Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

WLC Guest access to managment IP

Hy! I've setup a Guest Wireless Acess using web auth. I've created a new dynamic interface with an IP range different from the one used in the production SSID.

I've created a new VLAN in core switches (L2) and connected a Internet acess only router in the VLAN.

The DHCP is handled by the WLC and is working fine. The network has the Internet Router as the Gateway.

The issue is that from the wireless guest client I can ping the WLCs Management Interface (complete different network). I've accessed the Internet router and from there I can't reach the Management Interface. The good news is that even beeing able to reach the Management IP wireless guest can't access the controller, but still this is odd and raises all kind of questions about security.

Has anyone experienced this same thing? Can anyone explain what is happening?


Tiago Molinos

Hall of Fame Super Silver

Re: WLC Guest access to managment IP

Well if you can ping the management interface of the wlc, then make sure you have management via wireless disabled. On you L3 interface, create some ACL's to deny guest network to your internal network.

*** Please rate helpful posts ***
CreatePlease to create content