchport mode trunk
channel-group 21 mode active
!
interface TenGigabitEthernet1/4
description *** To hughes-idf119b-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,53,59,60,70,251
switchport trunk allowed vlan 10,20,30,35,40,53,59,60,70,72,251
switchport trunk native vlan 251
switchport mode trunk
channel-group 31 mode active
!
interface TenGigabitEthernet1/5
description *** hughes-idf225b-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,54,59,60,70,251
switchport trunk allowed vlan 10,20,30,35,40,54,59,60,70,72,251
switchport trunk native vlan 251
switchport mode trunk
channel-group 41 mode active
@ -487,28 +487,28 @@ interface TenGigabitEthernet2/1
!
interface TenGigabitEthernet2/2
description *** To hughes-idf104a-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,51,59,60,70,251
switchport trunk allowed vlan 10,20,30,35,40,51,59,60,70,72,251
switchport trunk native vlan 251
switchport mode trunk
channel-group 11 mode active
!
interface TenGigabitEthernet2/3
description *** To hughes-idf138a-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,52,59,60,70
switchport trunk allowed vlan 10,20,30,35,40,52,59,60,70,72
switchport trunk native vlan 251
switchport mode trunk
channel-group 21 mode active
!
interface TenGigabitEthernet2/4
description *** To hughes-idf119b-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,53,59,60,70,251
switchport trunk allowed vlan 10,20,30,35,40,53,59,60,70,72,251
switchport trunk native vlan 251
switchport mode trunk
channel-group 31 mode active
!
interface TenGigabitEthernet2/5
description *** hughes-idf225b-sw1 ***
switchport trunk allowed vlan 10,20,30,35,40,54,59,60,70,251
switchport trunk allowed vlan 10,20,30,35,40,54,59,60,70,72,251
switchport trunk native vlan 251
switchport mode trunk
channel-group 41 mode active

1
configs/steam/steam-idf1-a6300-sw1.cfg
View File

@ -68,6 +68,7 @@ vsf member 2
link 2 2/1/50
dhcpv4-snooping
client track ip
app-recognition
vlan 1
vlan 10
name mgmt

26
configs/wlc/wlc-a.cfg
View File

@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
!
conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1"
controller config 679
controller config 680
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
@ -1853,6 +1853,8 @@ aaa rfc-3576-server "10.1.40.117"
!
aaa authentication mac "default"
!
aaa authentication mac "IoT"
!
aaa authentication dot1x "Aruba100_dot1_aut"
!
aaa authentication dot1x "default"
@ -1861,6 +1863,8 @@ aaa authentication dot1x "default-psk"
!
aaa authentication dot1x "Intune_dot1_aut"
!
aaa authentication dot1x "IoT_dot1_aut"
!
aaa authentication dot1x "LemoyneTest_dot1_aut"
!
aaa authentication dot1x "SCSD_IoT_dot1_aut"
@ -1895,6 +1899,10 @@ aaa server-group "internal"
auth-server Internal position 1
set role condition Role value-of
!
aaa server-group "IoT_dot1_svg"
auth-server NOC-CP-A position 1
auth-server NOC-CP-B position 2
!
aaa server-group "SCSD_Secure_dot1_svg"
auth-server NOC-CP-B position 1
auth-server NOC-CP-A position 2
@ -1941,6 +1949,12 @@ aaa profile "Intune_aaa_prof"
initial-role "authenticated"
authentication-dot1x "Intune_dot1_aut"
!
aaa profile "IoT_aaa_prof"
authentication-mac "IoT"
authentication-dot1x "IoT_dot1_aut"
dot1x-default-role "guest-logon"
dot1x-server-group "IoT_dot1_svg"
!
aaa profile "LemoyneTest_aaa_prof"
initial-role "authenticated"
authentication-dot1x "LemoyneTest_dot1_aut"
@ -2563,6 +2577,10 @@ wlan ssid-profile "Intune_ssid_prof"
g-tx-rates 12 18 24 36 48 54
hide-ssid
!
wlan ssid-profile "IoT_ssid_prof"
essid "IoT"
opmode mpsk-aes
!
wlan ssid-profile "SCSD_IoT_ssid_prof"
essid "SCSD_IoT"
wpa-passphrase *redacted*
@ -3347,6 +3365,11 @@ wlan virtual-ap "Intune"
forward-mode decrypt-tunnel
ssid-profile "Intune_ssid_prof"
!
wlan virtual-ap "IoT"
aaa-profile "IoT_aaa_prof"
vlan 30
ssid-profile "IoT_ssid_prof"
!
wlan virtual-ap "SCSD_IoT"
aaa-profile "SCSD_IoT_aaa_prof"
vlan 307
@ -3746,6 +3769,7 @@ ap-group "default"
virtual-ap "Aruba100"
virtual-ap "Intune"
virtual-ap "Vendor"
virtual-ap "IoT"
dot11a-radio-profile "default_radio_a_ui"
dot11g-radio-profile "default_radio_g_ui"
regulatory-domain-profile "default_rdp_ui"

