WCS 5.1.151 create ACL Security Template

Jason Aarons · ‎11-20-2008

I created some ACS templates in WCS 5.1.151, when I view them in WLC 4.2.130 I see errors like Protocol = IP on IP or Protocol = 255 and the ACLs don't work.

amritpatek · ‎11-27-2008

Follow the instructions in these sections to apply ACLs using the controller GUI:

Applying an Access Control List to an Interface

Applying an Access Control List to the Controller CPU

Applying an Access Control List to a WLAN

Applying a Preauthentication Access Control List to a WLAN

Here is the URL for the configurationi ACL for the WLC it may help you

http://www.cisco.com/en/US/docs/wireless/controller/4.2/configuration/guide/c42sol.html#wp1104164

Jason Aarons · ‎11-28-2008

Creating ACLs in the Controller GUI has no problems, however we'd rather configure WCS templates and push them to Controllers to reduce labor and assure a consistent configuration across all WLCs.

tmcquaig · ‎12-02-2008

I am seeing this issue also.

Apply an ACL template to a controller from WCS. The protocol ANY is translated to "other 255". The ACL does not function for any protocol at this point. Manually update to protocol any on the controller and the ACL works properly.

I also noticed some inconsistencies on ACL sequencing but haven't narrowed those down.

Jason Aarons · ‎12-02-2008

I opened a TAC case but haven't gotten a answer. I would encourage you to do the same. I spent 2 days troubleshooting this!

tmcquaig · ‎12-02-2008

I did.

What version WCS are you running? I am using 5.1.64.0.

Jason Aarons · ‎12-02-2008

WCS = 5.1.64.0 and WLC-4404 = 4.2.130.0

tmcquaig · ‎12-02-2008

My controllers are WLC-4402 and they are running 5.1.151.0.

Here is some bugs that might be our problem.

CSCsr66296

CSCsr68838