psla/psla-mdf-a8360-sw1.cfg Fri Mar 13 08:34:18 PM EDT 2026

bova/bova-idf1-a6300-sw1.cfg Fri Mar 13 08:34:18 PM EDT 2026
wlc/wlc-c.cfg Fri Mar 13 08:34:18 PM EDT 2026
2026-03-13 20:34:20 -04:00 · 2026-03-13 20:34:19 -04:00 · 2026-03-13 20:34:19 -04:00 · 2026-03-13 20:34:19 -04:00 · 2026-03-13 20:34:19 -04:00 · 2026-03-13 20:34:19 -04:00
8 changed files with 672 additions and 511 deletions
--- a/configs/bova/bova-idf1-a6300-sw1.cfg
+++ b/configs/bova/bova-idf1-a6300-sw1.cfg
@ -2182,30 +2182,16 @@ interface 2/1/27
    client track ip update-interval 120
    power-over-ethernet pre-std-detect
 interface 2/1/28
-    description Auto
+    description Telcom
    no shutdown
    no routing
-    vlan access 168
+    vlan access 20
    spanning-tree bpdu-guard
    spanning-tree port-type admin-edge
    spanning-tree root-guard
    spanning-tree tcn-guard
    loop-protect
    port-access onboarding-method concurrent enable
-    aaa authentication port-access allow-cdp-bpdu
-    aaa authentication port-access allow-lldp-bpdu
-    aaa authentication port-access client-limit 3
-    aaa authentication port-access dot1x authenticator
-        cached-reauth
-        cached-reauth-period 86400
-        reauth
-        enable
-    aaa authentication port-access mac-auth
-        cached-reauth
-        cached-reauth-period 86400
-        quiet-period 30
-        reauth
-        enable
    client track ip enable
    client track ip update-interval 120
    power-over-ethernet pre-std-detect
--- a/configs/fortigate/fortigate.conf
+++ b/configs/fortigate/fortigate.conf
--- a/configs/fortigate/vdom_scsd/firewall.cfg
+++ b/configs/fortigate/vdom_scsd/firewall.cfg
@ -2861,6 +2861,48 @@ config firewall address
    edit "WebsterVLAN230"
        set subnet 10.51.230.0 255.255.255.224
    next
+    edit "FrazerVLAN230"
+        set subnet 10.25.230.0 255.255.255.224
+    next
+    edit "NottinghamVLAN230"
+        set subnet 10.4.230.0 255.255.255.224
+    next
+    edit "HenningerVLAN230"
+        set subnet 10.6.230.0 255.255.255.224
+    next
+    edit "GrantVLAN230"
+        set subnet 10.9.230.0 255.255.255.224
+    next
+    edit "LincolnVLAN230"
+        set subnet 10.13.230.0 255.255.255.224
+    next
+    edit "BellevueVLAN230"
+        set subnet 10.16.230.0 255.255.255.224
+    next
+    edit "KingVLAN230"
+        set subnet 10.20.230.0 255.255.255.224
+    next
+    edit "BrightonVLAN230"
+        set subnet 10.21.230.0 255.255.255.224
+    next
+    edit "HuntingtonVLAN230"
+        set subnet 10.29.230.0 255.255.255.224
+    next
+    edit "EdSmithVLAN230"
+        set subnet 10.45.230.0 255.255.255.224
+    next
+    edit "BeardVLAN230"
+        set subnet 10.48.230.0 255.255.255.224
+    next
+    edit "BlodgettVLAN230"
+        set subnet 10.53.230.0 255.255.255.224
+    next
+    edit "CoVLAN230"
+        set subnet 10.55.230.0 255.255.255.224
+    next
+    edit "SscVLAN230"
+        set subnet 10.56.230.0 255.255.255.224
+    next
 end
 config firewall multicast-address
    edit "all_hosts"
@ -3072,7 +3114,7 @@ config firewall addrgrp
        set member "Shea_Secure_Wireless" "Shea_VLAN_6" "Corcoran_VLAN_20" "Corcoran_Secure_Wireless"
    next
    edit "VLAN230AddrGroup"
-        set member "SheaVLAN230" "CorcoranVLAN230" "DelawareVLAN230" "ElmwoodVLAN230" "FranklinVLAN230" "LatinVLAN230" "SalemVLAN230" "SeymourVLAN230" "WebsterVLAN230"
+        set member "SheaVLAN230" "CorcoranVLAN230" "DelawareVLAN230" "ElmwoodVLAN230" "FranklinVLAN230" "LatinVLAN230" "SalemVLAN230" "SeymourVLAN230" "WebsterVLAN230" "FrazerVLAN230"
    next
 end
 config firewall wildcard-fqdn custom
@ -6535,7 +6577,6 @@ config firewall on-demand-sniffer
    edit "inside lag_scsd"
        set interface "inside lag"
        set max-packet-count 10000
-        set hosts "192.168.1.135"
-        set ports 80
+        set hosts "10.1.70.153"
    next
 end
--- a/configs/psla/psla-mdf-a8360-sw1.cfg
+++ b/configs/psla/psla-mdf-a8360-sw1.cfg
@ -138,6 +138,7 @@ access-list ip Image-acl
    158 comment ClearPass_TCP_PORTS_OUT
    158 permit tcp any clearpass_servers group clearpass_tcp_ports
    160 deny any any any
+access-list ip hvac
 access-list ip sbhc-acl
    10 comment SBHC_Out
    10 permit any sbhc_internal sbhc_external
--- a/configs/wlc/wlc-a.cfg
+++ b/configs/wlc/wlc-a.cfg
@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
 !
