Wireless Access

Reply
Contributor II

Difference between route src-nat and src-nat?

Hi Guys, Could someone give me the actual difference between "any any any route src-nat" and "any any any src-nat" with a usecase as to how it works in Aruba?
Regular Contributor II

Re: Difference between route src-nat and src-nat?

Hi Joe_Lee,

Its mainly required when you are working with RAP.

Below is the screenshot from AOS UG.

image 4.jpg

 

Contributor II

Re: Difference between route src-nat and src-nat?

Hi SumaN, Thanks for your posting, but I think what you have posted only tells me what is src-nat and dst-nat is. However, I am keen to know more about the functionality of "any any any route src-nat" and "any any any src-nat" with a usecase along with the difference between them.
Guru Elite

Re: Difference between route src-nat and src-nat?

Route src-nat is specifically used in an ACL when split tunneling client traffic on a Remote AP http://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/Remote_AP/Split_Tunneling.htm  You would use split tunneling on an access point configured at a remote AP at a branch office so that corporate traffic gets sent back to the corporate headend and internet traffic gets sent locally to the ISP.

 

Soure-NAT is configured as an ACL for a Campus AP to do NAT translation for a user's traffic on a campus:  http://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/1CommandList/ip_access_list_session.htm?Highlight=src-nat

 

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Contributor II

Re: Difference between route src-nat and src-nat?

Hi Colin,

 

Thank you for the post.

 

Say for example, My split-tunnel ACL's are like this

 

any any svc-dhcp permit
any any svc-dns permit
user controller any permit
any any any route src-nat <<<<<<<< instead of this if I specify as "any any any src-nat", then what is going to happen to the user traffic?

 

Could you please explain in detail

Guru Elite

Re: Difference between route src-nat and src-nat?

I never tried src-nat with a split tunnel rap, but from experience, the results could be unpredictable, or just not work, at all.
******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Super Contributor II

Re: Difference between route src-nat and src-nat?

I think it´ll be forwarded throught he tunnel and NATed to the RAPs inner IP (taken from the central VPN pool on the controller). But I´m not sure.

 

Cheers,

Christoffer Jacobsson | Aranya AB
Aruba Partner Ambassador
Aruba: ACMX #537 ACCP | CWNP: CWNA CWDP CWSP CWAP
Frequent Contributor I

Re: Difference between route src-nat and src-nat?

Could there be an error in this RAP split-tunnel document?

In the document 'src-nat' is stated for the splitting policy in stead of 'route src-nat'.

 

Rgds

Peter

Guru Elite

Re: Difference between route src-nat and src-nat?

That is incorrect.  It should be route src-nat.

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: