Wireless Access

last person joined: 7 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Via user unable to access internal network

This thread has been viewed 0 times

  • 1.  Via user unable to access internal network

    Posted Apr 03, 2014 09:41 AM

    Hi I am trying to configure via client based VPN. Clients are able to access controller with private IP but not able to access internal network.

    The client vlan is present only on controller & has dhcp enabled. I have enabled source-Nat for that vlan.Tried source natting under VPN services. Do I need to add acl in via user role. What should b the acl and its number in the list.

    Same config works for raps.

     

    Harshad



  • 2.  RE: Via user unable to access internal network

    EMPLOYEE
    Posted Apr 03, 2014 10:01 AM

    Do you have an "any any any src-nat" at the end of your Via user rule?  This is needed if the ip addresses you are giving to your users is not routable on your network

     

     



  • 3.  RE: Via user unable to access internal network

    Posted Apr 03, 2014 10:14 AM
    I guess only rule I have is ..any any permit..


  • 4.  RE: Via user unable to access internal network

    EMPLOYEE
    Posted Apr 03, 2014 10:20 AM

    http://www.arubanetworks.com/vrd/VIAAppNote/wwhelp/wwhimpl/js/html/wwhelp.htm

     

     

    It is essential that the addresses used in the VPN address pool for VIA are routable from the internal corporate network. If not, the VIA clients cannot connect to the corporate resources and vice-versa. Alternatively, you can implement Network Address Translation (NAT) on the VLAN used for the VPN address pool. Remember that NAT might cause issues with certain applications such as file transfer protocol (FTP). For information on VLAN Design for remote networks, see the Aruba Virtual Branch Networks Validated Reference Design."