Setting the profile’s bridge nat configuration – Brocade Mobility Access Point System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

184

Brocade Mobility Access Point System Reference Guide

53-1003100-01

5

17. Set the following to define the Dynamic NAT configuration:

18. Select + Add Row to launch a pop up screen used to define the Interface, Overload Type, Nat

Pool and Overload IP used with the dynamic NAT configuration.

19. Select OK to save the changes made to the dynamic NAT configuration. Select Reset to revert

to the last saved configuration.

Setting the Profile’s Bridge NAT Configuration

Profile Security Configuration

Use Bridge NAT to manage Internet traffic originating at a remote site. In addition to traditional NAT
functionality, Bridge NAT provides a means of configuring NAT for bridged traffic through an access
point. NAT rules are applied to bridged traffic through the access point, and matching packets are
NATed to the WAN link instead of being bridged on their way to the router.

Using Bridge NAT, a tunneled VLAN (extended VLAN) is created between the NoC and a remote
location. When a remote client needs to access the Internet, Internet traffic is routed to the NoC,
and from there routed to the Internet. This increases the access time for the end user on the client.

To resolve latency issues, Bridge NAT identifies and segregates traffic heading towards the NoC and
outwards towards the Internet. Traffic towards the NoC is allowed over the secure tunnel. Traffic
towards the Internet is switched to a local WLAN link with access to the Internet.

NOTE

Bridge NAT supports single AP deployments only. This feature cannot be used in a branch
deployment with multiple access points.

To define a Bridge NAT configuration that can be applied to a profile:

1. Select the Configuration tab from the Web UI.

2. Select Devices.

3. Select System Profile from the options on left-hand side of the UI.

Source List ACL

Use the drop-down menu to select an ACL name to define the packet selection criteria for NAT. NAT
is applied only on packets which match a rule defined in the access list. These addresses (once
translated) are not exposed to the outside world when the translation address is used to interact
with the remote destination.

Network

Select Inside or Outside NAT as the network direction for the dynamic NAT configuration. Inside is
the default setting.

Interface

Use the drop-down menu to select the VLAN ID (from 1 - 4094) used as the communication medium
between the source and destination points within the NAT configuration. Ensure the VLAN selected
represents the intended network traffic within the NAT supported configuration. VLAN1 is available
by default. Optionally, select the wwan1 radio button if the access point model supports a wwan
interface as the outgoing layer 3 interface for NAT.

Overload Type

Select this option of Overload Type used with the listed IP ACL rule. Options include NAT Pool, One
Global Address and Interface IP Address. Interface IP Address is the default setting. If NAT Pool is
selected, provide the Overload IP address.

NAT Pool

Provide the name of an existing NAT pool for use with the NAT configuration. Optionally select the
Create icon to define a new NAT Pool configuration.

Overload IP

Enables the use of one global address for numerous local addresses.