Meraki

Community

Meraki NAT slower network

MarkieLawrence
Comes here often
‎Mar 27 2023 4:25 AM
‎Mar 27 2023 4:25 AM

Meraki NAT slower network

We have setup a Meraki NAT SSID  with Meraki firewall rules to allow though certain ports to our main network and servers. This is to segregate such devices from accessing fully our main LAN.

 

However we have noticed that this network seems slower (even pings are 10 times longer) even from the same AP than our bridged\ L3 network SSID connected devices that are part of our LAN. 

 

Is this an expected slowness due to the NATing required? Is there anything we can do to speed it up or do we need to rethink how we acheive this via VLANs etc?

 

Thanks

0 Kudos
5 Replies 5
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 27 2023 4:53 AM
‎Mar 27 2023 4:53 AM

Do you have any traffic shaping rule configured for this SSID?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
MarkieLawrence
Comes here often
‎Mar 27 2023 4:58 AM
‎Mar 27 2023 4:58 AM

No traffic shaping The SSID is set to unlmited

0 Kudos
In response to MarkieLawrence
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 27 2023 5:06 AM
‎Mar 27 2023 5:06 AM

And how about your firewall?  I have never heard of or experienced a slow network when the SSID is configured for NAT.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 27 2023 5:14 AM
‎Mar 27 2023 5:14 AM

Why don't you create a separate VLAN for this SSID, when you use NAT the client connection will use the AP IP to access the network. In my opinion, the best option is to use a different VLAN for this case.

 

 

https://documentation.meraki.com/MR/Client_Addressing_and_Bridging/VLAN_Tagging_on_MR_Access_Points

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 27 2023 11:36 AM
‎Mar 27 2023 11:36 AM

I haven't experienced this issue.

 

When you say slower, what are the ping response times?  Like 2ms on a bridged SSID and 20ms on a NAT ssid?

 

Are the NAT users dropped into the same VLAN as the bridged users?  If not, perhaps whatever is providing the routing for the NAT VLAN is slower.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.