Important port details:-
1. Enable these UDP ports for LWAPP traffic:
Data - 12222
Control - 12223
2. Enable these UDP ports for CAPWAP traffic:
Data - 5247
Control - 5246
3. Enable these UDP ports for Mobility traffic:
16666 - Secured Mode
16667 - Unsecured Mode
Mobility and data messages are usually exchanged through EtherIP packets. IP protocol 97 must be allowed on the firewall to allow EtherIP packets. If you use ESP to encapsulate mobility packets, you have to permit ISAKMP through the firewall when you open UDP port 500. You also have to open the IP protocol 50 to allow the encrypted data to pass through the firewall.
These ports are optional (depending on your requirements):
1. Enable these UDP ports for LWAPP traffic:
Data - 12222
Control - 12223
2. Enable these UDP ports for CAPWAP traffic:
Data - 5247
Control - 5246
3. Enable these UDP ports for Mobility traffic:
16666 - Secured Mode
16667 - Unsecured Mode
Mobility and data messages are usually exchanged through EtherIP packets. IP protocol 97 must be allowed on the firewall to allow EtherIP packets. If you use ESP to encapsulate mobility packets, you have to permit ISAKMP through the firewall when you open UDP port 500. You also have to open the IP protocol 50 to allow the encrypted data to pass through the firewall.
These ports are optional (depending on your requirements):
- TCP 161 and 162 for SNMP (for the Wireless Control System [WCS])
- UDP 69 for TFTP
- TCP 80 and/or 443 for HTTP or HTTPS for GUI access
- TCP 23 and/or 22 for Telnet or secure shell (SSH) for CLI access
No comments:
Post a Comment