i will show you tomarrow i'm in different place right now 

hi still don't solve this problem

I just had a look into the STW and based on that could you please adjust these and see if that helps - 

Current Config - wireless management interface Vlan12
Change to - wireless management interface GigabitEthernet0

Current Config - 
ip route 0.0.0.0 0.0.0.0 10.8.12.254
ip route 0.0.0.0 0.0.0.0 Vlan12 250
Change To - 
ip route 0.0.0.0 0.0.0.0 10.8.12.254
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 250

Add this config - 
ip default-gateway10.8.12.254

i can test it 5/7 korea is in long weekend now 

i added ip default-gateway10.8.12.254 this but still don't work 

I don’t understand why only this device behaves this way.
On other devices, we configured the management interface as a VLAN instead of using Gi0, and there were no issues.
For reference, we are currently setting up around 400 APs, and only a few of them are experiencing this issue — where ping fails only to the VIP, while other connectivity is working fine.

Thank you for your response. I have a few follow-up questions.

First, is it Cisco’s recommendation that the VIP used for GUI access does not respond to ping, but still allows GUI access?
If so, does this mean SSH access should still work without issues?
Also, in our setup, the wireless management interface is not using Gi0 but is configured on a management VLAN instead — could this also be a potential issue?

++ Is the guide you provided for the 9800 also applicable to the 9105 in EWC mode?

> First, is it Cisco’s recommendation that the VIP used for GUI access does not respond to ping, but still allows GUI access? If so, does this mean SSH access should still work without issues?
- I have already explained that the Virtual IP is only supposed to be used for web auth. If you try to use it for anything else then you can expect unpredictable and untested behaviour.

> Also, in our setup, the wireless management interface is not using Gi0 but is configured on a management VLAN instead — could this also be a potential issue?
- It certainly could be!  I don't believe EWC is intended to support VLAN at all which is why there is no VLAN menu like on a regular 9800 so I don't know how you even managed to configure that.  I've just experimented and found you can add a dot1q sub-interface on CLI but I'm pretty sure that is not supported so the behaviour could be unpredictable.  Aha - in fact I see from your STW that you actually configured SVI (vlan) interfaces - those are definitely not supported on EWC because Gig0 is not a switch interface.  I also see you have configured your WLAN vlan interfaces there too - that's just a mistake because EWC only supports Flexconnect Local Switching - the VLANs are only supported on the AP not on the EWC.  If you want to define the VLANs for the AP then you must do that in your wireless flex profile:
C9120AXI-EWC(config-wireless-flex-profile)#?
 acl-policy          ACL policy description
 arp-caching         enable arp-caching
 cts                 Enable/Disable cts features for all APs in this profile
 default             Set a command to its defaults
 description         Add a description for the flex profile
 dhcp                Configure DHCP
 exit                Exit sub-mode
 fallback-radio-shut Enables the radio interface shutdown
 ip                  Flex group IP configuration subcommands
 join-min-latency    Enables least latency join for a flexconnect AP
 local-accounting    Configure local accounting
 local-auth          Configure local-auth
 mdns-sd             Enable/Disable mDNS features for all APs in this profile
 native-vlan-id      Enter native vlan-id information
 no                  Negate a command or set its defaults
 office-extend       Enables the OfficeExtend AP mode for a flexconnect AP
 predownload         enable predownload
 resilient           Enables/Disables Standalone mode in flex+bridge AP
 umbrella-profile    umbrella profile description
 vlan-name           Enter vlan name
The VLAN definitions on the EWC itself are meaningless.

>  Is the guide you provided for the 9800 also applicable to the 9105 in EWC mode?
- The clue is in the name of the guide: Cisco Embedded Wireless Controller on Catalyst Access Points Configuration Guide, IOS XE 17.15.x

If you want to start using advanced 9800 features then you should really consider using 9800-CL not EWC.

Thank you for your response.
I checked the link you shared and saw that GigabitEthernet0 is used as the management interface in the example.
However, that appears to be just one example — I didn’t see anything that explicitly states “it’s best practice to always use Gi0 for the management interface,” so I’m not quite sure what your recommendation is based on.
We are currently deploying around 400 APs, and in most of our EWC MAIN devices, the VIP responds to ping just fine with the current VLAN-based management setup.
This issue only occurs on a few specific EWC MAIN devices.

What you see in the GUI is what is supported on the EWC platform - it's an intentionally reduced feature set from a regular 9800 series controller with a number of limitations.
The IOS may allow you to configure other things (just because they haven't removed the commands) but they are untested and unsupported.
If you choose to use unsupported features then you do so at your own risk - the results can be unreliable and unpredictable - as you have discovered.  And just because they (sort of) work on the current release doesn't mean they'll keep working on a later release.