WLC Management Access Connections

wireless-access-methods

To access a network device there are various methods. These network access methods are also used to access wireless components. So, here, we will talk about these access methods.

wireless-access-methods

Access Methods used in Wireless networks can be divide into 4 categories. These are given below:

  • Telnet / SSH
  • HTTP / HTTPS
  • Console
  • TACACS+ / RADIUS

 

Telnet / SSH

 

Telnet and SSH access can be done on CLI by using WLC Mangement Interface IP Adddress. On CLI, you should use ssh or telnet keyword and then you  should use the Maagement IP address. If the Telnet/SSH service is on and there is no restriction for telnet/SSH session, you can access the wireless device with this method.

 

As you know, telnet is insecure and SSH is the secure way in this type of method. By default, telnet is disabled on Cisco WLCs. But, SSH is enabled by default. So, if you want to use telnet, you should enable it.

 

To access to a WLC with Telnet or SSH, they must be aneble on WLC. You can enable these services on CLI with the below commands:

  • config network telnet enable
  • config network ssh enable

 

You can check the status of this configurations with “show network summary“ command.

  • show network summary

RF-Network Name……………………….. TestNetwork1

Web Mode……………………………… Enable

Secure Web Mode……………………….. Enable

Secure Web Mode Cipher-Option High………. Disable

Secure Web Mode Cipher-Option SSLv2……… Disable

Secure Shell (ssh)…………………….. Enable

Telnet…………………………….. Disable

 

To see the active Telnet sessions you can use the below command:

 

  • show login-session

 

ID           User Name        Connection From            Idle Time             Session Time

—            —————      —————                      ————           ————

00           admin                   EIA-232                                00:00:00               00:19:04

 

On GUI, you can also adjust the Telnet/SSH parameters like Telnet Login Timeout, Maximum Number of Sessions etc. related with Telnet and SSH from “Management > Telnet-SSH” part. After applying adn saving, the configuration is Ok.

We can also adjust telent priviledges from “Management > Local Management Users“ part.

 

HTTP / HTTPS

 

To access GUI (Graphical User Interface) of the WLC, we can use HTTP and HTTPS. HTTP is insecure and http is secure way to connect. By default HTTP is disablled but it can be enabled to use. And HTTPS is enabled by default.

To access WLC GUI, we can use HTTP/HTTPS over a browser. Here, service port interface or the management interface is used to access GUI.

To access GUI, 192.168.1.1 is the default IP Address.

  • https://ip-address

or

  • http://ip-address

 

To access GUI over browser, webmode must be enable on WLC. By default it is disabled. You can enable it with below command on CLI:

  • config network webmode enable

 

To allow only secure connection with HTTPS, you can use the below command on the controller CLI:

  • config network secureweb enable

 

Console Connection

 

Console Connection is the connection type that can be done over console port of the wireless device. You should be next to the device for thic connection. You can plug in your console cable to your laoptop and the console port of the wireless device and then you can access through both CLI and GUI.

To do this, Console connection must be enabled on Cisco WLC. By default it is enabled.

RADIUS /TACACS+

 

To access a wireless device RADIUS or TACACS+ authentications can be used. For this access,user credentials (user, passwords)  are defined in a RADIUS Server or TACACS+ Server and before the access, user credentials are checked. If the correct credentials (user, passwords) are given, then user access accepted.

 

All users have special usernam and passwords. And these information is stored in a remote RADIUS Server or TACACS+ Server. While accessing the Cisco WLC, the user name and the password is requested from the user. If user write the correct information, he/she can accees Cisco WLC.

Lesson tags: wlc, telnet, ssh
Back to: CCNA 200-301 > Wireless

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact

  • info@ipcisco.com
IPCisco is the Winner! “Best Certification Study Journey of 2019!”

Cisco-ITBlogAwards-2019-Winner-IPCisco-k

CCNA 200-301