Showing results for 
Search instead for 
Did you mean: 

Wireless clients cannot RDP or SSH


I have a customer that is reporting the above issue from a single site

Wired clients at this site can RDP and SSH

Clients at other sites, supported by the same WLC, can connect via RDP & SSH via WiFi

There are no access lists on the WLC

Is this far more likely to be a LAN/WAN/FW issue

Is there any debug I can run on the WLC that might identify the issue or is this the realm of sniffing the LAN/monitoring the Firewall


6 Replies 6

VIP Engager VIP Engager
VIP Engager

the clients cannot start RDP or SSH? is the application installed on these clients?

is the connection refused? then check if the subnet used on this site is allowed at the destination.

if other do basic steps like

- ping default gateway from client

- ping remote gateway from client

- ping  ssh/rrdp destination

- traceroute to destination

Can you please check, SSH is blocked by access point/ wireless controller? by ACL.

There are no ACLs on the WLC



Interesting development, client has statically assigned himself an IP address in the second half of the /23 subnet and now he can RDP & SSH OK ie a 10.108.157.X address rather than a 10.108.156.X DHCP assigned address

interesting lead

is the AP involved in local mode (date delivered to lan centrally by WLC)?

or flexconnect mode (data delivered by AP to local vlan)?

in second case, then the subnet mask retrieved from the dhcp scope may not be correct, so it cannot reach the central site through the gateway

It turns out the fault description is not entirely accurate


The issue is not just for 10.108.156.xx addresses but affects the whole subnet due to a Cisco bug CSCvb78700 affecting the 4500 core switch

Image 03.09.00.E is vulnerable to the following.....



4500X unable to forward packets when th