1811 want and switch port connection

Answered Question
Sep 12th, 2008
User Badges:

can i put all 8 switch ports in one vlan. after assigning IP, on interface vlan 10 i'll give ip 10.1.1.1 . can i use "ip nat inside" on interface vlan 1 ??

Correct Answer by Edison Ortiz about 8 years 9 months ago

Usman,


Your original post made me believe you understood the configuration.


Say, you want ports 1-4 to be in Vlan 20(inside Vlan) and ports 5-8 in Vlan 10 (outside Vlan)


1) Create the Vlans in the switch database


Rack1SW1#vlan database

Rack1SW1(vlan)#vlan 10 name outside

VLAN 10 added:

Name: outside

Rack1SW1(vlan)#vlan 20 name inside

VLAN 20 added:

Name: inside


2) Assign the ports to their respective Vlans:


Rack1SW1(config)#int ran f1/1 - 4

Rack1SW1(config-if-range)#switchport access vlan 20


Rack1SW1(config)#int ran f1/5 - 8

Rack1SW1(config-if-range)#switchport access vlan 10


3) Assign the IP address under the SVIs


Rack1SW1(config)#int vlan 10

Rack1SW1(config-if)#ip add 10.10.10.1 255.255.255.0

Rack1SW1(config-if)#int vlan 20


Rack1SW1(config-if)#ip add 10.20.20.1 255.255.255.0


4) Then configure NAT as you would on a regular router but place the ip nat inside under interface vlan 20 and ip nat outside under interface vlan 10


HTH,


__


Edison.


Please rate helpful posts


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
usmanjathol Fri, 09/12/2008 - 07:04
User Badges:

Thanks for your reply..

i could not find nat commands that works with built in switch ports. in 1811 / 1812


these are not routed ports.. right ?


usman

Edison Ortiz Fri, 09/12/2008 - 07:09
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

No, they aren't routed ports.


You need to place the NAT under the SVIs (Switch Virtual Interface).


HTH,


__


Edison.

usmanjathol Fri, 09/12/2008 - 07:31
User Badges:

thank you so much HTH,


can i get some specific example of that.. as i have to quote the same router some where .. and i have to prove that it will work that way..


thanks a lot


usman

ilkadmin-cco Fri, 09/12/2008 - 08:04
User Badges:


! 1. define vlan

vlan 10

name intern

!

! 2. put switchports into vlan

!

int fas 2

switchport mode access

switchport access vlan 10

no shutdown

!

! same for fas 3... fas 9

! fas 0 and fas 1 are real ethernet ports

!

! 3. configure ip

int vlan 10

ip address 10.1.1.1 255.255.255.0

no shutdown

ip nat inside

!


Yes, that also works with the default-vlan 1,

where initially all 8 switches ports

are members of.



Correct Answer
Edison Ortiz Fri, 09/12/2008 - 08:06
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Usman,


Your original post made me believe you understood the configuration.


Say, you want ports 1-4 to be in Vlan 20(inside Vlan) and ports 5-8 in Vlan 10 (outside Vlan)


1) Create the Vlans in the switch database


Rack1SW1#vlan database

Rack1SW1(vlan)#vlan 10 name outside

VLAN 10 added:

Name: outside

Rack1SW1(vlan)#vlan 20 name inside

VLAN 20 added:

Name: inside


2) Assign the ports to their respective Vlans:


Rack1SW1(config)#int ran f1/1 - 4

Rack1SW1(config-if-range)#switchport access vlan 20


Rack1SW1(config)#int ran f1/5 - 8

Rack1SW1(config-if-range)#switchport access vlan 10


3) Assign the IP address under the SVIs


Rack1SW1(config)#int vlan 10

Rack1SW1(config-if)#ip add 10.10.10.1 255.255.255.0

Rack1SW1(config-if)#int vlan 20


Rack1SW1(config-if)#ip add 10.20.20.1 255.255.255.0


4) Then configure NAT as you would on a regular router but place the ip nat inside under interface vlan 20 and ip nat outside under interface vlan 10


HTH,


__


Edison.


Please rate helpful posts


Actions

This Discussion