Hello Community,
I have a problem with an aruba 7010 Controller and guest Internet Access. Firmware arubaOS 8.2.0.2, Standalone Controller.
I have created an VLAN ID and VLAN Interface for Internet-Access
interface vlan 666
ip address 212.80.xxx.xxx 255.255.255.248
description "Internet-Zugang"
I bound it to an Interface an also added the default route through the internet.
ip default-gateway 212.80.xxx.xxx
Now I want my guest traffic to be NATted out through this interface. So I created a VLAN for my guests with DHCP Server enabled and IP Nat Inside
interface vlan 180
ip address 192.168.179.1 255.255.255.0
no suppress-arp
ip nat inside
When I connect to my network, I get an IP address, see the captive portal and after entering the correct credentials I will be placed in the default guest user role. That's all fine.
Now I can resolve DNS Names with nslookup and I can ping and traceroute outside to the internet.
But I am not able to connect to any website.
When I look at the CLI and type "show datapath session table" I can see an "DENY" flag on port 80 and 443 connections.
I tried to use the "authenticated" role instead of the guest role, but there was no change. I was still unable to access any website.
I don't have any idea where the problem might be. Are there any additional steps to do? Can you help me?
Thanks