https://community.cisco.com/t5/wireless/block-ips-from-accessing-wlc-web-management/m-p/1098109#M48656 <HTML><HEAD></HEAD><BODY><P>I need deal with this matter also... So here's what I found:</P><P>- you must use CPU acls - interface acls won't do what you want;</P><P>- it appears that once you use an acl, you must explicitly define each type of traffic you want to allow, since an implicit deny all action occurs.</P><P>I'm working on trying to restrict admin access to controllers in order address policy compliance matters. I'm disappointed at the lack of better documentation and practical examples on acls... </P><P>If anyone can shed some light on this topic I think two of us would appreciate it... </P></BODY></HTML> Thu, 23 Oct 2008 19:08:14 GMT laaustin 2008-10-23T19:08:14Z https://community.cisco.com/t5/wireless/block-ips-from-accessing-wlc-web-management/m-p/1098108#M48655 <P>Hi all,</P><P></P><P>I have tried using access control list to block certain IPs from accessing WLC web management. I apply the ACL to interface management, but it seems like no effect at all.</P><P></P><P>How can I block or permit some IPs so only certain IPs can access WLC web management ?</P><P></P><P>Thanks in advance.</P> Sat, 03 Jul 2021 23:38:31 GMT https://community.cisco.com/t5/wireless/block-ips-from-accessing-wlc-web-management/m-p/1098108#M48655 0600648902 2021-07-03T23:38:31Z https://community.cisco.com/t5/wireless/block-ips-from-accessing-wlc-web-management/m-p/1098109#M48656 <HTML><HEAD></HEAD><BODY><P>I need deal with this matter also... So here's what I found:</P><P>- you must use CPU acls - interface acls won't do what you want;</P><P>- it appears that once you use an acl, you must explicitly define each type of traffic you want to allow, since an implicit deny all action occurs.</P><P>I'm working on trying to restrict admin access to controllers in order address policy compliance matters. I'm disappointed at the lack of better documentation and practical examples on acls... </P><P>If anyone can shed some light on this topic I think two of us would appreciate it... </P></BODY></HTML> Thu, 23 Oct 2008 19:08:14 GMT https://community.cisco.com/t5/wireless/block-ips-from-accessing-wlc-web-management/m-p/1098109#M48656 laaustin 2008-10-23T19:08:14Z https://community.cisco.com/t5/wireless/block-ips-from-accessing-wlc-web-management/m-p/1098110#M48657 <HTML><HEAD></HEAD><BODY><P>Take a look at this doc... on page 4 it says cpu acls on post 4.0 releases allow you to address traffic on the management interface (my interpretation). It also points out on the same page that an implicit deny any any action ends the acl.</P><P></P><P>See ACLs on Wireless LAN Controllers: Rules,</P><P>Limitations, and Examples</P><P>Document ID: 81733</P></BODY></HTML> Thu, 23 Oct 2008 19:22:35 GMT https://community.cisco.com/t5/wireless/block-ips-from-accessing-wlc-web-management/m-p/1098110#M48657 laaustin 2008-10-23T19:22:35Z https://community.cisco.com/t5/wireless/block-ips-from-accessing-wlc-web-management/m-p/1098111#M48658 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>have you succeed doing this ?? I still get problem yet.</P><P></P></BODY></HTML> Fri, 31 Oct 2008 06:11:17 GMT https://community.cisco.com/t5/wireless/block-ips-from-accessing-wlc-web-management/m-p/1098111#M48658 0600648902 2008-10-31T06:11:17Z