Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
659
Views
0
Helpful
3
Replies

Wirless management restriction using ACL

ejlbarcelon
Level 1
Level 1

‎05-29-2019 01:51 AM - edited ‎07-05-2021 10:28 AM

Hi, I have a WLC that I need to restriction over the management GUI but do not want to block anything else.

Is there a safe way to block other wireless client to the WLC GUI, while keeping a whitelist of those who can access?

I am planning to enable "management via wireless" as lobby admin is connected to wireless.

Labels:
0 Helpful
3 Replies 3

patoberli
VIP Alumni
VIP Alumni

‎05-29-2019 01:59 AM

Never done this, but it should work like the following:
permit client-ip virtual-interface-ip tcp 443
permit client-ip virtual-interface-ip tcp 22
deny every-other-client-ip virtual-interface-ip tcp 443
deny every-other-client-ip virtual-interface-ip tcp 80
deny every-other-client-ip virtual-interface-ip tcp 22
permit any any
0 Helpful

ejlbarcelon
Level 1
Level 1
In response to patoberli

‎05-29-2019 03:34 PM

Hi patoberli,

What is port 22 for? is this required to block GUI?

Also why do we need a "permit any any"?

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to ejlbarcelon

‎05-30-2019 11:33 PM

22 is SSH, which is typically also accessible if management over wireless is enabled. Port 23 too, if you have enabled Telnet.

The permit any any is to allow all other access, like internet.


0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card