Howdy,
I'm trying to setup a vWLC to sit behind a vASA using CAPWAP/FlexConnect AP's and only allow required ports inbound to the WLC (https://i.imgur.com/55bIOn0.png).
I'm referring the the document here:
However, when I lab this up - I can see the ports inbound using random UDP ports (the random one associated to each AP I assume). The only way I can get it to work is to allow the following:
UDP Ports 1024 - 65535
Is this right? Is there any other tidy ASA rule(s) than just allowing the UDP ports above else I get the below:
https://i.imgur.com/vL1C5v4.png
Has anybody had any previous experience of this before?
Thanks.
No comments:
Post a Comment