version 6.0 enable secret "******" hostname "Aruba3200" clock timezone AEST 10 location "Building F Server room" controller config 19 ip NAT pool dynamic-srcnat 0.0.0.0 0.0.0.0 static ip access-list eth validuserethacl permit any ! ip access-list session validuser network 169.254.0.0 255.255.0.0 any any deny any any any permit ipv6 any any any permit ! vpn-dialer default-dialer ike authentication PRE-SHARE ****** ! user-role ap-role ! user-role denyall ! user-role cpbase ! user-role guest-logon ! user-role guest ! user-role stateful-dot1x ! user-role logon ! ! controller-ip vlan 1 interface mgmt shutdown ! interface loopback ip address 10.10.41.101 ! dialer group evdo_us init-string ATQ0V1E0 dial-string ATDT#777 ! dialer group gsm_us init-string AT+CGDCONT=1,"IP","ISP.CINGULAR" dial-string ATD*99# ! dialer group vivo_br init-string AT+CGDCONT=1,"IP","zap.vivo.com.br" dial-string ATD*99# ! vlan 2 vlan 60 vlan-name VLAN_1 vlan VLAN_1 1 interface gigabitethernet 1/0 description "GE1/0" trusted trusted vlan 1-4094 ! interface gigabitethernet 1/1 description "GE1/1" trusted trusted vlan 1-4094 switchport mode trunk ! interface gigabitethernet 1/2 description "GE1/2" trusted trusted vlan 1-4094 ! interface gigabitethernet 1/3 description "GE1/3" trusted trusted vlan 1-4094 switchport trunk native vlan 60 ! interface vlan 1 ip address 10.10.41.100 255.255.0.0 ! ip default-gateway 10.10.1.1 ip default-gateway 10.10.254.254 uplink disable ap mesh-recovery-profile cluster Recoveryyo9E0mJ7hFUJsKKe wpa-hexkey 98a44de3c99 567e1c6468f233182a757656c42c41af7208c4e6c87ce41fec7838525ebe033d5ac3ef53e13f6d39 e3e34b22d48f615c1dbe04bc60528a93b9004890ff5bc54aa06e2020cc3cb368605e8 wms general poll-interval 60000 general poll-retries 3 general ap-ageout-interval 30 general adhoc-ap-ageout-interval 5 general sta-ageout-interval 30 general learn-ap enable general persistent-neighbor enable general propagate-wired-macs enable general stat-update enable general collect-stats disable ! crypto ipsec transform-set default-boc-bm-transform esp-3des esp-sha-hmac vpdn group l2tp ! ip dhcp default-pool private ! vpdn group pptp ! mux-address 0.0.0.0 adp discovery enable adp igmp-join enable adp igmp-vlan 0 ssh mgmt-auth username/password mgmt-user admin root cc5a1ff601fe9b3c2935c94330e04b4663a08fa8cbdd56e25f no database synchronize database synchronize rf-plan-data ip mobile domain default ! ip igmp ! no firewall attack-rate cp 1024 ! firewall cp ! firewall cp packet-capture-defaults tcp disable udp disable sysmsg disable other disable ! ip domain lookup ! country AU aaa authentication mac "default" ! aaa authentication dot1x "aruba-ap-dot1x_prof" ! aaa authentication dot1x "default" ! aaa authentication-server radius "bccrad01" ! aaa authentication-server ldap "bccsrv01" ! aaa authentication-server ldap "bccsrv02" host 10.10.3.2 admin-dn "cn=david hodges,ou=staff,ou=users,ou=bcc,dc=bcc,dc=local" admin-passwd 9ed62ea86a15214f42292b9a669c7917 base-dn "ou=users,ou=bcc,dc=bcc,dc=local" ! aaa server-group "aruba-ap" auth-server bccrad01 ! aaa server-group "default" ! aaa authentication via connection-profile "default" ! aaa authentication via web-auth "default" ! aaa authentication via global-config ! aaa profile "default" authentication-dot1x "default" ! aaa authentication captive-portal "default" ! aaa authentication wispr "default" ! aaa authentication vpn "default" ! aaa authentication mgmt ! aaa authentication stateful-ntlm "default" ! aaa authentication stateful-kerberos "default" ! aaa authentication stateful-dot1x ! aaa authentication via auth-profile "default" ! aaa authentication wired ! web-server ! papi-security ! guest-access-email ! aaa password-policy mgmt ! control-plane-security no cpsec-enable ! valid-network-oui-profile ! ap system-profile "default" ! ap regulatory-domain-profile "default" country-code AU valid-11g-channel 1 valid-11g-channel 6 valid-11g-channel 11 valid-11a-channel 36 valid-11a-channel 40 valid-11a-channel 44 valid-11a-channel 48 valid-11a-channel 52 valid-11a-channel 56 valid-11a-channel 60 valid-11a-channel 64 valid-11a-channel 149 valid-11a-channel 153 valid-11a-channel 157 valid-11a-channel 161 valid-11a-channel 165 valid-11g-40mhz-channel-pair 1-5 valid-11g-40mhz-channel-pair 7-11 valid-11a-40mhz-channel-pair 36-40 valid-11a-40mhz-channel-pair 44-48 valid-11a-40mhz-channel-pair 52-56 valid-11a-40mhz-channel-pair 60-64 valid-11a-40mhz-channel-pair 149-153 valid-11a-40mhz-channel-pair 157-161 ! ap wired-ap-profile "default" ! ap enet-link-profile "default" ! ap mesh-ht-ssid-profile "default" ! ap mesh-cluster-profile "default" rf-band g ! ap wired-port-profile "default" ! ap mesh-radio-profile "default" ! ids general-profile "default" ! ids unauthorized-device-profile "default" ! ids profile "default" ! rf arm-profile "default" ! rf optimization-profile "default" ! rf event-thresholds-profile "default" ! rf am-scan-profile "default" ! rf dot11a-radio-profile "default" ! rf dot11g-radio-profile "default" ! wlan dot11k-profile "default" ! wlan ht-ssid-profile "default" ! wlan ssid-profile "default" opmode wpa2-psk-aes wpa2-psk-tkip wpa-passphrase 68fd57bbf534b85d5c3169877cf3be23ae872ff9ea6a7420 ! wlan ssid-profile "TEST" essid "TEST-ap" opmode wpa-psk-tkip wpa-passphrase eb53ce5f000719be93e79bfc5d23c9d201dbf8445112541e ! wlan virtual-ap "default" aaa-profile "default-dot1x-psk" ! wlan virtual-ap "TEST" aaa-profile "default-dot1x-psk" ssid-profile "TEST" vlan 60 ! ap provisioning-profile "default" ! ap-group "default" virtual-ap "default" virtual-ap "TEST" mesh-cluster-profile "default" priority 7 ! logging level warnings security subcat ids logging level warnings security subcat ids-ap snmp-server enable trap process monitor log end