Header Only - DO NOT REMOVE - Extreme Networks

Need some assistance translating a config file


I have a basic Cisco config I need to translate to EXOS. I'm looking for an Extreme guru to assist.

The following is a config file. the IP addresses are arbitrary subnets in my local GNS3 topology:

R1#show runnR1#show running-config
Building configuration...

Current configuration : 1274 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
!
!
no ip dhcp use vrf connected
!
ip dhcp pool internal-client # need to setup a DHCP server on the internal LAN interface
network 172.17.0.0 255.255.255.0
default-router 172.17.0.1 255.255.255.0
dns-server 192.168.1.254
!
!
no ip domain lookup
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
ip tcp synwait-time 5
ip ssh version 1
!
!
!
!
interface FastEthernet0/0 #I want the external facing interface to OBTAIN a DHCP address
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1 #this is the gateway of the internal LAN interface
ip address 172.17.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload #simple NAT overload
!
access-list 1 permit 172.17.0.0 0.0.0.255 #the access list allows the local subnet through
no cdp log mismatch duplex
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!

So the four things are:
1. Obtain a DHCP address from the WAN facing interface.
2. Create a DHCP (which there are articles already)
3. Create an access list permitting the local network through the external interface.
4. Apply a NAT and an overload parameter to allow NAT'ing.

If you guys can come up with a config file, I'll plop it into my topology and do a full write up.

Thanks in advance.

-Matt

6 replies

Userlevel 5
Hello Matt,

There's no NAT function available in EXOS. Can you get along without it?

Mike
Userlevel 7
Hello Matt,
  1. enable dhcp vlan Outside
  2. please see https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-the-DHCP-server-on-a-VLAN...
  3. Your ACL is used for NAT, but NAT is not supported in EXOS
  4. NAT is not supported in EXOS
EXOS devices are multilayer switches, not routers, thus they work differently than the router emulated in GNS3. You have to create VLANs and configure IP addresses and IP forwarding on those (think SVI):
  • configure vlan Default delete ports all
  • create vlan Inside
  • configure vlan Inside ipaddress 172.17.0.1/8
  • enable ipforwarding vlan Inside
  • configure vlan Inside add ports 2
  • create vlan Outside
  • enable dhcp vlan Outside
  • enable ipforwarding vlan Outside
  • configure vlan Outside add ports 1
You probably need to manually add a default route. Again, an EXOS switch is not a (home) router, dynamic ISP connectivity as in a SOHO setting is usually done with a small router or firewall, which provide the needed features (NAT, stateful firewall, dynamic IP and default route for outside interface) not provided by multilayer switches.

The multilayer switches provide many ports and line-rate forwarding, together with many features not needed for SOHO Internet access.

Erik
Userlevel 6
Erik Auerswald wrote:

Hello Matt,

  1. enable dhcp vlan Outside
  2. please see https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-the-DHCP-server-on-a-VLAN...
  3. Your ACL is used for NAT, but NAT is not supported in EXOS
  4. NAT is not supported in EXOS
EXOS devices are multilayer switches, not routers, thus they work differently than the router emulated in GNS3. You have to create VLANs and configure IP addresses and IP forwarding on those (think SVI):
  • configure vlan Default delete ports all
  • create vlan Inside
  • configure vlan Inside ipaddress 172.17.0.1/8
  • enable ipforwarding vlan Inside
  • configure vlan Inside add ports 2
  • create vlan Outside
  • enable dhcp vlan Outside
  • enable ipforwarding vlan Outside
  • configure vlan Outside add ports 1
You probably need to manually add a default route. Again, an EXOS switch is not a (home) router, dynamic ISP connectivity as in a SOHO setting is usually done with a small router or firewall, which provide the needed features (NAT, stateful firewall, dynamic IP and default route for outside interface) not provided by multilayer switches.

The multilayer switches provide many ports and line-rate forwarding, together with many features not needed for SOHO Internet access.

Erik

Hey Erik, I just wanted to say its great to have you join the Hub Community.

It's only been a short time with us so far as a registered member, but your answers have been fantastic. I can see you've got great skills on Extreme Networking solutions!
@Erik and@Mike...thanks for your candid feedback. Basically, I want to stamp a default layer 3 switch that will behave LIKE a router for the express purpose of showing off Extreme. I COULD just use my Cisco 3725 image and do the nat'ing, but I wanted to see what I could do with an EXOS image. I will then focus on just getting 1 maybe 2 devices connected directly to the EXOS out to the internet with the suggested configurations. Thanks!
Just as a follow-up...the DHCP and Inside vlan worked like a charm. The only thing I'm having an issue is with the Outside interface. I tried the dhcp command to obtain an IP address and I tried setting a manual address. The ethernet connection inside GNS3 is rejecting the connection if I try to connect it to my cloud interface. I'll have to bounce around Youtube or something like that to get the cloud interface to connect with the Outside interface. Once I get around that, the outside address should be able to obtain an IP address in the range of my Microsoft Loopback adapter 192.168.137.x. I then need to ensure the requests from the internal client PC (win7) can ping the local dns server which happens to be my home router.

So kudos on helping get this far!
Matt,

Other's have already addressed the No NAT for Extreme. Keep that in mind when creating a solution. As for Cisco to Extreme conversion, have you had a chance to play with Legacy CLI? Legacy CLI is a helper tool for those coming from a Cisco environment. It will allow you to enter commands in the Cisco format and the system will convert / apply them in XOS format. It will also display the XOS commands so that you can begin to learn / enhance your knowledge of the Extreme products.

Reply