scsd/scsd-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: scsd:f38f161f04acd0775acecf4480771518435c7f46
Branches Tags
scsd:main
..
compare: scsd:0266c90b7070cd46948753f4d98cfae08f51e507
Branches Tags
scsd:main

No commits in common. "f38f161f04acd0775acecf4480771518435c7f46" and "0266c90b7070cd46948753f4d98cfae08f51e507" have entirely different histories.
f38f161f04 ... 0266c90b70

6 changed files with 457 additions and 542 deletions
Show Stats Expand all files Collapse all files

980
configs/fortigate/fortigate.conf
View File

File diff suppressed because it is too large Load Diff

5
configs/fortigate/vdom_scsd/vpn.cfg
View File

@ -84,9 +84,6 @@ config vpn certificate local
edit "StarCert-Expire03202026"
set password ENC *HIDDEN*
next
edit "StarCert-Expire_20260924"
set password ENC *HIDDEN*
next
end
config vpn ssl web host-check-software
edit "FortiClient-AV"
@ -761,7 +758,7 @@ config vpn ssl web user-bookmark
end
config vpn ssl settings
set banned-cipher SHA1 SHA256 SHA384
set servercert "StarCert-Expire_20260924"
set servercert "StarCert-Expire03202026"
set idle-timeout 3600
set auth-timeout 36000
set login-timeout 180

3
configs/wlc/wlc-a.cfg
View File

@ -7,12 +7,11 @@ clock timezone America/New_York -04 0
!
conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1"
controller config 726
controller config 724
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
crypto-local pki ServerCert scsd_wc_2026 StarCert-Expire03202026.pfx
crypto-local pki ServerCert scsd_wc_sept_2026 StarCert-Ex_09_26_fullchain.pfx
crypto-local pki PublicCert master-ssh-pub-cert master-ssh-pub-cert
ip nat pool localip 0.0.0.0 0.0.0.0
ip nat pool dynamic-srcnat 0.0.0.0 0.0.0.0

3
configs/wlc/wlc-b.cfg
View File

@ -7,12 +7,11 @@ clock timezone America/New_York -04 0
!
conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1"
controller config 726
controller config 724
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
crypto-local pki ServerCert scsd_wc_2026 StarCert-Expire03202026.pfx
crypto-local pki ServerCert scsd_wc_sept_2026 StarCert-Ex_09_26_fullchain.pfx
crypto-local pki PublicCert master-ssh-pub-cert master-ssh-pub-cert
ip nat pool localip 0.0.0.0 0.0.0.0
ip nat pool dynamic-srcnat 0.0.0.0 0.0.0.0

3
configs/wlc/wlc-c.cfg
View File

@ -7,12 +7,11 @@ clock timezone America/New_York -04 0
!
conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1"
controller config 726
controller config 724
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
crypto-local pki ServerCert scsd_wc_2026 StarCert-Expire03202026.pfx
crypto-local pki ServerCert scsd_wc_sept_2026 StarCert-Ex_09_26_fullchain.pfx
crypto-local pki PublicCert master-ssh-pub-cert master-ssh-pub-cert
ip nat pool localip 0.0.0.0 0.0.0.0
ip nat pool dynamic-srcnat 0.0.0.0 0.0.0.0

5
configs/wlc/wlc-mm-2.cfg
View File

@ -6,10 +6,9 @@ hostname "NOC-ARUBA-MM-2"
clock timezone America/New_York -04 0
!
location "Building1.floor1"
controller config 726
controller config 724
crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wildcard_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wildcard_sept_2026 StarCert-Ex_09_26_fullchain.pfx
crypto-local pki PublicCert master-ssh-pub-cert master-ssh-pub-cert
ip nat pool dynamic-srcnat 0.0.0.0 0.0.0.0
ip nat pool localip 0.0.0.0 0.0.0.0
@ -912,7 +911,7 @@ aaa authentication via web-auth "default"
!
web-server profile
cipher-suite ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA
switch-cert "scsd_wildcard_sept_2026"
switch-cert "scsd_wc2_full_2026"
!
guest-access-email
!