I have two MT (both 2.9.29) - one in my NOC that has interfaces to my office, bench, hotspot and uplink. This traffic is masqueraded to my main MT that controls all my wireless (Motorola) clients with the NOC traffic coming into the main MT via the same interface (WLAN) as the wireless subscribers. Main router then masquerades all WLAN traffic to my public IP.
Hotspot users are given a 192.168.x.x address and my Moto network is all on 10.x.y.z. Because all outgoing NOC traffic is masqueraded to the same IP (10.5.20.6), HS users can see all of my Moto AP’s (yikes!).
I want to src-nat the hotspot traffic so that my main MT can route/prevent the hotspot traffic from seeing my Moto network.
I’ve tried the standard srcnat functions at the NOC MT on the HS interface but it appears that the hotspot traffic is controlled by the routing chains setup by the HS service preventing me from src-natting the traffic using the masquerade function.
Does anyone know how and which of the HS chains to use to make the HS users traffic leave the NOC router with a different IP (10.6.20.6 vs 10.5.60.6) so that I can router the HS traffic at my main router?
thanks, tom