Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Static NAT on Controller 6000

This thread has been viewed 0 times

  • 1.  Static NAT on Controller 6000

    Posted Feb 24, 2014 01:07 PM

    Hi,

     

    We have a SSID "Contractors" for contract workers. The subnet is 192.168.1.0/24. They need to access a server on our network  which actual IP is 10.10.10.35. We don't want contractors to know the actual IP of server. We want contractors connect to 192.168.1.10, then the controller will redirect all traffic to 10.10.10.35. It is like static NAT on cisco ASA. Is there a way to accomplish this on Aruba Controller 6000?

     

     

    Thanks,

     

    Michael



  • 2.  RE: Static NAT on Controller 6000

    EMPLOYEE
    Posted Feb 24, 2014 01:16 PM

    We can accomplish this by using dst-nat, but it depends on the application.  What type of application is it?

     



  • 3.  RE: Static NAT on Controller 6000

    Posted Mar 11, 2014 12:46 PM

    Any traffic to certain IP will be redirected to 10.10.10.35.

     

    The controller was working as bridge, and the dst-nat was as below. It didn't work.

    ip access-list session "NAT Internal Server"

      any host 192.168.1.10 any  dst-nat ip 10.10.10.35

     

    I changed the controller to work as router - gateway is on controller. changed host ip to 2.2.2.2. it worked.

    ip access-list session "NAT Internal Server"

      any host 2.2.2.2 any  dst-nat ip 10.10.10.35

     

    Question:

    1. Does controller need to router in order to use dst-nat?

    2. Is the host IP must be on different subnet?

     

    Thanks,