02-05-2018 06:28 AM - edited 07-05-2021 08:12 AM
We are using a Cisco 5520 Wireless Controller with software version 8.3.131.0. But the problem also occured with the former 8.1.102.0 software version.
All APs are running in FlexConnect Mode. Moreover we assign an "External WebAuthentication ACL" to every AP. This can be done via GUI (enter AP details --> FlexConnect --> PreAuthentication Access Control Lists --> External WebAuthentication ACLs --> Policies --> Add Policy ACL) or via CLI (config ap flexconnect policy acl add <ALCNAME> <APNAME>).
Basically this setup is running very fine. But there can be problems if an APs gets restarted or the WAN connection to the AP is down. After the AP reconnects to the WLC sometimes the ACL assignment is gone. All other settings are not affected. This behaviour is very random and can not be manually triggered. Furthermore we have several different AP models running (1702, 2702, 2802, 1832, 1532) and the problem could occor on every model.
Did someone notice similar problems or can someone explain why this happens?
02-05-2018 07:10 AM
Hi,
Create a flexconnect group instead and map the on the Group, this way, the AP heritage the config from group.
Of course, this does not justify the problem but can be a workaround until you fix it. Although config by AP group allows for better manageability.
-If I helped you somehow, please, rate it as useful.-
02-05-2018 07:53 AM
02-05-2018 02:19 PM
02-05-2018 11:10 PM - edited 02-05-2018 11:11 PM
I did a software update and activated aggregation. Can you explain the purpose of this setting please? I cannot find any documentation about it.
02-06-2018 08:00 AM
02-12-2018 04:42 AM
02-12-2018 04:46 AM
You mean that flexconnect group didn´t work? That´s estrange.
Well, if you are able to open a TAC, I´d go for it.
-If I helped you somehow, please, rate it as useful.-
02-12-2018 05:18 AM
02-12-2018 05:46 AM
On Cisco docs, we can read as follow:
"WebPolicy ACL is used for Conditional Web Redirect, Splash Page Web Redirect and Central Webauth scenarios."
I´d recommend you to take a close look on the following link. I have the feeling that you may be missing something.
-If I helped you somehow, please, rate it as useful.-
02-12-2018 07:09 AM
Yes "WebPolicy ACL" is what I need. I did configure this in the FlexConnect Group but as already mentioned some APs lose this ACL assignment after a restart or reconnect to the WLC controller.
02-23-2018 03:17 AM
Hi Peri_Admin have you resolved this issue? I am facing the same issue.
Thanks.
02-23-2018 03:21 AM
02-24-2020 06:04 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide