Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1313
Views
0
Helpful
5
Replies

WLC gui/ssh inaccessible outside its subnet

anon3776
Level 1
Level 1

‎12-28-2016 06:32 PM - edited ‎07-05-2021 06:17 AM

I can’t access the WLC through GUI or SSH from its configured IP from outside its subnet. It can only be accessed from the same subnet with WLC’s management/WLAN IP.

WLC IP:

10.1.1.1/24 Mgmt

Clients from 10.1.2.0/24 can ping 10.1.1.1 but cannot access GUI/SSH, only clients from 10.1.1.0/24 can access GUI/SSH.

Right now I use mgmt via dyn interface for temporary workaround for flexibility, but I wanna access the WLC from other subnets because we have VPNs to other sites.

1 person had this problem
Labels:
0 Helpful
5 Replies 5

Scott Fella
Hall of Fame
Hall of Fame

‎12-28-2016 09:37 PM

If you are trying to access the controller from a subnet defined as a dynamic interface, you need to issue the command.  If you are trying to access the controller from a subnet that is not defined on the controller, you should be able to without that command. 

-Scott 

*** Please rate helpful posts *** 

-Scott
*** Please rate helpful posts ***
0 Helpful

anon3776
Level 1
Level 1
In response to Scott Fella

‎12-28-2016 11:52 PM

Does it mean I need to disable the mgmt via dynamic interface first so that I'm able to access the controller from subnet that is not defined on the controller?

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to anon3776

‎12-29-2016 03:03 AM

If you are trying to connect to the controller from a subnet that isn't defined on the controller from a wired connection, you shouldn't need anything checked. Mgmt via wireless or dynamic states a wireless client able to get to the mgmt of the controller.  Has nothing to do with wired.  I don't know how mgmt via dynamic interface is helping if that subnet doesn't overlap any subnets defined on the controller.

-Scott 

*** Please rate helpful posts *** 

-Scott
*** Please rate helpful posts ***
0 Helpful

anon3776
Level 1
Level 1
In response to Scott Fella

‎12-29-2016 05:42 AM

Ok so this might be a bug or something as I'm not able to access the controller from another subnet. All of the controller's IP are pingable from other subnet, but to access the GUI/SSH I need to be in the same subnet as the controller's IP. Really weird.

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to anon3776

‎12-29-2016 08:12 AM

What code are you running and what controller?  If you have mgmt via dynamic interface enabled and that works, we know that there are no acls blocking, so it can be a bug. 

-Scott 

*** Please rate helpful posts *** 

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card