Hello,
I would like to configure IP Nat for our Public Wifi. I looked at the User Guide, and other topics here but I would like to confirm my findings ith you if possible.
I have attached a simple diagram of the setup I have in mind.
At the moment our Public Wifi connects to our ISP router via an ASA firewall. This is a legacy setup that was put in place back in the day when the Aruba FW was not EAL4 compliant.
The ASA is doing the NAT rather than the controller. What I would like to achieve is to be able to take the ASA out of the equation and have the contrller connect directly into the ISP using the Nat feature.
I'm thinking to do the following:
1- Create vlan 10 ----- IP 192.168.23.x 255.255.255.0 (Outside Address)
2- Vlan 3 ------ 192.168.x.x 255.255.240.0 (cleints' wifi IP address NOT conflicting with the Outside address)
3- DHCP Pool for Vlan 3
3- In the IP interface configuration for Vlan 3 I tick the Enable source NAT for this VLAN
Is there anything else that I need to do please?
P.S.
How would the controller know to NAT to the Public Wifi IP address of 192.168.x.x and not the Services Outside IP address of 10.47?
Many thanks in advance!