# Configuration nvgen'd at 2007-5-24 21:46:28
# Image 5.0.11.2.0
# Model MX-216
# Last change occurred at 2007-5-22 15:20:53
set trace dot1x level 7
set trace radius level 2
set ip route default 45.200.1.3 1
set dot1x quiet-period 0
set system name MX-216-4D0D40
set system ip-address 45.200.1.56
set system countrycode US
set service-profile ilabs-nac-trapeze ssid-name ilabs-nac-trapeze
set service-profile ilabs-nac-trapeze wpa-ie enable
set radius server ilabs-jnpr-uac address 45.200.1.78 encrypted-key 06080635181a071806
set radius server ilabs-csco-acs address 45.200.1.71 encrypted-key 02080d4f5f5201204f
set radius server ilabs-msft-nps address 45.200.1.85 encrypted-key 1040000d51431c0a0f
set radius server ilabs-radiator address 45.200.1.72 encrypted-key 0208055805070c711b
set radius server ilabs-ide address 45.200.1.73 encrypted-key 04550a0501204f1e5e
set radius server ilabs-radproxy address 45.200.1.74 encrypted-key 151c0218507e25252b
set server group ilabs-radgrp members ilabs-radproxy
set server group ilabs-jnpr-uac-grp members ilabs-jnpr-uac
set server group ilabs-msft-nps-grp members ilabs-msft-nps
set server group ilabs-csco-acs-grp members ilabs-csco-acs
set enablepass password 8eaf7c3a153a8daa9de06c95b96692d948c7
set authentication admin * local
set authentication dot1x ssid ilabs-nac-trapeze ** pass-through ilabs-radgrp
set user guest password encrypted 070834495d1d
set user admin password encrypted 12170c03465f020529
set radio-profile default service-profile ilabs-nac-trapeze
set dap 1 serial-id 0675200885 model MP-422
set dap 1 radio 1 mode enable
set dap 1 radio 2 mode enable
set dap 2 serial-id 0675200876 model MP-422
set dap 2 radio 1 mode enable
set dap 2 radio 2 mode enable
set ip https server enable
set port poe 8 enable
set port poe 16 enable
set vlan 11 name corporate
set vlan 11 port 19 tag 11
set vlan 12 name guest
set vlan 12 port 19 tag 12
set vlan 13 name quarantine
set vlan 13 port 19 tag 13
set vlan 14 name phone
set vlan 14 port 19 tag 14
set vlan 15 name registration
set vlan 15 port 19 tag 15
set vlan 16 name resources
set vlan 16 port 19 tag 16
set vlan 1000 name management
set vlan 1000 port 19 tag 1000
set vlan 1000 port 8
set vlan 1000 port 16
set vlan 18 name lockdown
set vlan 18 port 19 tag 18
set vlan 17 name registration2
set vlan 17 port 19 tag 17
set interface 15 ip 45.200.15.56 255.255.255.0
set interface 1000 ip 45.200.1.56 255.255.255.0 set rfdetect log disable
set security acl ip portalacl permit udp 0.0.0.0 255.255.255.255 eq 68 0.0.0.0 255.255.255.255 eq 67
set security acl ip portalacl permit ip 0.0.0.0 255.255.255.255 45.200.1.78 0.0.0.0
set security acl ip portalacl permit ip 0.0.0.0 255.255.255.255 45.200.3.19 0.0.0.0
set security acl ip portalacl deny 0.0.0.0 255.255.255.255 capture commit security acl portalacl
set security acl ip guestacl permit udp 0.0.0.0 255.255.255.255 45.200.1.2 255.255.255.255 eq 53
set security acl ip guestacl permit udp 45.200.1.2 255.255.255.255 eq 53 0.0.0.0 255.255.255.255
set security acl ip guestacl permit ip 0.0.0.0 255.255.255.255 45.200.12.0 0.0.0.255
set security acl ip guestacl permit ip 0.0.0.0 255.255.255.255 45.200.4.0 0.0.0.255
set security acl ip guestacl deny ip 0.0.0.0 255.255.255.255 45.200.0.0 0.0.255.255
set security acl ip guestacl permit 0.0.0.0 255.255.255.255 commit security acl guestacl
set security acl ip remediationacl permit udp 0.0.0.0 255.255.255.255 45.200.1.2 255.255.255.255 eq 53
set security acl ip remediationacl permit udp 45.200.1.2 255.255.255.255 eq 53 0.0.0.0 255.255.255.255
set security acl ip remediationacl permit ip 0.0.0.0 255.255.255.255 45.200.13.0 0.0.0.255
set security acl ip remediationacl permit ip 0.0.0.0 255.255.255.255 45.200.3.19 0.0.0.0
set security acl ip remediationacl deny ip 0.0.0.0 255.255.255.255 45.200.0.0 0.0.255.255
set security acl ip remediationacl permit 0.0.0.0 255.255.255.255 commit security acl remediationacl
set security acl ip corpacl permit 0.0.0.0 255.255.255.255 commit security acl corpacl
set security acl ip employeeacl deny ip 0.0.0.0 255.255.255.255 45.200.2.10 0.0.0.0
set security acl ip employeeacl permit 0.0.0.0 255.255.255.255 commit security acl employeeacl
set ntp enable
set ntp server 45.200.1.2