here is show run and show rights
ssid is open , cellphone auth Wechat,
(HSIA_ArubaLocal03) #show run
Building Configuration...
version 6.4
enable secret "******"
hostname "HSIA_ArubaLocal03"
clock timezone GMT 8
masterip 172.25.0.1 ipsec ****** interface vlan 25
location "Building1.floor1"
controller config 6
ip NAT pool dynamic-srcnat 0.0.0.0 0.0.0.0
ip access-list eth validuserethacl
permit any
!
netservice svc-ipp-tcp tcp 631
netservice svc-dhcp udp 67 68 alg dhcp
netservice svc-citrix tcp 2598
netservice svc-pcoip-udp udp 50002
netservice svc-tftp udp 69 alg tftp
netservice svc-netbios-ssn tcp 139
netservice svc-papi udp 8211
netservice svc-natt udp 4500
netservice svc-ica tcp 1494
netservice svc-msrpc-udp udp 135 139
netservice svc-smtp tcp 25
netservice svc-microsoft-ds tcp 445
netservice svc-msrpc-tcp tcp 135 139
netservice svc-lpd tcp 515
netservice svc-syslog udp 514
netservice svc-http-proxy2 tcp 8080
netservice svc-cfgm-tcp tcp 8211
netservice vnc tcp 5900 5905
netservice svc-bootp udp 67 69
netservice svc-h323-udp udp 1718 1719
netservice svc-web tcp list "80 443"
netservice svc-telnet tcp 23
netservice svc-sccp tcp 2000 alg sccp
netservice svc-http tcp 80
netservice svc-vmware-rdp tcp 3389
netservice svc-ipp-udp udp 631
netservice svc-esp 50
netservice svc-noe-oxo udp 5000 alg noe
netservice svc-vocera udp 5002 alg vocera
netservice svc-http-proxy1 tcp 3128
netservice svc-sec-papi udp 8209
netservice svc-gre 47
netservice svc-rtsp tcp 554 alg rtsp
netservice svc-l2tp udp 1701
netservice svc-snmp udp 161
netservice svc-svp 119 alg svp
netservice svc-sip-tcp tcp 5060
netservice svc-pptp tcp 1723
netservice svc-icmp 1
netservice svc-smb-tcp tcp 445
netservice svc-v6-icmp 58
netservice svc-ssh tcp 22
netservice svc-pcoip2-tcp tcp 4172
netservice svc-ntp udp 123
netservice svc-h323-tcp tcp 1720
netservice svc-pop3 tcp 110
netservice svc-netbios-ns udp 137
netservice svc-adp udp 8200
netservice svc-v6-dhcp udp 546
netservice svc-dns udp 53 alg dns
netservice svc-sip-udp udp 5060
netservice svc-http-proxy3 tcp 8888
netservice svc-kerberos udp 88
netservice svc-netbios-dgm udp 138
netservice svc-sips tcp 5061 alg sips
netservice svc-pcoip2-udp udp 4172
netservice svc-nterm tcp 1026 1028
netservice svc-noe udp 32512 alg noe
netservice svc-pcoip-tcp tcp 50002
netservice svc-ike udp 500
netservice svc-snmp-trap udp 162
netservice svc-smb-udp udp 445
netservice svc-ftp tcp 21 alg ftp
netservice svc-https tcp 443
netexthdr default
!
ip access-list session svp-acl
!
ip access-list session apprf-stateful-dot1x-sacl
!
ip access-list session logon-control
!
ip access-list session ap-uplink-acl
!
ip access-list session v6-logon-control
!
ip access-list session http-acl
!
ip access-list session v6-http-acl
!
ip access-list session icmp-acl
!
ip access-list session vocera-acl
!
ip access-list session tftp-acl
!
ip access-list session citrix-acl
!
ip access-list session sip-acl
!
ip access-list session vmware-acl
!
ip access-list session srcnat
!
ip access-list session ra-guard
!
