1063| External Services Interface AOS-W 6.5.3.x| User Guide
Sample NAT-mode ESI Topology
This section describes the configuration for a sample NAT-mode topology using the switch and three external
captive-portal servers. NAT mode uses a trusted interface for each external captive-portal server and a
different destination port to redirect a packet to a port other than the original destination port in the packet.
An example topology is shown below in Figure 234.
Figure 234 Example NAT-Mode Topology
In this example, all HTTP traffic received by the switch is redirected to the external captive portal server group
and load-balanced across the captive portal servers. All wireless client traffic with destination port 80 is
redirected to the captive portal server group, with the new destination port 8080.
The external servers do not necessarily have to be on the subnet as the switch. The policy that redirects traffic to the
external servers for load balancing is routed to the external servers if they are on a different subnet.
In the topology shown, the following configurations are entered on the switch and external captive-portal
servers:
ESI server configuration on the switch
n External captive-portal server 1:
l Name = external_cp1
l Mode = NAT
l Trusted IP address = 10.1.1.1
l Alternate destination port = 8080
n External captive-portal server 2:
l Name = external_cp2
l Mode = NAT
l Trusted IP address = 10.1.1.2
n External captive-portal server 3:
l Name = external_cp3
l Mode = NAT
l Trusted IP address = 10.1.1.3
n Health-check ping:
To Next Page
Loading...