cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
439
Views
0
Helpful
6
Replies
Highlighted
Beginner

Cisco vWLC 8.2 ACL for load balancers

Hello,

 

We have an external captive portal portal and our portal is hosted on AWS using load balancers. We also use Amazon S3 for static file hosting and other services from AWS that uses load balancers, so the IP addresses of these services are not static and can change any time.

We are having problems with IP address ACLs on Cisco 8.2 and older versions that not accepts URL ACLs. Is there any way to manage this kind of issue?

Thanks!

6 REPLIES 6
Highlighted

Are you taking about the pre auth ACLs. If so and the IPs are from same segment you can create a rule basically for complete segment.
Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
Highlighted

Yes, is for pre-auth ACLs.

AWS has a list of all their ip-ranges as you could see here: https://ip-ranges.amazonaws.com/ip-ranges.json

Although, Cisco allows only a limited number of ranges, so we can't add all the entries.

The problem of allowing wider ranges is that we could be "opening" the access for other unwanted resources.

Thanks!

Highlighted

Create a ACL with any source and destination and allow only https protocol on the ACL. Only on few model devices they are mandatory to configure Pre auth ACL. So try Webauth without ACL configuration as well.
Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
Highlighted

Thanks for the idea, although, i see no HTTPS protocol, is it some of the options in the selection box? I'm using FlexConnect ACLs.

Captura de Tela 2019-05-08 às 16.32.07.png

Thanks!

Highlighted


Protocol : TCP
Port: https

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
Highlighted

https://www.cisco.com/c/en/us/support/docs/wireless/flex-7500-series-wireless-controllers/113605-ewa-flex-guide-00.html
Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)