ip access-list session global-sacl
!
ip access-list session v6-dhcp-acl
!
ip access-list session cplogout
!
ip access-list session vpnlogon
!
ip access-list session v6-control
!
ip access-list session allow-diskservices
!
ip access-list session apprf-guest-sacl
!
ip access-list session v6-ap-acl
!
ip access-list session v6-allowall
!
ip access-list session v6-icmp-acl
!
ip access-list session validuser
network 127.0.0.0 255.0.0.0 any any deny
network 169.254.0.0 255.255.0.0 any any deny
network 224.0.0.0 240.0.0.0 any any deny
host 255.255.255.255 any any deny
network 240.0.0.0 240.0.0.0 any any deny
any any any permit
ipv6 host fe80:: any any deny
ipv6 network fc00::/7 any any permit
ipv6 network fe80::/64 any any permit
ipv6 alias ipv6-reserved-range any any deny
ipv6 any any any permit
!
ip access-list session skype4b-acl
!
ip access-list session v6-dns-acl
!
ip access-list session captiveportal
!
ip access-list session h323-acl
!
ip access-list session dhcp-acl
!
ip access-list session allowall
!
ip access-list session v6-https-acl
!
ip access-list session allow-printservices
!
ip access-list session skinny-acl
!
ip access-list session https-acl
!
ip access-list session ap-acl
!
ip access-list session captiveportal6
!
ip access-list session control
!
ip access-list session noe-acl
!
ip access-list session dns-acl
!
vpn-dialer default-dialer
ike authentication PRE-SHARE ******
!
user-role ap-role
!
user-role stateful-dot1x
access-list session global-sacl
access-list session apprf-stateful-dot1x-sacl
!
user-role cp-preview
captive-portal "cp-preview"
!
user-role guest-logon
!
user-role logon
!
user-role cpbase
!
user-role Office-cp_prof
captive-portal "Office-cp_prof"
!
user-role denyall
!
user-role guest
access-list session global-sacl
access-list session apprf-guest-sacl
!
user-role default
captive-portal "default"
!
user-role default-iap-user-role
access-list session allowall
!
!
controller-ip vlan 25
no kernel coredump
interface mgmt
shutdown
!
dialer group evdo_us
init-string ATQ0V1E0
dial-string ATDT#777
!
dialer group gsm_us
init-string AT+CGDCONT=1,"IP","ISP.CINGULAR"
dial-string ATD*99#
!
dialer group gsm_asia
init-string AT+CGDCONT=1,"IP","internet"
dial-string ATD*99***1#
!
dialer group vivo_br
init-string AT+CGDCONT=1,"IP","zap.vivo.com.br"
dial-string ATD*99#
!
vlan 3
vlan 25
vlan 26
vlan 525
vlan 526
interface gigabitethernet 0/0/0
description "GE0/0/0"
trusted
trusted vlan 1-4094
switchport mode trunk
!
interface gigabitethernet 0/0/1
description "GE0/0/1"
trusted
trusted vlan 1-4094
switchport mode trunk
!
interface gigabitethernet 0/0/2
description "GE0/0/2"
trusted
trusted vlan 1-4094
switchport mode trunk
!
interface gigabitethernet 0/0/3
description "GE0/0/3"
trusted
trusted vlan 1-4094
switchport mode trunk
!
interface gigabitethernet 0/0/4
description "GE0/0/4"
trusted
trusted vlan 1-4094
switchport mode trunk
!
interface gigabitethernet 0/0/5
description "GE0/0/5"
trusted
trusted vlan 1-4094
switchport mode trunk
!
interface vlan 25
ip address 172.25.0.4 255.255.255.0
!
interface vlan 1
shutdown
!
interface vlan 3
ip address 172.31.14.15 255.255.255.0
!
interface vlan 26
ip address 172.26.0.4 255.255.255.0
!
!
