cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
8661
Views
10
Helpful
12
Replies

can't access to cisco 5508 web management on service port

Hello, i have dual 5508 installation in HA mode. I configured ip on management and service interfaces and connect them to the switch. RP port on controllers connected to each together. HA status is ok, i can access to the ssh but not to the web GUI on service port nor management. Please help what could be wrong?

1 Accepted Solution

Accepted Solutions

Can you clarify this response:

+ No, i`m using gateway

The service port can only be accessed on the same subnet. It has no concept of a default gateway therefore any traffic you are trying to send to it from an outside subnet will never make it back.

I don't know the reasoning behind this and it's annoying to be sure, but that is definitely the case for that particular interface.

View solution in original post

12 Replies 12

tfleisher1
Beginner
Beginner

From https://supportforums.cisco.com/discussion/11859111/web-access-wlc-management

Are you able to access the WLC from wired network? Ar e you trying to access the WLC through telnet/SSH or GUI? In order to access the WLC you should use the managment interface of WLC.If you are trying to access this via GUI ensure that you have enabled the http server using "config network webmode enable" from the command prompt. Also you should be able to see the status of webmode and managment by wireless interface is enabled using "show network summary" command.

Hello! I`ve read this topic already but it`s not my case, cause i would like to manage via service port not wireless.

- Are you able to access the WLC from wired network?

+ Yes, only ssh

Ar e you trying to access the WLC through telnet/SSH or GUI?

+ all of them, but works only ssh

In order to access the WLC you should use the managment interface of WLC.If you are trying to access this via GUI ensure that you have enabled the http server using "config network webmode enable" from the command prompt.

+ did it already

- Also you should be able to see the status of webmode and managment by wireless interface is enabled using "show network summary" command.


RF-Network Name............................. RFBronka
Web Mode.................................... Enable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Disable
Secure Web Mode RC4 Cipher Preference....... Disable
OCSP........................................ Disabled
OCSP responder URL..........................
Secure Shell (ssh).......................... Enable
Telnet...................................... Disable
Ethernet Multicast Forwarding............... Disable
Ethernet Broadcast Forwarding............... Disable
AP Multicast/Broadcast Mode................. Unicast
IGMP snooping............................... Disabled
IGMP timeout................................ 60 seconds
IGMP Query Interval......................... 20 seconds
MLD snooping................................ Disabled
MLD timeout................................. 60 seconds
MLD query interval.......................... 20 seconds
User Idle Timeout........................... 300 seconds
ARP Idle Timeout............................ 300 seconds

--More-- or (q)uit
Cisco AP Default Master..................... Disable
AP Join Priority............................ Disable
Mgmt Via Wireless Interface................. Disable
Mgmt Via Dynamic Interface.................. Disable
Bridge MAC filter Config.................... Enable
Bridge Security Mode........................ EAP
Mesh Full Sector DFS........................ Enable
AP Fallback ................................ Enable
Web Auth CMCC Support ...................... Disabled
Web Auth Redirect Ports .................... 80
Web Auth Proxy Redirect ................... Disable
Web Auth Captive-Bypass .................. Disable
Web Auth Secure Web ....................... Enable
Fast SSID Change ........................... Disabled
AP Discovery - NAT IP Only ................. Enabled
IP/MAC Addr Binding Check .................. Enabled
CCX-lite status ............................ Disable
oeap-600 dual-rlan-ports ................... Disable
oeap-600 local-network ..................... Enable
mDNS snooping............................... Disabled
mDNS Query Interval......................... 15 minutes

What exactly happens when you try to reach the WLC via the web GUI? Timeout? Connection refused?

Are you specifying https://<IP>; ?

Are you trying to ssh/http into the WLC on the same subnet as the service port? If not, I'd recommend tracing packets to see why the ssh connections are making it through but the http/https attempts are not.

Hello! I`m trying to acces service port IP http://X.X.X.X but it says connection time out. And in the same time i can access by ssh to this address