Hi Zalion,
I have attached the show run output. Basically,I am not configure any user role for any users and all is default configuration. Below is the show right output.
1) Have you changed the management port from 4343 to 443?
No.All is default.
2) The N flag shows that dest NAT is occuring. Is this configured in the User Role? NO.
(LWEH_ARUBA_WLC1) #show rights
RoleTable
---------
Name ACL Bandwidth ACL List Type
---- --- --------- -------- ----
ap-role 7 Up: No Limit,Dn: No Limit ra-guard/,control/,ap-acl/,v6-control/,v6-ap-acl/ System
authenticated 64 Up: No Limit,Dn: No Limit global-sacl/,apprf-authenticated-sacl/,ra-guard/,allowall/,v6-allowall/ User
default-iap-user-role 11 Up: No Limit,Dn: No Limit allowall/ User
default-via-role 61 Up: No Limit,Dn: No Limit global-sacl/,apprf-default-via-role-sacl/,allowall/ User
default-vpn-role 63 Up: No Limit,Dn: No Limit global-sacl/,apprf-default-vpn-role-sacl/,ra-guard/,allowall/,v6-allowall/ User
guest 5 Up: No Limit,Dn: No Limit global-sacl/,apprf-guest-sacl/,ra-guard/,http-acl/,https-acl/,dhcp-acl/,icmp-acl/,dns-acl/,v6-http-acl/,v6-https-acl/,v6-dhcp-acl/,v6-icmp-acl/,v6-dns-acl/ User
guest-logon 10 Up: No Limit,Dn: No Limit ra-guard/,logon-control/,captiveportal/,v6-logon-control/,captiveportal6/ User
logon 2 Up: No Limit,Dn: No Limit ra-guard/,logon-control/,captiveportal/,vpnlogon/,v6-logon-control/,captiveportal6/ User
stateful-dot1x 8 Up: No Limit,Dn: No Limit global-sacl/,apprf-stateful-dot1x-sacl/ System
sys-ap-role 12 Up: No Limit,Dn: No Limit sys-control/,sys-ap-acl/ System
voice 62 Up: No Limit,Dn: No Limit global-sacl/,apprf-voice-sacl/,ra-guard/,sip-acl/,noe-acl/,svp-acl/,vocera-acl/,skinny-acl/,h323-acl/,dhcp-acl/,tftp-acl/,dns-acl/,icmp-acl/,wificalling-acl/ User
Total Roles:11
thanks!