This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Simple .. perhaps stupid NAT and Routing Questions

Simple .. perhaps stupid NAT and Routing Questions

Chris37
New Contributor

‎09-23-2014 04:55 PM

sorry .. for (perhaps) stupid questions .. but until now i never needed Routing an NAT .

We are a little public School in germany and into the last 15 years we had a pure public Network, every printserver had a public address because we have a full class C net with 254 addresses.

Now we want to divide the Network into 2 parts and I want to use only private addresses for students und teachers.

I got a new SSA150 Switch and want to use this device for Routing and NAT, i will explain our Network short... of course I changed the real addresses a little bit 

Public Network : 195.16.45.0 /24 with a cisco border router and his IP 195.16.45.1
On the Cisco there is a VLAN 30 defined with the IP 195.16.45.1
Cisco LAN Port is Cicso Static Access VLAN 30) .. that means Enterasys "untagged"

Future : 2 private Networks with 172.16.200.0 /24 for Teacher and 172.16.201.0 /24 for Students

On the Cisco WAN side there is a additional Transfer Network with BGP (we have two 155Mbit Connecions terminated on that router)
Because the BGP and WAN Side is managed by the Provider T-Systems.. i can not change anything on this side.

Here is my Config for the SSA15 :

set vlan create 30
set vlan create 200
set vlan create 201
set port vlan ge.1.1 30 (Port for connect Cisco Border Router )

interface vlan 200
>ip address 172.16.200.1/24
interface vlan 201
>ip address 172.16.201.1/24

*** NAT Config
interface vlan 30
->ip nat outside
>exit

interface vlan 200
->ip nat inside
>exit

interface vlan 201
->ip nat inside
>exit

ACCESS

access-list standard 200 permit host 172.16.200.2 - 172.16.200.254
access-list standard 201 permit host 172.16.201.2 - 172.16.201.254

ip nat pool naptpool200 194.16.45.144 195.16.45.148 netmask 255.255.255.0
ip nat pool naptpool201 194.16.45.149 195.16.45.153 netmask 255.255.255.0

ip nat inside source list 200 pool naptpool200 overload
ip nat inside source list 201 pool naptpool201 overload

2 Questions now :

1. Will this config work or are there Basic Errors in this Config ?

2. which Routing rule do in Need to Forward the Network packets from the nat

pool IP´s (outside) to the router address .... 195.16.45.1 ??

Thx for any help

Chris

0 Kudos
0 REPLIES 0
GTM-P2G8KFN