https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649406#M86977 <HTML><HEAD></HEAD><BODY><P>you can limit access to AP with access-list</P><P>Let we say only user with IP 192.168.10.10 can access AP</P><P>1.create standard ACL</P><P>AP(config)# access-list 10 permit host 192.168.10.10</P><P>Because the is an implicit deny on end of ACL only host 192.168.10.10 is valid host</P><P></P><P>2. Apply ACL to http access</P><P>AP(config)# ip http access-class 10</P><P></P><P>3. Access ACL to VTY (for telnet access)</P><P>AP(config)# line vty 0 4 </P><P>AP(config-line)#access-class 10 in</P><P></P><P>M.</P><P>Hope that helps rate if it does</P><P></P><P></P></BODY></HTML> Wed, 27 Dec 2006 11:54:57 GMT m.sir 2006-12-27T11:54:57Z https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649405#M86976 <P>With the Cisco 1100 AP's is there any way to prevent Wireless users from accessing the Telnet or HTTP administrations site.</P><P></P><P>We'd like this access available only to LAN client or even specific IP addresses.</P><P></P><P>Thanks,</P><P></P><P></P> Sat, 03 Jul 2021 20:25:26 GMT https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649405#M86976 smsialane 2021-07-03T20:25:26Z https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649406#M86977 <HTML><HEAD></HEAD><BODY><P>you can limit access to AP with access-list</P><P>Let we say only user with IP 192.168.10.10 can access AP</P><P>1.create standard ACL</P><P>AP(config)# access-list 10 permit host 192.168.10.10</P><P>Because the is an implicit deny on end of ACL only host 192.168.10.10 is valid host</P><P></P><P>2. Apply ACL to http access</P><P>AP(config)# ip http access-class 10</P><P></P><P>3. Access ACL to VTY (for telnet access)</P><P>AP(config)# line vty 0 4 </P><P>AP(config-line)#access-class 10 in</P><P></P><P>M.</P><P>Hope that helps rate if it does</P><P></P><P></P></BODY></HTML> Wed, 27 Dec 2006 11:54:57 GMT https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649406#M86977 m.sir 2006-12-27T11:54:57Z https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649407#M86978 <HTML><HEAD></HEAD><BODY><P>If it's a thin AP, there is a check-button you can push that prevents any wireless user from being able to administer the WLC.</P><P></P><P>HTH,</P><P></P><P>RA</P></BODY></HTML> Sat, 20 Jan 2007 13:18:06 GMT https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649407#M86978 Richard Atkin 2007-01-20T13:18:06Z https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649408#M86979 <HTML><HEAD></HEAD><BODY><P>It is a 1120 with 802.11g modules. </P><P></P><P>Where in the web interface is this check box?</P><P></P></BODY></HTML> Sat, 20 Jan 2007 19:07:10 GMT https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649408#M86979 smsialane 2007-01-20T19:07:10Z https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649409#M86980 <HTML><HEAD></HEAD><BODY><P>Select the 'Security' tab at the top of the WLC GUI, then 'Mgmt via Wireless' on the left.</P><P></P><P>Don't forget to hit apply ;o)</P></BODY></HTML> Sun, 21 Jan 2007 10:01:52 GMT https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649409#M86980 Richard Atkin 2007-01-21T10:01:52Z https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649410#M86981 <HTML><HEAD></HEAD><BODY><P>Hi all,</P><P></P><P>Sorry to re-ignite this issue, but I'm also interested in disabling mgmt over the wireless medium.</P><P></P><P>Let's say I have a Cisco AP1240G and no Wireless LAN Controllers, can I achieve the same result if I created an ACL that blocks all telnet/ssh traffic, and apply that ACL to all inbound traffic on the wireless interface? </P><P></P><P>E.G.</P><P>AP(config)# access-list 101 deny tcp any any eq 22</P><P>AP(config)# access-list 101 deny tcp any any eq 23</P><P>AP(config)# access-list 101 permit ip any any</P><P></P><P>AP(config)# interface dot11radio</P><P>AP(config)# ip access-group 101 in</P></BODY></HTML> Fri, 31 Aug 2007 08:35:47 GMT https://community.cisco.com/t5/wireless/can-i-prevent-wireless-users-from-logging-into-the-web-interface/m-p/649410#M86981 joch2joch 2007-08-31T08:35:47Z