Users Guide
177 | Network Configuration Parameters Dell Networking W-Series ArubaOS 6.4.x| User Guide
Configuring Source NAT for VLAN Interfaces
The example configuration in the previous section illustrates how to configure source NAT using a policy that is
applied to a user role. You can also enable source NAT for a VLAN interface to perform NAT on the source
address for all traffic that exits the VLAN.
Packets that exit the VLAN are given a source IP address of the “outside” interface, which is determined by the
following:
l If you configure “private” IP addresses for the VLAN, the controller is assumed to be the default gateway for
the subnetwork. Packets that exit the VLAN are given the IP address of the controller for their source IP
address.
l If the controller is forwarding the packets at Layer-3, packets that exit the VLAN are given the IP address of
the next-hop VLAN for their source IP address.
Do not enable the NAT translation for inbound traffic option for VLAN 1, as this will prevent IPsec connectivity
between the controller and its IPsec peers.
Sample Configuration
In the following example, the controller operates within an enterprise network. VLAN 1 is the outside VLAN,
and traffic from VLAN 6 is source NATed using the IP address of the controller. The IP address assigned to
VLAN 1 is used as the controller’s IP address; thus traffic from VLAN 6 would be source NATed to 66.1.131.5:
Figure 17 Example: Source NAT using Controller IP Address
In the WebUI
1. Navigate to the Configuration > Network > VLANs page. Click Add to configure VLAN 6 (VLAN 1 is
configured through the Initial Setup).
a. Enter 6 for the VLAN ID.
b. Click Apply.
2. Navigate to the Configuration > Network > IP > IP Interfaces page.
3. Click Edit for VLAN 6:
a. Select Use the following IP address.
b. Enter 192.168.2.1 for the IP Address and 255.255.255.0 for the Net Mask.
c. Select the Enable source NAT for this VLAN checkbox.
4. Click Apply.
In the CLI
Use the following commands: