Cisco WLC AP's and firewall ports?


I have some 3600, 3700, and 3800 AP’s going behind a firewall. Will I need to ask the FW team to open any special ports for the AP’s to join the wlc?


At a minimum you will need the CAPWAP ports open for the AP’s to join.

5246 / UDP - Control Channel
5247 / UDP - Data Channel

Other “nice to have” ports are

ICMP & SSH (Optional)