Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1402
Views
0
Helpful
6
Replies

Cisco vWLC 8.2 ACL for load balancers

cBevilaqua
Level 1
Level 1

‎05-08-2019 10:25 AM - edited ‎07-05-2021 10:21 AM

Hello,

 

We have an external captive portal portal and our portal is hosted on AWS using load balancers. We also use Amazon S3 for static file hosting and other services from AWS that uses load balancers, so the IP addresses of these services are not static and can change any time.

We are having problems with IP address ACLs on Cisco 8.2 and older versions that not accepts URL ACLs. Is there any way to manage this kind of issue?

Thanks!

Labels:
0 Helpful
6 Replies 6

Sathiyanarayanan Ravindran
Spotlight
Spotlight

‎05-08-2019 10:43 AM

Are you taking about the pre auth ACLs. If so and the IPs are from same segment you can create a rule basically for complete segment.
Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
0 Helpful

cBevilaqua
Level 1
Level 1
In response to Sathiyanarayanan Ravindran

‎05-08-2019 10:59 AM

Yes, is for pre-auth ACLs.

AWS has a list of all their ip-ranges as you could see here: https://ip-ranges.amazonaws.com/ip-ranges.json

Although, Cisco allows only a limited number of ranges, so we can't add all the entries.

The problem of allowing wider ranges is that we could be "opening" the access for other unwanted resources.

Thanks!

0 Helpful

Sathiyanarayanan Ravindran
Spotlight
Spotlight
In response to cBevilaqua

‎05-08-2019 12:21 PM

Create a ACL with any source and destination and allow only https protocol on the ACL. Only on few model devices they are mandatory to configure Pre auth ACL. So try Webauth without ACL configuration as well.
Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
0 Helpful

cBevilaqua
Level 1
Level 1
In response to Sathiyanarayanan Ravindran

‎05-08-2019 12:34 PM

Thanks for the idea, although, i see no HTTPS protocol, is it some of the options in the selection box? I'm using FlexConnect ACLs.

Captura de Tela 2019-05-08 às 16.32.07.png

Thanks!

0 Helpful

Sathiyanarayanan Ravindran
Spotlight
Spotlight
In response to cBevilaqua

‎05-08-2019 01:08 PM


Protocol : TCP
Port: https

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
0 Helpful

Sathiyanarayanan Ravindran
Spotlight
Spotlight
In response to Sathiyanarayanan Ravindran

‎05-08-2019 01:11 PM

https://www.cisco.com/c/en/us/support/docs/wireless/flex-7500-series-wireless-controllers/113605-ewa-flex-guide-00.html
Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card