Wireless Access


Tri-Session with DNAT vs Controller IP Address on Client VLAN


Is one method necessarily better than the other - drawbacks to enabling Tri-Session with DNAT? - or sticking with the IP Address on the Guest Client? I was working on updating our "setup" network by duplicating our guest config (setup ssid, setup vlan, captive-portal page would be to our XpressConnect page) and after digging further occured to me about the IP Address requirement (Note - Controller is not default gateway) - but also discovered the Tri-Session with DNAT functionality.

Eventually we're going to look into the option of one ssid for both guest and setup - but was curious which of the two options I should pursue -> Enabling Tri-Session with DNAT did fix my problem - just wondering which one was best.

Guru Elite

Re: Tri-Session with DNAT vs Controller IP Address on Client VLAN

You typically would use tri-session with DNAT if you have more than one VLAN that you want to do captive portal with.  If you have a single VLAN, an ip address on that controller's VLAN, along with the ip cp-redirect-address command pointing to that ip address is sufficient.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Search Airheads
Showing results for 
Search instead for 
Did you mean: