cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2221
Views
6
Helpful
2
Replies

Office Extend AP and external addresses

rasmus.elmholt
Level 7
Level 7

Hi

 

I have just configured a WLC with some SSIDs and 5 internal Access Points.

Everything is working and my clients are able to connect to the network.

I have then connected a 1810W OEAP using this guide: https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-3/b_Cisco_OfficeExtend_Access_Point_/b_Cisco_OfficeExtend_Access_Point__chapter_01000.html

And after I configured the management interface with the NAT address all the internal AP lost the CAPWAP connection to the controller. And they only first reconnected when I removed the NAT configuration on the WLC again.

 

My firewall are configured with NAT as expected, but the internal APs are not able to connect to the external NAT address because of the Hairpin issue on ASA.

 

So my question is: Is it possible for the internal APs to connect using the internal(real) IP and the OEAP to connect using the NAT'ed address.

Screen Shot 11-08-18 at 03.51 PM.PNG

1 Accepted Solution

Accepted Solutions

Issue below command to enable both inside & outside AP to register to your WLC

 

config network ap-discovery nat-ip-only disable

 

Control which address(es) are sent in CAPWAP discovery responses when NAT is enabled on the Management Interface using the following command:

 

config network ap-discovery nat-ip-only {enable | disable}

 

where

  • enable—Enables use of NAT IP only in Discovery response. This is the default. Use this command if all APs are outside of the NAT gateway.

     

  • disable—Enables use of both NAT IP and non-NAT IP in discovery response. Use this command if APs are on the inside and outside of the NAT gateway; for example, Local Mode and OfficeExtend APs on the same controller.

 

 

HTH

Rasika

*** Pls rate all useful responses ***

View solution in original post

2 Replies 2

Issue below command to enable both inside & outside AP to register to your WLC

 

config network ap-discovery nat-ip-only disable

 

Control which address(es) are sent in CAPWAP discovery responses when NAT is enabled on the Management Interface using the following command:

 

config network ap-discovery nat-ip-only {enable | disable}

 

where

  • enable—Enables use of NAT IP only in Discovery response. This is the default. Use this command if all APs are outside of the NAT gateway.

     

  • disable—Enables use of both NAT IP and non-NAT IP in discovery response. Use this command if APs are on the inside and outside of the NAT gateway; for example, Local Mode and OfficeExtend APs on the same controller.

 

 

HTH

Rasika

*** Pls rate all useful responses ***

Hey

Thanks I will give that a go tomorrow.
Review Cisco Networking for a $25 gift card