Wireless Access

Hi,

iam using 6.4.4.5 on 7010 and the APs are not pingable from other subnets. In the AP System Profile there is ap-uplink-acl (default) that normally allows ICMP. So i think this "issue" comes with CPSEC enabled and has something to do with the tunnel list for the AP. Is this a "issue" or a well known configuration and canthis behavior changed ?

In my case we want to allow the DHCP Servers to ping the Clients to check the leases (ip adress conflict check, which is not possible if the device won't answer)

Thanks for Feedback

Would love to hear if this is fixed.

We ran into this a few months ago.

Don´t remember all details, but what worked was a ping from the controller.

Anything outside the LAN where the AP is placed could not ping the AP.

We opened a case and were told that this is a known behaviour and related to CPSEC.

Christian

Okay.  Let me check.

Ticket is open... 

Feedback from TAC: You actually need your "Ports" on the controller enabled as "routed" Ports so the back way from Controller to the Subnet of the ICMP Source can be reached "routed".