Wired Intelligent Edge

last person joined: yesterday 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

User based NAT

This thread has been viewed 3 times

  • 1.  User based NAT

    Posted Dec 18, 2017 07:29 AM

    Hi Guys,

     

    i read all NAT related posts in the forum and i tried a lot but i cannot get it working.

     

    I have a local controller in Branch office.

    The controller has got three vlans:

     

    VLAN1 10.10.56.0./22  => Management

    VLAN2 192.168.1.0/22 => Wired Network with Internet access GW: .1.1

    VLAN20 172.5.1.0/24 => Wireless Clients

     

    I want to do NAT for all Clients in VLAN  20.

    All VLANs have got IP adresses on its VLAN-Interfaces.

    I don't want general connectivity between those VLANs so i created a user role:

    user permit any any source nat

    to NAT all traffic from VLAN 20

     

    This simple config is not working at all. First step is do a ping on the gateway fo VLAN2 but ping is not respondig.

    During my research there appeared some questions:

    1. Do i have to configure a NAT pool and link it in user policy? (I want to do PAT all Wireless CLients to 1 IP Adress of VLAN 2)

    2. Do i have to configure ip-routing on the VLAN Interfaces(NAtting should be done by User role)?

    3. Is there a way to troubleshoot or debug this NAT setup?

    4. Is  there a way to creat user based routing tables?

     

    Thanks in advance!!!!



  • 2.  RE: User based NAT

    Posted Dec 19, 2017 02:04 AM
    Check the “nat inside” and “inter vlan routing” in the vlan configuration without other config, test first only wired trusted clients


  • 3.  RE: User based NAT

    Posted Dec 25, 2017 04:39 PM

    Hello bro, 

     

    Can you please help me about my queries ?. All are mentioned below.

     

    1) I am using Hp VAN 2.5.11 over ubuntu 14.04 my app store option on HP VAN controller is not working then how can I resolve this issue?

     

    2) What commands should I use over controler so that the users that are connected by open virtual switch can accessing internet? I mean how I enable NAT or PAT. 

     

    2) How can I define 2 Networks in a Single Controller ? 

    3) How can I block any packet between 2 users of same network? means I want that one user can use FTP but cant ping that IP. which app should I use and from where do I get that app? 

    @CañaWave wrote:
    Check the “nat inside” and “inter vlan routing” in the vlan configuration without other config, test first only wired trusted clients