NAT enabled SM on a VLAN

has anyone tried a NAT to use NAT enabled SM on VLANs other then 1 for MVID and Ingress…

each I try, as soon as the SM registers to an AP, I can no longer ping my gateway… (inside private NAT IP) but I am running DHCP server and that is happily giving away IP’s to my machines and setting the correct gateway…

Hey vj, not sure I understand. Are you setting the MVID and IVID differently? And once it registers you can’t pass any data?

I have a number of SMs with NAT enabled, different MVID and IVID.


Aaron

yes that is what I am trying to do… so the MVID on say 5 and IVID on 57.

on the LAN side of the SM, I have DHCP server running, everything fine can ping my gateway (SM) as soon as the SM registers to the AP I can no longer ping my gateway (SM) BUT… I am still being giving an IP Address by the DHCP Server.

So, since the DHCP server and gateway are the same (SM), you can’t ping the SM, but it will give you an address? Strange. To test this do you power up the SM, wait for it to register, and then plug in a PC? Or do you plug in a PC, and it gets an address before the SM registers? Can you ping through the SM to it’s gateway or something on the outside of the NAT?

Can you get to the SM from the MVID on the AP side? Or just from the AP’s LUID? Then perhaps get it to ping your PCs. try a different SM with the same config?

Just yesterday I set up an SM with different IVID and MVID. Although the MVID is still 1, I see no reason why it could not be different. Many of my installs have MVID and IVID the same - ie. 136.


Aaron

plug in the laptop with the SM unregistered (AP is powered down). The laptop gets its configuration.

run a continious ping getting replies

power up AP

as soon as the SM registers I can no longer ping, start gettting timeouts…

I can get to the SM via LUID

only happens once you move away from MVID and IVID of 1.

Well, I must say, that is very weird. :? What firmware version?

I remember having issues in the past with changing the MVID from 1 and/or setting the AP to accept only tagged packets - I don’t recall the exact circumstances or the exact issue. I don’t think this is something I encountered.


Aaron

Dude, he’s having the problem WITH NAT ENABLED…

At least on 7.x (and probably 8.x), using any VLAN on the ethernet port with bridging disabled DOES NOTHING. ALL the NAT traffic is still going out untagged on the RF side and all the incoming tagged RF traffic is ignored by the radio.

The VLAN setting only applies to BRIDGING setups and not ROUTED/NAT setups…

And, changing the management VID does not affect NAT (unless you want to talk to the radio from the customer ethernet side on 7.x while the RF link is established…) but the ‘untagged ingress’ VID, or the VID for BRIDGED ethernet traffic, does not do anything when set with NAT.

Dude, your two previous posts are completely untrue. Sorry. :wink: I have a number of SMs with NAT enabled and both the IVID and MVID are different. The untagged ingress VID applies whether or not NAT is enabled. :?

For example - a customer has NAT on, using VID 52 (untagged ingress VID set to 52), talks to our edge router on VID 52. I monitor the radio using VID 1 (MVID set to 1), via the edge router on VID 1. So, it appears that the customer traffic does indeed get tagged with VID 52.


Aaron