I have a WLC 5508. The service port is on the main "office" VLAN - i.e. the same subnet as all the servers etc.
We currently use sub-interfaces for all of the different vlans.
I'm trying to create a new wireless network for the "office" VLAN but whenever I go to create another interface it won't let me set one on the "office" subnet "conflicts with another interface".
Does anyone know a way around this? Am more than happy to provide more info.
I will include some screenshots.
Solved! Go to Solution.
The service port is out of band management and you cant have routing between the service port and the management interface.
Sent from my iPhone
Thanks Scott. So I guess I need to move the service port onto another subnet. Seems obvious now I think about it!
Well usually you don't connect the service port on the network. If you do, it should connect to a non routable subnet. Basically you would use it if you lost connection the the wlc and you want to be able to GUI or telnet/ssh to the
Q. How do we access the WLC when the network is down?
A. When the network is down, the WLC can be accessed by the service port. This port is assigned an IP address in an entirely different subnet from other ports of the WLC and so is called out-of-band management. For more information, refer the Configuring Ports and Interfaces section of the Cisco Wireless LAN Controller Configuration Guide, Release 18.104.22.168.
Sent from my iPhone
Thanks again. Do you know if you can configure the WLC to allow management from interfaces other than "management" and the "service port"?
Some folks will still IP the service port and put it on the network just incase they lose mangament of the WLC. but as Scott mentioned you will want to make sure you limit its routing to the managment interface, other wise you will see issues.
Sorry I might have been unclear earlier.
What I wanted to know was whether you can logon to the management web console from interfaces other than "management" and "service port"?
You can if you enable management via dynamic interface. Basically this allows you to https to the ip of your dynamic interface if you have one. Other than that, it's the management an service port only.
Sent from Cisco Technical Support iPhone App
You want to be careful, if you have a guest network on the inside. You might not want users hitting that inside interface.