Enabling source-nat in vlan 1
Is it recommended to enable source-nat (ip nat inside) in the vlan 1?
Configuring "ip nat inside" in "interface vlan 1" will prevent IPSec connectivity between the controller and its IPSec peers.
Any deployment that involves ipsec between Aruba Controllers or CPSEC enabled Campus AP's / Remote AP's.
In Aruba Controller, source nat or ip nat inside should be disabled in the vlan 1.