!
no uplink wired vlan 1
uplink disable
ip nexthop-list pan-gp-ipsec-map-list
!
crypto isakmp policy 20
encryption aes256
!
crypto isakmp policy 10001
!
crypto isakmp policy 10002
encryption aes256
authentication rsa-sig
!
crypto isakmp policy 10003
encryption aes256
!
crypto isakmp policy 10004
version v2
encryption aes256
authentication rsa-sig
!
crypto isakmp policy 10005
encryption aes256
!
crypto isakmp policy 10006
version v2
encryption aes128
authentication rsa-sig
!
crypto isakmp policy 10007
version v2
encryption aes128
!
crypto isakmp policy 10008
version v2
encryption aes128
hash sha2-256-128
group 19
authentication ecdsa-256
prf prf-hmac-sha256
!
crypto isakmp policy 10009
version v2
encryption aes256
hash sha2-384-192
group 20
authentication ecdsa-384
prf prf-hmac-sha384
!
crypto isakmp policy 10012
version v2
encryption aes256
authentication rsa-sig
!
crypto isakmp policy 10013
encryption aes256
!
crypto ipsec transform-set default-ha-transform esp-3des esp-sha-hmac
crypto ipsec transform-set default-boc-bm-transform esp-aes256 esp-sha-hmac
crypto ipsec transform-set default-1st-ikev2-transform esp-aes256 esp-sha-hmac
crypto ipsec transform-set default-3rd-ikev2-transform esp-aes128 esp-sha-hmac
crypto ipsec transform-set default-rap-transform esp-aes256 esp-sha-hmac
crypto ipsec transform-set default-aes esp-aes256 esp-sha-hmac
crypto dynamic-map default-rap-ipsecmap 10001
version v2
set transform-set "default-gcm256" "default-gcm128" "default-rap-transform"
!
crypto dynamic-map default-dynamicmap 10000
set transform-set "default-transform" "default-aes"
!
crypto map GLOBAL-IKEV2-MAP 10000 ipsec-isakmp dynamic default-rap-ipsecmap
crypto map GLOBAL-MAP 10000 ipsec-isakmp dynamic default-dynamicmap
crypto isakmp eap-passthrough eap-tls
crypto isakmp eap-passthrough eap-peap
crypto isakmp eap-passthrough eap-mschapv2
vpdn group l2tp
!
!
vpdn group pptp
!
tunneled-node-address 0.0.0.0
ap-crash-transfer
adp discovery enable
adp igmp-join enable
adp igmp-vlan 0
ap ap-blacklist-time 3600
ap flush-r1-on-new-r0 disable
amon msg-buffer-size 32768
stm mon-update-queue 133632
ssh mgmt-auth public-key
ssh mgmt-auth username/password
mgmt-user TSHY root 55da1951012103dc0bf71da3fb2b5422e460192147feaee10f
mgmt-user admin root 6673ea9901e453b06c81e16c4aadc2e9d7c22f6d96a0202ead
no database synchronize
ip mobile domain default
!
!
!
airgroup mdns "enable"
!
airgroup dlna "enable"
!
airgroup location-discovery "enable"
!
!
airgroup active-wireless-discovery "disable"
!
airgroupservice "airplay"
id "_airplay._tcp"
id "_raop._tcp"
id "_appletv-v2._tcp"
description "AirPlay"
!
airgroupservice "airprint"
id "_ipp._tcp"
id "_pdl-datastream._tcp"
id "_printer._tcp"
id "_scanner._tcp"
id "_http._tcp"
id "_http-alt._tcp"
id "_ipp-tls._tcp"
id "_fax-ipp._tcp"
id "_riousbprint._tcp"
id "_ica-networking._tcp"
id "_ptp._tcp"
id "_canon-bjnp1._tcp"
id "_ipps._tcp"
id "_ica-networking2._tcp"
description "AirPrint"
!
airgroupservice "itunes"
id "_home-sharing._tcp"
id "_apple-mobdev._tcp"
id "_daap._tcp"
id "_dacp._tcp"
description "iTunes"
!
