05-09-2008 08:07 AM - edited 07-03-2021 03:50 PM
I am attempting to access the service port from a client pc on another network.
Service port = 10.100.2.1/16
Client IP = 10.1.1.10/16
I know you cannot put a default gateway on the service port, but the documentation says you can add a static route for remote management. So I tried...
config route add 10.1.0.0 255.255.0.0 <gateway.ip>
It does not take the command and says something to the effect of...
"ip address/netmask conflicts with the configured ip address of the service port"
05-09-2008 08:14 AM
Never really tied this - so I am guessing, what if you tried to extend the route subnet from 16 to a more specific 24? 10.1.1.0 ?
HTH.
05-09-2008 08:36 AM
I tried all the way to a host mask and got the same thing.
config route add 10.1.1.10 255.255.255.255
05-09-2008 11:38 AM
Be carefull.... you are not suppose to have the service port accessible on the network. What you have to do is place it on a subnet that is non-routable on your network and vlan that to other switches if you need to access the service port. It is really meant for out of band management.
05-12-2008 10:54 AM
We are having this same issue. In the cisco documentation it says you should be able to create a static route for the network associated with the service port for remote network management.
In our case the wireless network has been built completely separate from our corp network and we would like the service port on one VLAN of our corp network and be able to access the management page from other VLAN's so that our receptionist can add users/passwords for the web-auth part for visiting users.
Currently we are unable to do this and since the documentation clearly states that it should be possible how can we configure this? or are we bound to some other hack to get this functioning properly?
05-12-2008 11:04 AM
If your wireless is totally seperated from you r network, why don't you create a static route to the management ip of the wlc's. You can create ACL's to only allow the receptionist and others to access the wlc's from your internal network.
Or you should of connected the management port to you internal network and the specify the other port for your wireless traffic.
05-12-2008 12:32 PM
I was able to do this... using a setup similar to the following:
10.1.10.20 = WLC Service Port IP
10.1.10.1 = Gateway address for Service Port Network
10.1.0.0/16 = Network to connect to
From the GUI add network like the following:
Network: 10.1.0.0
Netmask: 255.255.0.0
Gateway: 10.1.10.1
and viola! it worked...
05-12-2008 04:57 PM
So can any host access the WLC'S service port then?
05-12-2008 05:11 PM
Maybe so, but you do not want this... the service port is ONLY for out-of-band servicing of the controller, or in the case of WiSMs, communication between WLC and 6K Supervisor.
Packets coming in on the service port generate interrupts directly to the WLC CPU--there is no filtering or rate-limiting!
05-12-2008 05:15 PM
Jake,
Good info. I got confused when they mentioned a doc on creating a static route for the service port. I couldn't find any doc regarding this.
5 points for you for clearing this up and also from me scratching my head in confusion.
10-28-2010 11:55 PM
Good day!
It's strange, but my wlc also rejects such variant of adding the static route
it tells something like was mentioned previosly
"IP Address/Netmask entered conflicts with the configured IP Address/Netmask of
the service port."
how did force your wlc to apply this command?
12-28-2011 11:53 PM
Hi guys,
I just did configure the service port on a 5508 controller which i'd like to share it with you the way I did it.
I was given a valid IP address (70.X.X.246) with the subnet mask of 255.255.255.252 and with default gateway of 70.X.X.245 for the out-of-band access to the controller from our office (60.X.X.X). So here is what I did:
In the service port interface configuration:
IP: 70.X.X.246
Mask: 255.255.255.252
And In the "Network Route" setting:
IP: 60.X.X.X
Mask: 255.255.255.255
Default Gateway: 70.X.X.245
Hope it helps!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: