Has anyone implemented CPU ACL on Cisco WLCs and any lessons learned?
I would like to apply CPU ACLs to protect WLC dynamic interfaces and hope it
will not break anything. :)
Thanks!
---
Dennis Xu, MASc, CCIE #13056
Analyst 3, Network Infrastructure
Computing and Communications Services(CCS)
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Cisco WLC CPU ACL
Has anyone implemented CPU ACL on Cisco WLCs and any lessons learned?
I would like to apply CPU ACLs to protect WLC dynamic interfaces and hope it
will not break anything. :)
Thanks!
---
Dennis Xu, MASc, CCIE #13056
Analys
On Tue, Dec 15, 2015 at 08:54:15PM +, McClintic, Thomas wrote:
> My understanding is that the CAPWAP traffic is not controlled by the CPU ACL.
"show rules" at the CLI will show you the built-in ACLs which are
automatically added to cover things like this. It covers everything
normally used,
@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLC CPU ACL
We are running CPU ACLs both on IPv4 and IPv6. The obvious thing is that you
want to make sure to account for all your CAPWAP sources and all your
management stations. If you use Prime Infrastructure to manage your WLCs
