Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
549
Views
0
Helpful
7
Replies

cant access WLC in the dmz

Network Pro
Level 1
Level 1

‎02-06-2012 04:36 AM - edited ‎07-03-2021 09:31 PM

hi,

I have setup a wlc (mgmt add 172.22.15.254) in the dmz connected to the fierwall with a security level of 30. I can access the wlc mgmt addres from firewall (have a address on the firewall for the same range ex 172.22.15.253). i cant seem to access the wlc mgmt address (cant ping or webbrowse) from the inside network. i have allowed icmp on the firewall.

any help pls ?

Labels:
0 Helpful
7 Replies 7

Network Pro
Level 1
Level 1

‎02-06-2012 06:46 AM

for some reason i cant seem to https to the wlc even wehn connected locally to the wlc using rj45 . is there any settings on the wlc that need to be enabled to http?

Thanks

0 Helpful

Stephen Rodriguez
Cisco Employee
Cisco Employee
In response to Network Pro

‎02-06-2012 06:49 AM

Can you reach the WLC via HTTPS?  HTTPS/SSH are the protocols for access that are enabled by default.

Steve

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Network Pro
Level 1
Level 1
In response to Stephen Rodriguez

‎02-06-2012 07:01 AM

i can ping from the firewall and even from local lan connected to firewall (inside) but not https or http or telnet to wlc.

when i connect the laptop to wlc locally and https then i can get an certificate error page and says to click to continue but cant see the login webpage (comes up with an error saying cert has expired)

0 Helpful

Network Pro
Level 1
Level 1
In response to Network Pro

‎02-06-2012 08:14 AM

does it have to do with any certificates? as i cant web browse to the device nor telnet...can only ping the wlc device (going from inside to dmz - higher to lower lelvel so there should be no problems how ever i have created acl on the inside interface also to allow https and icmp and ip - still no joy?) . i have NAT in place but have exempted NAT. only then i was able to ping but still cant web browse

0 Helpful

Stephen Rodriguez
Cisco Employee
Cisco Employee
In response to Network Pro

‎02-06-2012 08:16 AM

the cert shoudln't matter.  Does the firewall rule allow 443 to the WLC?

Steve

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Network Pro
Level 1
Level 1
In response to Stephen Rodriguez

‎02-06-2012 08:49 AM

sorry my mistake gave the above address to the dynamic ap interface (disabled) and was trying to access this..changed this to the managment address and can access without any problems...thanks for your time

0 Helpful

fb_webuser
Level 6
Level 6

‎02-06-2012 11:13 AM

in a telnet/ssh session issue "config network webmode enable" then save config and try to browse to the WLC

---

Posted by WebUser Taylor Welker

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card