version 8.4.0.0-8.4.0
syslocation "Building 1"
virtual-controller-country US
virtual-controller-key Virt_Controller_Key
name Aruba515
virtual-controller-ip 192.168.42.249
terminal-access
ntp-server us.pool.ntp.org
clock timezone Pacific-Time -08 00
clock summer-time PDT recurring second sunday march 02:00 first sunday november 02:00
rf-band all

allow-new-aps
allowed-ap 9c:8c:d8:ca:ba:88
allowed-ap 9c:8c:d8:ca:a7:98
allowed-ap 9c:8c:d8:ca:bd:d8



arm
 wide-bands 5ghz
 80mhz-support
 min-tx-power 9
 max-tx-power 127
 band-steering-mode prefer-5ghz
 air-time-fairness-mode default-access
 channel-quality-aware-arm-disable
 client-aware
 scanning

rf dot11g-radio-profile
 max-distance 0
 max-tx-power 9
 min-tx-power 6
 disable-arm-wids-functions off
 free-channel-index 40

rf dot11a-radio-profile
 max-distance 0
 max-tx-power 18
 min-tx-power 12
 disable-arm-wids-functions off


syslog-level warn ap-debug 
syslog-level warn network 
syslog-level warn security 
syslog-level warn system 
syslog-level warn user 
syslog-level warn user-debug 
syslog-level warn wireless 











hash-mgmt-password
hash-mgmt-user admin password hash hash_was_here



wlan access-rule GuestWiFi
 index 0
 rule 192.168.42.250 255.255.255.255 match any any any permit
 rule 192.168.42.250 255.255.255.255 match udp 67 68 permit

wlan access-rule default_wired_port_profile
 index 1
 rule any any match any any any permit

wlan access-rule CorpWiFi
 index 2
 rule any any match any any any permit

wlan ssid-profile GuestWiFi
 enable
 index 0
 type guest
 essid GuestWiFi
 opmode enhanced-open
 max-authentication-failures 0
 rf-band all
 captive-portal disable
 dtim-period 1
 broadcast-filter arp
 dmo-channel-utilization-threshold 90
 local-probe-req-thresh 0
 max-clients-threshold 64

wlan ssid-profile CorpWiFi
 enable
 index 1
 type employee
 essid CorpWiFi
 wpa-passphrase 48d59d1e935f822e8c4c771adcf7ed59582166f6b74bfb2e
 opmode wpa2-psk-aes
 max-authentication-failures 0
 rf-band all
 captive-portal disable
 dtim-period 1
 broadcast-filter arp
 dmo-channel-utilization-threshold 90
 local-probe-req-thresh 0
 max-clients-threshold 64

auth-survivability cache-time-out 24



wlan external-captive-portal
 server localhost
 port 80
 url "/"
 auth-text "Authenticated"
 auto-whitelist-disable
 https


blacklist-time 3600
auth-failure-blacklist-time 3600


ids
 wireless-containment none


wired-port-profile default_wired_port_profile
 switchport-mode access
 allowed-vlan all
 native-vlan 1
 trusted
 shutdown
 access-rule-name default_wired_port_profile
 speed auto
 duplex full
 no poe
 type employee
 auth-server InternalServer
 captive-portal disable
 no dot1x


enet0-port-profile default_wired_port_profile
enet1-port-profile default_wired_port_profile
enet2-port-profile default_wired_port_profile
enet3-port-profile default_wired_port_profile
enet4-port-profile default_wired_port_profile

uplink
 preemption
 enforce none
 failover-internet-pkt-lost-cnt 10
 failover-internet-pkt-send-freq 30
 failover-vpn-timeout 180



airgroup
 disable

airgroupservice airplay
 disable
 description AirPlay

airgroupservice airprint
 disable
 description AirPrint




cluster-security
 allow-low-assurance-devices