Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

can not access WLC 5508

Hello.

I have Cisco WLC 5508. I can access it from network 10.2.4.0/24 (LAN at work). But when I access it via VPN and get IP address from 10.2.5.0/24, I can not access WLC but I can ping it. Please help.

Everyone's tags (3)
11 REPLIES
Hall of Fame Super Silver

Re: can not access WLC 5508

Seems like http/https is being blocked from the subnet your on when connected to VPN. I'm assuming the subnet the WLC is in is a different subnet that VPN users are on also. Since you can access it from the LAN, check you FW policies for the VPN.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
VIP Purple

can not access WLC 5508

are you trying to access with wireless ???

GUI  ->MANAGEMENT-> MGT Via WIRLESS and enable it.

via CLI:

config network mgmt-via-wireless enable

Try this and let us now.

Regards

can not access WLC 5508

No, no wireless. Via VPN wired. I check VPN config and post the result.

can not access WLC 5508

Everything is opened via VPN. No restriction at all.

Hall of Fame Super Silver

can not access WLC 5508

Well since you can access it properly from the wired subnets, its pointing to something on your VPN... maybe an ACL.  If your subnet for VPN doesn't overlap with one being used as a dynamic interface, you should have no issues telnet/ssh/http/https unless something is blocking it.

Thanks,

Scott

*****Help out other by using the rating system and marking answered questions as "Answered"*****

-Scott
*** Please rate helpful posts ***

can not access WLC 5508

Password:********

(Cisco Controller) >show network summary

RF-Network Name............................. air

Web Mode.................................... Enable

Secure Web Mode............................. Enable

Secure Web Mode Cipher-Option High.......... Enable

Secure Web Mode Cipher-Option SSLv2......... Enable

Secure Web Mode RC4 Cipher Preference....... Disable

OCSP........................................ Disabled

OCSP responder URL..........................

Secure Shell (ssh).......................... Enable

Telnet...................................... Disable

Ethernet Multicast Forwarding............... Disable

Ethernet Broadcast Forwarding............... Enable

AP Multicast/Broadcast Mode................. Unicast

IGMP snooping............................... Disabled

IGMP timeout................................ 60 seconds

IGMP Query Interval......................... 20 seconds

MLD snooping................................ Disabled

MLD timeout................................. 60 seconds

MLD query interval.......................... 20 seconds

User Idle Timeout........................... 300 seconds

ARP Idle Timeout............................ 300 seconds

--More-- or (q)uit

Cisco AP Default Master..................... Disable

AP Join Priority............................ Disable

Mgmt Via Wireless Interface................. Disable

Mgmt Via Dynamic Interface.................. Enable

Bridge MAC filter Config.................... Enable

Bridge Security Mode........................ EAP

Mesh Full Sector DFS........................ Enable

AP Fallback ................................ Enable

Web Auth Redirect Ports .................... 80

Web Auth Proxy Redirect  ................... Disable

Web Auth Captive-Bypass   .................. Disable

Web Auth Secure Web  ....................... Enable

Fast SSID Change ........................... Disabled

AP Discovery - NAT IP Only ................. Enabled

IP/MAC Addr Binding Check .................. Enabled

                                                    CCX-lite status ............................ Disable

oeap-600 dual-rlan-ports ................... Disable

oeap-600 local-network ..................... Enable

IP address of WLC is 10.2.51.1. And I checked other networks from LAN. I can access it only from 10.2.4.0!

VIP Purple

Re: can not access WLC 5508

can you access via ssh or telnet to WLC ???

paste the output of sh network summary commands:

try to change your browser.

regards

can not access WLC 5508

Also I tried changing browser. Access is only forn 10.2.4.0((

can not access WLC 5508

Also I can not access it via ssh or telnet(

VIP Purple

can not access WLC 5508

Secure Shell (ssh).......................... Enable

Telnet...................................... Disable

Telnet is not enable.you can only try with ssh.

I think scott is right , there is something blocking , you must check your VPN config.

Regards

can not access WLC 5508

It is not VPN definitely because inside my LAn I have access only from 10.2.4.0. And no ACL I have(((

167
Views
0
Helpful
11
Replies