cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1480
Views
20
Helpful
4
Replies

CAPWAP tunnel as interesting traffic over S2S IPSEC VPN

ewood2624
Contributor
Contributor

I'm curious, with IPSEC site-to-site VPN, does the the CAPWAP tunnel that forms for a lightweight AP as it connects to the WLC qualify as interesting traffic to keep the VPN tunnel open?

4 Replies 4

Stephen Rodriguez
Cisco Employee
Cisco Employee

it would if you defined ports 5246/5247 as intersting traffic.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

How would you define ports on the acl instead of the IP's for Site to Site?

This is Cisco router to cisco router not router to ASA.

ip access-list ext < acl id > udp any any range 5246 5247.....

all depends on the acl you are using.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers