Solved: Re: WLC 9800 ACL only internet

Leo TI · ‎12-09-2023

I have a guest WLAN; the issue is with the ACL as it does not restrict access to internal networks. I am testing with a ping to the IP 172.22.10.X. If I remove the first three permits, I lose access to the guest page to enter the credentials.

ip access-list extended SOLO-INTERNET
permit udp any any eq domain
permit tcp any any eq domain
permit udp any eq bootpc any eq bootps
deny ip any 10.0.0.0 0.255.255.255
deny ip any 172.16.0.0 0.15.255.255
deny ip any 192.168.0.0 0.0.255.255
permit ip any any
exit

MHM Cisco World · ‎12-09-2023

this ACL use for web auth WLAN it called pre-auth ACL not for PSK WLAN
the IP ACL use for WLAN find in policy profile-> Access Policies

MHM

View solution in original post

MHM Cisco World · ‎12-09-2023

Hi
can I ask the issue with radius auth is solve?

Leo TI · ‎12-09-2023

Is web page guest

MHM Cisco World · ‎12-09-2023

no I ask for previous post there was issue between wlc and radius, is it solved?
MHM

Leo TI · ‎12-09-2023

It didn't get resolved; in the end, I used a WLAN with PSK

MHM Cisco World · ‎12-09-2023

this ACL is CoA ACL ?
MHM

Leo TI · ‎12-09-2023

CoA? I don't think so, the users are local, and it works fine. The issue is with the ACL.

MHM Cisco World · ‎12-09-2023

this ACL use for web auth WLAN it called pre-auth ACL not for PSK WLAN
the IP ACL use for WLAN find in policy profile-> Access Policies

MHM

Leo TI · ‎12-09-2023

It got resolved perfectly, thank you very much

MHM Cisco World · ‎12-09-2023

You are so welcome friend

Have a nice weekend

MHM