26
configs/wlc/wlc-b.cfg
View File

@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
!
conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1"
controller config 679
controller config 680
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
@ -1857,6 +1857,8 @@ aaa rfc-3576-server "10.1.40.117"
!
aaa authentication mac "default"
!
aaa authentication mac "IoT"
!
aaa authentication dot1x "Aruba100_dot1_aut"
!
aaa authentication dot1x "default"
@ -1865,6 +1867,8 @@ aaa authentication dot1x "default-psk"
!
aaa authentication dot1x "Intune_dot1_aut"
!
aaa authentication dot1x "IoT_dot1_aut"
!
aaa authentication dot1x "LemoyneTest_dot1_aut"
!
aaa authentication dot1x "SCSD_IoT_dot1_aut"
@ -1899,6 +1903,10 @@ aaa server-group "internal"
auth-server Internal position 1
set role condition Role value-of
!
aaa server-group "IoT_dot1_svg"
auth-server NOC-CP-A position 1
auth-server NOC-CP-B position 2
!
aaa server-group "SCSD_Secure_dot1_svg"
auth-server NOC-CP-B position 1
auth-server NOC-CP-A position 2
@ -1945,6 +1953,12 @@ aaa profile "Intune_aaa_prof"
initial-role "authenticated"
authentication-dot1x "Intune_dot1_aut"
!
aaa profile "IoT_aaa_prof"
authentication-mac "IoT"
authentication-dot1x "IoT_dot1_aut"
dot1x-default-role "guest-logon"
dot1x-server-group "IoT_dot1_svg"
!
aaa profile "LemoyneTest_aaa_prof"
initial-role "authenticated"
authentication-dot1x "LemoyneTest_dot1_aut"
@ -2528,6 +2542,10 @@ wlan ssid-profile "Intune_ssid_prof"
g-tx-rates 12 18 24 36 48 54
hide-ssid
!
wlan ssid-profile "IoT_ssid_prof"
essid "IoT"
opmode mpsk-aes
!
wlan ssid-profile "SCSD_IoT_ssid_prof"
essid "SCSD_IoT"
wpa-passphrase *redacted*
@ -3312,6 +3330,11 @@ wlan virtual-ap "Intune"
forward-mode decrypt-tunnel
ssid-profile "Intune_ssid_prof"
!
wlan virtual-ap "IoT"
aaa-profile "IoT_aaa_prof"
vlan 30
ssid-profile "IoT_ssid_prof"
!
wlan virtual-ap "SCSD_IoT"
aaa-profile "SCSD_IoT_aaa_prof"
vlan 307
@ -3711,6 +3734,7 @@ ap-group "default"
virtual-ap "Aruba100"
virtual-ap "Intune"
virtual-ap "Vendor"
virtual-ap "IoT"
dot11a-radio-profile "default_radio_a_ui"
dot11g-radio-profile "default_radio_g_ui"
regulatory-domain-profile "default_rdp_ui"

