Re: WLAN Guest access can ping WLC Management interface
Thanks for the reply,
I tried many ACLs applied on the guest and/or the management interface in order to deny the Guest subnet but... in vain.
- In some cases, the ACL is not matched
- In other cases, I observe matches but no change concerning the ping from the Guest VLAN.
Further information concerning achitecture :
We have a third party gateway for the guest access which is connected to the controller through a L2 VLAN (mapped to the Guest WLAN).
When I ping the WLC management interface, The destination MAC Address is the third party gateway Mac Address (normal) and the source MAC Address of the ICMP reply is the WLC virtual interface MAC address...
When I do a traceroute, I don't understand why the first and only hop is the WLC management interface instead of the third party Gateway IP address while my ICMP request is destined to the third party gateway MAC address...
WLAN Guest access can ping WLC Management interface
This is an old post but wanted to reply ...
I can confirm this with the 4400. It would appear after my testing the traffic is entering through the guest interface and then to the managment interface.
I will test a 5508 later this week to see if it to does the same.
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin