Campus Switching and Routing

Reply
New Contributor
Posts: 4
Registered: ‎10-23-2016

Can the NAT's gateway be changed for a guest network? If so, how?

Our ArubaOS VC has a br0 interface with a NAT setup for the guest network. There is a gateway entry for the network that must be changed now due to a change in our infrastructure at school. I have not been able to figure out how to make this change in ArubaOS.

 

See the routing table below. I need to change the gateway from 172.16.0.101 to 172.16.0.105.

 

Kernel IP routing table

Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface

172.16.0.0      0.0.0.0         255.255.252.0   U         0 0          0 br0

10.100.0.0      0.0.0.0         255.255.252.0   U         0 0          0 br0

0.0.0.0         172.16.0.101    0.0.0.0         UG        0 0          0 br0

 

      ----         -------  ----      ----  ---------------------  --------------  -------------  ------   ----  ------

ELHS-GUEST   ELHS-GUEST   1        guest     all   Internal CP            None            NAT Mode       Enabled  -     Default

 

 

Mr. Perry Lund
Guru Elite
Posts: 21,480
Registered: ‎03-29-2007

Re: Can the NAT's gateway be changed for a guest network? If so, how?

What is doing the natting?

172.16.0.101 is the default gateway of what device?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎10-23-2016

Re: Can the NAT's gateway be changed for a guest network? If so, how?

I assume the Aruba VC is doing the NAT. 

 

172.16.0.101 was the old gateway (a Palo Alto 200) that is being removed and a SonicWall NSA-220 is being used at 172.16.0.105.

Mr. Perry Lund
Guru Elite
Posts: 21,480
Registered: ‎03-29-2007

Re: Can the NAT's gateway be changed for a guest network? If so, how?

Okay. So this is an instant AP? Guest traffic for instant APs that have a virtual controller assigned clan are natted out of the IP address of the Virtual Controller, and that cannot be changed. If you want traffic natted to another address, you should pick Network Assigned, select the VLAN and have another device downstream do the Natting


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎10-23-2016

Re: Can the NAT's gateway be changed for a guest network? If so, how?

I am new to the Aruba wireless setup, so forgive me if I sound a bit ignorant. Yes, we have an S2500 PoE and an Aruba VC, which I have been told resides in the APs (actually it seems one AP in particular). The IP of the Aruba VC is in the 172.16.0.x range and the secure wireless network gets IPs from a Windows server on our network. The Aruba VC has an IP of 172.16.0.131 and the S2500 is .131. The APs are all in the 172.16.0.x range too.

 

A Guest wireless network allows people to connect and get a 10.100.0.x IP from the Aruba NAT / DHCP. I can not find a way to edit any of those configurations, thus my problem. We would like to keep the guest network from seeing the SECURE network. 

 

I have some learning to do.

Mr. Perry Lund
Guru Elite
Posts: 21,480
Registered: ‎03-29-2007

Re: Can the NAT's gateway be changed for a guest network? If so, how?

Guest traffic will have to pass through the 172.16.0.x network to the internet.  To keep them from seeing the network, you will have to edit the SSID and under the Access Tab> Network Based, restrict the networks that it can connect to.  Please see the guide here:  http://community.arubanetworks.com/t5/Community-Tribal-Knowledge-Base/For-the-Beginner-Aruba-Instant-IAP-Basic-setup/ta-p/80744



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎10-23-2016

Re: Can the NAT's gateway be changed for a guest network? If so, how?

Colin - I appreciate the link to the setup guide. 

 

I am wanting to understand the current setup prior to making changes. The employee network is 172.16.x.x. The guest network is 10.100.x.x and their is DHCP handing out IPs from the Aruba unit. And I assume it is doing NAT right now. What I really want to know is where I can modify the DHCP info. I will attach a screenshot a two of the current setup.

Mr. Perry Lund
Guru Elite
Posts: 21,480
Registered: ‎03-29-2007

Re: Can the NAT's gateway be changed for a guest network? If so, how?

Virtual controller managed vlans are always natted out of the virtual controller.  The default gateway cannot be anything besides a hidden ip address on the AP.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: