This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Configure ip nat on standalone AP305C (WiNG)

Configure ip nat on standalone AP305C (WiNG)

Go to solution
Atadi
New Contributor II

Tuesday

Hi all,

I am having trouble configuring nat on a standalone AP305C running WiNG.
The AP might not be in the right mode to support NAT and routing but I can't find the right documentation. I tried removing it from centralized mode by issuing:

self
no mint mlcp ip
no mint mlcp vlan
commit write
reload

but no dice.

I am stuck trying to issue 

ip nat inside source list NAT interface vlan 1 overload precedence 1

or something along those lines.

Worth mentioning here is that the AP can't be configured with a static IP (DHCP only).
So for using RADIUS I opted to go for a local vlan999 address.
This is what I have configured so far:

self
interface vlan 1
ip address dhcp
ip dhcp client request options all
exit
commit write
radius-group StandardUsers
policy vlan 120
commit write
exit
radius-user-pool-policy StandardUsers
user user1 password 0 pass1 group StandardUsers
user user2 password 0 pass2 group StandardUsers
commit write
exit
self
interface vlan 999
ip address 10.20.30.40/24
exit
commit write
radius-server-policy LocalRADIUS
use radius-group StandardUsers
use radius-user-pool-policy StandardUsers
authentication data-source local
authentication eap-auth-type peap-mschapv2
nas 10.20.30.40/32 secret 0 MySecret123
commit write
exit
self
use radius-server-policy LocalRADIUS
commit write
self
radius nas-identifier AP305C
commit write
aaa-policy LocalAAA
authentication server 1 onboard self
commit write
exit
wlan myWLAN
ssid zoomzoomzoom
no broadcast-ssid
no answer-broadcast-probes
bridging-mode local
vlan 120
authentication-type eap
encryption-type ccmp
protected-mgmt-frames mandatory
use aaa-policy LocalAAA
commit write
exit
self
interface vlan 120
ip address 198.18.0.1/24
ip nat inside
exit

dhcp-server-policy local
dhcp-pool localpool
network 198.18.0.0/24
address range 198.18.0.100 198.18.0.200
default-router 198.18.0.1
dns-server 9.9.9.9
exit
exit

self
use dhcp-server-policy local
interface vlan 1
ip nat outside
exit

ip access-list NAT
permit ip any any rule-precedence 1
exit

ip nat inside source list NAT interface vlan 1 overload precedence 1
    ^
% Invalid input detected 9999 at '^' marker.


Any pointers would be greatly appreciated.


0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Angelo_Cargnel
New Contributor III

Wednesday

You need to change the CLI context to "self" before you try the "ip nat inside ..." command.
Futhermore, the command itself is wrong.
Correct command is "ip nat inside source list NAT precedence 1 interface vlan 1 overload"

View solution in original post

2 REPLIES 2

Go to solution
Angelo_Cargnel
New Contributor III

Wednesday

You need to change the CLI context to "self" before you try the "ip nat inside ..." command.
Futhermore, the command itself is wrong.
Correct command is "ip nat inside source list NAT precedence 1 interface vlan 1 overload"

Go to solution
Atadi
New Contributor II
In response to Angelo_Cargnel

11 hours ago

Right on the money. Thank you very much!

0 Kudos
GTM-P2G8KFN