airgroupservice "remotemgmt"
id "_ssh._tcp"
id "_sftp-ssh._tcp"
id "_ftp._tcp"
id "_telnet._tcp"
id "_rfb._tcp"
id "_net-assistant._tcp"
description "Remote management"
!
airgroupservice "sharing"
id "_odisk._tcp"
id "_afpovertcp._tcp"
id "_xgrid._tcp"
description "Sharing"
!
airgroupservice "chat"
id "_presence._tcp"
description "Chat"
!
airgroupservice "googlecast"
id "_googlecast._tcp"
description "GoogleCast supported by Chromecast etc"
!
airgroupservice "AmazonTV"
id "_amzn-wplay._tcp"
description "Amazon fire tv"
!
airgroupservice "DIAL"
id "urn:dial-multiscreen-org:service:dial:1"
id "urn:dial-multiscreen-org:device:dial:1"
description "DIAL supported by Chromecast, FireTV, Roku etc"
!
airgroupservice "DLNA Media"
id "urn:schemas-upnp-org:device:MediaServer:1"
id "urn:schemas-upnp-org:device:MediaServer:2"
id "urn:schemas-upnp-org:device:MediaServer:3"
id "urn:schemas-upnp-org:device:MediaServer:4"
id "urn:schemas-upnp-org:device:MediaRenderer:1"
id "urn:schemas-upnp-org:device:MediaRenderer:2"
id "urn:schemas-upnp-org:device:MediaRenderer:3"
id "urn:schemas-upnp-org:device:MediaPlayer:1"
description "Media"
!
airgroupservice "DLNA Print"
id "urn:schemas-upnp-org:device:Printer:1"
id "urn:schemas-upnp-org:service:PrintBasic:1"
id "urn:schemas-upnp-org:service:PrintEnhanced:1"
description "Print"
!
airgroupservice "allowall"
description "Remaining-Services"
!
airgroup service "airplay" enable
!
airgroup service "airprint" enable
!
airgroup service "itunes" disable
!
airgroup service "remotemgmt" disable
!
airgroup service "sharing" disable
!
airgroup service "chat" disable
!
airgroup service "googlecast" enable
!
airgroup service "AmazonTV" enable
!
airgroup service "DIAL" enable
!
airgroup service "DLNA Media" enable
!
airgroup service "DLNA Print" enable
!
airgroup service "allowall" disable
!
ip igmp
!
ipv6 mld
!
firewall attack-rate grat-arp 50 drop
ipv6 firewall ext-hdr-parse-len 100
!
!
firewall cp
!
ip domain lookup
!
country CN
aaa authentication mac "default"
!
aaa authentication dot1x "default"
!
aaa server-group "default"
auth-server Internal
set role condition role value-of
!
aaa profile "default"
user-idle-timeout 900
!
aaa authentication captive-portal "cp-preview"
!
aaa authentication captive-portal "default"
!
aaa authentication captive-portal "Office-cp_prof"
!
aaa authentication wispr "default"
!
aaa authentication vpn "default"
!
aaa authentication vpn "default-rap"
!
aaa authentication mgmt
!
aaa authentication stateful-ntlm "default"
!
aaa authentication stateful-kerberos "default"
!
aaa authentication stateful-dot1x
!
aaa authentication wired
!
web-server profile
!
guest-access-email
!
aaa password-policy mgmt
!
control-plane-security
no cpsec-enable
!
ids wms-general-profile
poll-retries 3
!
ids wms-local-system-profile
!
valid-network-oui-profile
!
upgrade-profile
!
license profile
centralized-licensing-enable
!
activate-service-whitelist
!
file syncing profile
!
papi-security
!
ifmap cppm
!
pan profile "default"
!
pan-options
!
pan active-profile
!
lcd-menu
!
