Re: Cisco Mobility Express is driving me nuts

Devabhai · ‎01-03-2020

Hello everyone,,

I'm trying to make a pre-auth ACL on the Cisco Mobility Express WLC (v8.8) for before users authenticate to my radius server and it just won't let me create the ACL. It's a guest WLAN with Captive Portal: Internal Splash Page with radius. For the life of me I can't get it to work.

I've tried creating the ACL in cli, which btw is the most horrendous experience ever. You can't define the ACL as you would on a switch, no you have to go thru a bunch of stupid commands that can either create a rule, modify it's source or destination, modify it's action. Take a look at this "marvel":

(Cisco Controller) >config acl rule ?

action Configure a rule's action.

add Add a new rule.

change Change a rule's index.

delete Delete a rule.

destination Configure a rule's destination IP address, netmask and port range.

direction Configure a rule's direction.

dscp Configure a rule's DSCP.

protocol Configure a rule's IP Protocol.

source Configure a rule's source IP address, netmask and port range.

swap Swap two rules' indices.

And after all this it still doesn't work.

Has anyone encountered this problem? Any ideea where I could find some answers?

https://discord.software/ FetLife vshare

Philip D'Ath · ‎01-03-2020

I don't know the answer.

Does this guide (using the GUI) help at all?

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-7/b_cisco_mobility_express_8_7/b_cisco_mobility_express_8_7_chapter_0110.html#task_8D5135FECACC432484A23385E3EA8AF7

Or try jumping to "Configuring DNS-based Access Control Lists (CLI)" in this guide:

https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-3/config-guide/b_cg83/b_cg83_chapter_01110.pdf