[c-nsp] 1.1.1.0/24 and Cisco WLCs
Tony Varriale
tvarriale at comcast.net
Mon Mar 11 19:08:57 EDT 2013
On 3/11/2013 9:37 AM, Phil Mayers wrote:
> On 11/03/13 13:42, Tony Varriale wrote:
>
>> engineer worth their salt does not use this.
>
> Maybe. But a lot of people *have* used it, because I've seen it when
> doing webauth logins e.g. in airports, train networks, etc. And by
> definition, the people unwise enough to use it are also likely to be
> the people unwise enough to return and fix things up in the
> installations they did.
Yes, very unfortunate. But, I know of a lot of installs that have not. :)
>
> Cisco wrote docs suggesting that people did this:
>
> """
> Enter the IP address of the controller's virtual interface. You should
> enter a fictitious, unassigned IP address, such as 1.1.1.1.
> """
>
> http://www.cisco.com/en/US/docs/wireless/controller/2100/quick/guide/ctrl206q.html
> (amongst others)
>
> This was always terrible, very naughty advice. That sentence should
> have read:
>
> """
> You should enter an IP address from a range you control, such as
> public IPs owned by your organisation or RFC 1918 space e.g. 10.1.1.1
> """
>
> Bad cisco! Bad! No treats for you!
>
Yes, definitely a doc issue. Unfortunately, not fixed :(
tv
More information about the cisco-nsp
mailing list