ap system-profile "172.31.14.12"
lms-ip 172.25.0.4
bkup-lms-ip 172.25.0.1
shell-passwd f42a1110b7492074a8900c8e2bba676994f8349104016810
bkup-passwords c855aac8841344b3095c97628f51d3fe8b34eb7b3a1d1a66
!
ap system-profile "172.31.14.13"
lms-ip 172.25.0.4
bkup-lms-ip 172.25.0.2
lms-preemption
lms-hold-down-period 300
shell-passwd 68e44e16fb6203d918d76863af47897f5bc2907e994d2f3a
bkup-passwords c59b0e591477343d4734856259d4a435cce7e77191ac58f0
!
ap system-profile "172.31.14.14"
lms-ip 172.25.0.4
bkup-lms-ip 172.25.0.3
lms-preemption
lms-hold-down-period 300
shell-passwd 4d4a3b286dce122981c9a91bf92acda71247fd38593af8ee
bkup-passwords 95e18c033396725b5d2a3d751fec45de5946b90755225fa0
!
ap system-profile "default"
shell-passwd 96e1837aa40d638f80e417e54f20ed19b07759a8249ede43
bkup-passwords 95eccd01a5949f73d21c4c4a4e0d9837d063089e4ba3bf12
!
ap regulatory-domain-profile "default"
country-code CN
valid-11g-channel 1
valid-11g-channel 2
valid-11g-channel 3
valid-11g-channel 4
valid-11g-channel 5
valid-11g-channel 6
valid-11g-channel 7
valid-11g-channel 8
valid-11g-channel 9
valid-11g-channel 10
valid-11g-channel 11
valid-11a-channel 149
valid-11a-channel 153
valid-11a-channel 157
valid-11a-channel 161
valid-11a-channel 165
valid-11g-40mhz-channel-pair 1-5
valid-11g-40mhz-channel-pair 2-6
valid-11g-40mhz-channel-pair 3-7
valid-11g-40mhz-channel-pair 4-8
valid-11g-40mhz-channel-pair 5-9
valid-11g-40mhz-channel-pair 6-10
valid-11g-40mhz-channel-pair 7-11
valid-11a-40mhz-channel-pair 149-153
valid-11a-40mhz-channel-pair 157-161
!
ap wired-ap-profile "default"
!
ap enet-link-profile "default"
!
ap mesh-ht-ssid-profile "default"
!
ap lldp med-network-policy-profile "default"
!
ap mesh-cluster-profile "default"
!
ap lldp profile "default"
!
ap mesh-radio-profile "default"
!
ap wired-port-profile "default"
!
ids general-profile "default"
!
ids unauthorized-device-profile "default"
!
ids profile "default"
!
rf arm-profile "arm-maintain"
assignment maintain
no scanning
!
rf arm-profile "arm-scan"
!
rf arm-profile "ARM-SYSM"
rogue-ap-aware
no client-match
!
rf arm-profile "default-a"
max-tx-power 18
min-tx-power 12
no client-match
!
rf arm-profile "default-g"
free-channel-index 40
no client-match
!
rf optimization-profile "default"
!
rf event-thresholds-profile "default"
!
rf am-scan-profile "default"
!
rf dot11a-radio-profile "default"
arm-profile "ARM-SYSM"
!
rf dot11a-radio-profile "rp-maintain-a"
arm-profile "arm-maintain"
!
rf dot11a-radio-profile "rp-monitor-a"
mode am-mode
!
rf dot11a-radio-profile "rp-scan-a"
arm-profile "arm-scan"
!
rf dot11g-radio-profile "default"
!
rf dot11g-radio-profile "rp-maintain-g"
arm-profile "arm-maintain"
!
rf dot11g-radio-profile "rp-monitor-g"
mode am-mode
!
rf dot11g-radio-profile "rp-scan-g"
arm-profile "arm-scan"
!
wlan handover-trigger-profile "default"
!
wlan rrm-ie-profile "default"
!
wlan bcn-rpt-req-profile "default"
!
wlan dot11r-profile "default"
!
