can't put ACL on management int - WLC

Unanswered Question
Jan 19th, 2009

Why is it so that I can't put an ACL on the management int or the mangement WLAN. I mean, I can put the ACL on the int/WLAN but it has no effect, it only denies everything.

Also, can someone please explain what the difference between putting an ACL on an interface vs one on a WLAN.

Thank you.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sschmidt Mon, 01/19/2009 - 07:39

Where you place the ACL determines when the packets are acted upon. Depending on how close to the client you put it determines how much cpu/bandwidth etc you use prior to the action.

There is a deny all at the end of every ACL. Are you sure the ACL has something to act on and isn't just getting to the deny?

What version of WLC code are you running?

An access control list (ACL) is a set of rules used to limit access to a particular interface (for example, if you want to restrict a wireless client from pinging the management interface of the controller). After ACLs are configured on the controller, they can be applied to the management interface, the AP-manager interface, any of the dynamic interfaces, or a WLAN to control data traffic to and from wireless clients or to the controller central processing unit (CPU) to control all traffic destined for the CPU.


This Discussion



Trending Topics - Security & Network