scsd/scsd-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: scsd:f38f161f04acd0775acecf4480771518435c7f46
Branches Tags
scsd:main
..
compare: scsd:c46e75f8307a2db23e7b2780be8daea881bed32f
Branches Tags
scsd:main

8 Commits
f38f161f04 ... c46e75f830

Author SHA1 Message Date
John Poland
c46e75f830 psla/psla-mdf-a8360-sw1.cfg Fri Mar 13 08:34:18 PM EDT 2026 2026-03-13 20:34:20 -04:00
John Poland
160fe9cc72 bova/bova-idf1-a6300-sw1.cfg Fri Mar 13 08:34:18 PM EDT 2026 2026-03-13 20:34:19 -04:00
John Poland
76ce81bb23 wlc/wlc-c.cfg Fri Mar 13 08:34:18 PM EDT 2026 2026-03-13 20:34:19 -04:00
John Poland
f1e0bfdc62 wlc/wlc-a.cfg Fri Mar 13 08:34:18 PM EDT 2026 2026-03-13 20:34:19 -04:00
John Poland
98e5b87cd6 wlc/wlc-b.cfg Fri Mar 13 08:34:18 PM EDT 2026 2026-03-13 20:34:19 -04:00
John Poland
b2948d5e16 wlc/wlc-mm-2.cfg Fri Mar 13 08:34:18 PM EDT 2026 2026-03-13 20:34:19 -04:00
John Poland
b76281ac3f fortigate-backup Fri Mar 13 08:34:18 PM EDT 2026 2026-03-13 20:34:18 -04:00
John Poland
6dd167e745 fortigate Fri Mar 13 08:34:18 PM EDT 2026 2026-03-13 20:34:18 -04:00
8 changed files with 672 additions and 511 deletions
Show Stats Expand all files Collapse all files

18
configs/bova/bova-idf1-a6300-sw1.cfg
View File

@ -2182,30 +2182,16 @@ interface 2/1/27
client track ip update-interval 120 client track ip update-interval 120
power-over-ethernet pre-std-detect power-over-ethernet pre-std-detect
interface 2/1/28 interface 2/1/28
description Auto description Telcom
no shutdown no shutdown
no routing no routing
vlan access 168 vlan access 20
spanning-tree bpdu-guard spanning-tree bpdu-guard
spanning-tree port-type admin-edge spanning-tree port-type admin-edge
spanning-tree root-guard spanning-tree root-guard
spanning-tree tcn-guard spanning-tree tcn-guard
loop-protect loop-protect
port-access onboarding-method concurrent enable port-access onboarding-method concurrent enable
aaa authentication port-access allow-cdp-bpdu
aaa authentication port-access allow-lldp-bpdu
aaa authentication port-access client-limit 3
aaa authentication port-access dot1x authenticator
cached-reauth
cached-reauth-period 86400
reauth
enable
aaa authentication port-access mac-auth
cached-reauth
cached-reauth-period 86400
quiet-period 30
reauth
enable
client track ip enable client track ip enable
client track ip update-interval 120 client track ip update-interval 120
power-over-ethernet pre-std-detect power-over-ethernet pre-std-detect

1103
configs/fortigate/fortigate.conf
View File

File diff suppressed because it is too large Load Diff

47
configs/fortigate/vdom_scsd/firewall.cfg
View File

@ -2861,6 +2861,48 @@ config firewall address
edit "WebsterVLAN230" edit "WebsterVLAN230"
set subnet 10.51.230.0 255.255.255.224 set subnet 10.51.230.0 255.255.255.224
next next
edit "FrazerVLAN230"
set subnet 10.25.230.0 255.255.255.224
next
edit "NottinghamVLAN230"
set subnet 10.4.230.0 255.255.255.224
next
edit "HenningerVLAN230"
set subnet 10.6.230.0 255.255.255.224
next
edit "GrantVLAN230"
set subnet 10.9.230.0 255.255.255.224
next
edit "LincolnVLAN230"
set subnet 10.13.230.0 255.255.255.224
next
edit "BellevueVLAN230"
set subnet 10.16.230.0 255.255.255.224
next
edit "KingVLAN230"
set subnet 10.20.230.0 255.255.255.224
next
edit "BrightonVLAN230"
set subnet 10.21.230.0 255.255.255.224
next
edit "HuntingtonVLAN230"
set subnet 10.29.230.0 255.255.255.224
next
edit "EdSmithVLAN230"
set subnet 10.45.230.0 255.255.255.224
next
edit "BeardVLAN230"
set subnet 10.48.230.0 255.255.255.224
next
edit "BlodgettVLAN230"
set subnet 10.53.230.0 255.255.255.224
next
edit "CoVLAN230"
set subnet 10.55.230.0 255.255.255.224
next
edit "SscVLAN230"
set subnet 10.56.230.0 255.255.255.224
next
end end
config firewall multicast-address config firewall multicast-address
edit "all_hosts" edit "all_hosts"
@ -3072,7 +3114,7 @@ config firewall addrgrp
set member "Shea_Secure_Wireless" "Shea_VLAN_6" "Corcoran_VLAN_20" "Corcoran_Secure_Wireless" set member "Shea_Secure_Wireless" "Shea_VLAN_6" "Corcoran_VLAN_20" "Corcoran_Secure_Wireless"
next next
edit "VLAN230AddrGroup" edit "VLAN230AddrGroup"
set member "SheaVLAN230" "CorcoranVLAN230" "DelawareVLAN230" "ElmwoodVLAN230" "FranklinVLAN230" "LatinVLAN230" "SalemVLAN230" "SeymourVLAN230" "WebsterVLAN230" set member "SheaVLAN230" "CorcoranVLAN230" "DelawareVLAN230" "ElmwoodVLAN230" "FranklinVLAN230" "LatinVLAN230" "SalemVLAN230" "SeymourVLAN230" "WebsterVLAN230" "FrazerVLAN230"
next next
end end
config firewall wildcard-fqdn custom config firewall wildcard-fqdn custom
@ -6535,7 +6577,6 @@ config firewall on-demand-sniffer
edit "inside lag_scsd" edit "inside lag_scsd"
set interface "inside lag" set interface "inside lag"
set max-packet-count 10000 set max-packet-count 10000
set hosts "192.168.1.135" set hosts "10.1.70.153"
set ports 80
next next
end end

1
configs/psla/psla-mdf-a8360-sw1.cfg
View File

@ -138,6 +138,7 @@ access-list ip Image-acl
158 comment ClearPass_TCP_PORTS_OUT 158 comment ClearPass_TCP_PORTS_OUT
158 permit tcp any clearpass_servers group clearpass_tcp_ports 158 permit tcp any clearpass_servers group clearpass_tcp_ports
160 deny any any any 160 deny any any any
access-list ip hvac
access-list ip sbhc-acl access-list ip sbhc-acl
10 comment SBHC_Out 10 comment SBHC_Out
10 permit any sbhc_internal sbhc_external 10 permit any sbhc_internal sbhc_external

4
configs/wlc/wlc-a.cfg
View File

@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
! !
conductorip 10.1.35.33 ipsec ****** interface vlan 35 conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1" location "Building1.floor1"
controller config 726 controller config 727
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
@ -2651,12 +2651,10 @@ wlan ssid-profile "default"
wlan ssid-profile "Intune_ssid_prof" wlan ssid-profile "Intune_ssid_prof"
essid "Intune" essid "Intune"
wpa-passphrase *redacted* wpa-passphrase *redacted*
opmode wpa2-psk-aes
a-basic-rates 24 a-basic-rates 24
a-tx-rates 36 48 54 a-tx-rates 36 48 54
g-basic-rates 12 g-basic-rates 12
g-tx-rates 12 18 24 36 48 54 g-tx-rates 12 18 24 36 48 54
hide-ssid
! !
wlan ssid-profile "IoT_ssid_prof" wlan ssid-profile "IoT_ssid_prof"
essid "IoT" essid "IoT"

4
configs/wlc/wlc-b.cfg
View File

@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
! !
conductorip 10.1.35.33 ipsec ****** interface vlan 35 conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1" location "Building1.floor1"
controller config 726 controller config 727
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
@ -2613,12 +2613,10 @@ wlan ssid-profile "default"
wlan ssid-profile "Intune_ssid_prof" wlan ssid-profile "Intune_ssid_prof"
essid "Intune" essid "Intune"
wpa-passphrase *redacted* wpa-passphrase *redacted*
opmode wpa2-psk-aes
a-basic-rates 24 a-basic-rates 24
a-tx-rates 36 48 54 a-tx-rates 36 48 54
g-basic-rates 12 g-basic-rates 12
g-tx-rates 12 18 24 36 48 54 g-tx-rates 12 18 24 36 48 54
hide-ssid
! !
wlan ssid-profile "IoT_ssid_prof" wlan ssid-profile "IoT_ssid_prof"
essid "IoT" essid "IoT"

4
configs/wlc/wlc-c.cfg
View File

@ -7,7 +7,7 @@ clock timezone America/New_York -04 0
! !
conductorip 10.1.35.33 ipsec ****** interface vlan 35 conductorip 10.1.35.33 ipsec ****** interface vlan 35
location "Building1.floor1" location "Building1.floor1"
controller config 726 controller config 727
crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc3 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_full_wc_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx crypto-local pki ServerCert scsd_wc3_2026 StarCert-Expire03202026.pfx
@ -2605,12 +2605,10 @@ wlan ssid-profile "default"
wlan ssid-profile "Intune_ssid_prof" wlan ssid-profile "Intune_ssid_prof"
essid "Intune" essid "Intune"
wpa-passphrase *redacted* wpa-passphrase *redacted*
opmode wpa2-psk-aes
a-basic-rates 24 a-basic-rates 24
a-tx-rates 36 48 54 a-tx-rates 36 48 54
g-basic-rates 12 g-basic-rates 12
g-tx-rates 12 18 24 36 48 54 g-tx-rates 12 18 24 36 48 54
hide-ssid
! !
wlan ssid-profile "IoT_ssid_prof" wlan ssid-profile "IoT_ssid_prof"
essid "IoT" essid "IoT"

2
configs/wlc/wlc-mm-2.cfg
View File

@ -6,7 +6,7 @@ hostname "NOC-ARUBA-MM-2"
clock timezone America/New_York -04 0 clock timezone America/New_York -04 0
! !
location "Building1.floor1" location "Building1.floor1"
controller config 726 controller config 727
crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_wc2_full_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wildcard_2026 StarCert-Ex03_26_fullchain.pfx crypto-local pki ServerCert scsd_wildcard_2026 StarCert-Ex03_26_fullchain.pfx
crypto-local pki ServerCert scsd_wildcard_sept_2026 StarCert-Ex_09_26_fullchain.pfx crypto-local pki ServerCert scsd_wildcard_sept_2026 StarCert-Ex_09_26_fullchain.pfx