IP SUBNETZERO IP DOMAIN NAME HIMGLOCAL ! ! AAA

ip subnet-zero

ip domain name himg.local

aaa new-model

aaa group server radius rad_eap

server 172.17.2.2 auth-port 1645 acct-port 1646

server 172.17.2.60 auth-port 1645 acct-port 1646

aaa group server radius rad_mac

aaa group server radius rad_acct

aaa group server radius rad_admin

aaa group server tacacs+ tac_admin

aaa group server radius rad_pmip

aaa group server radius dummy

aaa authentication login default group rad_eap local

aaa authentication login eap_methods group rad_eap local

aaa authentication login mac_methods local

aaa authorization exec default group rad_eap local

aaa accounting network acct_methods start-stop group rad_acct

aaa session-id common

dot11 activity-timeout unknown default 1800

dot11 activity-timeout client default 1800

dot11 activity-timeout repeater default 1800

dot11 activity-timeout workgroup-bridge default 1800

dot11 activity-timeout bridge default 1800

dot11 vlan-name Management vlan 21

dot11 vlan-name Scott_Ortho vlan 47

dot11 vlan-name Wireless_EAP vlan 20

dot11 vlan-name Wireless_Guest vlan 40

dot11 ssid HRMC-GUEST

vlan 40

authentication open

dot11 ssid HRMC-INTERNAL

vlan 20

authentication open eap eap_methods

authentication key-management wpa

dot11 ssid SCOTT-ORTHO

vlan 47

authentication open

authentication key-management wpa

wpa-psk hex 7 7053E32A4B790F32AC5942A807C5CB76B4E49FB38C8D2C930056605C566F3A94E1

power inline negotiation prestandard source

bridge irb

interface Dot11Radio0

no ip address

no ip route-cache

encryption key 1 size 128bit 7 EF8D210E4948321A0A049773C8A1 transmit-key

encryption mode wep mandatory

encryption vlan 20 mode ciphers aes-ccm

encryption vlan 40 key 1 size 128bit 7 AE2A406C5355425F49747E6D9950 transmit-key

encryption vlan 40 mode wep mandatory

encryption vlan 47 mode ciphers aes-ccm tkip

ssid HRMC-GUEST

ssid HRMC-INTERNAL

ssid SCOTT-ORTHO

short-slot-time

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

channel 2422

station-role root

interface Dot11Radio0.20

encapsulation dot1Q 20

no ip route-cache

bridge-group 20

bridge-group 20 subscriber-loop-control

bridge-group 20 block-unknown-source

no bridge-group 20 source-learning

no bridge-group 20 unicast-flooding

bridge-group 20 spanning-disabled

interface Dot11Radio0.21

encapsulation dot1Q 21 native

no ip route-cache

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

interface Dot11Radio0.40

encapsulation dot1Q 40

no ip route-cache

bridge-group 40

bridge-group 40 subscriber-loop-control

bridge-group 40 block-unknown-source

no bridge-group 40 source-learning

no bridge-group 40 unicast-flooding

bridge-group 40 spanning-disabled

interface Dot11Radio0.47

encapsulation dot1Q 47

no ip route-cache

bridge-group 47

bridge-group 47 subscriber-loop-control

bridge-group 47 block-unknown-source

no bridge-group 47 source-learning

no bridge-group 47 unicast-flooding

bridge-group 47 spanning-disabled

interface Dot11Radio1

no ip address

no ip route-cache

shutdown

speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0

station-role root

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

interface FastEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

interface FastEthernet0.20

encapsulation dot1Q 20

no ip route-cache

bridge-group 20

no bridge-group 20 source-learning

bridge-group 20 spanning-disabled

interface FastEthernet0.21

encapsulation dot1Q 21 native

no ip route-cache

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled

interface FastEthernet0.40

encapsulation dot1Q 40

no ip route-cache

bridge-group 40

no bridge-group 40 source-learning

bridge-group 40 spanning-disabled

interface FastEthernet0.47

encapsulation dot1Q 47

no ip route-cache

bridge-group 47

no bridge-group 47 source-learning

bridge-group 47 spanning-disabled

interface BVI1

ip address 172.21.0.46 255.255.0.0

no ip route-cache

ip default-gateway 172.21.0.1

ip http server

ip http authentication aaa

no ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

ip radius source-interface BVI1

logging snmp-trap emergencies

logging snmp-trap alerts

logging snmp-trap critical

logging snmp-trap errors

logging snmp-trap warnings

radius-server attribute 32 include-in-access-req format %h

radius-server host 172.17.2.2 auth-port 1645 acct-port 1646 key 7 142430283F167E2F753D66

radius-server host 172.17.2.60 auth-port 1645 acct-port 1646 key 7 0037312537495F025E3419

radius-server vsa send accounting

control-plane

bridge 1 route ip

line con 0

access-class 111 in

transport preferred all

transport output all

line vty 0 4

access-class 111 in

transport preferred all

transport input all

transport output all

line vty 5 15

access-class 111 in

transport preferred all

transport input all

transport output all

sntp server 198.82.1.201

end

Tags: domain name, domain, himglocal, subnetzero