26
configs/wlc/wlc-c.cfg
View File

@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
!
conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1"
controller config 679
controller config 680
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2025 Star-Exp042025-fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
@ -1851,6 +1851,8 @@ aaa rfc-3576-server "10.1.40.117"
!
aaa authentication mac "default"
!
aaa authentication mac "IoT"
!
aaa authentication dot1x "Aruba100_dot1_aut"
!
aaa authentication dot1x "default"
@ -1859,6 +1861,8 @@ aaa authentication dot1x "default-psk"
!
aaa authentication dot1x "Intune_dot1_aut"
!
aaa authentication dot1x "IoT_dot1_aut"
!
aaa authentication dot1x "LemoyneTest_dot1_aut"
!
aaa authentication dot1x "SCSD_IoT_dot1_aut"
@ -1893,6 +1897,10 @@ aaa server-group "internal"
auth-server Internal position 1
set role condition Role value-of
!
aaa server-group "IoT_dot1_svg"
auth-server NOC-CP-A position 1
auth-server NOC-CP-B position 2
!
aaa server-group "SCSD_Secure_dot1_svg"
auth-server NOC-CP-B position 1
auth-server NOC-CP-A position 2
@ -1939,6 +1947,12 @@ aaa profile "Intune_aaa_prof"
initial-role "authenticated"
authentication-dot1x "Intune_dot1_aut"
!
aaa profile "IoT_aaa_prof"
authentication-mac "IoT"
authentication-dot1x "IoT_dot1_aut"
dot1x-default-role "guest-logon"
dot1x-server-group "IoT_dot1_svg"
!
aaa profile "LemoyneTest_aaa_prof"
initial-role "authenticated"
authentication-dot1x "LemoyneTest_dot1_aut"
@ -2520,6 +2534,10 @@ wlan ssid-profile "Intune_ssid_prof"
g-tx-rates 12 18 24 36 48 54
hide-ssid
!
wlan ssid-profile "IoT_ssid_prof"
essid "IoT"
opmode mpsk-aes
!
wlan ssid-profile "SCSD_IoT_ssid_prof"
essid "SCSD_IoT"
wpa-passphrase *redacted*
@ -3304,6 +3322,11 @@ wlan virtual-ap "Intune"
forward-mode decrypt-tunnel
ssid-profile "Intune_ssid_prof"
!
wlan virtual-ap "IoT"
aaa-profile "IoT_aaa_prof"
vlan 30
ssid-profile "IoT_ssid_prof"
!
wlan virtual-ap "SCSD_IoT"
aaa-profile "SCSD_IoT_aaa_prof"
vlan 307
@ -3703,6 +3726,7 @@ ap-group "default"
virtual-ap "Aruba100"
virtual-ap "Intune"
virtual-ap "Vendor"
virtual-ap "IoT"
dot11a-radio-profile "default_radio_a_ui"
dot11g-radio-profile "default_radio_g_ui"
regulatory-domain-profile "default_rdp_ui"

2
configs/wlc/wlc-mm-2.cfg
View File

@ -6,7 +6,7 @@ hostname "NOC-ARUBA-MM-2"
clock timezone America/New_York -04 0
!
location "Building1.floor1"
controller config 679
controller config 680
crypto-local pki ServerCert scsd_wc2_full_2025 Star-Exp042025-fullchain.pfx
crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wildcard_2025 StartCert-Expire042025.pfx

2
configs/wlc/wlc-mm.cfg
View File

@ -6,7 +6,7 @@ hostname "noc-aruba-mm"
clock timezone America/New_York -04 0
!
location "Building1.floor1"
controller config 679
controller config 680
crypto-local pki ServerCert scsd_wc2_full_2025 Star-Exp042025-fullchain.pfx
crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wildcard_2025 StartCert-Expire042025.pfx