Controllerless Networks

Reply
Occasional Contributor II

IAP source NAT

Can someone please explain how exactly IAP source NATs when using VC Managed IP(Magic Vlan). I read IAP NATs user traffic with it's uplink IP address. What exactly is uplink IP, is it the default GW?
Traceroute shows the packets for wired and wireless take the same path & has same Public IP address. I am trying to understand how exactly IAP Source NATs & how packet flows? 

Thanks,

Guru Elite

Re: IAP source NAT

The "magic vlan" source-nats traffic out of the ip address of the Virtual Controller.  If a Virtual Controller ip is set, that is the ip address that the traffic is source natted out of.

https://community.arubanetworks.com/t5/Video/VIDEO-Magic-VLAN/ta-p/115241


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: IAP source NAT

Thanks for the video and I get the concept of how VC assigned IP works. What I am actually trying to understand is how does IAP Source NATs? 

For Eg. in Cisco L3 switch 'inside local IPs' get NAT'd to 'Inside global Ips' once configured and we can check with show command on stat etc.

 

So with this concept, I am assuming AP is simply a Layer 2 Device that forwards all Frames down to the connected switch via ethernet & L3 switch will do all the routing.  So when it's said IAP does Source NAT how does that actually works(step by step)?  

Occasional Contributor II

Re: IAP source NAT

anyone?

Guru Elite

Re: IAP source NAT

It is NAT translation to a single "outside" ip address.  This is not unique to Aruba; it is a generic source nat.  Any definition of source nat would apply to how it happens.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: IAP source NAT

But how does IAP does it? I understand how a layer 3 switch/router will do it. From what I read it says IAP source NAT's. 

Guru Elite

Re: IAP source NAT

The functionality is the same as when your home router or firewall NATs private addresses to a single public address.  The virtual Controller hands out private addresses to users on that WLAN and source-nats the traffic out of the ip address of the Virtual Controller.  The traffic from users that are on that WLAN get tunneled to the Virtual Controller, where the traffic is source natted out of the Virtual Controller's ip address.

 

Does that make sense?


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: IAP source NAT

It does. Think I am getting closer. So this is what I understand. Please correct me if something is wrong. 

1. WLAN client sends DHCP query. 

2. IAP offers a private IP from its magic VLAN DHCP pool (172.31.x.x)

3. WLAN client sends packets to IAP

4. IAP then source-NATs user traffic using Virtual Controller IP & forwards Frame down to the connected switch. 

 

This is my confusion, maybe my understanding of source-nat is not correct;

From what I understand Source NAT is used to translates private IP address to a public routable address. So with this concept how does IAP translates(source-nat) Private IP addresses to public? Since VC IP is also private IP. 

 

 

Highlighted
Guru Elite

Re: IAP source NAT

Public ip address = ip address of VC.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: IAP source NAT

our VC IP is Private IP 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: