Thanks!
Jason Appah
Security / Systems Administrator
OIT
541-885-1719
On Dec 9, 2011, at 8:24 AM, Brooks, Stan
stan.bro...@emory.edumailto:stan.bro...@emory.edu wrote:
Jason -
We moved our NAT functionality off the Aruba controllers to separate boxes
because of some limitations in the NAT functionality in our specific
architecture. We are using two different boxes/methods - one for guest users
and one for authenticated users. While the Aruba NAT capability is quite good,
it didn't go quite far enough for us from a routing and logging perspective.
If you are just trying t set up different NAT pools for each group traffic -
that's easy. If what you are trying to do is more involved, I may be able to
point you in the right direction as well. Contact me off list to discuss the
particulars.
- Stan Brooks - CWNA/CWSP
Emory University
University Technology Services
404.727.0226
AIM/Y!/Twitter: WLANstan
MSN: wlans...@hotmail.commailto:wlans...@hotmail.com
GoogleTalk: wlans...@gmail.commailto:wlans...@gmail.com
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
on behalf of Jason Appah [jason.ap...@oit.edumailto:jason.ap...@oit.edu]
Sent: Friday, December 09, 2011 10:49 AM
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] advice on impementations for Aruba
Anyone?
Jason Appah
Security / Systems Administrator
OIT
541-885-1719
On Dec 7, 2011, at 1:52 PM, Jason Appah
jason.ap...@oit.edumailto:jason.ap...@oit.edu wrote:
All,
We are looking to allow the private addresses of the unsecured wireless to pass
through our aruba, how would we go about configuring the nat pools to
accomplish this? That is the 192.168.x.x that the client is assigned to pass
through the aruba on the way out to the external FW.
As it stands rightnow the aruba is performing PAT on its own address for the
clients behind it. the only reason why this is an issue is our aruba performs
captive portal for our wired and wireless infrastructure, so it is infact the
router.
Any suggestions or reading? I’m not looking for the dc-daylight but more a
primer on where to start..
Thanks!
** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
This e-mail message (including any attachments) is for the sole use of
the intended recipient(s) and may contain confidential and privileged
information. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this message (including any attachments) is strictly
prohibited.
If you have received this message in error, please contact
the sender by reply e-mail message and destroy all copies of the
original message (including attachments).
** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
