Wireless Access

Occasional Contributor II

Source NAT Private Network

Hello all,


I am trying to get source-nating to work and I am having some issues.  I am doing this in a lab environment so the IP assignments aren't goint to be exactly like production as I don't have public IP assignments to play with.  I have two vlans configured on the controller:


Vlan 301 -

Vlan 7 - (guest network that connects to a FW with internet access)


The controller is handing out DHCP leases on VLAN 301 and I would like for those users to get source-nat'ed to  I have a NAT pool created like so "ip NAT pool corp-dev-srcnat" and a FW policy setup for users that connect to VLAN 301 that states "user any any  src-nat pool corp-dev-srcnat log".  Based off this I would think that all users that connect to VLAN 301 would get source-nat'ed to (which is looks like they do in the logs).  The problem is the user has zero connectivity.  Is there something I am missing in this type of setup?





Guru Elite

Re: Source NAT Private Network

Is there a route in your infrastructure back to

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Occasional Contributor II

Re: Source NAT Private Network

Thanks for the information - I will check into that.  Also I have a general question in regards to the NAT Pool configuration on the Aruba Controller.  In production VLAN 7 will actually be configured on the Aruba Controller as an access port with a public IP address associated with it, the other side will be connected to a FW that is connected to the internet.  I want to source NAT users in the /24 subnet so that they go out the VLAN 7 interface - would the ip address that i use be the one that's configured on the Aruba Controller?

Search Airheads
Showing results for 
Search instead for 
Did you mean: