Controllerless Networks

Reply
Contributor I

NAT in IAP

Hi All,

I want to understand how does the NAT work in IAP?

eg: Once i bring the IAP up in my network, what network range the users will get the IP address?

once i connect the IAP to my swicth in a perticular VLAN, the IAP will use the IP address from the dhcp pool from that VLAN. then the users connecting to this IAP, what IP address they will receive, ? guess 172.16.x.x right?

how does the NAT happens and to what IP address the users will be natted?

Super Contributor I

Re: NAT in IAP

It would depend how you set your IAP up. You can tag VLANs on the port of the switch and choose to put users in that specific VLAN, you can simply leave the port untagged and place users in that VLAN, or you can NAT to the IP of the IAP from the virtual controller assigned network of 172.16.98.0/23.
ACDX #419 | ACMP |
Super Contributor I

Re: NAT in IAP

I actually think the default VC network is 172.31.98.0/23. Answered to hastily ;)
ACDX #419 | ACMP |
Valued Contributor II

Re: NAT in IAP

Hi Friend,

 

IAP will NAT the user traffic in one of the following scenario,

1. when you choose VLAN assignement as "Virtual Controller Managed"

2. When you create VPN with the controller and choose DHCP server mode as Local.

 

When you choose " Virtual Controller Managed " option, client will get the IP either from magic VLAN subnet (172.31.98.x/23) or from the default DHCP scope defined in the IAP.

 

DHCP1.JPG

 

When you are using IAP VPN, Local DHCP option, client will get IP from the DHCP pool defined under Local.

 

DHCP2.JPG

IAP always NAT( Source NAT) the user traffic with it's uplink IP address.

 

Hope you got some more clarity on this,

 

Please feel free for any query on this.

Cheers,
Venu Puduchery,
[Is my post helped you ? Give Kudos :) ]
New Contributor

Re: NAT in IAP

Hi Guys,

 Just need some assistance.

I just have a few questions in my and hope you can help me clear it with me.

"Since IAP has a "Virtual Controller Managed" and it does NAT the IP.

Is it possible to give public IP to the AP?""

Thanks.. 

Contributor I

Re: NAT in IAP

Is there a way to retrieve the current NAT translations from an IAP cluster/VC (show ________ )?

 

I'm trying to track a guest client that is sending specific traffic.

Guru Elite

Re: NAT in IAP

On the VC use "show datapath session".  Filter on the ip address of the client or the website you are looking for.

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: