Wireless Access

Reply
Occasional Contributor II

Destination NAT Problems

Hi,

 

I'm having some problems with my Aruba W-3500 and dst-nat rules and was wondering if anyone has any ideas.

 

I have created a access policy to redirect all tcp port 25 traffic to a external destination email server i have.  bascailly i'm trying to setup a SMTP redirect.

 

I have 3 VLANs configuration my controller.

 

Staff - 10.4.0.0/24 VLAN 10

Wireless Free - 10.21.4.0/22 VLAN 60

Wireless Paid - 10.20.4.0/22 VLAN 70

 

Bascially the issue i am having is that the dst-nat rule works and traffic is being re-directed to my external SMTP server, but it is being redirected on the wrong VLAN and my rounter then rejects the traffic.

 

It seems to either redirect using VLAN 10 or VLAN 70.  If i am connected to VLAN 10 and try to connect to an SMTP server i am succesfully re-directed an am able to connect.  If i try from my Wireless VLAN the controller redirects my traffic but on VLAN 10 and my rounter then rejects it.

 

Does anyone have any ideas on what is happening here and why the controller is doing this ?

 

Thanks

 

 

Aruba

Re: Destination NAT Problems

It would be helpful to show the portion of your policy that is doing the DST-NAT.    

 

Alternatively, if you want all the SMTP traffic to route via a particular IP, then I'd suggest you use the DUAL-NAT option.  It allows DST-NAT and SRC-NAT in the same policy.   For example:

 

First create your dual-nat pool:

ip nat pool <name.of.your.pool> <beg.src.nat.ip> <end.src.nat.ip> <dst.nat.ip.address>


Then use the dual-nat pool in your policy:

user any svc-smtp dual-nat pool <name.of.your.pool> 25

 

 

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Occasional Contributor II

Re: Destination NAT Problems

Great Thanks!

 

I setup a dual NAT and it works perfectly.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: