Wireless Access

last person joined: 4 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

How to config des-nat via OS6.2

  • 1.  How to config des-nat via OS6.2

    Posted Jul 09, 2013 02:43 AM

    HI,

     

    I want to access a switch (in aruba inside) from internet.

    What could I setup ?

     

    The switch is connect on mesh-point's ethernet.

    so, it is one mesh client on the aruba client table.

    I want to http & telnet it from internet.

    How can I do it ?

     

    Thanks.



  • 2.  RE: How to config des-nat via OS6.2

    Posted Jul 10, 2013 10:26 AM

    Trying to get some additional details about the query here.

    You have a switch connected to the mesh point's ethernet port and it is showing up on the controller's user-table?

    Is the wired port on mesh-point trusted or untrusted?

    Is this switch meant to host wired clients via the mesh link?

     

    How is the wan link connectivity coming into the controller? Is there a public ip interface configured directly on the controller vlan interface or does the controller do uplink connectivity to a firewall and the firewall NAT's the traffic into public domain?



  • 3.  RE: How to config des-nat via OS6.2

    Posted Jul 11, 2013 05:41 AM

    HI,

     

    Ya, It is show in controller's client table.

    Wire Port is untrusted, When wire-client on-line, they will get a allow-all role.

    Because some server in the mesh-point's wire port.

    So, I want to do static NAT, mapping it.

     

    Thanks.



  • 4.  RE: How to config des-nat via OS6.2

    Posted Jul 12, 2013 01:18 PM

    There needs to be a public ip, to which a WAN based user would initiate HTTP/HTTPS or TELNET.

    This needs to be NAT'ed at the FW level and redirected to the static LAN IP of the server connected to the mesh point's enet port.

     

    However, need to ensure that the routing (and vlans) from the FW --> Controller --> switch behind mesh point 

    is already in place.

     

    As for the controller rorle itself, just need to ensure that the services HTTP/HTTPS & TELNET is permitted.



  • 5.  RE: How to config des-nat via OS6.2

    Posted Jul 14, 2013 11:40 PM

    HI,

     

    I have some public ip can use~

    What can I config it about static NAT mapping ?

     

    Thanks.



  • 6.  RE: How to config des-nat via OS6.2

    Posted Jul 16, 2013 11:12 AM

    As mentioned in the post above, ideally - perform a one to one NAT b/w the public ip and the desired server (behind the mesh link).

    Just make sure to permit the relevant services such as Telnet & http on the controller-role in which the server is placed.