Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
912
Views
10
Helpful
3
Replies

Source IP of client

Go to solution
ALIAOF_
Level 6
Level 6

‎10-01-2018 08:54 AM - edited ‎07-05-2021 09:14 AM

So need to validate something:

 

Client --> AP --> WLC --> Switch --> Firewall

10.10.10.10 --> 10.10.10.1 --> 172.10.10.10

Client has an IP 10.10.10.10

AP = 192.168.1.10

WLC = 172.10.10.10

 

Firewall will see the client IP as the source and NOT the interface IP of the VLAN?  WLC does not NAT it behind its interface. (example outgoing http or https traffic going out to the internet etc)

 

Thank you.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Adrian Mendoza
Cisco Employee
Cisco Employee
In response to ALIAOF_

‎10-01-2018 11:17 AM

That is correct, Controller does not work like that.

You can check the interface and port functions here:

http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-2/config-guide/b_cg82/b_cg82_chapter_01100.html

View solution in original post

3 Replies 3

Go to solution
Adrian Mendoza
Cisco Employee
Cisco Employee

‎10-01-2018 11:10 AM

Mohammad,

 

Thanks for sharing your question, I think you need to clarify this a little more, however if I understand correclty you are asking if its possible to use the interface of the vlan on the WLC as the source IP when clients connecting to a SSID are sending traffic.

If that is the question then the answer will be no.

I do not understand if the statement "WLC does not NAT" is related to a questions, but you are right, L3 devices are the only capable of doing NAT,  WLC is a L2 device .

Go to solution
ALIAOF_
Level 6
Level 6
In response to Adrian Mendoza

‎10-01-2018 11:14 AM

Sorry I think that NAT in there made it confusing yes this is a L2 device really so that does not apply.  I believe you have answered/validated my question but let me try to re phrase it in a simple way.

 

Basically the devices after the WLC will actually see the client IP as the source IP when client is accessing the traffic WLC won't use its own interface IP to change the source.

0 Helpful

Go to solution
Adrian Mendoza
Cisco Employee
Cisco Employee
In response to ALIAOF_

‎10-01-2018 11:17 AM

That is correct, Controller does not work like that.

You can check the interface and port functions here:

http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-2/config-guide/b_cg82/b_cg82_chapter_01100.html

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card