cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
4738
Views
10
Helpful
2
Replies
Highlighted
Contributor

Besides CAPWAP, what other ports/protocols needs to be allowed for FlexConnect

Well the title says it for itself.
Besides CAPWAP, what other ports/protocols needs to be allowed for FlexConnect?

To clear things out, I am MOSTLY concerned between the communication of the FlexConnect AP to the WLC. Besides CAPWAP what do i need to consider? I need this list since most our clients have a firewall, and of course, i need to allow certain protocols and/or ports on the firewall so that the AP and the WLC can see each other.

Any one knows?
As far as I know, I would allow:
1. CAPWAP

2. ICMP         -For reachability testing 

on the firewall, to/fro the devices.

Inputs would be helpful! ^_^
Thanks in Advance.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Master

All you need for the AP to

All you need for the AP to join the WLC is UDP 5246 and UDP 5247.  Anything else is dependent on what you need open. If you plan on telnet or ssh to the AP, then you need that also.  If you want to use syslog, then open that port also.  It would be the same as if you had any network device behind a FW except that you need the two UDP ports.

-Scott

-Scott
*** Please rate helpful posts ***
2 REPLIES 2
Hall of Fame Master

All you need for the AP to

All you need for the AP to join the WLC is UDP 5246 and UDP 5247.  Anything else is dependent on what you need open. If you plan on telnet or ssh to the AP, then you need that also.  If you want to use syslog, then open that port also.  It would be the same as if you had any network device behind a FW except that you need the two UDP ports.

-Scott

-Scott
*** Please rate helpful posts ***
Contributor

Thanks Scott,Verifies what I

Thanks Scott,

Verifies what I need or rather request clients on what ports to allow on their firewall, since this is VPN connections, ICMP, telnet, SSH wouldn't hurt to be enabled xD
 

A. CAPWAP

    PORTS:

    5246/UDP      -Control Channel

    5247/UDP      -Data Channel

 

B. ICMP(Ping)                        -OPTIONAL/Reachability verification

 

C. AP Remote Access          -OPTIONAL

    PORTS:

    22/TCP               -SSH

    23/TCP               -Telnet

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards