Wireless Access

We currently have an inline Barracuda content filter on our network. It is the Second to last step out on the network, afterwards comes the firewall, then the WAN.

We monitor all web traffic through the Barracuda filter, however we have an issue tracking user on the guest network (which is in a different subnet than the rest of our network). It currently only logs the Aruba Main Controller IP address.  What do we have to do to get it to pass the guests IP through?  The Guest's IP will be in a 10.99.1.0/24 range, while our main network is 10.1.0.0/16.

Also to include: 

We run ArubaOS 6.1.3.1 on an Aruba 3600

Thanks!

ArubaOS 6.1.3.1

Hi,

Are you NAT'ing the Guest IPs on the controller, or on your firewall that is outside the Barracuda filter?

Check on the VLAN interface to see if "source nat" is enabled.

Source NAT is enabled on the VLAN.  Here is a print of the page.

Okay.  You have to remove the NAT, but make that guest subnet fully routable in your network.  There must be a route internally, pointing to the controller's management interface for that subnet.  Your firewall at the perimeter also must also have a route to the controller for that subnet and be able to nat the traffic out.