Wired LAN Taffic
04-30-2018 12:20 PM
i have the following challenge:
Got 3 Subnets behind a 5406 Router. This traffic is routed with default route to an aruba controller with a transfer subnet. This traffic needs to pass the controller and needs routing with nexthop to one of two provider subnets which the controller had Ips of both (also transfer). The 5406 has a trunk/tagged with trunk/Link-Agg to the Controller and the controller has ports 000 and 001 for each provider.
I thought that i need to set ip nat ouside on the vlans that belong to the provider and set the routing to one of each provider. But here iam ending. Ping works, DNS Works but no http traffic and i think i hang in the logon role on my controller from the wired part. Internal transfer VLAN was trusted, then untrusted and as the last thing i transfered my client gateway from the 5406 to the aruba without any change.
The next steps was to look here for Wired Access through the controller but this part is very "undocumented". Currently i do an udpate, maybe i run into a bug.
My Question for you is: Iam unable to untrust the vlans and append a "rule" (ip access-list session allowany) on the vlan. This is not saved in the config under the vlan part.
Thanks for suggestions