cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
153
Views
0
Helpful
3
Replies
Highlighted
Beginner

Does it can be possible to block access right to Mobility Express Web interface for the person connected to the AP?

Hi to all,

 

I use C3702e (autonomous mode) and C1852e (Mobility Express) device to have Wifi are in my house.

I notice that C1852e use Mobility Express, it seems that all setup can be done through webinterface.

But for security reason, i don't want to allow someone to be able to reach it through the AP in WIFI.

Does it can be possible to block 1852e web interface access for the personne connected to this AP ?

 

Best Regards.

 

 

3 REPLIES 3
VIP Advocate

Re: Does it can be possible to block access right to Mobility Express Web interface for the person connected to the AP?

Yes this is possible. But even better, if you use 8.5.151.0 (or many other, newer versions, but I recommend that specific one), you can convert the 3702 to lightweight and join it to the 1852. That way you can manage both from the 1851 ME interface and roaming will also start to work correctly.

To you management question, you can disable management over wireless either under the SSID configuration or via CLI:
config network mgmt-via-wireless disable

Please note, some older versions had some bugs in that regard, which is another reason you might want to upgrade to either 8.5.151.0 or maybe 8.8.125.0.
Beginner

Re: Does it can be possible to block access right to Mobility Express Web interface for the person connected to the AP?

I use 3702e and 1852e to have wifi "everywhere" in my house.

Each AP has the same name, the goal is to don't loose connection if move from one AP to another when i move from first floor to second.

If i change my 3702e from Autonomous mode to lightweight, i think that i will loose this possibility?

If remember in lightweight mode, two AP can have this possibility?

 

What does it bring to manage 3702 from 1852?

 

I use the command line (didn't fiond option from WebUI).

It avoid anyone who is connected to AP in Wifi or from the LAN used by the AP.

I was thinking that it just limit person connected through Wifi, but it's the same for wired person on the same LAN.

It can be usefull when the setup is finished.

 

Many thanks in advance for your advise.

VIP Advocate

Re: Does it can be possible to block access right to Mobility Express Web interface for the person connected to the AP?

I just checked the manuals again. To connect the 3700 with the 1850 series, you need to be running 8.8.125.0 on both (or any older 8.8 release):

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-8/b_cisco_mobility_express_8_8/b_cisco_mobility_express_8_8_chapter_00.html

 

Currently you actually loose the connection, because you can't seamlessly roam between the two APs (they don't know of the used crypto keys, that are exchanged in the WPA2 encryption), unless you don't use any encryption.

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards