Switches, Hubs, and Modems
Showing results for 
Search instead for 
Did you mean: 

WESM and dynamic NAT

Occasional Contributor

WESM and dynamic NAT

The goal on this configuration is to nat the users in the wireless side (inside) of the wesm in order to browse Internet (outside), reachable trough a routing infrastructure.
The problem is that this configuration is not working.
I can't see any entry in the wesm ip nat translation table.
Any help would be appreciated.
Thanks in advance
Mohieddin Kharnoub
Honored Contributor

Re: WESM and dynamic NAT


Usually the configuration of the WESM in the 5400/5300 switch will be encrypted, (we need agent 007's help to decrypt it) :)

Anyway, you can explain what you've done in the Web page of the WESM and write it here.

Good Luck !!!
Science for Everyone
Occasional Contributor

Re: WESM and dynamic NAT

1) Enabled Ip routing on the WESM
2) Defined the interface (VLAN 1020) for the wireless users and bound it to the assigned WLan
3) Assigned ip address to the vlan 1020 (
4) Configured a dhcp server for the vlan 1020 ( - dg - dns x.x.x.x)
5) Defined an extended acl (Ospiti-GP) for the dynamic NAT:
ip access-list extended Ospiti-GP
permit ip any log rule-precedence 10
6) Defined the interface vlan 1020 as inside interface
7) Configured the nat statement:
ip nat inside source list Ospiti-GP interface vlan1 overload

The clients in the wireless area are able to receive the ip address form the dhcp, but their ip addresses are not source natted.

Anyway in the attached configurations.txt file you can see part of the configuration in clear text.
Thank you