04-17-2015 05:14 AM - edited 07-05-2021 02:57 AM
Well the title says it for itself.
Besides CAPWAP, what other ports/protocols needs to be allowed for FlexConnect?
To clear things out, I am MOSTLY concerned between the communication of the FlexConnect AP to the WLC. Besides CAPWAP what do i need to consider? I need this list since most our clients have a firewall, and of course, i need to allow certain protocols and/or ports on the firewall so that the AP and the WLC can see each other.
Any one knows?
As far as I know, I would allow:
1. CAPWAP
2. ICMP -For reachability testing
on the firewall, to/fro the devices.
Inputs would be helpful! ^_^
Thanks in Advance.
Solved! Go to Solution.
04-17-2015 05:35 AM
All you need for the AP to join the WLC is UDP 5246 and UDP 5247. Anything else is dependent on what you need open. If you plan on telnet or ssh to the AP, then you need that also. If you want to use syslog, then open that port also. It would be the same as if you had any network device behind a FW except that you need the two UDP ports.
-Scott
04-17-2015 05:35 AM
All you need for the AP to join the WLC is UDP 5246 and UDP 5247. Anything else is dependent on what you need open. If you plan on telnet or ssh to the AP, then you need that also. If you want to use syslog, then open that port also. It would be the same as if you had any network device behind a FW except that you need the two UDP ports.
-Scott
04-17-2015 06:14 AM
Thanks Scott,
Verifies what I need or rather request clients on what ports to allow on their firewall, since this is VPN connections, ICMP, telnet, SSH wouldn't hurt to be enabled xD
A. CAPWAP
PORTS:
5246/UDP -Control Channel
5247/UDP -Data Channel
B. ICMP(Ping) -OPTIONAL/Reachability verification
C. AP Remote Access -OPTIONAL
PORTS:
22/TCP -SSH
23/TCP -Telnet
11-16-2023 08:35 AM
sorry to drag this up again but are the port bi-directional i.e. does the AP talk to the WLC on port UDP 5246 and the WLC talk to the AP on port UDP 5246? I am having issues with congestion and trying to write a QOS policy for control traffic both ways.
Thanks for any help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide