Solved: Re: wlc - can't create interface on same subnet as service port

huwyhuwy123 · ‎12-05-2011

hi there,

I have a WLC 5508. The service port is on the main "office" VLAN - i.e. the same subnet as all the servers etc.

We currently use sub-interfaces for all of the different vlans.

I'm trying to create a new wireless network for the "office" VLAN but whenever I go to create another interface it won't let me set one on the "office" subnet "conflicts with another interface".

Does anyone know a way around this? Am more than happy to provide more info.

I will include some screenshots.

-Al

Scott Fella · ‎12-05-2011

You can by enable management via dynamic interface.

config network mgmt-via-dynamic-interface

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

View solution in original post

Scott Fella · ‎12-05-2011

The service port is out of band management and you cant have routing between the service port and the management interface.

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

huwyhuwy123 · ‎12-05-2011

Thanks Scott. So I guess I need to move the service port onto another subnet. Seems obvious now I think about it!

Scott Fella · ‎12-05-2011

Well usually you don't connect the service port on the network. If you do, it should connect to a non routable subnet. Basically you would use it if you lost connection the the wlc and you want to be able to GUI or telnet/ssh to the

Q. How do we access the WLC when the network is down?

A. When the network is down, the WLC can be accessed by the service port. This port is assigned an IP address in an entirely different subnet from other ports of the WLC and so is called out-of-band management. For more information, refer the Configuring Ports and Interfaces section of the Cisco Wireless LAN Controller Configuration Guide, Release 7.0.116.0.

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

huwyhuwy123 · ‎12-05-2011

Thanks again. Do you know if you can configure the WLC to allow management from interfaces other than "management" and the "service port"?

Scott Fella · ‎12-05-2011

You can by enable management via dynamic interface.

config network mgmt-via-dynamic-interface

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

huwyhuwy123 · ‎12-05-2011

thanks again.

George Stefanick · ‎12-05-2011

Some folks will still IP the service port and put it on the network just incase they lose mangament of the WLC. but as Scott mentioned you will want to make sure you limit its routing to the managment interface, other wise you will see issues.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

huwyhuwy123 · ‎12-05-2011

Sorry I might have been unclear earlier.

What I wanted to know was whether you can logon to the management web console from interfaces other than "management" and "service port"?

Scott Fella · ‎12-05-2011

You can if you enable management via dynamic interface. Basically this allows you to https to the ip of your dynamic interface if you have one. Other than that, it's the management an service port only.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

huwyhuwy123 · ‎12-05-2011

thanks again Scott.

Scott Fella · ‎12-05-2011

No problem.

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

George Stefanick · ‎12-05-2011

You want to be careful, if you have a guest network on the inside. You might not want users hitting that inside interface.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________