Wireless Access

Contributor I

NAT between interfaces - 3200XM


I have wireless infrastructure which is built on 25 AP (105 mostly and 135) and mc 3200XM. My goal is to get access to the controller via Internet using NAT. In attachement is topology of my network. Port 0 (enabled DHCP) of controller is connected to distribution switch to assign IP for APs and clients. Port 1 is connected to router (with DHCP enabled) which is connected to the Internet. Router is manage by external ISP, and i don't have access to configure it. They told me that they can set some NAT on this router. So my question is how to set NAT between interfaces (if it's possible) to get via Internet. Technically it will be execute: public IP:some port (interface on router which is connected to the Internet have public, routable IP) --> IP of port 1: port (dynamic IP, but i think they can do sticky IP and then port 1 of controller will have static IP)-->

Thanks in advance!


Re: NAT between interfaces - 3200XM

Sure. This configuration needs to be for port1 internet facing router.


Create the vlan and set the port to access mode and do the below config.


conf t

interface vlan <id> i

ip address dhcp-client


Above config does the dhcp broadcast on the uplink port to router and gets the dynamic ip address from NAT device directly.

You can still set statically but let`s understand what`s  the ip address been leased out from router and you can set the same statically.


Enable src-nat on client vlan to get the traffic src-nated to go via the same nat device by below config.


configure t

interface vlan <id>

ip nat inside

write mem


By this way, you get the controller hits the internet through the nat device and client traffic is again src-nated with same device to reach the outside world.



Contributor I

Re: NAT between interfaces - 3200XM

Port0 and Port1 have to be in different VLAN, and both of above configurations are for port1 (facing router), right?


Re: NAT between interfaces - 3200XM

port0 and port 1 needs to be different vlan. First config is for port 1 internet facing vlan and for port 0 is for second config for the client traffic to get src-nated.


Thank you.

Search Airheads
Showing results for 
Search instead for 
Did you mean: