Wireless Access

Reply
Contributor II

Difference between route src-nat and src-nat?

Hi Guys, Could someone give me the actual difference between "any any any route src-nat" and "any any any src-nat" with a usecase as to how it works in Aruba?
Regular Contributor II

Re: Difference between route src-nat and src-nat?

Hi Joe_Lee,

Its mainly required when you are working with RAP.

Below is the screenshot from AOS UG.

image 4.jpg

 

Contributor II

Re: Difference between route src-nat and src-nat?

Hi SumaN, Thanks for your posting, but I think what you have posted only tells me what is src-nat and dst-nat is. However, I am keen to know more about the functionality of "any any any route src-nat" and "any any any src-nat" with a usecase along with the difference between them.
Guru Elite

Re: Difference between route src-nat and src-nat?

Route src-nat is specifically used in an ACL when split tunneling client traffic on a Remote AP http://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/Remote_AP/Split_Tunneling.htm  You would use split tunneling on an access point configured at a remote AP at a branch office so that corporate traffic gets sent back to the corporate headend and internet traffic gets sent locally to the ISP.

 

Soure-NAT is configured as an ACL for a Campus AP to do NAT translation for a user's traffic on a campus:  http://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/1CommandList/ip_access_list_session.htm?Highlight=src-nat

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II

Re: Difference between route src-nat and src-nat?

Hi Colin,

 

Thank you for the post.

 

Say for example, My split-tunnel ACL's are like this

 

any any svc-dhcp permit
any any svc-dns permit
user controller any permit
any any any route src-nat <<<<<<<< instead of this if I specify as "any any any src-nat", then what is going to happen to the user traffic?

 

Could you please explain in detail

Guru Elite

Re: Difference between route src-nat and src-nat?

I never tried src-nat with a split tunnel rap, but from experience, the results could be unpredictable, or just not work, at all.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Re: Difference between route src-nat and src-nat?

I think it´ll be forwarded throught he tunnel and NATed to the RAPs inner IP (taken from the central VPN pool on the controller). But I´m not sure.

 

Cheers,

Christoffer Jacobsson | Aranya AB
Aruba: ACMX #537 ACCP | CWNP: CWNA CWDP CWSP
Contributor II

Re: Difference between route src-nat and src-nat?

Could there be an error in this RAP split-tunnel document?

In the document 'src-nat' is stated for the splitting policy in stead of 'route src-nat'.

 

Rgds

Peter

Guru Elite

Re: Difference between route src-nat and src-nat?

That is incorrect.  It should be route src-nat.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: