Controller Based WLANs

IP nat outside on Aruba controllers
Q:

Can I create ip nat outside on Aruba controllers?



A:

This article is applicable on controllers running 6.4.4.0 OS.

Requirement: Customers are looking for NAT Outside support where multiple internal networks traffic needs to be NAT’ed.

Current :

AOS currently supports “ip nat inside” feature where traffic gets NAT’d with the desired IP address of the VLAN interface as the source address. While this feature makes sense for traffic going out of uplink VLAN interface, for traffic which needs local routing, this causes unnecessary address translation. All the non-public inter-VLAN communication gets unnecessary address translation.

Enhancements done:

This feature solves this issue by having only outbound traffic to get nat’d while the locally routed traffic shall be sent without any address translation. This feature shall be applied on all public facing egress VLAN interfaces. When applied, all the outbound traffic shall get nat’d with the IP address of the VLAN interface as the source address. All the non-public inter-VLAN communication which is routed locally shall remain unaffected.

 

        ip address 200.0.0.1 255.255.255.0

        ip nat outside

        operstate up

!

(C1) #show interface vlan 200

VLAN200 is up line protocol is up

MTU 1500 bytes

IP NAT Outside is enabled on this interface

Last clearing of "show interface" counters 0 day 21 hr 47 min 4 sec

link status last changed 0 day 21 hr 44 min 53 sec

Proxy Arp is disabled for the Interface

Auto Operstate up is enabled for this Interface

Tunnels Configured on this Interface:

Tunnel 0

 

#show datapath session (command will help getting stats for session traffic).

 

GUI

Version History
Revision #:
2 of 2
Last update:
‎11-25-2015 04:01 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.