This document describes recommended IP addresses to use as a virtual interface on the WLC (Wireless LAN Controller).
Contributed by Rafael Enriquez Olguin and David McNeil Cisco TAC Engineers.
For years, many Cisco configuration examples documents use 22.214.171.124 as virtual IP address for the WLC.
Addresses for the subnet 126.96.36.199/8 have been assigned to the public space, This causes re-direct issues for Web Authentication WLANs.
IP Address 188.8.131.52
Address 184.108.40.206 is now a secure Domain Name System (DNS) server. Anyone who uses this IP address uses a public IP address exclusively assigned to a private entity.
Now, some browsers such as Chrome, Firefox and Microsoft have included address 220.127.116.11 to their HTTP Strict Transport Security (HSTS) preload list, This prevents devices, which uses these browsers for re-direction, to complete Web Authentication.
The Virtual IP address for the WLC must be configured as a non-routable IP address. You must ensure it does not overlap with the network infrastructure. The address can be configured to use an IP address from the internal allocated networks. Defined on RFC1918.
The available subnets are:
The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)