Cannot access https to Wireless controller, Pls help me!

mr Anh · ‎04-16-2012

Dear all,

Interface management on WCL 5508 is assigned ip 192.168.255.200 and from a PC ( on different subnet), i can ping but cannot access https to WCL but From a PC ( in the same subnet) i can ping and https. Does any one know why?

Thanks

Surendra BG · ‎04-16-2012

Go to WLC GUI >> Management >>Mgmt Via Wireless >> Enable

and try accessing the same, u will be able to..

Regards

Surendra

Regards
Surendra BG

mr Anh · ‎04-16-2012

Thank Surendra, but this PC using wired interface. i think option Mgmt Via Wireless is for wireless client only.

Now i cannot ssh to WCL. But i can telnet 192.168.255.200 22 and 443.

Surendra BG · ‎04-16-2012

Wats the software version on the WLC??

Regards

Surendra

Regards
Surendra BG

Surendra BG · ‎04-16-2012

Just in case if u hv the dynamic interface in that vlan on the WLC then try the below command and see if thst helps

config network mgmt-via-dynamic-interface enable

Regards

Surendra

Regards
Surendra BG

mr Anh · ‎04-16-2012

Dear Surendra

the software version is 7.0.116.0.

Thank,

mr Anh · ‎04-17-2012

Dear Surendra,

I checked Enable Controller Management to be accessible from Wireless Clients selection box but still cannot access https

Amjad Abdullah · ‎04-17-2012

Hi,

Are you sure that the https and ssh are enabled on your WLC?
Mangemetn -> HTTP-HTTPS.

If it is enabled then you better consider testing from different browsers and different clients.

It could be problem with the browser or the client you are using so you better eliminate this.

You also need to check devices in path between your device and WLC and make sure that there are no ACLs or so that drops the traffic.

HTH.

Amjad

Rating useful replies is more useful than saying "Thank you"

mr Anh · ‎04-17-2012

Dear Amjad,

Yes, HTTPS and SSH is enable and if i change ip add to subnet 192.168.255.0/24, i can ssh and https to WCL.

Thanks

Amjad Abdullah · ‎04-17-2012

Oh. sorry. I just noticed you metnioned this already in the first topic.

Then, I think we have a few steps need to be followed:
- Make sure it is not a browser's problem. (test more than one browser).

- Make sure it is not a client problem. (test more than one client).

- If above tested, you can simply collect sniffer trace on WLC port to make sure if the https traffic reach from the client or not. if not (and this is what I suspect) then search where the traffic is being dropped in the internal network and fix that. If it reaches WLC then the problem could probably be with the WLC and your first check then is to reboot WLC and check if it is fixed. if not you may need probably to open a TAC case
I worked with a user a time ago where he had a similar issue. But (if I remember correctly) it was fixed when the user resetted the WLC to default config. the problem was the use is not able to use GUI of the WLC (either HTTP or HTTPS).

Hope you'll catch the cause soon.

Amjad

Rating useful replies is more useful than saying "Thank you"

Lunhamege Nogueira · ‎10-03-2019

I had cashed information on my firefox browser. Tried from the chrome and it opened. Closed firefox and re-launched it and I was able to access the controller once again.
Thanks for the help!

nikhilcherian · ‎04-17-2012

just a wild guess

check out if you have some proxy configured for the browser

check with another browser

mr Anh · ‎04-19-2012

Dear Surendra,

after enable mgmt-via-dynamic-interface, from my pc (ip add 192.168.24.20/24), i can connect to dynamic interface (ip add: 192.168.24.200) but cannot connect to management interface (ip add: 192.168.255.200).

i think enable mgmt-via-dynamic-interface is not secure and i don't know how to manage WCL because i configure dynamic-interface for all vlan? shoud i manage WCL from the Service port or create a new vlan and manage WCL from this vlan.

thanks for your support!