Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a wireless controller in HQ to which an AP connects in the branch. On the branch router I want to match traffic in the ACL that is sourced from AP and destined to controller which I am able to do using IP address of AP as source and controller as destination. However, I can't match traffic on the HQ router by an ACL specifying controller as source and AP as destination. Can anyone please help me to know how can I match traffic from controller to AP? All I know is that a CAPWAP tunnel is formed between AP and controller.
Is there a way to match traffic based on UDP 5246 & 5247? That should be the CAPWAP traffic & you should be able to see your WLC & AP IP as src/dst on those packets.
