Solved: Cisco 2504 WLC can't ssh connection refused

joeva · ‎05-08-2019

Hello All,

Please be kind as I'm new to this, I was trying to SSH into my Cisco 2504 wireless controller and it's refusing the SSH connection. I did confirmed that under web GUI Wireless => Global Configuration => Login Credentials does have my NEW created (no-default username and password) account. Also on the same page the Global Telnet SSH boxes are ticked. I do not know why i still can't SSH into the controller, I do see under managements => Local Management users => Has the default admin & newadmin accounts.

Do I HAVE to delete the default "admin" for this to work or something?

Thank you so much,

Joeva

Sathiyanarayanan Ravindran · ‎05-09-2019

Trace the WLC ip from your laptop and trace the IP of other devices from the same machine. I hope from the trace you can get the solution.

Have you checked the ACL part?

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

View solution in original post

Sathiyanarayanan Ravindran · ‎05-08-2019

Those configuration you are seeing under wireless -> global configuration is that of APs joined to the WLC. Are you able to telnet the WLC ip on port 22?

Also how you are trying to access is it like connect to wifi and trying to access the WLC?

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

joeva · ‎05-09-2019

The APs are joined to the WLC, but I cannot telnet into WLC. I'm wire connected in Seattle office where WLC is at Moses Lake location, through MPLS. By the way, I can SSH into any other device fine in Moses lake loc. Thank you for your reply!

Sathiyanarayanan Ravindran · ‎05-09-2019

Go to security -> Access Control List -> CPU acl. Is there any acl enabled over there. If its enabled check there IP address of your machine is allowed to access ssh of WLC.

If above didn’t help you out. Please post the output of *show network summary*

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

johnd2310 · ‎05-08-2019

Hi,

Are you trying to ssh over the wireless network or via the wired network. If you are connected to the wireless network, then management of the WLC may fail because "mgmt Via Wireless" is disabled. Try ssh from the wired network.

Thanks

John

**Please rate posts you find helpful**

joeva · ‎05-09-2019

Wired sir, Thanks for your reply.

RaffyLindogan · ‎05-08-2019

Hi mate,

Is this for a new setup?

Please check if SSH is not blocked (telnet <wlc ip> 80).

Also what is the error you are getting when you connect via SSH?

Ensure that SSH is enabled and also your authentication user (local or remote).

Cheers,

Raffy

joeva · ‎05-09-2019

Hi Raffy,

Please check if SSH is not blocked (telnet <wlc ip> 80).
i tried telnet into WLC """telnet 192.168.1.1 80""" and it's saying telnet is nto recognized as an internal or external command

Also what is the error you are getting when you connect via SSH?

using PuTTy tried to SSH into the WCL i'm just getting the general error: Network error: Connection refused

Ensure that SSH is enabled and also your authentication user (local or remote).
When I had only defaul admin credentail enabling SSH did throw me an error asking to create new admin account or else I can't use SSH so Yep I did make sure SSH are enabled in my WLC and APs and I created new Admin account, after that enabling SSH did not throw any error but just still can't SSH into the WLC from wired LAN connection.

Thank you for your reply!

joeva · ‎05-09-2019

Sorry just had Telnet client Windows feature installed, so I ran the command and I got this error now.

C:\WINDOWS\system32>telnet 192.168.1.1
Connecting To 192.168.1.1...Could not open connection to the host, on port 23: Connect failed

Sathiyanarayanan Ravindran · ‎05-09-2019

Telnet will be in disabled mode by default. Ssh you have to access via port 22 .

On your windows machine telnet wlc ip 22. Try this and see whether you are able to do it.

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

joeva · ‎05-09-2019

Same error.

C:\WINDOWS\system32>telnet 192.168.1.1 22
Connecting To 192.168.1.1...Could not open connection to the host, on port 22: Connect failed

C:\WINDOWS\system32>

Sathiyanarayanan Ravindran · ‎05-09-2019

Trace the WLC ip from your laptop and trace the IP of other devices from the same machine. I hope from the trace you can get the solution.

Have you checked the ACL part?

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

joeva · ‎05-09-2019

Thank you all, I got it working. This is due to my own switch VLAN issue apparently the physical port of mine is assigned to a vlan that doesn't have access so I changed to a different vlan to solve that problem. Wish you all a wonderful day and once again Thank you so much for trying to help me out!

RaffyLindogan · ‎05-09-2019

Hi Mate,

Good to hear that you were able to get it working.

Just want to add to the comments for future use mate.

You can enable the telnet on your machine.

If you are using windows, here are some steps:

1. Go to Control Panel\Programs\Programs and Features

2. Click "Turn Windows features on or off"

3. It will load a new window "Windows Features"

4. Check the "Telnet client" and click ok.

5. Then you can start using telnet on your machine. :)

Regarding the SSH, yeah the error you are receiving was definitely a network issue. Cause if it was other thing like SSH not enabled or authentication not configured properly, it will throw an error "Connection refused".

Again, im happy that you got it fixed.

Well done!

Regards,

Raffy