Simple .. perhaps stupid NAT and Routing Questions
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-23-2014 04:55 PM
sorry .. for (perhaps) stupid questions .. but until now i never needed Routing an NAT .
We are a little public School in germany and into the last 15 years we had a pure public Network, every printserver had a public address because we have a full class C net with 254 addresses.
Now we want to divide the Network into 2 parts and I want to use only private addresses for students und teachers.
I got a new SSA150 Switch and want to use this device for Routing and NAT, i will explain our Network short... of course I changed the real addresses a little bit 
Public Network : 195.16.45.0 /24 with a cisco border router and his IP 195.16.45.1
On the Cisco there is a VLAN 30 defined with the IP 195.16.45.1
Cisco LAN Port is Cicso Static Access VLAN 30) .. that means Enterasys "untagged"
Future : 2 private Networks with 172.16.200.0 /24 for Teacher and 172.16.201.0 /24 for Students
On the Cisco WAN side there is a additional Transfer Network with BGP (we have two 155Mbit Connecions terminated on that router)
Because the BGP and WAN Side is managed by the Provider T-Systems.. i can not change anything on this side.
Here is my Config for the SSA15 :
set vlan create 30
set vlan create 200
set vlan create 201
set port vlan ge.1.1 30 (Port for connect Cisco Border Router )
interface vlan 200
>ip address 172.16.200.1/24
interface vlan 201
>ip address 172.16.201.1/24
*** NAT Config
interface vlan 30
->ip nat outside
>exit
interface vlan 200
->ip nat inside
>exit
interface vlan 201
->ip nat inside
>exit
ACCESS
access-list standard 200 permit host 172.16.200.2 - 172.16.200.254
access-list standard 201 permit host 172.16.201.2 - 172.16.201.254
ip nat pool naptpool200 194.16.45.144 195.16.45.148 netmask 255.255.255.0
ip nat pool naptpool201 194.16.45.149 195.16.45.153 netmask 255.255.255.0
ip nat inside source list 200 pool naptpool200 overload
ip nat inside source list 201 pool naptpool201 overload
2 Questions now :
1. Will this config work or are there Basic Errors in this Config ?
2. which Routing rule do in Need to Forward the Network packets from the nat
pool IP´s (outside) to the router address .... 195.16.45.1 ??
Thx for any help
Chris
We are a little public School in germany and into the last 15 years we had a pure public Network, every printserver had a public address because we have a full class C net with 254 addresses.
Now we want to divide the Network into 2 parts and I want to use only private addresses for students und teachers.
I got a new SSA150 Switch and want to use this device for Routing and NAT, i will explain our Network short... of course I changed the real addresses a little bit 
Public Network : 195.16.45.0 /24 with a cisco border router and his IP 195.16.45.1
On the Cisco there is a VLAN 30 defined with the IP 195.16.45.1
Cisco LAN Port is Cicso Static Access VLAN 30) .. that means Enterasys "untagged"
Future : 2 private Networks with 172.16.200.0 /24 for Teacher and 172.16.201.0 /24 for Students
On the Cisco WAN side there is a additional Transfer Network with BGP (we have two 155Mbit Connecions terminated on that router)
Because the BGP and WAN Side is managed by the Provider T-Systems.. i can not change anything on this side.
Here is my Config for the SSA15 :
set vlan create 30
set vlan create 200
set vlan create 201
set port vlan ge.1.1 30 (Port for connect Cisco Border Router )
interface vlan 200
>ip address 172.16.200.1/24
interface vlan 201
>ip address 172.16.201.1/24
*** NAT Config
interface vlan 30
->ip nat outside
>exit
interface vlan 200
->ip nat inside
>exit
interface vlan 201
->ip nat inside
>exit
ACCESS
access-list standard 200 permit host 172.16.200.2 - 172.16.200.254
access-list standard 201 permit host 172.16.201.2 - 172.16.201.254
ip nat pool naptpool200 194.16.45.144 195.16.45.148 netmask 255.255.255.0
ip nat pool naptpool201 194.16.45.149 195.16.45.153 netmask 255.255.255.0
ip nat inside source list 200 pool naptpool200 overload
ip nat inside source list 201 pool naptpool201 overload
2 Questions now :
1. Will this config work or are there Basic Errors in this Config ?
2. which Routing rule do in Need to Forward the Network packets from the nat
pool IP´s (outside) to the router address .... 195.16.45.1 ??
Thx for any help
Chris
0 REPLIES 0