Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4141
Views
9
Helpful
5
Replies

Port Mirroring

Go to solution
Shadius
Level 3
Level 3

‎09-18-2024 11:46 PM

Hi, all,

We've configured all of our ports of our core switch (MS425-32) to be mirrored to a destination port on the same switch. The destination port has a device connected to it that is being used to capture the traffic from the source ports.

The issue that we're having is that the traffic shows the IP address of the wireless access point instead of the IP address of the client that is connected to the wireless access point.

How would I be able to achieve this?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
krebers
Cisco Employee
Cisco Employee
In response to Shadius

‎09-19-2024 07:11 AM

Hello Shadius,

Is the issue that you are seeing the AP's IP for the 2 SSIDs using Meraki NAT mode or for all 3 SSIDs? It is expected for the 2 SSIDs using Meraki NAT mode, as the document that Brash shared explains.

Meraki NAT mode means that the AP provides IP addresses to clients connected to the SSID from the 10.0.0.0/8 subnet via DHCP. When a client sends traffic out to the network, the AP NATs the client's IP to its own management IP, masking what client actually sent the traffic. There is no way around this when using Meraki NAT mode either; client devices cannot be tracked behind NAT mode enabled SSIDs.

The bridge mode SSID, on the other hand, should not have this issue. You should be able to track clients connected to the SSID, as the client IPs are used within the wider network.

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.

View solution in original post

5 Replies 5

Go to solution
Brash
Meraki Community All-Star
Meraki Community All-Star

‎09-18-2024 11:54 PM

Is the SSID the clients are connected to setup in Meraki NAT mode?

NAT Mode with Meraki DHCP - Cisco Meraki Documentation

Go to solution
Shadius
Level 3
Level 3
In response to Brash

‎09-19-2024 02:15 AM

We have three SSIDs and two of those three are set up using Meraki NAT Mode.

The other SSID uses RADIUS with an external DHCP server.

0 Helpful

Go to solution
krebers
Cisco Employee
Cisco Employee
In response to Shadius

‎09-19-2024 07:11 AM

Hello Shadius,

Is the issue that you are seeing the AP's IP for the 2 SSIDs using Meraki NAT mode or for all 3 SSIDs? It is expected for the 2 SSIDs using Meraki NAT mode, as the document that Brash shared explains.

Meraki NAT mode means that the AP provides IP addresses to clients connected to the SSID from the 10.0.0.0/8 subnet via DHCP. When a client sends traffic out to the network, the AP NATs the client's IP to its own management IP, masking what client actually sent the traffic. There is no way around this when using Meraki NAT mode either; client devices cannot be tracked behind NAT mode enabled SSIDs.

The bridge mode SSID, on the other hand, should not have this issue. You should be able to track clients connected to the SSID, as the client IPs are used within the wider network.

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.

Go to solution
ChloeGray
Community Member
In response to krebers

‎10-08-2024 04:54 AM

Thanks for the info, I appreciate you.

0 Helpful

Go to solution
XavierRoss
Community Member

‎10-09-2024 11:48 PM

Any update?

0 Helpful
Customers Also Viewed These Support Documents