wlan tsm-req-profile "default"
!
wlan ht-ssid-profile "default"
!
wlan hotspot anqp-venue-name-profile "default"
!
wlan hotspot anqp-nwk-auth-profile "default"
!
wlan hotspot anqp-roam-cons-profile "default"
!
wlan hotspot anqp-nai-realm-profile "default"
!
wlan hotspot anqp-3gpp-nwk-profile "default"
!
wlan hotspot h2qp-operator-friendly-name-profile "default"
!
wlan hotspot h2qp-wan-metrics-profile "default"
!
wlan hotspot h2qp-conn-capability-profile "default"
!
wlan hotspot h2qp-op-cl-profile "default"
!
wlan hotspot anqp-ip-addr-avail-profile "default"
!
wlan hotspot anqp-domain-name-profile "default"
!
wlan dot11k-profile "default"
!
wlan ssid-profile "default"
essid "HotelJen"
wmm-vo-dscp "56"
wmm-vi-dscp "40"
wmm-be-dscp "24"
wmm-bk-dscp "8"
hide-ssid
!
wlan ssid-profile "OFFICE-SSID-PF"
essid "office"
hide-ssid
!
wlan ssid-profile "SSID-Traders"
essid "Hotel Jen"
a-basic-rates 24
a-tx-rates 12 18 24 36 48 54
g-basic-rates 11 12 18 24 36 48 54
g-tx-rates 9 11 12 18 24 36 48 54
wmm-vo-dscp "56"
wmm-vi-dscp "40"
wmm-be-dscp "24"
wmm-bk-dscp "8"
!
wlan ssid-profile "test"
essid "test"
hide-ssid
!
wlan hotspot advertisement-profile "default"
!
wlan hotspot hs2-profile "default"
!
wlan virtual-ap "default"
ssid-profile "SSID-Traders"
vlan 526
!
wlan virtual-ap "VAP-OFFICE-PF"
aaa-profile "default-mac-auth"
ssid-profile "OFFICE-SSID-PF"
!
wlan virtual-ap "VAP-SYSM-GG"
ssid-profile "SSID-Traders"
vlan 526
band-steering
broadcast-filter all
deny-inter-user-traffic
dos-prevention
!
wlan virtual-ap "VAP-SYSM-KF"
ssid-profile "SSID-Traders"
vlan 525
band-steering
broadcast-filter all
deny-inter-user-traffic
dos-prevention
!
ap provisioning-profile "default"
!
rf arm-rf-domain-profile
arm-rf-domain-key "190bfd431b5e070e452deecb56e96bf2"
!
ap-lacp-striping-ip
!
ap general-profile
!
ap-group "APGroup_SYSM_GG_Local01"
virtual-ap "VAP-SYSM-GG"
virtual-ap "VAP-OFFICE-PF"
ap-system-profile "172.31.14.13"
!
ap-group "APGroup_SYSM_KF_Local01"
virtual-ap "VAP-SYSM-KF"
ap-system-profile "172.31.14.13"
!
ap-group "APGroup_SYSM_KF_Local02"
virtual-ap "VAP-SYSM-KF"
ap-system-profile "172.31.14.14"
!
ap-group "APGroup_SYSM_KF_Master01"
virtual-ap "VAP-SYSM-KF"
ap-system-profile "172.31.14.12"
!
ap-group "default"
virtual-ap "default"
!
airgroup cppm-server aaa
!
