09-12-2008 12:31 AM - edited 03-03-2019 11:30 PM
can i put all 8 switch ports in one vlan. after assigning IP, on interface vlan 10 i'll give ip 10.1.1.1 . can i use "ip nat inside" on interface vlan 1 ??
Solved! Go to Solution.
09-12-2008 08:06 AM
Usman,
Your original post made me believe you understood the configuration.
Say, you want ports 1-4 to be in Vlan 20(inside Vlan) and ports 5-8 in Vlan 10 (outside Vlan)
1) Create the Vlans in the switch database
Rack1SW1#vlan database
Rack1SW1(vlan)#vlan 10 name outside
VLAN 10 added:
Name: outside
Rack1SW1(vlan)#vlan 20 name inside
VLAN 20 added:
Name: inside
2) Assign the ports to their respective Vlans:
Rack1SW1(config)#int ran f1/1 - 4
Rack1SW1(config-if-range)#switchport access vlan 20
Rack1SW1(config)#int ran f1/5 - 8
Rack1SW1(config-if-range)#switchport access vlan 10
3) Assign the IP address under the SVIs
Rack1SW1(config)#int vlan 10
Rack1SW1(config-if)#ip add 10.10.10.1 255.255.255.0
Rack1SW1(config-if)#int vlan 20
Rack1SW1(config-if)#ip add 10.20.20.1 255.255.255.0
4) Then configure NAT as you would on a regular router but place the ip nat inside under interface vlan 20 and ip nat outside under interface vlan 10
HTH,
__
Edison.
Please rate helpful posts
09-12-2008 05:09 AM
Hi Usman,
Yes, you sure can.
Please see the following link for more configuration info:
HTH,
__
Edison.
Please rate helpful posts
09-12-2008 07:04 AM
Thanks for your reply..
i could not find nat commands that works with built in switch ports. in 1811 / 1812
these are not routed ports.. right ?
usman
09-12-2008 07:09 AM
No, they aren't routed ports.
You need to place the NAT under the SVIs (Switch Virtual Interface).
HTH,
__
Edison.
09-12-2008 07:31 AM
thank you so much HTH,
can i get some specific example of that.. as i have to quote the same router some where .. and i have to prove that it will work that way..
thanks a lot
usman
09-12-2008 08:04 AM
! 1. define vlan
vlan 10
name intern
!
! 2. put switchports into vlan
!
int fas 2
switchport mode access
switchport access vlan 10
no shutdown
!
! same for fas 3... fas 9
! fas 0 and fas 1 are real ethernet ports
!
! 3. configure ip
int vlan 10
ip address 10.1.1.1 255.255.255.0
no shutdown
ip nat inside
!
Yes, that also works with the default-vlan 1,
where initially all 8 switches ports
are members of.
09-12-2008 08:06 AM
Usman,
Your original post made me believe you understood the configuration.
Say, you want ports 1-4 to be in Vlan 20(inside Vlan) and ports 5-8 in Vlan 10 (outside Vlan)
1) Create the Vlans in the switch database
Rack1SW1#vlan database
Rack1SW1(vlan)#vlan 10 name outside
VLAN 10 added:
Name: outside
Rack1SW1(vlan)#vlan 20 name inside
VLAN 20 added:
Name: inside
2) Assign the ports to their respective Vlans:
Rack1SW1(config)#int ran f1/1 - 4
Rack1SW1(config-if-range)#switchport access vlan 20
Rack1SW1(config)#int ran f1/5 - 8
Rack1SW1(config-if-range)#switchport access vlan 10
3) Assign the IP address under the SVIs
Rack1SW1(config)#int vlan 10
Rack1SW1(config-if)#ip add 10.10.10.1 255.255.255.0
Rack1SW1(config-if)#int vlan 20
Rack1SW1(config-if)#ip add 10.20.20.1 255.255.255.0
4) Then configure NAT as you would on a regular router but place the ip nat inside under interface vlan 20 and ip nat outside under interface vlan 10
HTH,
__
Edison.
Please rate helpful posts
09-12-2008 08:12 AM
wow..
thanks a lot.. it worked..
Usman
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: