Controllerless Networks

Occasional Contributor II

IAP VPN Nat-traversal

Hello Everybody,


I have some questions regarding the IPsec/VPN IAP tunnel. Actually, i intend to plug an IAP on a DSL Modem/Router and i want to establish a Layer 2 tunneling between the IAP and a remote Aruba controller in order to offer corporate services to the clients that connect to the IAP SSID.


i've set a test bed for that but without the DSL Modem, i actually just put a router between the IAP and  the controller to simulate a layer 3 network. i've configured a static ip for the IAP and did the configuration required to establish the IPsec/L2TP tunnel==> IT works fine!


So the next step will be to plug the IAP on a DSL Modem/Router, as you may know, this device gets his public ip from the ISP DHCP (DHCP Client)  and handles private ip to the local clients (DHCP Server), in addition it performs NAT. My questions are:


1) How do the NAT interfere with the IPsec/L2TP tunnel? Do i have to avoid the NAT in order to set up the tunnel? if so, does the IAP have a NAT Traversal module or a stuff like that?

2) How can i assign a public ip to an Aruba Controller interface? do i have to create a VLAN interface and then assign the ip to?


Many thanks guys for your help! i really appreciate

Re: IAP VPN Nat-traversal

You can just configure the vpn to terminate to a public ip address. There is no Nat config needed on the iap at all



Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos
Search Airheads
Showing results for 
Search instead for 
Did you mean: