Comprar o Renovar
Comprar o Renovar
cancelar
Activar sugerencias
La sugerencia automática le ayuda a obtener, de forma rápida, resultados precisos de su búsqueda al sugerirle posibles coincidencias mientras escribe.
Mostrando los resultados de 
Buscar en lugar de 
Quiere decir: 
cancel
Iniciar una conversación
639
Visitas
0
ÚTIL
2
Respuestas

Web traffic never seems to leave the controller - all other traffic OK

Ir a solución
baskervi
Level 1
Level 1

el ‎07-17-2012 03:16 PM

We have a 5508 controller with various access points connected to it. There is a trunk from a Catalyst 4507 to the controller, and a trunk from the ASA to the Catalyst. One of the VLANs from the 5508 is L3 terminated to the ASA. All hosts connected to the access points can pass all traffic to the Internet except for port 80. HTTPS works fine as well as a half a dozen ports we tested.

I set up a packet capture on the ASA, and I see all traffic but port 80. I'm speculating that the controller is filtering this traffic. Has anyone else run into this? I've been through the various menus on the controller, and I can't see where this would be filtered. There isn't a proxy configured on the laptops or phones.

Thanks

Etiquetas:
0 Útil
1 SOLUCIÓN ACEPTADA

Soluciones aceptadas

Ir a solución
Milton Tizoc
Level 1
Level 1

el ‎07-18-2012 07:46 AM

Hi baskervi, in the controller you can configure some ACLs and you can apply them to an interface, in the menu security -> Access Control List is where you can add them, and in the menu controller -> interfaces you can edit some one and apply the acl, if you don´t configure that maybe it could be in the ASA.

Hope this helps you.

Regards,

Milton Tizoc.

Ver la solución en mensaje original publicado

0 Útil
2 RESPUESTAS 2

Ir a solución
Milton Tizoc
Level 1
Level 1

el ‎07-18-2012 07:46 AM

Hi baskervi, in the controller you can configure some ACLs and you can apply them to an interface, in the menu security -> Access Control List is where you can add them, and in the menu controller -> interfaces you can edit some one and apply the acl, if you don´t configure that maybe it could be in the ASA.

Hope this helps you.

Regards,

Milton Tizoc.

0 Útil

Ir a solución
baskervi
Level 1
Level 1
En respuesta a Milton Tizoc

el ‎07-18-2012 01:59 PM

The problem ended up being a Barracuda spyware firewall. The Barracuda was forwarding the tagged vlan packets, and it was only filtering the web traffic. I set up an SVI on the core switch, and everything started to work fine. Put it back on the ASA, and the packets never showed up. Thanks for the comment, as it gave me the idea to try this.

0 Útil
Vamos a comenzar

¡Conecte con otros expertos de Cisco y del mundo! Encuentre soluciones a sus problemas técnicos o comerciales, y aprenda compartiendo experiencias.

Queremos que su experiencia sea grata, le compartimos algunos links que le ayudarán a familiarizarse con la Comunidad de Cisco:

Navegue y encuentre contenido personalizado de la comunidad

Discusiones Wireless Discusiones Mobile Más de Wireless & Mobile
Customers Also Viewed These Support Documents