Interface management on WCL 5508 is assigned ip 192.168.255.200 and from a PC ( on different subnet), i can ping but cannot access https to WCL but From a PC ( in the same subnet) i can ping and https. Does any one know why?
Go to WLC GUI >> Management >>Mgmt Via Wireless >> Enable
and try accessing the same, u will be able to..
Just in case if u hv the dynamic interface in that vlan on the WLC then try the below command and see if thst helps
config network mgmt-via-dynamic-interface enable
I checked Enable Controller Management to be accessible from Wireless Clients selection box but still cannot access https
Are you sure that the https and ssh are enabled on your WLC?
Mangemetn -> HTTP-HTTPS.
If it is enabled then you better consider testing from different browsers and different clients.
It could be problem with the browser or the client you are using so you better eliminate this.
You also need to check devices in path between your device and WLC and make sure that there are no ACLs or so that drops the traffic.
Yes, HTTPS and SSH is enable and if i change ip add to subnet 192.168.255.0/24, i can ssh and https to WCL.
Oh. sorry. I just noticed you metnioned this already in the first topic.
Then, I think we have a few steps need to be followed:
- Make sure it is not a browser's problem. (test more than one browser).
- Make sure it is not a client problem. (test more than one client).
- If above tested, you can simply collect sniffer trace on WLC port to make sure if the https traffic reach from the client or not. if not (and this is what I suspect) then search where the traffic is being dropped in the internal network and fix that. If it reaches WLC then the problem could probably be with the WLC and your first check then is to reboot WLC and check if it is fixed. if not you may need probably to open a TAC case
I worked with a user a time ago where he had a similar issue. But (if I remember correctly) it was fixed when the user resetted the WLC to default config. the problem was the use is not able to use GUI of the WLC (either HTTP or HTTPS).
Hope you'll catch the cause soon.
after enable mgmt-via-dynamic-interface, from my pc (ip add 192.168.24.20/24), i can connect to dynamic interface (ip add: 192.168.24.200) but cannot connect to management interface (ip add: 192.168.255.200).
i think enable mgmt-via-dynamic-interface is not secure and i don't know how to manage WCL because i configure dynamic-interface for all vlan? shoud i manage WCL from the Service port or create a new vlan and manage WCL from this vlan.
thanks for your support!