Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
580
Views
0
Helpful
4
Replies

WLC 2504 and AIR-CAP16021-E-K9 IP forwarding

Go to solution
zsd
Level 1
Level 1

‎01-22-2019 03:36 AM - edited ‎07-05-2021 09:44 AM

I have a WLC 2504 along with multiple AIR-CAP16021-E-K9. We've just had an internal pen test performed and it has come up that IP forwarding is enabled on the AIR-CAP16021.

I've looked around the management page of the WLC 2504 to see how to disable IP forwarding, but have not been able to find it. Can someone tell me where I can disable IP forwarding for these devices?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
patoberli
VIP Alumni
VIP Alumni
In response to zsd

‎01-23-2019 08:08 AM

Then this should not be needed to be changed. See here regarding how a WLC forwards packets: https://community.cisco.com/t5/wireless-and-mobility/how-does-wlc-switch-packets/td-p/2035619
 
Regarding your software release, this is also a very old version, and I'm pretty sure it contains known security issues. You should upgrade to the current release 8.5.140.0.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
patoberli
VIP Alumni
VIP Alumni

‎01-22-2019 06:54 AM

Never heard that this must/should/could be disabled on the APs.
I assume they run as lightweight and not autonomous?
0 Helpful

Go to solution
zsd
Level 1
Level 1
In response to patoberli

‎01-23-2019 06:30 AM

Yes, you are right, they are lightweight.

 

I've looked around the management page on the WLC 2504, but couldn't find anything referencing it. When the pen test was made, the WLC 2504 was running an older version of the firmware. Do you think this may have been disabled with the later version? (Now running 8.5.103.0)

0 Helpful

Go to solution
patoberli
VIP Alumni
VIP Alumni
In response to zsd

‎01-23-2019 08:08 AM

Then this should not be needed to be changed. See here regarding how a WLC forwards packets: https://community.cisco.com/t5/wireless-and-mobility/how-does-wlc-switch-packets/td-p/2035619
 
Regarding your software release, this is also a very old version, and I'm pretty sure it contains known security issues. You should upgrade to the current release 8.5.140.0.
0 Helpful

Go to solution
zsd
Level 1
Level 1
In response to patoberli

‎01-23-2019 08:24 AM

Thanks for the information. I will look into getting it updated.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card