Hi everyone..!
I'm new to aruba and Im experimenting with a couple of demo devices: IAP-205 and IAP-225, no big controller or anything else, just the IAPs.
The issue Im facing now is that Im trying to set up a guest network in order to prepare the devices for demo environment. One of the thins I need to do for security reasons, is to separate the guest network from the internal network.
This is how things are beeing set up for the moment:
1. Our main firewall is the DHCP for our internal network.
2. I just plugged the IAPs into the network, so they have aquired a internal IP address and connected to Aruba central for administration.
That's it.
I first configured a wireless network for internal use, which works just fine.
The problem comes with the guest network, because initially works great, but it has access to internal network. So i add a new rule in the firewall restricting access to our internalnetwork/24 , but once this is done, guests are not having Internet anymore.
I found the configuration of the VLAN that the IAP's use for when they are set as virtual DHCP's, so I set up public DNS in order to pass those to guest clients, but still no Internet access.
What confuses me a little, is that even though the guests are getting the correct IP and everything, when performing a trace route, they don't use the virtual gateway, but goes to our internal instead:
As you can see, I have configured the DHCP pool for the IAP's to serve the network 192.168.200.0/27, and our internal network is 192.168.0.0/24. Our main gateway is 192.168.0.31.
My direct question is why the guest devices are looking for our internal gateway instead of using the virtual one provided by the IAP..?
Im sure Im missing several things here....right..?
Im sorry to make my first post this long..!!!
Thank you all.!
Best Regards.