Wireless Access

I've created an ACL to my internet facing VLAN and configured a DST-NAT rule to allow RDP to an inside host.

This is working just fine when I use  "localip" as destination, but I would like to use another IP on the WAN-subnet for this kind of traffic. But I can't get the WLC to respond to the traffic. I believe this is an issue with proxy ARP.

ip access-list session ACL_WAN

  any   alias localip tcp 3389  dst-nat ip 10.103.10.23 3389 log 

---

@borgermeister wrote:

I've created an ACL to my internet facing VLAN and configured a DST-NAT rule to allow RDP to an inside host.

This is working just fine when I use  "localip" as destination, but I would like to use another IP on the WAN-subnet for this kind of traffic. But I can't get the WLC to respond to the traffic. I believe this is an issue with proxy ARP.

 

ip access-list session ACL_WAN

  any   alias localip tcp 3389  dst-nat ip 10.103.10.23 3389 log 

 

---

AFAIK, you can only do this for an ip address that exists on the controller.

Just what I was worried about...

Do you have a tip for a work around or something?

---

@borgermeister wrote:

Just what I was worried about...

 

Do you have a tip for a work around or something?

---

I do not have a workaround, but you can enter this as a suggestion on the Ideas Portal here:  https://arubanetworkskb.secure.force.com/cp/ideas/ideaList.apexp