login as: admin admin@10.100.9.2's password: (Aruba7210) > (Aruba7210) > (Aruba7210) > (Aruba7210) >conf t ^ % Invalid input detected at '^' marker. (Aruba7210) >en Password:****** (Aruba7210) #configure t Enter Configuration commands, one per line. End with CNTL/Z (Aruba7210) (config) # (Aruba7210) (config) # (Aruba7210) (config) # (Aruba7210) (config) # (Aruba7210) (config) # (Aruba7210) (config) #shutdown run ^ % Invalid input detected at '^' marker. (Aruba7210) (config) #show run Building Configuration... version 6.4 enable secret "******" hostname "Aruba7210" clock timezone EET 2 location "SistemOdasi" controller config 33 ip NAT pool dynamic-srcnat 0.0.0.0 0.0.0.0 ip access-list eth validuserethacl permit any ! netservice svc-papi udp 8211 netservice svc-sec-papi udp 8209 netexthdr default ! ip access-list session apprf-stateful-dot1x-sacl ! ip access-list session global-sacl ! ip access-list session apprf-guest-sacl ! ip access-list session validuser network 127.0.0.0 255.0.0.0 any any deny network 169.254.0.0 255.255.0.0 any any deny network 224.0.0.0 240.0.0.0 any any deny host 255.255.255.255 any any deny network 240.0.0.0 240.0.0.0 any any deny any any any permit ipv6 host fe80:: any any deny ipv6 network fc00::/7 any any permit ipv6 network fe80::/64 any any permit ipv6 alias ipv6-reserved-range any any deny ipv6 any any any permit ! aaa derivation-rules user iett ! vpn-dialer default-dialer ike authentication PRE-SHARE ****** ! dot1x high-watermark 550 dot1x low-watermark 522 user-role iett_misafir_c-cp_prof captive-portal "iett_misafir_c-cp_prof" ! user-role ap-role ! user-role stateful-dot1x access-list session global-sacl access-list session apprf-stateful-dot1x-sacl ! user-role guest-logon ! user-role logon ! user-role cpbase ! user-role denyall ! user-role guest access-list session global-sacl access-list session apprf-guest-sacl ! ip radius source-interface vlan 42 ! controller-ip vlan 9 no kernel coredump interface mgmt shutdown ! interface loopback ip address 42.1.1.1 ! dialer group evdo_us init-string ATQ0V1E0 dial-string ATDT#777 ! dialer group gsm_us init-string AT+CGDCONT=1,"IP","ISP.CINGULAR" dial-string ATD*99# ! dialer group gsm_asia init-string AT+CGDCONT=1,"IP","internet" dial-string ATD*99***1# ! dialer group vivo_br init-string AT+CGDCONT=1,"IP","zap.vivo.com.br" dial-string ATD*99# ! vlan 9 vlan 35 vlan 36 vlan 37 vlan 42 wired aaa-profile "IETT_C-aaa_prof" vlan-name Default interface gigabitethernet 0/0/0 description "GE0/0/0" trusted trusted vlan 1-4094 switchport mode trunk switchport trunk allowed vlan 9,35-37,42 ! interface gigabitethernet 0/0/1 description "GE0/0/1" trusted trusted vlan 1-4094 switchport access vlan 9 ! interface gigabitethernet 0/0/2 description "GE0/0/2" trusted trusted vlan 1-4094 switchport access vlan 42 ! interface gigabitethernet 0/0/3 description "GE0/0/3" trusted trusted vlan 1-4094 switchport access vlan 42 ! interface gigabitethernet 0/0/4 description "GE0/0/4" trusted trusted vlan 1-4094 switchport access vlan 42 ! interface gigabitethernet 0/0/5 description "GE0/0/5" trusted trusted vlan 1-4094 switchport access vlan 42 ! interface vlan 9 ip address 10.100.9.2 255.255.255.0 ! interface vlan 1 ip address 172.16.0.254 255.255.255.0 shutdown ! interface vlan 42 ip address 10.100.42.4 255.255.254.0 shutdown ! ip default-gateway 10.100.9.1 2 ip route 10.0.0.0 255.0.0.0 10.100.42.1 2 uplink disable crypto isakmp policy 10001 ! crypto isakmp policy 10002 encryption aes256 authentication rsa-sig ! crypto isakmp policy 10003 encryption aes256 ! crypto isakmp policy 10004 version v2 encryption aes256 authentication rsa-sig ! crypto isakmp policy 10005 encryption aes256 ! crypto isakmp policy 10006 version v2 encryption aes128 authentication rsa-sig ! crypto isakmp policy 10007 version v2 encryption aes128 ! crypto isakmp policy 10008 version v2 encryption aes128 hash sha2-256-128 group 19 authentication ecdsa-256 prf prf-hmac-sha256 ! crypto isakmp policy 10009 version v2 encryption aes256 hash sha2-384-192 group 20 authentication ecdsa-384 prf prf-hmac-sha384 ! crypto ipsec transform-set default-ha-transform esp-3des esp-sha-hmac crypto ipsec transform-set default-boc-bm-transform esp-3des esp-sha-hmac crypto ipsec transform-set default-rap-transform esp-aes256 esp-sha-hmac crypto dynamic-map default-rap-ipsecmap 10001 version v2 set transform-set "default-gcm256" "default-gcm128" "default-rap-transform" ! crypto map GLOBAL-IKEV2-MAP 10000 ipsec-isakmp dynamic default-rap-ipsecmap crypto map GLOBAL-MAP 10000 ipsec-isakmp dynamic default-dynamicmap crypto isakmp eap-passthrough eap-tls crypto isakmp eap-passthrough eap-peap crypto isakmp eap-passthrough eap-mschapv2 vpdn group l2tp ! ip dhcp pool iett_wifi_pool default-router 10.100.9.1 dns-server 10.100.2.60 10.100.2.61 domain-name iett.yerel lease 7 0 0 0 network 10.100.9.0 255.255.255.0 authoritative ! service dhcp ! vpdn group pptp ! tunneled-node-address 0.0.0.0 adp discovery enable adp igmp-join enable adp igmp-vlan 0 ap ap-blacklist-time 3600 ap flush-r1-on-new-r0 disable no ssh mgmt-auth public-key ssh mgmt-auth username/password mgmt-user admin root d83ce6a70130556330225a1db9411aea01b5dadd7a1b512b1e ntp server 10.100.2.13 no database synchronize ip mobile domain default ! ! ! airgroup mdns "enable" ! airgroup dlna "enable" ! airgroup location-discovery "enable" ! ! airgroup active-wireless-discovery "disable" ! airgroupservice "airplay" id "_airplay._tcp" id "_raop._tcp" id "_appletv-v2._tcp" description "AirPlay" ! airgroupservice "airprint" id "_ipp._tcp" id "_pdl-datastream._tcp" id "_printer._tcp" id "_scanner._tcp" id "_universal._sub._ipp._tcp" id "_universal._sub._ipps._tcp" id "_printer._sub._http._tcp" id "_http._tcp" id "_http-alt._tcp" id "_ipp-tls._tcp" id "_fax-ipp._tcp" id "_riousbprint._tcp" id "_cups._sub._ipp._tcp" id "_cups._sub._fax-ipp._tcp" id "_ica-networking._tcp" id "_ptp._tcp" id "_canon-bjnp1._tcp" id "_ipps._tcp" id "_ica-networking2._tcp" description "AirPrint" ! airgroupservice "itunes" id "_home-sharing._tcp" id "_apple-mobdev._tcp" id "_daap._tcp" id "_dacp._tcp" description "iTunes" ! airgroupservice "remotemgmt" id "_ssh._tcp" id "_sftp-ssh._tcp" id "_ftp._tcp" id "_telnet._tcp" id "_rfb._tcp" id "_net-assistant._tcp" description "Remote management" ! airgroupservice "sharing" id "_odisk._tcp" id "_afpovertcp._tcp" id "_xgrid._tcp" description "Sharing" ! airgroupservice "chat" id "_presence._tcp" description "Chat" ! airgroupservice "googlecast" id "_googlecast._tcp" description "GoogleCast supported by Chromecast etc" ! airgroupservice "DIAL" id "urn:dial-multiscreen-org:service:dial:1" id "urn:dial-multiscreen-org:device:dial:1" description "DIAL supported by Chromecast, FireTV, Roku etc" ! airgroupservice "DLNA Media" id "urn:schemas-upnp-org:device:MediaServer:1" id "urn:schemas-upnp-org:device:MediaServer:2" id "urn:schemas-upnp-org:device:MediaServer:3" id "urn:schemas-upnp-org:device:MediaServer:4" id "urn:schemas-upnp-org:device:MediaRenderer:1" id "urn:schemas-upnp-org:device:MediaRenderer:2" id "urn:schemas-upnp-org:device:MediaRenderer:3" id "urn:schemas-upnp-org:device:MediaPlayer:1" description "Media" ! airgroupservice "DLNA Print" id "urn:schemas-upnp-org:device:Printer:1" id "urn:schemas-upnp-org:service:PrintBasic:1" id "urn:schemas-upnp-org:service:PrintEnhanced:1" description "Print" ! airgroupservice "allowall" description "Remaining-Services" ! airgroup service "airplay" enable ! airgroup service "airprint" enable ! airgroup service "itunes" disable ! airgroup service "remotemgmt" disable ! airgroup service "sharing" disable ! airgroup service "chat" disable ! airgroup service "googlecast" disable ! airgroup service "DIAL" enable ! airgroup service "DLNA Media" disable ! airgroup service "DLNA Print" disable ! airgroup service "allowall" disable ! ip igmp ! ipv6 mld ! no firewall attack-rate cp 1024 firewall enable ICE-STUN based firewall traversal firewall attack-rate grat-arp 50 drop ipv6 firewall ext-hdr-parse-len 100 ! ! firewall cp ! ip domain lookup ! country TR aaa authentication mac "default" ! aaa authentication dot1x "default" ! aaa authentication dot1x "dot1x_prof-rsu63" ! aaa authentication dot1x "dot1x_prof-tbr91" ! aaa authentication dot1x "dot1x_prof-tek27" ! aaa authentication dot1x "iett_dot1x" ! aaa authentication-server radius "iett_nps" host "10.100.2.80" key 50640e7e7966a53dda1feee12c3aea11917ec9c8f76259de108813d63d4015171679d48281a78ab3e2d4ade171efead1280620d22da83e81049515fd5759daca ! aaa server-group "default" auth-server Internal set role condition role value-of ! aaa server-group "IETT_C_srvgrp-zzg07" auth-server iett_nps ! aaa server-group "iett_kullanici_c_srvgrp-xfx40" auth-server iett_nps ! aaa profile "aaa_prof-zfb82" ! aaa profile "default" ! aaa profile "IETT_C-aaa_prof" authentication-dot1x "dot1x_prof-tek27" dot1x-server-group "IETT_C_srvgrp-zzg07" ! aaa profile "iett_kullanici_c-aaa_prof" authentication-dot1x "iett_dot1x" dot1x-server-group "iett_kullanici_c_srvgrp-xfx40" ! aaa profile "iett_misafir_c-aaa_prof" initial-role "guest-logon" ! aaa profile "iett_tv_c-aaa_prof" authentication-dot1x "dot1x_prof-tbr91" ! aaa authentication captive-portal "default" ! aaa authentication captive-portal "iett_misafir_c-cp_prof" ! aaa authentication wispr "default" ! aaa authentication vpn "default" ! aaa authentication mgmt ! aaa authentication stateful-ntlm "default" ! aaa authentication stateful-kerberos "default" ! aaa authentication stateful-dot1x ! aaa authentication wired ! web-server profile ! guest-access-email ! aaa password-policy mgmt ! control-plane-security ! ids wms-general-profile ! ids wms-local-system-profile ! valid-network-oui-profile ! upgrade-profile ! license profile ! activate-service-whitelist ! file syncing profile ! ifmap cppm ! pan profile "default" ! pan active-profile ! lcd-menu ! ap system-profile "apsys_prof-hkx72" ! ap system-profile "apsys_prof-izh69" ! ap system-profile "apsys_prof-jnx12" ! ap system-profile "apsys_prof-ucr71" ! ap system-profile "default" ! ap