Controllerless Networks

Reply
Occasional Contributor I

Aruba IAP 205 connecting to ADSL modem/NTU

Hi all,

 

I have to confess I've zero knowledge of Aruba IAP. My boss passed me a IAP 205 and ask me to hook up to the ADSL NTU/modem from an ISP.

 

I've a couple of questions here:

 

1. Can the IAP do NATing and as like a L3 "router"? Coz' the ISP only provided an ADSL NTU(bridging) with a RJ45 port. Should I connect the IAP Ethernet port to this NTU and configure the public static IP on the IAP Ethernet port? How about NATing? How do I configure it?

 

2. How about the wireless client? Can I configure DHCP on the IAP to serve out IPs to the wireless client? How do I do that? Any step by step instruction on this?

 

3. My boss also like to put in URL filter on the IAP (he said IAP able to do that). Eg. Only allow the client to surf URL ending with "abc.com". How do I do that?

 

A simple guide will be very much appreciated on this so call simple setup? I did this alot on Cisco device but is a total stranger on Aruba.

Guru Elite

Re: Aruba IAP 205 connecting to ADSL modem/NTU

You have alot of questions.

 

You can do all of those things, but the first thing you probably need to do, is to configure the PPPOE (ADSL connection).  You can do it via the commandline here:  http://www.arubanetworks.com/techdocs/Instant_42_WebHelp/InstantWebHelp.htm?_ga=1.43038629.1615771646.1440445030#CLI_commands/pppoe-uplink-profile.htm?Highlight=pppoe

Please see here:  http://www.arubanetworks.com/techdocs/Instant_42_WebHelp/InstantWebHelp.htm?_ga=1.43038629.1615771646.1440445030#UG_files/Uplink_conf/ConfigurePPPoEUL.htm?Highlight=pppoe to diagnose whether you have the PPPOE connection up and running.

 

1.  You can nat all traffic out of an AP by making a VLAN "Virtual AP Assigned" when creating the SSID.  That will put users on a VLAN that is only internal to the AP and you must configure a DHCP server on the AP to assign them ip addresses.  Users on a "Virtual AP assigned" VLAN will be natted out of the AP.

2.  Yes you can:  http://www.arubanetworks.com/techdocs/Instant_42_WebHelp/InstantWebHelp.htm?_ga=1.43038629.1615771646.1440445030#UG_files/DHCP_conf/DHCP Config.htm?Highlight=dhcp

3.  Yes, you can:  http://www.arubanetworks.com/techdocs/Instant_42_WebHelp/InstantWebHelp.htm?_ga=1.43038629.1615771646.1440445030#UG_files/AppRF/URL_Filtering.htm?Highlight=web

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I

Re: Aruba IAP 205 connecting to ADSL modem/NTU

Thanks CJoseph for the links...

 

We have a Biz ADSL hence that's no need to the PPPoE login. We will just configure the public IP on the IAP Ethernet port, right?

 

As for the Web Policy Enforcement Service, can we customise our own string (eg. *.abc.com)? I saw from the docs it has "Web Category", "Web Reputation"..etc. When can I put in our customise URL string?

 

Thanks

Guru Elite

Re: Aruba IAP 205 connecting to ADSL modem/NTU

I am wrong for #3.  You can only block categories domains, not specific URLs.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Aruba Employee

Re: Aruba IAP 205 connecting to ADSL modem/NTU

You can block specific domains like www.google.com, but not subURLs (like block google.com/news)
Occasional Contributor I

Re: Aruba IAP 205 connecting to ADSL modem/NTU

Hi Yan Liu,

 

Thanks...

 

Can I do wildcard in the URL? Eg. *.abc.com ? If yes, how do I do that in GUI or CLI?

Aruba Employee

Re: Aruba IAP 205 connecting to ADSL modem/NTU

No, I am afraid we cannot do wildcard yet.. Should be a fully qualified domain name.
Occasional Contributor I

Re: Aruba IAP 205 connecting to ADSL modem/NTU

Where do i key in the full domain name?
Aruba Employee

Re: Aruba IAP 205 connecting to ADSL modem/NTU

In the ACL configuration, use the 'network' category, and the "To a domain name" as the destination
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: