Solved: Re: Unable to remotely access 5508

JASON SIMMONS · ‎02-15-2019

This is terrible. I had a 5508 WLC that I couldn't access remotely but Prime reported that it was still serving APs. TAC RMA'ed it. Got the replacement, upgraded the code and I could access the GUI. I restored the config from a backup and guess what!?! Cant access the GUI or SSH to it. Yes it's enabled.

Do I have any other choice than to reconfigure this box click by click???

Scott Fella · ‎02-27-2019

Jason,

I have seen issue with the config and restoring the same config doesn’t help. I have had to build the controller from scratch which has fixed the issues.

-Scott
*** Please rate helpful posts ***

View solution in original post

Flavio Miranda · ‎02-15-2019

Hi,

Is it the WLC managed by Prime? If so, that´s fine.

Can you share the configuration you have on the WLC? Something on the configuration is broken as you mentioned RMA.

-If I helped you somehow, please, rate it as useful.-

JASON SIMMONS · ‎02-15-2019

Leo Laohoo · ‎02-15-2019

@JASON SIMMONS wrote:

I restored the config from a backup and guess what

Can you ping the IP address?

Is the WLC ARP found in the table?

Are the links configured as Trunk/LAG or not?

JASON SIMMONS · ‎02-15-2019

Can you ping the IP address? Yes

Is the WLC ARP found in the table? Yes

Are the links configured as Trunk/LAG or not? Trunk/LAG

Leo Laohoo · ‎02-15-2019

@JASON SIMMONS wrote:
Are the links configured as Trunk/LAG or not? Trunk/LAG

Allowed VLANs?

ACL?

Try this: Do a continuous ping to the WLC IP address and then disable the link(s) to the WLC. Is the IP address still reachable?

JASON SIMMONS · ‎02-15-2019

Sorry LAG
All VLANs allowed and tagged.

I'm not near my computer ATM I'll run your test when I get home.

JASON SIMMONS · ‎02-16-2019

No ACL's

Pings timed out when the Port Channel was disabled, and started responding when it was enabled.

Leo Laohoo · ‎02-16-2019

Ok, that rules out duplicate IP Address.
I wonder if Telnet/SSH was accidentally disabled.

JASON SIMMONS · ‎02-17-2019

UPDATE:

I installed the AP supplemental bundle sometime last night, rebooted and walked away. Woke up this morning and now I can access the GUI and SSH to the WLC. I didn't change anything in the config. Just installed the bundle. It shouldn't have had any affect on remote access, but its working now.

Thanks for your help.

Scott Fella · ‎02-17-2019

That shouldn’t have anything with the issue except for the reboot.

-Scott
*** Please rate helpful posts ***

JASON SIMMONS · ‎02-17-2019

Yeah, I know. I have to get the license regenerated and install it so there will be another reboot.

patoberli · ‎02-18-2019

Interesting... let us know how it goes.
Btw. you also have telnet enabled, I suggest you disable it for security reasons.

David Ritter · ‎02-27-2019

hum, can you cli into your service port IP?

If this is an HA pair, you can cli into your redundancy-management IP

seems in a non-HA status the r-m IP is not alive.

the service port should support gui access.

JASON SIMMONS · ‎02-27-2019

The service port isn't connected.
It's not an HA pair.
What I've discovered with this WLC is that I can't access it via a wireless connection. Yes, it's enabled. I have another WLC with it's management interface on the same subnet, same code, and a basically identical configuration that I can access via wireless so that rules out an ACL to me. It isn't worth my time to keep fooling with it.