Here is a copy of my config. At work we are running AP 104, 105. I have never setup an IAP before and I am not sure it is setup correctly either. Also when I look at the WebUI is says Master 192.168.1.2, the only IP I have assigned is 192.168.1.15 so I am not sure where the 1.2 is coming from
version 6.2.0.0-3.2.0
virtual-controller-country US
virtual-controller-key 49ef52b00187bc9b662fc726f2d1ff6d979533ee57e3dee689
name FBI_VAN
virtual-controller-ip 192.168.1.15
clock timezone Pacific-Time -08 00
rf-band all
allow-new-aps
allowed-ap d8:c7:c8:cd:b8:d1
arm
wide-bands 5ghz
min-tx-power 18
max-tx-power 127
band-steering-mode prefer-5ghz
air-time-fairness-mode fair-access
syslog-level warn ap-debug
syslog-level warn network
syslog-level warn security
syslog-level warn system
syslog-level warn user
syslog-level warn user-debug
syslog-level warn wireless
opendns freebird317 d7942df6784a4a7f8bd18e85cc3b1441537fc0043bb1d453
device-id 00102FA2C7E69C3F
vpn primary 192.168.1.15
vpn preemption
mgmt-user admin 5f189a5e704b0978df22a06ac7bfbb89cfa469caa6985f97
wlan access-rule default_wired_port_profile
rule any any match any any any permit
wlan access-rule Home
rule any any match any any any permit
wlan ssid-profile Home
index 0
type employee
essid Home
wpa-passphrase 5f74f90f4b5b48c72d516ebd8ab7aa671dc12e8d25085a3a
opmode wpa2-psk-aes
max-authentication-failures 0
auth-server InternalServer
rf-band all
captive-portal disable
dtim-period 1
inactivity-timeout 1000
broadcast-filter none
dmo-channel-utilization-threshold 90
local-probe-req-thresh 0
max-clients-threshold 64
enet-vlan guest
auth-survivability cache-time-out 24
wlan external-captive-portal
server localhost
port 80
url "/"
auth-text "Authenticated"
blacklist-time 3600
auth-failure-blacklist-time 3600
ids classification
ids
wireless-containment none
ip dhcp Home
server-type Local
server-vlan 1
subnet 192.168.1.0
subnet-mask 255.255.255.0
lease-time 27600
dns-server 192.168.1.1
wired-port-profile default_wired_port_profile
switchport-mode trunk
allowed-vlan all
native-vlan 1
shutdown
access-rule-name default_wired_port_profile
speed auto
duplex full
no poe
type employee
captive-portal disable
no dot1x
enet0-port-profile default_wired_port_profile
enet1-port-profile default_wired_port_profile
enet2-port-profile default_wired_port_profile
uplink
preemption
enforce none
failover-internet-pkt-lost-cnt 10
failover-internet-pkt-send-freq 30
failover-vpn-timeout 180
airgroup
disable
airgroupservice airplay
disable
description AirPlay
id _airplay._tcp
id _raop._tcp
airgroupservice airprint
disable
description AirPrint
id _ipp._tcp
id _pdl-datastream._tcp
id _printer._tcp
id _scanner._tcp
id _universal._sub._ipp._tcp
id _printer._sub._http._tcp
id _http._tcp
id _http-alt._tcp
id _ipp-tls._tcp
id _fax-ipp._tcp
id _riousbprint._tcp
id _cups._sub._ipp._tcp
id _cups._sub._fax-ipp._tcp
id _ica-networking._tcp
id _ptp._tcp
id _canon-bjnp1._tcp