I had to create a NAT rule but I don't understand why it's necessary to make 802.1x solution work.
X5 is WLAN 192.168.204.1-using 802.1x solution
-Sonicwave is 192.168.204.243
NPS is 126.96.36.199
X16 is LAN at 10.0.0.2
Core router is 10.0.0.1
I had to create a NAT rule for NPS authentication to work. Rule: Source:X5 subnet | Source translated: X16 IP | Dst. Original: NPS | Dst. Translated: Original | Service:Any. Without this rule, clients can't be authenticated through NPS server.
I already have a static route on the firewall that should eliminate the NAT rule but doesn't work and I can't figure out why.
Route: Source:Any | and destination 188.8.131.52 | Service: any | Gateway 10.0.0.1.
With or without the NAT rule, I can ping NPS from sonicwall. I can ping X5 and sonicwave from NPS. Packet capture shows the request coming from the sonicwave but no reply back from NPS. Access rules seem to be correct. I'm curious why I need this NAT rule to make this work.
djhurt1 Newbie ✭
Doh! In my ignorance I ignored the fact that the APs(sonicwaves) are acting as the authenticator and not the firewall. Adding the NAT rule obviously allows me to configure a single IP address rather than 20 in my case.0