regulatory-domain-profile "default" country-code TR valid-11g-channel 1 valid-11g-channel 6 valid-11g-channel 11 valid-11a-channel 36 valid-11a-channel 40 valid-11a-channel 44 valid-11a-channel 48 valid-11a-channel 52 valid-11a-channel 56 valid-11a-channel 60 valid-11a-channel 64 valid-11a-channel 100 valid-11a-channel 104 valid-11a-channel 108 valid-11a-channel 112 valid-11a-channel 116 valid-11a-channel 120 valid-11a-channel 124 valid-11a-channel 128 valid-11a-channel 132 valid-11a-channel 136 valid-11a-channel 140 valid-11g-40mhz-channel-pair 1-5 valid-11g-40mhz-channel-pair 7-11 valid-11a-40mhz-channel-pair 36-40 valid-11a-40mhz-channel-pair 44-48 valid-11a-40mhz-channel-pair 52-56 valid-11a-40mhz-channel-pair 60-64 valid-11a-40mhz-channel-pair 100-104 valid-11a-40mhz-channel-pair 108-112 valid-11a-40mhz-channel-pair 116-120 valid-11a-40mhz-channel-pair 124-128 valid-11a-40mhz-channel-pair 132-136 valid-11a-80mhz-channel-group 36-48 valid-11a-80mhz-channel-group 52-64 valid-11a-80mhz-channel-group 100-112 valid-11a-80mhz-channel-group 116-128 ! ap wired-ap-profile "default" ! ap wired-ap-profile "wap_prof-fer21" wired-ap-enable ! ap enet-link-profile "default" ! ap enet-link-profile "elink_prof-jzu20" ! ap mesh-ht-ssid-profile "default" ! ap lldp med-network-policy-profile "default" ! ap mesh-cluster-profile "default" ! ap lldp profile "default" ! ap mesh-radio-profile "default" ! ap wired-port-profile "default" ! ap wired-port-profile "wport_prof-mwn32" wired-ap-profile "wap_prof-fer21" enet-link-profile "elink_prof-jzu20" aaa-profile "aaa_prof-zfb82" ! ids general-profile "default" ! ids unauthorized-device-profile "default" ! ids profile "default" ! rf arm-profile "default" ! rf optimization-profile "default" ! rf event-thresholds-profile "default" ! rf am-scan-profile "default" ! rf dot11a-radio-profile "default" ! rf dot11g-radio-profile "default" ! wlan handover-trigger-profile "default" ! wlan rrm-ie-profile "default" ! wlan bcn-rpt-req-profile "default" ! wlan dot11r-profile "default" ! wlan tsm-req-profile "default" ! wlan ht-ssid-profile "default" ! wlan ht-ssid-profile "iett_kullanici_c-htssid_prof" ! wlan ht-ssid-profile "iett_misafir_c-htssid_prof" ! wlan ht-ssid-profile "iett_tv_c-htssid_prof" ! wlan hotspot anqp-venue-name-profile "default" ! wlan hotspot anqp-nwk-auth-profile "default" ! wlan hotspot anqp-roam-cons-profile "default" ! wlan hotspot anqp-nai-realm-profile "default" ! wlan hotspot anqp-3gpp-nwk-profile "default" ! wlan hotspot h2qp-operator-friendly-name-profile "default" ! wlan hotspot h2qp-wan-metrics-profile "default" ! wlan hotspot h2qp-conn-capability-profile "default" ! wlan hotspot h2qp-op-cl-profile "default" ! wlan hotspot anqp-ip-addr-avail-profile "default" ! wlan hotspot anqp-domain-name-profile "default" ! wlan dot11k-profile "default" ! wlan ssid-profile "default" ! wlan ssid-profile "iett_kullanici_c-ssid_prof" essid "iett_kullanici_c" opmode wpa2-aes ht-ssid-profile "iett_kullanici_c-htssid_prof" ! wlan ssid-profile "iett_misafir_c-ssid_prof" essid "iett_misafir_c" ht-ssid-profile "iett_misafir_c-htssid_prof" ! wlan ssid-profile "iett_tv_c-ssid_prof" essid "iett_tv_c" opmode wpa2-psk-aes wpa-passphrase a51719efa3b1b8d698b13c18819969543ace06d3f58d90af ht-ssid-profile "iett_tv_c-htssid_prof" ! wlan hotspot advertisement-profile "default" ! wlan hotspot hs2-profile "default" ! wlan virtual-ap "default" ! wlan virtual-ap "iett_kullanici_c-vap_prof" aaa-profile "iett_kullanici_c-aaa_prof" ssid-profile "iett_kullanici_c-ssid_prof" vlan 36-37 ! wlan virtual-ap "iett_misafir_c-vap_prof" aaa-profile "iett_misafir_c-aaa_prof" ssid-profile "iett_misafir_c-ssid_prof" vlan 35 ! wlan virtual-ap "iett_tv_c-vap_prof" aaa-profile "iett_tv_c-aaa_prof" ssid-profile "iett_tv_c-ssid_prof" vlan 37 ! ap provisioning-profile "default" ! rf arm-rf-domain-profile arm-rf-domain-key "3bec39d11350c4a21a0279a01fa32e76" ! ap-lacp-striping-ip ! ap-group "default" ! ap-group "IETT_C" virtual-ap "iett_kullanici_c-vap_prof" ap-system-profile "apsys_prof-izh69" ! ap-group "IETT_TV_GROUP" virtual-ap "iett_tv_c-vap_prof" ap-system-profile "apsys_prof-ucr71" ! ap-group "IETT_WIFI_GROUP" virtual-ap "iett_kullanici_c-vap_prof" virtual-ap "iett_misafir_c-vap_prof" enet1-port-profile "wport_prof-mwn32" ap-system-profile "apsys_prof-jnx12" ! ap-group "New-Group" ap-system-profile "apsys_prof-hkx72" ! airgroup cppm-server aaa ! logging level debugging system process cfgm snmp-server enable trap snmp-server trap source 0.0.0.0 snmp-server trap disable wlsxAdhocNetwork snmp-server trap disable wlsxAdhocNetworkBridgeDetectedAP snmp-server trap disable wlsxAdhocNetworkBridgeDetectedSta snmp-server trap disable wlsxAdhocUsingValidSSID snmp-server trap disable wlsxAuthMaxAclEntries snmp-server trap disable wlsxAuthMaxBWContracts snmp-server trap disable wlsxAuthMaxUserEntries snmp-server trap disable wlsxAuthServerIsUp snmp-server trap disable wlsxAuthServerReqTimedOut snmp-server trap disable wlsxAuthServerTimedOut snmp-server trap disable wlsxChannelChanged snmp-server trap disable wlsxCoverageHoleDetected snmp-server trap disable wlsxDBCommunicationFailure snmp-server trap disable wlsxDisconnectStationAttack snmp-server trap disable wlsxESIServerDown snmp-server trap disable wlsxESIServerUp snmp-server trap disable wlsxFanFailure snmp-server trap disable wlsxFanTrayInserted snmp-server trap disable wlsxFanTrayRemoved snmp-server trap disable wlsxGBICInserted snmp-server trap disable wlsxIpSpoofingDetected snmp-server trap disable wlsxLCInserted snmp-server trap disable wlsxLCRemoved snmp-server trap disable wlsxLicenseExpiry snmp-server trap disable wlsxLowMemory snmp-server trap disable wlsxLowOnFlashSpace snmp-server trap disable wlsxOutOfRangeTemperature snmp-server trap disable wlsxOutOfRangeVoltage snmp-server trap disable wlsxPowerSupplyFailure snmp-server trap disable wlsxPowerSupplyMissing snmp-server trap disable wlsxProcessDied snmp-server trap disable wlsxProcessExceedsMemoryLimits snmp-server trap disable wlsxSCInserted snmp-server trap disable wlsxSignatureMatch snmp-server trap disable wlsxStaUnAssociatedFromUnsecureAP snmp-server trap disable wlsxStationAddedToBlackList snmp-server trap disable wlsxStationRemovedFromBlackList snmp-server trap disable wlsxSwitchIPChanged snmp-server trap disable wlsxSwitchRoleChange snmp-server trap disable wlsxUserAuthenticationFailed snmp-server trap disable wlsxUserEntryAuthenticated snmp-server trap disable wlsxUserEntryChanged snmp-server trap disable wlsxUserEntryCreated snmp-server trap disable wlsxUserEntryDeAuthenticated snmp-server trap disable wlsxUserEntryDeleted snmp-server trap disable wlsxVrrpStateChange process monitor log end (Aruba7210) (config) #