logging level debugging network
logging level debugging security
logging level warnings security subcat ids
logging level warnings security subcat ids-ap
logging level debugging user-debug 48:74:6e:18:00:48
logging level debugging user-debug fc:fc:48:d6:25:83
snmp-server enable trap
snmp-server trap source 0.0.0.0
snmp-server trap disable wlsxAdhocNetwork
snmp-server trap disable wlsxAdhocNetworkBridgeDetectedAP
snmp-server trap disable wlsxAdhocNetworkBridgeDetectedSta
snmp-server trap disable wlsxAdhocUsingValidSSID
snmp-server trap disable wlsxAuthMaxAclEntries
snmp-server trap disable wlsxAuthMaxBWContracts
snmp-server trap disable wlsxAuthMaxUserEntries
snmp-server trap disable wlsxAuthServerIsUp
snmp-server trap disable wlsxAuthServerReqTimedOut
snmp-server trap disable wlsxAuthServerTimedOut
snmp-server trap disable wlsxChannelChanged
snmp-server trap disable wlsxCoverageHoleDetected
snmp-server trap disable wlsxDBCommunicationFailure
snmp-server trap disable wlsxDisconnectStationAttack
snmp-server trap disable wlsxESIServerDown
snmp-server trap disable wlsxESIServerUp
snmp-server trap disable wlsxFanFailure
snmp-server trap disable wlsxFanTrayInserted
snmp-server trap disable wlsxFanTrayRemoved
snmp-server trap disable wlsxGBICInserted
snmp-server trap disable wlsxIpSpoofingDetected
snmp-server trap disable wlsxLCInserted
snmp-server trap disable wlsxLCRemoved
snmp-server trap disable wlsxLicenseExpiry
snmp-server trap disable wlsxLowMemory
snmp-server trap disable wlsxLowOnFlashSpace
snmp-server trap disable wlsxOutOfRangeTemperature
snmp-server trap disable wlsxOutOfRangeVoltage
snmp-server trap disable wlsxPowerSupplyFailure
snmp-server trap disable wlsxPowerSupplyMissing
snmp-server trap disable wlsxProcessDied
snmp-server trap disable wlsxProcessExceedsMemoryLimits
snmp-server trap disable wlsxSCInserted
snmp-server trap disable wlsxSignatureMatch
snmp-server trap disable wlsxStaUnAssociatedFromUnsecureAP
snmp-server trap disable wlsxStationAddedToBlackList
snmp-server trap disable wlsxStationRemovedFromBlackList
snmp-server trap disable wlsxSwitchIPChanged
snmp-server trap disable wlsxSwitchRoleChange
snmp-server trap disable wlsxUserAuthenticationFailed
snmp-server trap disable wlsxUserEntryAuthenticated
snmp-server trap disable wlsxUserEntryChanged
snmp-server trap disable wlsxUserEntryCreated
snmp-server trap disable wlsxUserEntryDeAuthenticated
snmp-server trap disable wlsxUserEntryDeleted
snmp-server trap disable wlsxVrrpStateChange
process monitor log
ip probe default
mode Ping
frequency 10
retries 3
burst-size 5
!
end
(HSIA_ArubaLocal03) #
(HSIA_ArubaLocal03) #show rights logon
Valid = 'Yes'
CleanedUp = 'No'
Derived Role = 'logon'
Up BW:No Limit Down BW:No Limit
L2TP Pool = default-l2tp-pool
PPTP Pool = default-pptp-pool
Number of users referencing it = 952
Periodic reauthentication: Disabled
DPI Classification: Enabled
Youtube education: Disabled
Web Content Classification: Enabled
ACL Number = 2/0
Max Sessions = 65535
Check CP Profile for Accounting = TRUE
Application Exception List
--------------------------
Name Type
---- ----
Application BW-Contract List
----------------------------
Name Type BW Contract Id Direction
---- ---- ----------- -- ---------
access-list List
----------------
Position Name Type Location
-------- ---- ---- --------
1 h323-acl-1 session
h323-acl-1
----------
Priority Source Destination Service Application Action TimeRange Log Expired Queue TOS 8021P Blacklist Mirror DisScan ClassifyMedia IPv4/6 Contract
-------- ------ ----------- ------- ----------- ------ --------- --- ------- ----- --- ----- --------- ------ ------- ------------- ------ --------
1 any h323-gw-218.207.198.243 h323-dyn1 permit High 4
Expired Policies (due to time constraints) = 0