no access to management interface on WLC4002

Unanswered Question
Apr 23rd, 2009

my dilemma is the follwing:

I've have a remotly connected WLC4002.

The service port is in 10.10.4.0/23 and the management IF in 10.10.1.0/24. Both are connected to a L3 catalyst which is also providing the default gateway for both networks. (i.e. ~.254). To get access to the service port I had to add a route: "route add 10.0.0.0 255.0.0.0 10.29.5.254". The management IF is configured like this:

"interface address management 10.10.1.240 255.255.255.0 10.10.1.254"

But I can pignthe man.IF only from it's own network not from remote networks 10.x.y.0. For me it looks like as if this IF doesn't use it's configured def. gateway - but the static route from the service port. (btw: I can reach other nodes in the network of the manag.IF)

Now I fear that I'll loose connection completly if I'm playing with the routing entries.

Any idea how to configure that I can reach both interfaces?

Or - in case change config won't work - is there something similiar like the IOS command "reload in"?

Thanks for you help

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Fri, 04/24/2009 - 04:12

When the service port is connected to the network, you have to make sure the management port can't get to the service port subnet and vice versa, since it is used for out-of-band management. If there is a route then you might have issues.... I normally don't even connect the service port to the network at all, but that is just me.

If you are trying to reach the wlc management port from a a subnet that one of the dynamic interfaces on the wlc is configured for, then you have to enable management via dynamic interface on the cli of the wlc.

config network mgmt-via-dynamic-interface enable

config network mgmt-via-wireless enable

FRANK SCHADE Sat, 04/25/2009 - 05:07

tried these commands and shut down the service port on the switch - without access.

Will have a try with a more specific route or even when the route is removed. But first try to get someone who gives remote access to a serial connected PC....

Scott Fella Sat, 04/25/2009 - 05:30

If you shut the port on the switch to where the service port is connected to, and you still have issues managing the wlc using the management ip address, then you have something wrong. It seems that you are trying to access the wlc from a different location than where the wlc is at? Can you access the wlc management from the same subnet as the management interface is on. If so, then you might have some routing issues when you are trying to get to the wlc from a different subnet. If you can't get to the wlc from the same subnet, then either something isn't configured right or maybe its a vlan tagging issues.

FRANK SCHADE Mon, 05/04/2009 - 21:50

Found now sonme time to go on with my "research":

indeed it works with a host route to a mangement station. There for I can access to the service port (and only this port) via the mangement station - where i have to use a node in a different network to access the management IF.

-> would be nice also to have the possibilty to give the service port a default gateway.

gamccall Fri, 04/24/2009 - 05:18

I would unplug the service port and get the management port working first.

Actions

This Discussion