Wireless Access

Hi!

I have wireless infrastructure which is built on 25 AP (105 mostly and 135) and mc 3200XM. My goal is to get access to the controller via Internet using NAT. In attachement is topology of my network. Port 0 (enabled DHCP) of controller is connected to distribution switch to assign IP for APs and clients. Port 1 is connected to router (with DHCP enabled) which is connected to the Internet. Router is manage by external ISP, and i don't have access to configure it. They told me that they can set some NAT on this router. So my question is how to set NAT between interfaces (if it's possible) to get 172.16.254.254:4343 via Internet. Technically it will be execute: public IP:some port (interface on router which is connected to the Internet have public, routable IP) --> IP of port 1: port (dynamic IP, but i think they can do sticky IP and then port 1 of controller will have static IP)-->172.16.254.254:4343.

Thanks in advance!

Sure. This configuration needs to be for port1 internet facing router.

Create the vlan and set the port to access mode and do the below config.

conf t

interface vlan <id> i

ip address dhcp-client

Above config does the dhcp broadcast on the uplink port to router and gets the dynamic ip address from NAT device directly.

You can still set statically but let`s understand what`s  the ip address been leased out from router and you can set the same statically.

Enable src-nat on client vlan to get the traffic src-nated to go via the same nat device by below config.

configure t

interface vlan <id>

ip nat inside

write mem

By this way, you get the controller hits the internet through the nat device and client traffic is again src-nated with same device to reach the outside world.

Port0 and Port1 have to be in different VLAN, and both of above configurations are for port1 (facing router), right?

port0 and port 1 needs to be different vlan. First config is for port 1 internet facing vlan and for port 0 is for second config for the client traffic to get src-nated.

Thank you.