On establishing VPN tunnel with the controller the DNS queries from wired/wireless clients connecting to IAP needs to handled accordingly. DNS queries for the internal domains need to go into tunnel and rest should be source-natted with IAP's local IP and get routed towards ISP or global DNS server.
This article details on how to configure the list of internal domains within the IAP configuration.
Environment : The article applies to all Instant Access Points running Aruba InstantOS 6.2.0.0-3.2.0.1 and later releases.
Take the below steps to list internal domains in the IAP:
1. Login into Instant WebUI
2. Click on "Settings" from the main menu.
3. Click on "Show advance options" at the bottom of the General tab
4. Click on "Enterprise Domains" tab.
5. Click on "New" button and add the internal domain entries.
6. Click OK.
We can verify the working of DNS resolution using "nslookup <domain-name>" command on the Wireless/Wired Windows clients connecting to IAP.
DNS queries for the internal domains need to go into tunnel and rest should be source-natted with IAP's local IP and routed towards ISP or global DNS server.
Note: When Content Filtering is enabled for a network in the SSID settings, then the domain names that do not match the names in the "enterprise domains" list are sent to OpenDNS server. |
We can verify the working of DNS resolution using "nslookup <domain-name>" command on the Wireless/Wired Windows clients connecting to IAP.
DNS queries for the internal domains need to go into tunnel and rest should be source-natted with IAP's local IP and routed towards ISP or global DNS server.
Note: When Content Filtering is enabled for a network in the SSID settings, then the domain names that do not match the names in the "enterprise domains" list are sent to OpenDNS server. |