 conductorip 10.1.35.33 ipsec ****** interface vlan 35 
 location "Building1.floor1" 
-controller config 726
+controller config 727
 crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx 
@ -2651,12 +2651,10 @@ wlan ssid-profile "default"
 wlan ssid-profile "Intune_ssid_prof" 
    essid "Intune" 
     wpa-passphrase *redacted*
-    opmode wpa2-psk-aes 
    a-basic-rates 24 
    a-tx-rates 36 48 54 
    g-basic-rates 12 
    g-tx-rates 12 18 24 36 48 54 
-    hide-ssid 
 !
 wlan ssid-profile "IoT_ssid_prof" 
    essid "IoT" 
--- a/configs/wlc/wlc-b.cfg
+++ b/configs/wlc/wlc-b.cfg
@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
 !
 conductorip 10.1.35.33 ipsec ****** interface vlan 35 
 location "Building1.floor1" 
-controller config 726
+controller config 727
 crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx 
@ -2613,12 +2613,10 @@ wlan ssid-profile "default"
 wlan ssid-profile "Intune_ssid_prof" 
    essid "Intune" 
     wpa-passphrase *redacted*
-    opmode wpa2-psk-aes 
    a-basic-rates 24 
    a-tx-rates 36 48 54 
    g-basic-rates 12 
    g-tx-rates 12 18 24 36 48 54 
-    hide-ssid 
 !
 wlan ssid-profile "IoT_ssid_prof" 
    essid "IoT" 
--- a/configs/wlc/wlc-c.cfg
+++ b/configs/wlc/wlc-c.cfg
@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
 !
 conductorip 10.1.35.33 ipsec ****** interface vlan 35 
 location "Building1.floor1" 
-controller config 726
+controller config 727
 crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx 
@ -2605,12 +2605,10 @@ wlan ssid-profile "default"
 wlan ssid-profile "Intune_ssid_prof" 
    essid "Intune" 
     wpa-passphrase *redacted*
-    opmode wpa2-psk-aes 
    a-basic-rates 24 
    a-tx-rates 36 48 54 
    g-basic-rates 12 
    g-tx-rates 12 18 24 36 48 54 
-    hide-ssid 
 !
 wlan ssid-profile "IoT_ssid_prof" 
    essid "IoT" 
--- a/configs/wlc/wlc-mm-2.cfg
+++ b/configs/wlc/wlc-mm-2.cfg
@ -6,7 +6,7 @@ hostname "NOC-ARUBA-MM-2"
 clock timezone America/New_York -04 0 
 !
 location "Building1.floor1" 
-controller config 726
+controller config 727
 crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_wildcard_2026 StarCert-Ex03_26_fullchain.pfx 
 crypto-local pki ServerCert scsd_wildcard_sept_2026 StarCert-Ex_09_26_fullchain.pfx
Author	SHA1	Message	Date
John Poland	c46e75f830	psla/psla-mdf-a8360-sw1.cfg Fri Mar 13 08:34:18 PM EDT 2026	2026-03-13 20:34:20 -04:00
John Poland	160fe9cc72	bova/bova-idf1-a6300-sw1.cfg Fri Mar 13 08:34:18 PM EDT 2026	2026-03-13 20:34:19 -04:00
John Poland	76ce81bb23	wlc/wlc-c.cfg Fri Mar 13 08:34:18 PM EDT 2026	2026-03-13 20:34:19 -04:00
John Poland	f1e0bfdc62	wlc/wlc-a.cfg Fri Mar 13 08:34:18 PM EDT 2026	2026-03-13 20:34:19 -04:00
John Poland	98e5b87cd6	wlc/wlc-b.cfg Fri Mar 13 08:34:18 PM EDT 2026	2026-03-13 20:34:19 -04:00
John Poland	b2948d5e16	wlc/wlc-mm-2.cfg Fri Mar 13 08:34:18 PM EDT 2026	2026-03-13 20:34:19 -04:00
John Poland	b76281ac3f	fortigate-backup Fri Mar 13 08:34:18 PM EDT 2026	2026-03-13 20:34:18 -04:00
John Poland	6dd167e745	fortigate Fri Mar 13 08:34:18 PM EDT 2026	2026-03-13 20:34:18 -04:00