cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
987
Views
0
Helpful
6
Replies

Cisco vWLC 8.2 ACL for load balancers

cBevilaqua
Level 1
Level 1

Hello,

 

We have an external captive portal portal and our portal is hosted on AWS using load balancers. We also use Amazon S3 for static file hosting and other services from AWS that uses load balancers, so the IP addresses of these services are not static and can change any time.

We are having problems with IP address ACLs on Cisco 8.2 and older versions that not accepts URL ACLs. Is there any way to manage this kind of issue?

Thanks!

6 Replies 6

Are you taking about the pre auth ACLs. If so and the IPs are from same segment you can create a rule basically for complete segment.
Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

Yes, is for pre-auth ACLs.

AWS has a list of all their ip-ranges as you could see here: https://ip-ranges.amazonaws.com/ip-ranges.json

Although, Cisco allows only a limited number of ranges, so we can't add all the entries.

The problem of allowing wider ranges is that we could be "opening" the access for other unwanted resources.

Thanks!

Create a ACL with any source and destination and allow only https protocol on the ACL. Only on few model devices they are mandatory to configure Pre auth ACL. So try Webauth without ACL configuration as well.
Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

Thanks for the idea, although, i see no HTTPS protocol, is it some of the options in the selection box? I'm using FlexConnect ACLs.

Captura de Tela 2019-05-08 às 16.32.07.png

Thanks!


Protocol : TCP
Port: https

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

https://www.cisco.com/c/en/us/support/docs/wireless/flex-7500-series-wireless-controllers/113605-ewa-flex-guide-00.html
Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: